offthegridsurplus.com Open in urlscan Pro
23.227.38.65 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://offthegridsurplus.com/?utm_source=ALL%20USERS
Effective URL:
https://offthegridsurplus.com/?utm_source=ALL%20USERS
Submission: On December 29 via api (December 29th 2021, 8:33:17 pm UTC) from US — Scanned from CA

Summary HTTP 231 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 47 IPs in 4 countries across 38 domains to perform 231 HTTP transactions. The main IP is 23.227.38.65, located in Canada and belongs to CLOUDFLARENET, US. The main domain is offthegridsurplus.com.
TLS certificate: Issued by R3 on December 18th 2021. Valid for: 3 months.

This is the only time offthegridsurplus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	23.227.38.65 23.227.38.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
74	2a04:4e42:a00... 2a04:4e42:a00::268	54113 (FASTLY) (FASTLY)
2	2607:f8b0:400... 2607:f8b0:4006:81e::2008	15169 (GOOGLE) (GOOGLE)
8	18.185.191.84 18.185.191.84	16509 (AMAZON-02) (AMAZON-02)
2	151.101.130.217 151.101.130.217	54113 (FASTLY) (FASTLY)
1 2	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80d::200e	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:46::70 2620:1ec:46::70	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	67.205.138.90 67.205.138.90	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
6	2a04:4e42:600... 2a04:4e42:600::268	54113 (FASTLY) (FASTLY)
6	34.138.230.116 34.138.230.116	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
2	142.250.80.66 142.250.80.66	15169 (GOOGLE) (GOOGLE)
1	13.33.46.51 13.33.46.51	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1cb4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.227.38.33 23.227.38.33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:1ec:bdf::70 2620:1ec:bdf::70	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
4	52.34.127.135 52.34.127.135	16509 (AMAZON-02) (AMAZON-02)
1 2	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
21	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
3	99.84.125.102 99.84.125.102	16509 (AMAZON-02) (AMAZON-02)
1	142.250.72.98 142.250.72.98	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6812:1db4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2607:f8b0:400... 2607:f8b0:4006:823::2004	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:402... 2607:f8b0:4023:1404::9a	15169 (GOOGLE) (GOOGLE)
1 7	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
25	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:20:... 2606:4700:20::681a:e87	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:823::2003	15169 (GOOGLE) (GOOGLE)
3	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
1	52.218.44.138 52.218.44.138	16509 (AMAZON-02) (AMAZON-02)
5	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
2	2606:4700:20:... 2606:4700:20::ac43:4454	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:10:... 2606:4700:10::6816:22f2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::6815:3d8b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3034::6815:4436	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:202... 2600:9000:202c:9800:7:67fb:be80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:212... 2600:9000:2120:3800:16:4701:e4c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	151.101.130.132 151.101.130.132	54113 (FASTLY) (FASTLY)
2	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::6816:21cd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:202... 2600:9000:202c:a200:11:4cd0:7f80:93a1	() ()
1	2600:9000:212... 2600:9000:2120:2400:2:3d40:da40:93a1	() ()
1	34.233.3.150 34.233.3.150	() ()
231	47

5 23.227.38.65 (Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: myshopify.com

offthegridsurplus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

74 2a04:4e42:a00::268 (United States)

ASN54113 (FASTLY, US)

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.185.191.84 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com

manychat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget.manychat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.217 (United States)

ASN54113 (FASTLY, US)

config.gorgias.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7caf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::200e (United States)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::70 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

cdn2.stamped.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.205.138.90 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

reginapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a04:4e42:600::268 (United States)

ASN54113 (FASTLY, US)

fonts.shopifycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.138.230.116 (North Charleston, United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: 116.230.138.34.bc.googleusercontent.com

monorail-edge.shopifysvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.66 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.46.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-46-51.ewr52.r.cloudfront.net

cdn.avmws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1cb4 (United States)

ASN13335 (CLOUDFLARENET, US)

config.gorgias.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.38.33 (Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: checkout.shopify.com

shop.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:bdf::70 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

cdn1.stamped.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.34.127.135 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-127-135.us-west-2.compute.amazonaws.com

stamped.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::2002 (United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81f::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.84.125.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-125-102.ewr52.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.72.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net

796512322.privacysandbox.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:1db4 (United States)

ASN13335 (CLOUDFLARENET, US)

client-builds.production.gorgias.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
config.gorgias.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.gorgias.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:823::2004 (United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81e::2003 (United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4023:1404::9a (Columbus, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.186.226.184 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:e87 (United States)

ASN13335 (CLOUDFLARENET, US)

mccdn.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.246.49 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:823::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

analytics.getshogun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-tracking.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.44.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com

easy-redirects.s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

static.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4454 (United States)

ASN13335 (CLOUDFLARENET, US)

files-shpf.mageworx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apps.mageworx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:22f2 (United States)

ASN13335 (CLOUDFLARENET, US)

app.octaneai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:3d8b (United States)

ASN13335 (CLOUDFLARENET, US)

app.backinstock.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:4436 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.verifypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:202c:9800:7:67fb:be80:93a1 (United States)

ASN16509 (AMAZON-02, US)

intg.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2120:3800:16:4701:e4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.routeapp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.130.132 (United States)

ASN54113 (FASTLY, US)

cdn.rebuyengine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

fast.a.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-forms.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:21cd (United States)

ASN13335 (CLOUDFLARENET, US)

rebuyengine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:202c:a200:11:4cd0:7f80:93a1 (None, )

ASN- ()

shopify.route.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2120:2400:2:3d40:da40:93a1 (None, )

ASN- ()

protection-widget.route.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.233.3.150 (None, )

ASN- ()

api.route.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
74	shopify.com cdn.shopify.com	3 MB
25	facebook.com www.facebook.com	17 KB
17	fbcdn.net static.xx.fbcdn.net	184 KB
9	klaviyo.com static.klaviyo.com static-tracking.klaviyo.com fast.a.klaviyo.com static-forms.klaviyo.com	107 KB
8	snapchat.com 1 redirects tr.snapchat.com intg.snapchat.com	6 KB
8	stamped.io cdn2.stamped.io cdn1.stamped.io stamped.io	84 KB
8	manychat.com manychat.com widget.manychat.com	118 KB
7	rebuyengine.com cdn.rebuyengine.com rebuyengine.com	258 KB
6	gorgias.chat config.gorgias.chat client-builds.production.gorgias.chat assets.gorgias.chat	247 KB
6	shopifysvc.com monorail-edge.shopifysvc.com	3 KB
6	shopifycdn.com fonts.shopifycdn.com	126 KB
5	offthegridsurplus.com offthegridsurplus.com	99 KB
4	facebook.net connect.facebook.net	195 KB
3	route.com shopify.route.com protection-widget.route.com api.route.com	38 KB
3	octaneai.com app.octaneai.com	89 KB
3	gstatic.com fonts.gstatic.com	90 KB
3	google.ca www.google.ca	675 B
3	google.com 1 redirects www.google.com	635 B
3	sc-static.net sc-static.net	23 KB
3	google-analytics.com www.google-analytics.com	40 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net	2 KB
3	googleapis.com fonts.googleapis.com	2 KB
3	googleadservices.com www.googleadservices.com 796512322.privacysandbox.googleadservices.com	16 KB
2	routeapp.io cdn.routeapp.io	36 KB
2	mageworx.com files-shpf.mageworx.com apps.mageworx.com	72 KB
2	tapad.com 2 redirects pixel.tapad.com	886 B
2	unpkg.com 1 redirects unpkg.com	16 KB
2	gorgias.io config.gorgias.io
2	googletagmanager.com www.googletagmanager.com	86 KB
1	verifypass.com cdn.verifypass.com	2 KB
1	backinstock.org app.backinstock.org	25 KB
1	amazonaws.com easy-redirects.s3-eu-west-1.amazonaws.com	15 KB
1	getshogun.com analytics.getshogun.com	17 KB
1	mccdn.me mccdn.me	94 KB
1	shop.app shop.app	1 KB
1	avmws.com cdn.avmws.com	2 KB
1	reginapps.com reginapps.com	105 KB
1	googleoptimize.com www.googleoptimize.com	36 KB
231	38

	Domain	Requested by
74	cdn.shopify.com	offthegridsurplus.com cdn.shopify.com
25	www.facebook.com	offthegridsurplus.com connect.facebook.net
17	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
7	tr.snapchat.com	1 redirects cdn.shopify.com offthegridsurplus.com
7	manychat.com	offthegridsurplus.com manychat.com cdn.shopify.com
6	cdn.rebuyengine.com	offthegridsurplus.com cdn.rebuyengine.com cdn.shopify.com client
6	monorail-edge.shopifysvc.com	cdn.shopify.com
6	fonts.shopifycdn.com	offthegridsurplus.com
5	static.klaviyo.com	offthegridsurplus.com static.klaviyo.com
5	offthegridsurplus.com	cdn.shopify.com
4	connect.facebook.net	cdn.shopify.com connect.facebook.net mccdn.me
4	stamped.io	cdn.shopify.com
3	app.octaneai.com	offthegridsurplus.com cdn.shopify.com
3	assets.gorgias.chat	config.gorgias.chat offthegridsurplus.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.google.ca	offthegridsurplus.com
3	www.google.com	1 redirects offthegridsurplus.com
3	sc-static.net	cdn.shopify.com tr.snapchat.com intg.snapchat.com
3	www.google-analytics.com	cdn.shopify.com offthegridsurplus.com www.googletagmanager.com
3	fonts.googleapis.com	cdn.shopify.com client
3	cdn1.stamped.io	cdn2.stamped.io cdn1.stamped.io offthegridsurplus.com
2	static-tracking.klaviyo.com	static.klaviyo.com
2	cdn.routeapp.io	offthegridsurplus.com cdn.routeapp.io
2	pixel.tapad.com	2 redirects
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	config.gorgias.chat	cdn.shopify.com client-builds.production.gorgias.chat
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	unpkg.com	1 redirects offthegridsurplus.com
2	config.gorgias.io	offthegridsurplus.com
2	www.googletagmanager.com	offthegridsurplus.com cdn.routeapp.io
1	api.route.com	cdn.shopify.com
1	protection-widget.route.com	cdn.routeapp.io
1	shopify.route.com	cdn.shopify.com
1	rebuyengine.com	cdn.shopify.com
1	static-forms.klaviyo.com	cdn.shopify.com
1	fast.a.klaviyo.com	cdn.shopify.com
1	apps.mageworx.com	cdn.shopify.com
1	intg.snapchat.com	offthegridsurplus.com
1	cdn.verifypass.com	offthegridsurplus.com
1	app.backinstock.org	offthegridsurplus.com
1	files-shpf.mageworx.com	offthegridsurplus.com
1	easy-redirects.s3-eu-west-1.amazonaws.com	offthegridsurplus.com
1	analytics.getshogun.com	offthegridsurplus.com
1	mccdn.me	widget.manychat.com
1	stats.g.doubleclick.net	cdn.shopify.com
1	client-builds.production.gorgias.chat	offthegridsurplus.com
1	widget.manychat.com	manychat.com
1	796512322.privacysandbox.googleadservices.com	offthegridsurplus.com
1	shop.app	cdn.shopify.com
1	cdn.avmws.com	offthegridsurplus.com
1	reginapps.com	offthegridsurplus.com
1	cdn2.stamped.io	offthegridsurplus.com
1	www.googleoptimize.com	offthegridsurplus.com
231	53

This site contains links to these domains. Also see Links.

Domain
otgsurplus.myshopify.com
facebook.com
twitter.com
instagram.com
www.youtube.com
youtu.be
stamped.io
www.southernxpeditions.com
overlandjournal.com
www.popularmechanics.com
gearjunkie.com
expeditionportal.com
wholesale.offthegridsurplus.com
www.shopify.com
manychat.com

Subject Issuer	Validity	Valid
offthegridsurplus.com R3	`2021-12-18` - `2022-03-18`	3 months	crt.sh
cdn.shopify.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-20` - `2022-05-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
manychat.com Sectigo ECC Domain Validation Secure Server CA	`2021-05-03` - `2022-06-02`	a year	crt.sh
config.gorgias.io GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-06` - `2023-01-07`	a year	crt.sh
cdn2.stamped.io DigiCert TLS RSA SHA256 2020 CA1	`2021-04-21` - `2022-04-21`	a year	crt.sh
reginapps.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-10` - `2022-04-10`	2 years	crt.sh
monorail-edge.shopifysvc.com R3	`2021-12-02` - `2022-03-02`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
avantlink.com Amazon	`2021-04-29` - `2022-05-28`	a year	crt.sh
gorgias.chat Cloudflare Inc ECC CA-3	`2021-12-16` - `2022-03-16`	3 months	crt.sh
shop.app R3	`2021-11-25` - `2022-02-23`	3 months	crt.sh
cdn1.stamped.io DigiCert TLS RSA SHA256 2020 CA1	`2021-04-24` - `2022-04-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
Stamped.io Sectigo RSA Domain Validation Secure Server CA	`2020-05-19` - `2022-08-21`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-08` - `2022-01-06`	3 months	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2021-02-11` - `2022-02-15`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.privacysandbox.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
widget.manychat.com Sectigo ECC Domain Validation Secure Server CA	`2021-03-18` - `2022-04-18`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
tr.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-01-23`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
mccdn.me Cloudflare Inc ECC CA-3	`2021-05-31` - `2022-05-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.getshogun.com R3	`2021-12-04` - `2022-03-04`	3 months	crt.sh
*.s3-eu-west-1.amazonaws.com Amazon	`2021-03-26` - `2022-03-08`	a year	crt.sh
static.klaviyo.com R3	`2021-11-24` - `2022-02-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
backinstock.org Cloudflare Inc ECC CA-3	`2021-05-31` - `2022-05-30`	a year	crt.sh
intg.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-28` - `2022-07-28`	a year	crt.sh
*.routeapp.io Amazon	`2021-05-24` - `2022-06-22`	a year	crt.sh
cdn.rebuyengine.com R3	`2021-12-25` - `2022-03-25`	3 months	crt.sh
static-tracking.klaviyo.com R3	`2021-12-02` - `2022-03-02`	3 months	crt.sh
fast.a.klaviyo.com R3	`2021-11-24` - `2022-02-22`	3 months	crt.sh
static-forms.klaviyo.com R3	`2021-11-02` - `2022-01-31`	3 months	crt.sh
*.route.com Amazon	`2021-06-22` - `2022-07-21`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://offthegridsurplus.com/?utm_source=ALL%20USERS
Frame ID: 65027A5910AEE09230C5BB3B06B13109
Requests: 182 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=85b9b802-6e2e-4926-a484-f63f172d2bf0
Frame ID: D9F5A74C947995D03546BBCFF30177E6
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 6C052378FCB56059FEC977080D63D3C7
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1640762449714&pnid=140&pcid=3ca8dc21-5f62-4fb3-a79f-c2f6e22c66e8
Frame ID: 885396E13F49E9056605DFA3A3AB8F79
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7eecf418c9cd%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff5cf40d6b8a97%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_b976c65c95b119d84e709b3031368238a87bdfe0_89439e14-9cfd-3796-19b4-6d2c2e58e4b5&sdk=joey&size=xlarge
Frame ID: 1BBABE5029FFBB63F06231BF9AFD129F
Requests: 39 HTTP requests in this frame

Frame: https://cdn.routeapp.io/route-analytics/index.html
Frame ID: C6FA613EE3F08086971B1789A623A55D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Off The Grid SurplusAmazonAmerican ExpressApple PayDiners ClubDiscoverEloGoogle PayJCBMastercardPayPalShop PayVenmoVisa

Detected technologies

Shopify (Ecommerce) Expand

Overall confidence: 25%
Detected patterns

<link[^>]+=['"]//cdn\.shopify\.com

Amazon Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

<meta id="amazon-payments

Apple Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

<script id="apple-pay

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Klaviyo (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

klaviyo\.com

ManyChat (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

widget\.manychat\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

scrollreveal (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

scrollreveal(?:\.min)(?:\.js)

Page Statistics

231
Requests

98 %
HTTPS

60 %
IPv6

38
Domains

53
Subdomains

47
IPs

4
Countries

4988 kB
Transfer

11097 kB
Size

33
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://otgsurplus.myshopify.com/products/gift-card
Title: Gift Cards

Search URL Search Domain Scan URL

URL: https://facebook.com/offthegridsurplus
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/offthegridsrpl
Title: Twitter

Search URL Search Domain Scan URL

URL: http://instagram.com/offthegridsurplus
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCqdspBpkr4Asj6zh82TGNlw
Title: YouTube

Search URL Search Domain Scan URL

URL: https://youtu.be/wEyg2oYz4ic
Title: Watch The Series

Search URL Search Domain Scan URL

URL: https://stamped.io/
Title: Powered by Stamped.io

Search URL Search Domain Scan URL

URL: https://www.southernxpeditions.com/weekly-blog/2019/1/10/off-the-grid-surplus

Search URL Search Domain Scan URL

URL: https://overlandjournal.com/

Search URL Search Domain Scan URL

URL: https://www.popularmechanics.com/cars/trucks/a37806167/overland-expo-west-2021-accessories-apparel/

Search URL Search Domain Scan URL

URL: https://gearjunkie.com/apparel/best-mens-travel-pants#adventure

Search URL Search Domain Scan URL

URL: https://expeditionportal.com/the-right-trousers/

Search URL Search Domain Scan URL

URL: https://wholesale.offthegridsurplus.com/
Title: Wholesale

Search URL Search Domain Scan URL

URL: https://www.shopify.com/?utm_campaign=poweredby&utm_medium=shopify&utm_source=onlinestore
Title: Powered by Shopify

Search URL Search Domain Scan URL

URL: https://manychat.com/?utm_medium=Growth+Tool+Branding&utm_source=User+Websites&utm_campaign=Viral&utm_content=bar
Title: Powered byManyChat

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://unpkg.com/@loophq/onstore-sdk@latest/dist/loop-onstore-sdk.js HTTP 302
https://unpkg.com/@loophq/onstore-sdk@1.0.9/dist/loop-onstore-sdk.js

Request Chain 93

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/796512322/?random=2037443885&cv=9&fst=1640809990325&num=1&label=-M0ZCOPUuO0BEMKg5_sC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2F%3Bpage_title%3DOff%20The%20Grid%20Surplus&frm=0&url=https%3A%2F%2Foffthegridsurplus.com%2F%3Futm_source%3DALL%2520USERS&tiba=Off%20The%20Grid%20Surplus&auid=1395566923.1640809990&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=BsbMYY-OF76OoPMPufie4Ag&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/796512322/?random=2037443885&cv=9&fst=1640809990325&num=1&label=-M0ZCOPUuO0BEMKg5_sC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2F%3Bpage_title%3DOff%20The%20Grid%20Surplus&frm=0&url=https%3A%2F%2Foffthegridsurplus.com%2F%3Futm_source%3DALL%2520USERS&tiba=Off%20The%20Grid%20Surplus&auid=1395566923.1640809990&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=BsbMYY-OF76OoPMPufie4Ag&cid=CAQSKQCNIrLMvhbMbCSIyxmLFr-yGyRDf1rt-5fNfrQgTfog8KJG-BUUB-CU&random=2677564222&resp=GooglemKTybQhCsO HTTP 302
https://www.google.ca/pagead/1p-conversion/796512322/?random=2037443885&cv=9&fst=1640809990325&num=1&label=-M0ZCOPUuO0BEMKg5_sC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2F%3Bpage_title%3DOff%20The%20Grid%20Surplus&frm=0&url=https%3A%2F%2Foffthegridsurplus.com%2F%3Futm_source%3DALL%2520USERS&tiba=Off%20The%20Grid%20Surplus&auid=1395566923.1640809990&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=BsbMYY-OF76OoPMPufie4Ag&cid=CAQSKQCNIrLMvhbMbCSIyxmLFr-yGyRDf1rt-5fNfrQgTfog8KJG-BUUB-CU&random=2677564222&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 105

https://tr.snapchat.com/cm/s?pnid=140&cb=1640809990734 HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1640762449714%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1640762449714%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://tr.snapchat.com/cm/p?rand=1640762449714&pnid=140&pcid=3ca8dc21-5f62-4fb3-a79f-c2f6e22c66e8

231 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
offthegridsurplus.com/ 308 KB
48 KB 884ms
828ms Document
text/html 23.227.38.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.65 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

06e3d93380243529aed274572ba906df4fd457fc801674647ac73ff78a18e134

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

date: Wed, 29 Dec 2021 20:33:09 GMT
content-type: text/html; charset=utf-8
x-sorting-hat-podid: 53
x-sorting-hat-shopid: 25921126454
x-storefront-renderer-rendered: 1
link: <https://cdn.shopify.com>; rel=preconnect, <https://cdn.shopify.com>; rel=preconnect; crossorigin
x-alternate-cache-key: cacheable:47f9dc264ab4c72ef599b8993bccee10
x-cache: miss
x-frame-options: DENY
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
strict-transport-security: max-age=7889238
x-shopid: 25921126454
x-shardid: 53
vary: Accept
content-language: en
x-shopify-stage: production
x-dc: gcp-us-central1,gcp-us-central1,gcp-us-central1
x-request-id: d58586cf-52da-4295-b979-33375d2fbd43
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c55cd3e2b017133-YUL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 lazysizes.min.js Show response
cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ 27 KB
9 KB 65ms
31ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/lazysizes.min.js?v=904086309542630101

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

80ecdc5ea27ad0b02e22221601221ddd61b0492e09a122808b151b8013af7314

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.908,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 8994
x-xss-protection: 1; mode=block
x-request-id: f3170efe8c9261b9b8e769d6ede82c34
x-served-by: cache-lga21946-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.713501,VS0,VE1
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/lazysizes.min.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 theme-critical.css
cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ 99 KB
20 KB 53ms
19ms Stylesheet
text/css 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/theme-critical.css?v=3561221114399344517

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

210f80b61e1976137c421022760989a5f915d4fcd1c6f80a2513f9d4d18db40e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=1.136,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 19665
x-xss-protection: 1; mode=block
x-request-id: c4673e4256891fef486ce07b192220bf
x-served-by: cache-lga13627-LGA, cache-yul12823-YUL
last-modified: Tue, 31 Aug 2021 12:06:05 GMT
server: cache-yul12823-YUL
x-timer: S1640809990.713109,VS0,VE1
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: text/css
access-control-allow-origin: *
expires: Wed, 21 Dec 2022 16:54:46 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/theme-critical.css>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 scrollreveal.min.js Show response
cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ 16 KB
5 KB 70ms
37ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/scrollreveal.min.js?v=16078805829794449500

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

96b38302cfbad43622521e7e10577027299bc0070b50c2f0ab29afb927fa4f26

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=2.142,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 5007
x-xss-protection: 1; mode=block
x-request-id: 2ebb9ca99a90e50db07968f11371edc3
x-served-by: cache-lga21962-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.713565,VS0,VE2
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/scrollreveal.min.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 jquery.min.js Show response
cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ 87 KB
30 KB 19ms
11ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/jquery.min.js?v=6093865874309170411

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=1.111,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 29991
x-xss-protection: 1; mode=block
x-request-id: 05f424d6255b1f9661d7f5fe754a35bb
x-served-by: cache-lga13624-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.779815,VS0,VE1
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/jquery.min.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 vendor.min.js Show response
cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ 165 KB
46 KB 23ms
15ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/vendor.min.js?v=14334393756238526063

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

ffe5ded2b2f74a469739ae0672374c397de9c5a11acd3eaf29f496bbe681eb52

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.217,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 46472
x-xss-protection: 1; mode=block
x-request-id: daecbc78e0ba639e1416d7b8397dd16f
x-served-by: cache-lga21978-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.779971,VS0,VE1
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/vendor.min.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 ajax-cart.min.js Show response
cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ 11 KB
3 KB 30ms
22ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ajax-cart.min.js?v=1036481553876729424

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

981d749dfea45279e6980db98c3578386fdcee15377afcb7fe27b7c3622bf46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.739,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 2803
x-xss-protection: 1; mode=block
x-request-id: ff9fe85f09710805e1b893657ace83ce
x-served-by: cache-lga21922-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.782563,VS0,VE1
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ajax-cart.min.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 theme.css
cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ 129 KB
18 KB 72ms
39ms Stylesheet
text/css 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/theme.css?v=6691975211223715560

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

b09f95c67a1eeb461621224361d070461774ac807df1110cd23614d217f1beec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=23.742,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 17860
x-xss-protection: 1; mode=block
x-request-id: 3955c46e9fd21c2248ca43e6537ba98a
x-served-by: cache-lga21954-LGA, cache-yul12823-YUL
last-modified: Fri, 19 Nov 2021 17:33:28 GMT
server: cache-yul12823-YUL
x-timer: S1640809990.713307,VS0,VE24
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: text/css
access-control-allow-origin: *
expires: Wed, 21 Dec 2022 16:54:44 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/theme.css>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 theme.min.js Show response
cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ 65 KB
14 KB 53ms
45ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/theme.min.js?v=16509411633783335105

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

18754e2fd15b48c74422a969233fbf8a6a0dcbf128964539dc88571b9cae165a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=20.450,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 13955
x-xss-protection: 1; mode=block
x-request-id: c4819744c8def274cf55b292e603cae3
x-served-by: cache-lga21927-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.782646,VS0,VE20
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/theme.min.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 custom.js Show response
cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ 1 KB
1 KB 30ms
22ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/custom.js?v=16496594066256000078

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

79885c42f306535793fe4985a6e7ad95e81f1c7cd6eed6cd487dd979c296b718

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.778,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 453
x-xss-protection: 1; mode=block
x-request-id: fcf2e14a8cadb8fbe8d4066c507d55c0
x-served-by: cache-lga13622-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.782798,VS0,VE1
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/custom.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 load_feature-7e72fb4d14f06d60c57306b80dc146f0ecdbe4e4c0941f4f3537bee4d54314af.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/storefront/ 10 KB
3 KB 73ms
35ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-7e72fb4d14f06d60c57306b80dc146f0ecdbe4e4c0941f4f3537bee4d54314af.js

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12827-YUL /

Resource Hash

7e72fb4d14f06d60c57306b80dc146f0ecdbe4e4c0941f4f3537bee4d54314af

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offthegridsurplus.com/
Origin: https://offthegridsurplus.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.600,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 2784
x-xss-protection: 1; mode=block
x-request-id: 95e989fd3a1c222210ddb099c866308f
x-served-by: cache-lga21922-LGA, cache-yul12827-YUL
server: cache-yul12827-YUL
x-timer: S1640809990.815307,VS0,VE1
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-7e72fb4d14f06d60c57306b80dc146f0ecdbe4e4c0941f4f3537bee4d54314af.js>; rel="canonical"
x-cache-hits: 2, 1730045

GET
H2 200 storefront-b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/ 49 KB
18 KB 57ms
19ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8.js?v=20210208

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12827-YUL /

Resource Hash

b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offthegridsurplus.com/
Origin: https://offthegridsurplus.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.113,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 17353
x-xss-protection: 1; mode=block
x-request-id: f385e1ea40508a21c089c34d84c5ffab
x-served-by: cache-lga13621-LGA, cache-yul12827-YUL
server: cache-yul12827-YUL
x-timer: S1640809990.815469,VS0,VE0
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8.js>; rel="canonical"
x-cache-hits: 1, 1370754

GET
H2 200 features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/storefront/ 37 KB
12 KB 69ms
31ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12827-YUL /

Resource Hash

87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offthegridsurplus.com/
Origin: https://offthegridsurplus.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.092,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 12298
x-xss-protection: 1; mode=block
x-request-id: e624e9bc29b60a2db5947e2486240d8a
x-served-by: cache-lga21932-LGA, cache-yul12827-YUL
server: cache-yul12827-YUL
x-timer: S1640809990.815702,VS0,VE0
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js>; rel="canonical"
x-cache-hits: 1, 2134995

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 134 KB
50 KB 107ms
42ms Script
application/javascript 2607:f8b0:4006:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-796512322

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

983afe64da5df7bdc7f03f38f071903f6f1cd4bdf4243716ead1832309ab5c3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:09 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51190
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Dec 2021 20:33:09 GMT

GET
H2 200 boost-pfs-instant-search.css
cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ 29 KB
5 KB 38ms
18ms Stylesheet
text/css 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/boost-pfs-instant-search.css?v=11995342832870642400

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

214ce8d0172cc246360b196f7b857bbb20b8fbafced395ea213da73523d7f3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.764,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 4018
x-xss-protection: 1; mode=block
x-request-id: ad28bb0b7ec9a446d52ad4b486e0b679
x-served-by: cache-lga21952-LGA, cache-yul12823-YUL
last-modified: Tue, 31 Aug 2021 12:06:21 GMT
server: cache-yul12823-YUL
x-timer: S1640809990.713377,VS0,VE1
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: text/css
access-control-allow-origin: *
expires: Wed, 21 Dec 2022 16:54:42 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/boost-pfs-instant-search.css>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 boost-pfs-custom.css
cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ 35 KB
6 KB 55ms
34ms Stylesheet
text/css 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/boost-pfs-custom.css?v=3231033471792619898

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

04d7ca922b067aabd6a958b6bfc780390d9b6df764c1ca1b27f1639303726cec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=1.011,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 5462
x-xss-protection: 1; mode=block
x-request-id: 3eb8276581cebdd6516fa4d229f49df6
x-served-by: cache-lga21924-LGA, cache-yul12823-YUL
last-modified: Tue, 31 Aug 2021 12:06:21 GMT
server: cache-yul12823-YUL
x-timer: S1640809990.713483,VS0,VE1
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: text/css
access-control-allow-origin: *
expires: Wed, 21 Dec 2022 16:54:49 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/boost-pfs-custom.css>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 shopify.js Show response
manychat.com/static/js/ 155 KB
58 KB 353ms
106ms Script
application/javascript 18.185.191.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://manychat.com/static/js/shopify.js?account_id=440003476104865
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software: openresty/1.19.3.2 /
Resource Hash: 81f7da941a82546d2f6d2e09319016668484769b4586f698e171f57c9cf464dd

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:10 GMT
cache-control: public, max-age=600
last-modified: Fri, 24 Dec 2021 10:28:39 GMT
server: openresty/1.19.3.2
content-encoding: gzip
etag: W/"61c5a0d7-26a05"
content-type: application/javascript; charset=utf-8

GET
H2 200 form-builder-script.js Show response
cdn.shopify.com/extensions/61cd9773-46b7-43cf-97c3-2ef40a4ae389/1.1.0/assets/ 2 KB
880 B 29ms
22ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/extensions/61cd9773-46b7-43cf-97c3-2ef40a4ae389/1.1.0/assets/form-builder-script.js

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

9cb727cf2682c975a79366d9b2a86dbae1709904c579a19e4270f02e56ac0fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.146,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 567
x-xss-protection: 1; mode=block
x-request-id: 687d47165012104080521c66990f231b
x-served-by: cache-lga21940-LGA, cache-yul12823-YUL
last-modified: Thu, 21 Oct 2021 07:08:59 GMT
server: cache-yul12823-YUL
x-timer: S1640809990.785083,VS0,VE0
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Fri, 11 Nov 2022 04:38:32 GMT
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/extensions/61cd9773-46b7-43cf-97c3-2ef40a4ae389/1.1.0/assets/form-builder-script.js>; rel="canonical"
x-cache-hits: 1, 94

GET
H2 200 Off-The-Grid-Dark-LOGO_300x.png
cdn.shopify.com/s/files/1/0259/2112/6454/files/ 8 KB
8 KB 52ms
45ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/files/Off-The-Grid-Dark-LOGO_300x.png?v=1575529671

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

369486ccabc778f274609c968be0dec7417f815c887db9b1ef6fab0d6a1e64da

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=28.355,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 7940
x-xss-protection: 1; mode=block
x-request-id: a8d615a88606732fdde5c74607aa5456
x-served-by: cache-lga21979-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.785157,VS0,VE28
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/files/Off-The-Grid-Dark-LOGO_300x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 FALL19-3_300x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/files/ 21 KB
21 KB 31ms
25ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/files/FALL19-3_300x.jpg?v=1575534171

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

db5a1af6805feccb072ef3f8f4b0fd2de21422dcf655e34208782d411b03c22d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.092,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 21622
x-xss-protection: 1; mode=block
x-request-id: 788c1dd4778013c5217097491eaa4907
x-served-by: cache-lga21946-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.785292,VS0,VE1
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/files/FALL19-3_300x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Ep_4_Road_2_Racing_360x200_crop_center.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/articles/ 25 KB
25 KB 29ms
23ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/articles/Ep_4_Road_2_Racing_360x200_crop_center.jpg?v=1634161797

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

d6a8ea5f458f12da9512a1b7a1a5e7123fc1a30a90ea24f54e2df5cc05c25b61

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.318,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 25608
x-xss-protection: 1; mode=block
x-request-id: e741e91b8b3dd5738a931b429e5777b8
x-served-by: cache-lga21932-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.785493,VS0,VE0
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/articles/Ep_4_Road_2_Racing_360x200_crop_center.jpg>; rel="canonical"
x-cache-hits: 43, 16

GET
H2 200 jeep-wrangler-rubicon-392-v8-6.4L-4K-race-jeep-hemi-2_360x200_crop_center.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/articles/ 24 KB
25 KB 34ms
28ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/articles/jeep-wrangler-rubicon-392-v8-6.4L-4K-race-jeep-hemi-2_360x200_crop_center.jpg?v=1634158878

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

746401dfa2dc6a1def4de96f95a9106f90945baa927c8eeaf606c16e965d53eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=1.056,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 24438
x-xss-protection: 1; mode=block
x-request-id: 7b41173a41013b9760e92604ab7948e1
x-served-by: cache-lga21939-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.785529,VS0,VE1
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/articles/jeep-wrangler-rubicon-392-v8-6.4L-4K-race-jeep-hemi-2_360x200_crop_center.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Talon-Sei-Reviews-Trailblazer-Pro-2.0_Pants_w_Harness_Pockets_Blog_Header_360x200_crop_center.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/articles/ 18 KB
18 KB 39ms
33ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/articles/Talon-Sei-Reviews-Trailblazer-Pro-2.0_Pants_w_Harness_Pockets_Blog_Header_360x200_crop_center.jpg?v=1631146270

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

192c9286fd7c193075259538ec8ec23ce9e60655b1c4d8fa6081908e3e7f384b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.218,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 18430
x-xss-protection: 1; mode=block
x-request-id: 20392a382906447ccdebb9adddcae21c
x-served-by: cache-lga13623-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.785689,VS0,VE1
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/articles/Talon-Sei-Reviews-Trailblazer-Pro-2.0_Pants_w_Harness_Pockets_Blog_Header_360x200_crop_center.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 gearjunkielogolight_07e5adce-7fde-4e75-b92a-0c7b59fb0bde_400x.png
cdn.shopify.com/s/files/1/0259/2112/6454/files/ 4 KB
4 KB 32ms
27ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/files/gearjunkielogolight_07e5adce-7fde-4e75-b92a-0c7b59fb0bde_400x.png?v=1575533001

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

02e6ab2f6379b911bf475052aac8b7aeebe86ad0ade19f37d279906453d86bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.743,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 4290
x-xss-protection: 1; mode=block
x-request-id: 90784f14f9c1f29eb4c750cf789bc812
x-served-by: cache-lga21921-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.785754,VS0,VE1
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/files/gearjunkielogolight_07e5adce-7fde-4e75-b92a-0c7b59fb0bde_400x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 expedition-portal-logo_400x.png
cdn.shopify.com/s/files/1/0259/2112/6454/files/ 5 KB
5 KB 39ms
34ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/files/expedition-portal-logo_400x.png?v=1575532968

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

447ccb8df2c63953398a998b636700ae581b269d498a044740e84d4e802dd512

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.650,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 5082
x-xss-protection: 1; mode=block
x-request-id: 5adb985032bbcbaa1a2ab9222b88c1ff
x-served-by: cache-lga21944-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.786003,VS0,VE2
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/files/expedition-portal-logo_400x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 SouthernXpeditions_400x.png
cdn.shopify.com/s/files/1/0259/2112/6454/files/ 3 KB
3 KB 37ms
32ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/files/SouthernXpeditions_400x.png?v=1575533527

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

91b09653151ea91a2fd898b70a4f6f29106bc5a5a2c99090157081f0c04ae905

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.686,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 3176
x-xss-protection: 1; mode=block
x-request-id: 99e9131927e4c9afa7b3c6300d412081
x-served-by: cache-lga21967-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.786025,VS0,VE1
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/files/SouthernXpeditions_400x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 OverlandJournalv2_a1eebf2e-77c3-4cd3-bce7-1863653084c2_400x.png
cdn.shopify.com/s/files/1/0259/2112/6454/files/ 5 KB
6 KB 29ms
24ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/files/OverlandJournalv2_a1eebf2e-77c3-4cd3-bce7-1863653084c2_400x.png?v=1575532992

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

a90ecd284d3954bf4c0baecf5df70b44552476ea5ef593aecd01b273b6f112e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.283,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 5192
x-xss-protection: 1; mode=block
x-request-id: 64a11a783afb54285f7e92939e4154dc
x-served-by: cache-lga13627-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.786036,VS0,VE0
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/files/OverlandJournalv2_a1eebf2e-77c3-4cd3-bce7-1863653084c2_400x.png>; rel="canonical"
x-cache-hits: 1, 2

GET
H2 200 x4-logo2_400x.png
cdn.shopify.com/s/files/1/0259/2112/6454/files/ 2 KB
2 KB 48ms
44ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/files/x4-logo2_400x.png?v=1622061309

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

da84cc5f9cd563228b5dd4a1cddd2536095db5d75856262324411f8b484b3553

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=15.303,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 2044
x-xss-protection: 1; mode=block
x-request-id: 7db8d60e9db1b558d6ebfb5d61a361f6
x-served-by: cache-lga21936-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.786051,VS0,VE15
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/files/x4-logo2_400x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 TREADLOGOS3_400x.png
cdn.shopify.com/s/files/1/0259/2112/6454/files/ 7 KB
8 KB 43ms
38ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/files/TREADLOGOS3_400x.png?v=1622061544

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

a9a20d888f62c6494994de1f41796c3ebce909df4301a1545c01c746859f6b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=1.281,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 7238
x-xss-protection: 1; mode=block
x-request-id: 734ce6f538ac80c40273b0125da61a3f
x-served-by: cache-lga13626-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.791719,VS0,VE1
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/files/TREADLOGOS3_400x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 PopularMech_100_W_400x.png
cdn.shopify.com/s/files/1/0259/2112/6454/files/ 21 KB
21 KB 41ms
36ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/files/PopularMech_100_W_400x.png?v=1633384981

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

739d9c3dcce08ba8861cac659dfd49232868b8081d81fd4e93c48820a9c9e319

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=1.028,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 21170
x-xss-protection: 1; mode=block
x-request-id: 5ee2d1a6d94375c3f53bb883c2359e4e
x-served-by: cache-lga21983-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.791829,VS0,VE1
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/files/PopularMech_100_W_400x.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 403 Oro0V7LQ5Wx9d83N.js
config.gorgias.io/production/B9Zby7Z0dN6eNk3R/chat/ 0
0 172ms
66ms Script
application/xml 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://config.gorgias.io/production/B9Zby7Z0dN6eNk3R/chat/Oro0V7LQ5Wx9d83N.js
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2

200

loop-onstore-sdk.js Show response
unpkg.com/@loophq/onstore-sdk@1.0.9/dist/
Redirect Chain

https://unpkg.com/@loophq/onstore-sdk@latest/dist/loop-onstore-sdk.js
https://unpkg.com/@loophq/onstore-sdk@1.0.9/dist/loop-onstore-sdk.js

44 KB
16 KB

62ms
61ms

Script
application/javascript

2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@loophq/onstore-sdk@1.0.9/dist/loop-onstore-sdk.js

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61f22f4fcb3beaf7ceed8d48827a9b505351ca31318ba468ec98e33f190f7e6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:09 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 21636559
fly-request-id: 01F3Z43KX6BFJWRGY7A30BGEN1
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"b075-ZDPHTV1gI86R7rryPtcb4aHID98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6c55cd44b9a3ca63-YUL

Redirect headers

date: Wed, 29 Dec 2021 20:33:09 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FR3XV1EDF8567M18XDYWSZXY
server: cloudflare
age: 524
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /@loophq/onstore-sdk@1.0.9/dist/loop-onstore-sdk.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6c55cd44595dca63-YUL
access-control-allow-origin: *

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 89 KB
36 KB 109ms
39ms Script
application/javascript 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-5SS5LKD

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c4e10ce636e43c5a41767356fe4530b8e083a98530d8d97f93df7f533e9d93fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:09 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35914
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Dec 2021 20:33:09 GMT

GET
H2 200 widget.min.js Show response
cdn2.stamped.io/files/ 89 KB
26 KB 136ms
24ms Script
text/javascript 2620:1ec:46::70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.stamped.io/files/widget.min.js
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::70 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 92cb1d5813aa2552b90961426870a4b29be2518a7353082bf19f726483420f9e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 29 Dec 2021 20:33:09 GMT
content-encoding: br
last-modified: Fri, 19 Nov 2021 09:21:24 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: yjvFhLKLCvM8k51+QGf8yg==
etag: 0x8D9AB3DF5225B5C
x-azure-ref: 0BcbMYQAAAADRm38dvctJT7i9jmbfed4TWU1RMDFFREdFMDcwNgAyZTViZDQxZS1kNDFkLTRlYjktYWUzMy1mYjVkMGU1Yjk3NGM=
x-cache: TCP_HIT
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: 3bbd2224-401e-011c-5dde-fb0b2d000000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0syjLYQAAAADjo/p/XDojQZ4N6q3xrxJBU04xRURHRTIxMTMAMmU1YmQ0MWUtZDQxZC00ZWI5LWFlMzMtZmI1ZDBlNWI5NzRj

GET
H2 200 boost-pfs-core-instant-search.js Show response
cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ 272 KB
78 KB 42ms
39ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/boost-pfs-core-instant-search.js?v=8502009955415218283

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

f05d6b52b5a3eb0ca8d1011dd7ac780ead493c5643f7b6fe01792083f608962c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.379,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 79134
x-xss-protection: 1; mode=block
x-request-id: e403195dff67930a410bde8bdef170e9
x-served-by: cache-lga21974-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.791901,VS0,VE1
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/boost-pfs-core-instant-search.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 boost-pfs-instant-search.js Show response
cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ 306 B
583 B 46ms
42ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/boost-pfs-instant-search.js?v=16674080522246747681

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

55bfef53c0f1364e940a613be14eaeddd95641a48710b51b2456271d570dd0a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=5.138,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 197
x-xss-protection: 1; mode=block
x-request-id: 416fbd85fd05e4d76c09d2264e80606d
x-served-by: cache-lga13622-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.791990,VS0,VE5
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/boost-pfs-instant-search.js>; rel="canonical"
x-cache-hits: 1, 35

GET
H2 200 boost-pfs-init.js Show response
cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/ 441 B
728 B 46ms
43ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/boost-pfs-init.js?v=18321486475260673524

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

f18ffe3c0db4fb9f98235581ffc3020d6388fc6a1df8a9f51051c107c8ada786

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=9.321,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 211
x-xss-protection: 1; mode=block
x-request-id: 08ae895edb559ce45b35c05c750adca4
x-served-by: cache-lga21938-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.791974,VS0,VE9
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/boost-pfs-init.js>; rel="canonical"
x-cache-hits: 1, 1

GET
H/1.1 200
OK limitsify.min.js Show response
reginapps.com/limitsify/javascripts/ 105 KB
105 KB 103ms
37ms Script
application/javascript 67.205.138.90
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://reginapps.com/limitsify/javascripts/limitsify.min.js
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.205.138.90 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.10.0 (Ubuntu) /
Resource Hash: e0e7a66791325527c20e666694fc3c1dbbf4056420b5b28eb775b15ad0dd5002

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 20:32:12 GMT
Last-Modified: Wed, 17 Nov 2021 06:12:45 GMT
Server: nginx/1.10.0 (Ubuntu)
ETag: "61949d5d-1a4d6"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 107734

GET
H2 200 trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js Show response
cdn.shopify.com/s/ 77 KB
16 KB 37ms
35ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

f8bab8aa4042ca7b45b599e7d4e496146ebf1b45aabb8ff96ad79393ebd10840

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.128,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 16113
x-xss-protection: 1; mode=block
x-request-id: 890388141c9e3f50940e20290c408200
x-served-by: cache-lga21927-LGA, cache-yul12823-YUL
last-modified: Wed, 15 Dec 2021 16:30:30 GMT
server: cache-yul12823-YUL
x-timer: S1640809990.792045,VS0,VE0
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Thu, 15 Dec 2022 16:30:43 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js>; rel="canonical"
x-cache-hits: 3, 1612069

GET
H2 200 shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/ 7 KB
3 KB 38ms
35ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.154,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 2437
x-xss-protection: 1; mode=block
x-request-id: 1e9e805e1961fb6c1fcc228b5cc58289
x-served-by: cache-lga21980-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.792028,VS0,VE0
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js>; rel="canonical"
x-cache-hits: 1, 1710277

GET
H2 200 montserrat_n3.e9c2ec7697570c33b13645dbd15f3f729c5e921b.woff2
fonts.shopifycdn.com/montserrat/ 22 KB
22 KB 58ms
13ms Font
font/woff2 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.shopifycdn.com/montserrat/montserrat_n3.e9c2ec7697570c33b13645dbd15f3f729c5e921b.woff2?h1=b2ZmdGhlZ3JpZHN1cnBsdXMuY29t&hmac=7bf5cb85c6dca4f62eefa03b91f785ce431e738d934dbe59e921f596c6e7d39f
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a4210ade60d5b7d00769d91619148e738767108818212e45edbf32996c9adf00

Request headers

Referer: https://offthegridsurplus.com/
Origin: https://offthegridsurplus.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:09 GMT
via: 1.1 varnish
age: 11193519
x-guploader-uploadid: ADPycdufs759nUoTztwNvQg09yKwfFjTcRYeIYi4BEUvp-ktMVCR7zAucPrPIbeCpWSoVtgLx1gNEIWkwpqFq_1oZaA
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 22336
x-request-id: 2df1ab2ddb9266dbe3558c891623f19a5fac920d1028837d66a1b97a4d4f7015
x-served-by: cache-yul12827-YUL
last-modified: Fri, 12 Mar 2021 19:42:37 GMT
server: UploadServer
x-timer: S1640809990.834394,VS0,VE0
etag: "1df66b81c35c93ff3be36d05682f2713"
x-goog-hash: crc32c=G//kLw==, md5=HfZrgcNck/87420FaC8nEw==
content-type: font/woff2
access-control-allow-origin: *
expires: Mon, 22 Aug 2022 07:14:31 GMT
cache-control: max-age=2629800, immutable
accept-ranges: bytes
x-cache-hits: 46707

GET
H2 200 roboto_n4.da808834c2315f31dd3910e2ae6b1a895d7f73f5.woff2
fonts.shopifycdn.com/roboto/ 20 KB
20 KB 57ms
12ms Font
font/woff2 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.shopifycdn.com/roboto/roboto_n4.da808834c2315f31dd3910e2ae6b1a895d7f73f5.woff2?h1=b2ZmdGhlZ3JpZHN1cnBsdXMuY29t&hmac=df10176f2ad3c00799cd5a2a386e098f8692b5c75a2fa27134672215ee77f5fb
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2deee13a48ba2fddd9440dd1b711193236285f8cc73ed5692055527a100cb35b

Request headers

Referer: https://offthegridsurplus.com/
Origin: https://offthegridsurplus.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:09 GMT
via: 1.1 varnish
age: 17659750
x-guploader-uploadid: ABg5-UyJfpCcxeXeWLRO42dglGQpafz3rx1lTG4eC9-KqrqNfYZrwq6DvslBV1t270cCzoAxLb4itwHk-NFBhuuAxb0
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 20448
x-request-id: dcca555c33cc53e149b6c114bb2727a5ff76045eb718789da4b9d58036c88326
x-served-by: cache-yul12827-YUL
last-modified: Fri, 12 Mar 2021 22:45:11 GMT
server: UploadServer
x-timer: S1640809990.834407,VS0,VE0
etag: "c32845986a55e184047e928fbede46bb"
x-goog-hash: crc32c=8fXJzw==, md5=wyhFmGpV4YQEfpKPvt5Guw==
content-type: font/woff2
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 11:03:59 GMT
cache-control: max-age=2629800, immutable
accept-ranges: bytes
x-cache-hits: 394282

GET
DATA 200
OK truncated
/ 7 KB
7 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c1e6a9ba802ea841ae37cf17c683478c8175ed42f0852ccb7c603ef8b3a33e1

Request headers

Referer
Origin: https://offthegridsurplus.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H2 200 oswald_n5.22b74dce86cb1e4738ccceb326c9284bc24641e9.woff2
fonts.shopifycdn.com/oswald/ 19 KB
19 KB 76ms
32ms Font
font/woff2 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.shopifycdn.com/oswald/oswald_n5.22b74dce86cb1e4738ccceb326c9284bc24641e9.woff2?h1=b2ZmdGhlZ3JpZHN1cnBsdXMuY29t&hmac=f322052e1f0f0920b9d77487d44e69f09158afdb2aa173021988e02367a866f8
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2e1af76b32424786d5f7c29d536a46040b1d80f4480d71d5956a80abbe65df59

Request headers

Referer: https://offthegridsurplus.com/
Origin: https://offthegridsurplus.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:09 GMT
via: 1.1 varnish
age: 17660455
x-guploader-uploadid: ABg5-UysU7fiqB4fcHbD0z-Bh-5zrlm9FRg04mDyscE5JXN2OMvQs5qrqBEbPKJtvQvWtEylOANS1j4h_b6fzP_UIswJ2HRsUg
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 19020
x-request-id: 2526209ce2c3ad269ab6eb5a1405317ab9214ea7652dbe7f7c61637ce4457b7e
x-served-by: cache-yul12827-YUL
last-modified: Fri, 12 Mar 2021 22:44:47 GMT
server: UploadServer
x-timer: S1640809990.834473,VS0,VE0
etag: "db4d6828540600e7a90a5b32cf9b3e29"
x-goog-hash: crc32c=wHV1wA==, md5=201oKFQGAOepClsyz5s+KQ==
content-type: font/woff2
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:52:17 GMT
cache-control: max-age=2629800, immutable
accept-ranges: bytes
x-cache-hits: 31879

GET
H2 200 50off-BANNER-DESK_2x_d6347c48-b707-4892-8a28-4296ddb25c42_1x1.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/files/ 698 B
999 B 14ms
13ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/files/50off-BANNER-DESK_2x_d6347c48-b707-4892-8a28-4296ddb25c42_1x1.jpg?v=1640727256

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

17f1b082d0b9323263368914ebe3ddabc28bccb61396b6e199e92df155679206

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.926,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 698
x-xss-protection: 1; mode=block
x-request-id: 7eeb18c46015c89a7dd3969db39bc832
x-served-by: cache-lga21951-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.843654,VS0,VE1
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/files/50off-BANNER-DESK_2x_d6347c48-b707-4892-8a28-4296ddb25c42_1x1.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 xmas_1x1.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/files/ 704 B
1 KB 14ms
14ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/files/xmas_1x1.jpg?v=1640377154

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

5a318a449d0b1ec4b197604acdb23eff3a501cadf6d7481f5576fcb0a50cf212

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.036,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 704
x-xss-protection: 1; mode=block
x-request-id: 2d747656fd107c9e7d7d03f753ab3c1d
x-served-by: cache-lga21960-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.844418,VS0,VE1
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/files/xmas_1x1.jpg>; rel="canonical"
x-cache-hits: 1, 7

GET
H2 200 Road-To-Racing-Web-Header_1x1.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/files/ 696 B
1 KB 13ms
13ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/files/Road-To-Racing-Web-Header_1x1.jpg?v=1621368662

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

b6ea714416b74a1f46f7904b74e87cc9154272f02f2be0cd6bf589a05cc30b56

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.254,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 696
x-xss-protection: 1; mode=block
x-request-id: 4ce44f92cee13bd6c755fc2ba4b161b7
x-served-by: cache-lga21948-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.844885,VS0,VE0
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/files/Road-To-Racing-Web-Header_1x1.jpg>; rel="canonical"
x-cache-hits: 1, 16

GET
H2 200 Lifestyle_Photos_Off_The_Grid_Baja_029_844cf560-f024-49ca-b56c-e0ad80af6360_1x1.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/files/ 698 B
1017 B 14ms
12ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/files/Lifestyle_Photos_Off_The_Grid_Baja_029_844cf560-f024-49ca-b56c-e0ad80af6360_1x1.jpg?v=1629836920

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

7cb0cf46b6f1e2835b35e23e27da070ac4bf1ba28239fbd413444c4a76b9cebb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.693,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 698
x-xss-protection: 1; mode=block
x-request-id: 3cf32668bdc3dd93452f6c349838e85d
x-served-by: cache-lga13627-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.846554,VS0,VE1
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/files/Lifestyle_Photos_Off_The_Grid_Baja_029_844cf560-f024-49ca-b56c-e0ad80af6360_1x1.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 oswald_n7.f71e68b857a7b8128a7629452b9c6bf9468356a7.woff2
fonts.shopifycdn.com/oswald/ 19 KB
19 KB 23ms
21ms Font
font/woff2 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.shopifycdn.com/oswald/oswald_n7.f71e68b857a7b8128a7629452b9c6bf9468356a7.woff2?h1=b2ZmdGhlZ3JpZHN1cnBsdXMuY29t&hmac=fbe3335a45108f0bef6563fb2de4b87745e8ea62606403dea088c7df628d50f3
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: fbe5c6d5f501249b3a91381155a58a017883450ea5483688a98014a16963066a

Request headers

Referer: https://offthegridsurplus.com/
Origin: https://offthegridsurplus.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:09 GMT
via: 1.1 varnish
age: 17660189
x-guploader-uploadid: ABg5-UzjQe4eq-72_sPG72NvMcwbUWzO0P6oAMdJ6vgdDnLNiLrAoNnG9sR-7XvQyC44IsCZkxE8Jq2V-l61_yZez4k6syP8hA
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 19080
x-request-id: 33d3295fe5762b44bd77eaec505b623be4175cba3aef31df73f9e262e41c0628
x-served-by: cache-yul12827-YUL
last-modified: Fri, 12 Mar 2021 22:44:43 GMT
server: UploadServer
x-timer: S1640809990.850653,VS0,VE0
etag: "a00f503ce2b5c30a4f74198fde864012"
x-goog-hash: crc32c=/gGFqw==, md5=oA9QPOK1wwpPdBmP3oZAEg==
content-type: font/woff2
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:56:39 GMT
cache-control: max-age=2629800, immutable
accept-ranges: bytes
x-cache-hits: 67336

GET
H2 200 montserrat_n4.1d581f6d4bf1a97f4cbc0b88b933bc136d38d178.woff2
fonts.shopifycdn.com/montserrat/ 22 KB
23 KB 22ms
20ms Font
font/woff2 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.shopifycdn.com/montserrat/montserrat_n4.1d581f6d4bf1a97f4cbc0b88b933bc136d38d178.woff2?h1=b2ZmdGhlZ3JpZHN1cnBsdXMuY29t&hmac=deec0a9f79123ed251dfdc0e1af35e40a87d220241907dd687e2173c23eaab8b
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 48ae9ed1cac75b617355bdb11b27d4455b02e13f51d8cdccfb3262c195314f66

Request headers

Referer: https://offthegridsurplus.com/
Origin: https://offthegridsurplus.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:09 GMT
via: 1.1 varnish
age: 17660510
x-guploader-uploadid: ABg5-UyJOzlPq7GjwvtDGuOQ54Uy0G_RseiDIBPt6bLPX3vw4CPbwgRxr_EyPxTYsXKNb-luCY4zrRu4wqpPNUrzd7LsmOj_CQ
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 22716
x-request-id: 9a671833982b19e510f20665a428ea3c82d6279fc56dbdab6e39bcdb8fe91292
x-served-by: cache-yul12827-YUL
last-modified: Fri, 12 Mar 2021 19:42:32 GMT
server: UploadServer
x-timer: S1640809990.850798,VS0,VE0
etag: "2b2b7174f2b09919c27c5fd48454e722"
x-goog-hash: crc32c=zel/7g==, md5=KytxdPKwmRnCfF/UhFTnIg==
content-type: font/woff2
access-control-allow-origin: *
expires: Wed, 08 Jun 2022 10:51:20 GMT
cache-control: max-age=2629800, immutable
accept-ranges: bytes
x-cache-hits: 458160

GET
H2 200 montserrat_i3.0851c828f2d9e24bc7e62370e5b23fbce45a9776.woff2
fonts.shopifycdn.com/montserrat/ 23 KB
23 KB 19ms
19ms Font
font/woff2 2a04:4e42:600::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.shopifycdn.com/montserrat/montserrat_i3.0851c828f2d9e24bc7e62370e5b23fbce45a9776.woff2?h1=b2ZmdGhlZ3JpZHN1cnBsdXMuY29t&hmac=d524905931b7091a13a9fd218a10af6c4f4c7dc49fe6f61354d6a6d3dd1f1f12
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: edb9281aa25ec75980088ecf512d0a28274b484a7a4745a2a3b7c32049506ffd

Request headers

Referer: https://offthegridsurplus.com/
Origin: https://offthegridsurplus.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:09 GMT
via: 1.1 varnish
age: 3152910
x-guploader-uploadid: ADPycdup8cXCm3L19ZU8OjpvvYfuqhTeFjo2NLSxZcCCOWh-rwXcsJ-WGjjD26UnMKxjEqdTLOXqzLQ6jImDDetmn4adAHkFFg
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 23040
x-request-id: b48b9f28e844c3bc30b53de8b0549ee6e9b88f5ec67607ec0077c6da9b88329d
x-served-by: cache-yul12827-YUL
last-modified: Fri, 12 Mar 2021 19:42:30 GMT
server: UploadServer
x-timer: S1640809990.864466,VS0,VE0
etag: "b8ed3e3b8699e3e030934496e76a72c3"
x-goog-hash: crc32c=Vnbp/w==, md5=uO0+O4aZ4+Awk0SW52pyww==
content-type: font/woff2
access-control-allow-origin: *
expires: Wed, 23 Nov 2022 08:44:40 GMT
cache-control: max-age=2629800, immutable
accept-ranges: bytes
x-cache-hits: 281

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
478 B 177ms
40ms Ping
text/plain 34.138.230.116
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.138.230.116 North Charleston, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

116.230.138.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 29 Dec 2021 20:33:10 GMT
x-dc: gcp-us-east1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://offthegridsurplus.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: eed70bc7-2325-4bff-975b-f4d3fe1bf200

GET
H2 200 Versioning_1x1.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/files/ 694 B
1 KB 14ms
14ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/files/Versioning_1x1.jpg?v=1600120835

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

64a1f6134980632b52ad2b5d7b2bcca79944d0caa28b7d1dafd136e40a068a64

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.048,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 694
x-xss-protection: 1; mode=block
x-request-id: 1d877985bc91cd1b83ab5382f0ca1a3f
x-served-by: cache-lga21974-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.966376,VS0,VE1
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/files/Versioning_1x1.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Pocket-Systems_1x1.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/files/ 694 B
1 KB 14ms
14ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/files/Pocket-Systems_1x1.jpg?v=1600109724

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

5111acbb9cd76911643a632103f4afbbb0588399e79b9c91f64ad2294907827e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.982,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 694
x-xss-protection: 1; mode=block
x-request-id: bb428822c2588655852431ea7859ca99
x-served-by: cache-lga21934-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.966615,VS0,VE1
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/files/Pocket-Systems_1x1.jpg>; rel="canonical"
x-cache-hits: 42, 1

GET
H2 200 Motor-Driven_1x1.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/files/ 702 B
973 B 15ms
14ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/files/Motor-Driven_1x1.jpg?v=1600119969

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

218dcbd7e3915cb617e9d9e1a73ab67b5bf7c628332e779f3d1a40032d66509d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.747,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 702
x-xss-protection: 1; mode=block
x-request-id: fbbaf5afd63568f7f85f4705fd400979
x-served-by: cache-lga21959-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.967028,VS0,VE1
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/files/Motor-Driven_1x1.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Trailblazer_5.1_Pants_Dark_Brown_front_Offthegridsurplus_1x1.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 698 B
1 KB 15ms
14ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Trailblazer_5.1_Pants_Dark_Brown_front_Offthegridsurplus_1x1.jpg?v=1631656071

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

399154eda542edbff4e9cabe507879badfe9c8c62e9b331dbca1c9ec39c4b581

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.687,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 698
x-xss-protection: 1; mode=block
x-request-id: 3b69f5bd972f81a639d36c67a3e3c1ad
x-served-by: cache-lga13624-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.967687,VS0,VE1
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Trailblazer_5.1_Pants_Dark_Brown_front_Offthegridsurplus_1x1.jpg>; rel="canonical"
x-cache-hits: 44, 1

GET
H2 200 IND4000C-TCMO_2048x_74ce4909-75e1-43ca-899c-eb3ce9e8a3e2_1x1.png
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 708 B
1 KB 15ms
15ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/IND4000C-TCMO_2048x_74ce4909-75e1-43ca-899c-eb3ce9e8a3e2_1x1.png?v=1640721557

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

7ca43cfa096f03e0d19adfc0dc6c70204a2f33b684060e9954f3e5e3187c1d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.690,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 708
x-xss-protection: 1; mode=block
x-request-id: 72de9ef5cc57d9e4a1068adc74c5b4ed
x-served-by: cache-lga21945-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.968352,VS0,VE1
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/IND4000C-TCMO_2048x_74ce4909-75e1-43ca-899c-eb3ce9e8a3e2_1x1.png>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Dead-Man-X-OFF-the-Grid-30_1x1.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/files/ 690 B
971 B 16ms
16ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/files/Dead-Man-X-OFF-the-Grid-30_1x1.jpg?v=1584808474

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

3625b8464841a2ec27f266bee5598c4c0ac84c4e0005e86c6d5610f8d8ee464d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.734,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 690
x-xss-protection: 1; mode=block
x-request-id: 49b80fed50b59d01875739113109f732
x-served-by: cache-lga13627-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.968480,VS0,VE1
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/files/Dead-Man-X-OFF-the-Grid-30_1x1.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Lifestyle_photos_Destroyer_Army_Green_OffTheGridSurplus_004_1x1.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/files/ 702 B
1 KB 16ms
16ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/files/Lifestyle_photos_Destroyer_Army_Green_OffTheGridSurplus_004_1x1.jpg?v=1634165108

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

344f09d7af11492e0921a69ce5d93a9ca2502a0aa30c6d5ca8b07c3b0e36afef

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.056,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 702
x-xss-protection: 1; mode=block
x-request-id: ad1dc19d007b0dd27296d2329cb622a9
x-served-by: cache-lga13624-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.968689,VS0,VE1
date: Wed, 29 Dec 2021 20:33:09 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/files/Lifestyle_photos_Destroyer_Army_Green_OffTheGridSurplus_004_1x1.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 138ms
83ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-796512322

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

7317a02358b2b617ba0934b570c313ee76f29176c4821a9a5fd1656413e5f41b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14333
x-xss-protection: 0
server: cafe
etag: 8469929769973419123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 29 Dec 2021 20:33:10 GMT

GET
H2 403 Oro0V7LQ5Wx9d83N.js
config.gorgias.io/production/B9Zby7Z0dN6eNk3R/chat/ 0
0 57ms
56ms Script
application/xml 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://config.gorgias.io/production/B9Zby7Z0dN6eNk3R/chat/Oro0V7LQ5Wx9d83N.js
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 / Show response
cdn.avmws.com/1020789/ 4 KB
2 KB 90ms
27ms Script
application/javascript 13.33.46.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avmws.com/1020789/
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.46.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-46-51.ewr52.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a688b2f6a4f1192454b282c3c48eceef618d23c7d8e5e50fd9c814397c2a2730

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 19:51:30 GMT
content-encoding: gzip
last-modified: Wed, 22 Dec 2021 14:09:18 GMT
server: Apache/2.4.29 (Ubuntu)
age: 2500
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 b7a66b6616123855c5af2d7cdf2b099f.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: EWR52-C1
content-length: 1608
x-amz-cf-id: 7VsYxHWcdg3XrCyoECXvUudeRgfRG_RGfKiRhqwwcMABSUgS-lbZ0w==

GET
H2 200 6898 Show response
config.gorgias.chat/applications/ 106 B
734 B 314ms
271ms XHR
application/json 2606:4700::6812:1cb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://config.gorgias.chat/applications/6898

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cb4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edd6d17801d56024162590291490d1560ef06d1831ed0721d2191841367a74b9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:10 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6a-4PkSe+On63JNphqVNt3lxDP8LVs"
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cf-ray: 6c55cd466c6b7157-YUL
expires: Thu, 30 Dec 2021 00:33:10 GMT

GET
H2 200 cart.js Show response
offthegridsurplus.com/ 283 B
914 B 102ms
101ms XHR
text/javascript 23.227.38.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offthegridsurplus.com/cart.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.65 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

4e5347fcba8b45ba6aa6203f6e43c61c2260c864f5ee54625a433be25d58b3c0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://offthegridsurplus.com/?utm_source=ALL%20USERS
X-Requested-With: XMLHttpRequest
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-us-central1,gcp-us-central1,gcp-us-central1
x-shopify-stage: production
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=7889238
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 25921126454
x-shardid: 53
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
content-language: en
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept
x-download-options: noopen
x-shopid: 25921126454
x-request-id: 9b22d0b5-db82-40a9-88de-59b8c6832b15
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
cf-ray: 6c55cd466dfb7133-YUL
x-sorting-hat-podid: 53
x-cartjs-updatedat: 0

GET
H2 404 masonry.min.js
cdn.shopify.com/s/files/1/2333/0623/t/70/assets/ 0
0 27ms
27ms Script
text/html 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.shopify.com/s/files/1/2333/0623/t/70/assets/masonry.min.js?v=5294686724106038817
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/theme.min.js?v=16509411633783335105
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 consent-tracking-api.js Show response
cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/ 4 KB
2 KB 13ms
13ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-7e72fb4d14f06d60c57306b80dc146f0ecdbe4e4c0941f4f3537bee4d54314af.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12827-YUL /

Resource Hash

895a9abb219fd2af30ad07d7ed904c321249fa5d6a7cf966e69586443ff2ebca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offthegridsurplus.com/
Origin: https://offthegridsurplus.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.145,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 1475
x-xss-protection: 1; mode=block
x-request-id: 11c5a6c8a8535e5c306051986a35dbdf
x-served-by: cache-lga21973-LGA, cache-yul12827-YUL
server: cache-yul12827-YUL
x-timer: S1640809990.196512,VS0,VE0
date: Wed, 29 Dec 2021 20:33:10 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js>; rel="canonical"
x-cache-hits: 90, 3390

GET
H2 200 session Show response
shop.app/pay/ 18 B
1 KB 140ms
100ms Fetch
application/json 23.227.38.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.app/pay/session?v=1

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.33 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

checkout.shopify.com

Software

cloudflare /

Resource Hash

9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-us-central1,us-east1
p3p: CP="Not used"
access-control-allow-methods: GET, OPTIONS
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: f5d60df2-d2a1-4292-acd7-5b6d6cb7907a
x-runtime: 0.004092
x-robots-tag: noindex
server: cloudflare
x-frame-options: DENY
etag: W/"9b5179ea2a77fe69b294fbd2ed504eac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://offthegridsurplus.com
vary: Accept-Encoding, Accept, Origin
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 6c55cd470d51ca4f-YUL
x-sorting-hat-podid: -1
access-control-expose-headers

GET
H2 200 widget.min.css
cdn1.stamped.io/files/ 111 KB
17 KB 83ms
24ms Stylesheet
text/css 2620:1ec:bdf::70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.stamped.io/files/widget.min.css
Requested by: Host: cdn2.stamped.io
URL: https://cdn2.stamped.io/files/widget.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::70 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 12c32726157ba0336b4c3ed889cc847c1f1e4d4db7c6ea1d02903957f1abbf63

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 29 Dec 2021 20:33:09 GMT
content-encoding: br
last-modified: Tue, 07 Dec 2021 08:16:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: FufXVD5mlFP/fWnRF5Iq9w==
etag: 0x8D9B959F0A2D37C
x-azure-ref: 0BsbMYQAAAABzfoxK9ivvQrgwnR6TnBLfWU1RMDFFREdFMDkxOAAyZTViZDQxZS1kNDFkLTRlYjktYWUzMy1mYjVkMGU1Yjk3NGM=
x-cache: TCP_HIT
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: b23ba083-101e-012d-5a92-f850fa000000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0ImvJYQAAAACJAS2KEIx0SpHUxhv9YjcfU04xRURHRTIxMTcAMmU1YmQ0MWUtZDQxZC00ZWI5LWFlMzMtZmI1ZDBlNWI5NzRj

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 95ms
36ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/0259/2112/6454/t/34/assets/jquery.min.js?v=6093865874309170411

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

000f368e166bff7134f2c0ff890f75cd706b90c0de1a9a0be5d0c6f464d8c13e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:48:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 29 Dec 2021 20:33:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Dec 2021 20:33:10 GMT

OPTIONS
H2 200 badges
stamped.io/api/widget/ Frame 0
0 312ms
101ms Preflight 52.34.127.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stamped.io/api/widget/badges
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.127.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-127-135.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://offthegridsurplus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 29 Dec 2021 20:33:10 GMT
content-length: 0
cache-control: no-cache
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
x-stackifyid: V1|0653e8e9-1a15-4a45-89b4-b422645cb1a2|C59064|CD1|
access-control-allow-origin: *
access-control-allow-headers: content-type
access-control-max-age: 7300
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
stamped: S2

OPTIONS
H2 200 batch
stamped.io/api/widget/reviews/ Frame 0
0 319ms
111ms Preflight 52.34.127.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stamped.io/api/widget/reviews/batch
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.127.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-127-135.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://offthegridsurplus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 29 Dec 2021 20:33:10 GMT
content-length: 0
cache-control: no-cache
pragma: no-cache
expires: -1
server: Microsoft-IIS/10.0
x-stackifyid: V1|698c26fa-e99e-4ebd-b453-052b09601a9e|C59064|CD1|
access-control-allow-origin: https://offthegridsurplus.com
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-max-age: 300
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
stamped: S2

POST
H2 200 badges Show response
stamped.io/api/widget/ 1 KB
638 B 257ms
257ms XHR
application/json 52.34.127.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stamped.io/api/widget/badges
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.127.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-127-135.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 11543aaf0e082bc518fb7c05df2438d1bd50e0d336d99d29053f7508c4182f3d

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 20:33:10 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-stackifyid: V1|08824465-89a6-450f-9711-5408dfc57093|C59064|CD1|
stamped: S2
content-length: 352
cache-control: no-cache
expires: -1

POST
H2 200 batch Show response
stamped.io/api/widget/reviews/ 16 KB
5 KB 359ms
139ms XHR
application/json 52.34.127.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stamped.io/api/widget/reviews/batch
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.127.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-127-135.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d7de4f63af858f8fe7771c4fb609177421050de304bb7935e6cc5261b6e515ff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 20:33:10 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://offthegridsurplus.com
x-stackifyid: V1|cd8bc742-cf44-48ca-970f-974b7cbd5540|C59064|CD1|
access-control-allow-credentials: true
stamped: S2
content-length: 4405
cache-control: no-cache
expires: -1

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/796512322/ 2 KB
2 KB 92ms
38ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/796512322/?random=1640809990262&cv=9&fst=1640809990262&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Foffthegridsurplus.com%2F%3Futm_source%3DALL%2520USERS&tiba=Off%20The%20Grid%20Surplus&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddcaa4f88eb71e796c03f88db98bec425c8264f1956b40fb39a4b4bd210207d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 20:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1054
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 70ms
22ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: Pnge6yF8KeX2P0/e/hTIKT9sUSpBZlr+SJRJL19hgGH5oWEn1j/L5dm6n+lIeaO0iuG/8MkhVJ2hY7iqzaDhiQ==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 29 Dec 2021 20:33:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 76ms
21ms Script
text/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6731
date: Wed, 29 Dec 2021 18:40:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 29 Dec 2021 20:40:59 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 18 KB
7 KB 104ms
46ms Script
application/javascript 99.84.125.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.125.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-125-102.ewr52.r.cloudfront.net
Software: CloudFront /
Resource Hash: 86cef2add30bc2d72060cfa9bac755d279fbab4894012fac0db3aed74ef96dd4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:10 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: EWR52-C3
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 6867
via: 1.1 53465a830f1b7f4d109848deed6c5e85.cloudfront.net (CloudFront)
x-amz-cf-id: DnXDVwF3bZ84dTh3qwLVr887DrCC2jLLU6CGqxeqMTlOgVRv-BiUBg==

GET
H2 200 shopify-boomerang-1.0.0.min.js Show response
cdn.shopify.com/shopifycloud/boomerang/ 58 KB
17 KB 14ms
14ms Script
application/javascript 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

886430890562cc216ae31a8047f07542f8df8c11f9465f9b08a8dd2da529ac9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.110,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 17388
x-xss-protection: 1; mode=block
x-request-id: b3ae10cedc8093f40a60dd92858b8e57
x-served-by: cache-lga21967-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.323452,VS0,VE0
date: Wed, 29 Dec 2021 20:33:10 GMT
vary: Accept-Encoding
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=3600, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js>; rel="canonical"
x-cache-hits: 1, 3119199

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
477 B 43ms
43ms Ping
text/plain 34.138.230.116
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.138.230.116 North Charleston, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

116.230.138.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 29 Dec 2021 20:33:10 GMT
x-dc: gcp-us-east1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://offthegridsurplus.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: cf90efdd-fd47-432f-a87e-82dbebef5f82

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
478 B 43ms
42ms Ping
text/plain 34.138.230.116
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.138.230.116 North Charleston, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

116.230.138.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 29 Dec 2021 20:33:10 GMT
x-dc: gcp-us-east1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://offthegridsurplus.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: 87b16ab5-59e6-48b6-94a4-b09fff5976a1

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
477 B 45ms
44ms Ping
text/plain 34.138.230.116
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.138.230.116 North Charleston, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

116.230.138.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 29 Dec 2021 20:33:10 GMT
x-dc: gcp-us-east1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://offthegridsurplus.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: 7fd6f542-e291-403b-a2ab-85bd85ed4d58

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/796512322/ 2 KB
1 KB 71ms
38ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/796512322/?random=1640809990325&cv=9&fst=1640809990325&num=1&label=-M0ZCOPUuO0BEMKg5_sC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2F%3Bpage_title%3DOff%20The%20Grid%20Surplus&frm=0&url=https%3A%2F%2Foffthegridsurplus.com%2F%3Futm_source%3DALL%2520USERS&tiba=Off%20The%20Grid%20Surplus&auid=1395566923.1640809990&capi=1&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

1c67330c0947d3a696bfa47efb2f03f98e06d0d1b51b951289d434b876f3890b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 20:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1202
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
796512322.privacysandbox.googleadservices.com/pagead/privacysandbox/conversion/796512322/ 0
0 110ms
42ms Image
text/html 142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://796512322.privacysandbox.googleadservices.com/pagead/privacysandbox/conversion/796512322/?random=1640809990325&cv=9&fst=1640809990325&num=1&fmt=3&label=-M0ZCOPUuO0BEMKg5_sC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2F%3Bpage_title%3DOff%20The%20Grid%20Surplus&frm=0&url=https%3A%2F%2Foffthegridsurplus.com%2F%3Futm_source%3DALL%2520USERS&tiba=Off%20The%20Grid%20Surplus&auid=1395566923.1640809990&capi=1&hn=www.googleadservices.com&async=1
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.72.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga34s32-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
477 B 42ms
41ms Ping
text/plain 34.138.230.116
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6967fb130a629a5a38a7939e6f3366da4c6e3e41.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.138.230.116 North Charleston, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

116.230.138.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 29 Dec 2021 20:33:10 GMT
x-dc: gcp-us-east1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://offthegridsurplus.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: 483d09dc-b76b-4a15-832d-918003b9f82c

GET
H2 200 shopify.css
manychat.com/static/ 2 KB
785 B 108ms
107ms Stylesheet
text/css 18.185.191.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://manychat.com/static/shopify.css?1640809990356
Requested by: Host: manychat.com
URL: https://manychat.com/static/js/shopify.js?account_id=440003476104865
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software: openresty/1.19.3.2 /
Resource Hash: b75e2eaf064cf7619e6e397cb613befd6b3490714b02f4e8071646b26389b83d

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:10 GMT
content-encoding: gzip
last-modified: Fri, 24 Dec 2021 10:28:39 GMT
server: openresty/1.19.3.2
etag: W/"61c5a0d7-8fb"
content-type: text/css
cache-control: max-age=432000
expires: Mon, 03 Jan 2022 20:33:10 GMT

GET
H2 200 440003476104865.js Show response
widget.manychat.com/ 2 KB
2 KB 332ms
108ms Script
text/plain 18.185.191.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.manychat.com/440003476104865.js
Requested by: Host: manychat.com
URL: https://manychat.com/static/js/shopify.js?account_id=440003476104865
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software: openresty/1.19.3.2 /
Resource Hash: cc0471d6ed70bbf70f3ea7c0d4d0237544907cd43f6259b0c239720dbd3cbba7

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:10 GMT
cache-control: no-store
server: openresty/1.19.3.2
content-encoding: gzip
content-type: text/plain; charset=utf-8

GET
H2 200 stamped-font.ttf
cdn1.stamped.io/fonts/ 9 KB
10 KB 52ms
19ms Font
application/octet-stream 2620:1ec:bdf::70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.stamped.io/fonts/stamped-font.ttf?rkevfi
Requested by: Host: cdn1.stamped.io
URL: https://cdn1.stamped.io/files/widget.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::70 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b2f365310c35cf84e0ab011e82072fe91bb97f1e7a159fb7806e4f79172bec33

Request headers

Referer: https://cdn1.stamped.io/files/widget.min.css
Origin: https://offthegridsurplus.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 29 Dec 2021 20:33:10 GMT
last-modified: Wed, 20 Nov 2019 18:33:06 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D76DE815C88978
x-azure-ref: 0BsbMYQAAAAAXoDcSixEHSrDVrqNu19o4WU1RMDFFREdFMDkxOQAyZTViZDQxZS1kNDFkLTRlYjktYWUzMy1mYjVkMGU1Yjk3NGM=
x-cache: TCP_HIT
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: 3bd9b4ea-b01e-006b-5a4f-fbc839000000
cache-control: max-age=604800
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0vKPMYQAAAAAm2qcXuaVdRblnCaHP32UtU04xRURHRTIxMTQAMmU1YmQ0MWUtZDQxZC00ZWI5LWFlMzMtZmI1ZDBlNWI5NzRj
content-length: 9536

GET
H2 200 gorgias-chat-bundle-loader.js Show response
client-builds.production.gorgias.chat/new_bundle/ 734 B
1 KB 1028ms
986ms Script
application/javascript 2606:4700::6812:1db4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client-builds.production.gorgias.chat/new_bundle/gorgias-chat-bundle-loader.js?applicationId=6898&ignore=/static/js/main.js

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1db4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d128853c54f6a7bbc8ef185b03a262de8fe1b5c559d25c372f7ee5de40181f5e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:11 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
surrogate-control: max-age=31536000
x-dns-prefetch-control: off
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 0
referrer-policy: no-referrer
surrogate-key: chat-bundle-loader-script chat-bundle-loader-script-6898
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"2de-gRDgfZobB8i0npexOTStZ4/L04o"
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400, s-max-age=31536000
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cf-ray: 6c55cd489f747138-YUL

GET
H2 200 Trailblazer_Pro_Pants_Standard_Fit_Charcoal_OffTheGrid_540x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 50 KB
50 KB 18ms
17ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Trailblazer_Pro_Pants_Standard_Fit_Charcoal_OffTheGrid_540x.jpg?v=1602868354

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

4c78f04dbe56a365a8164b3e075e85d84db39f5bbbfa28e6670899d539e393a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.465,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 50990
x-xss-protection: 1; mode=block
x-request-id: bb4ec2661ad450d3c321b6ebe04bac11
x-served-by: cache-lga21980-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809990.467874,VS0,VE1
date: Wed, 29 Dec 2021 20:33:10 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Trailblazer_Pro_Pants_Standard_Fit_Charcoal_OffTheGrid_540x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 /
www.google.com/pagead/1p-user-list/796512322/ 42 B
548 B 102ms
42ms Image
image/gif 2607:f8b0:4006:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/796512322/?random=1640809990262&cv=9&fst=1640808000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Foffthegridsurplus.com%2F%3Futm_source%3DALL%2520USERS&tiba=Off%20The%20Grid%20Surplus&async=1&fmt=3&is_vtc=1&random=1041397397&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 20:33:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/796512322/ 42 B
548 B 101ms
41ms Image
image/gif 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/796512322/?random=1640809990262&cv=9&fst=1640808000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Foffthegridsurplus.com%2F%3Futm_source%3DALL%2520USERS&tiba=Off%20The%20Grid%20Surplus&async=1&fmt=3&is_vtc=1&random=1041397397&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 20:33:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 152908632034579 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 142ms
119ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/152908632034579?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6e7c72159cc27c709e5cd6857eb1ec68a7ab4935a791b076d59eb52f30e025cf

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: PtLPodtqlqArdKv2TzZO1OzL9Vg8EpouZFrR5wKx+83XgJjqzZMgvm9KLTk0y/pp5y79YzRML8VYBCLqXr/rrg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 20:33:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
446 B 153ms
56ms XHR
text/plain 2607:f8b0:4023:1404::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-112975948-1&cid=1621766154.1640809991&jid=1378806251&gjid=292495286&_gid=902786579.1640809991&_u=YGBAgEABBAAAAE~&z=1454102315

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::9a Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 29 Dec 2021 20:33:10 GMT
content-type: text/plain
access-control-allow-origin: https://offthegridsurplus.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 52ms
21ms Image
image/gif 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=403114139&t=pageview&_s=1&dl=https%3A%2F%2Foffthegridsurplus.com%2F%3Futm_source%3DALL%2520USERS&dp=%2F%3Futm_source%3DALL%2520USERS&ul=en-us&de=UTF-8&dt=Off%20The%20Grid%20Surplus&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABB~&jid=1378806251&gjid=292495286&cid=1621766154.1640809991&tid=UA-112975948-1&_gid=902786579.1640809991&did=BwiEti&z=167024357

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 23:25:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 76036
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.ca/pagead/1p-conversion/796512322/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/796512322/?random=2037443885&cv=9&fst=1640809990325&num=1&label=-M0ZCOPUuO0BEMKg5_sC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=120...
https://www.google.com/pagead/1p-conversion/796512322/?random=2037443885&cv=9&fst=1640809990325&num=1&label=-M0ZCOPUuO0BEMKg5_sC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&...
https://www.google.ca/pagead/1p-conversion/796512322/?random=2037443885&cv=9&fst=1640809990325&num=1&label=-M0ZCOPUuO0BEMKg5_sC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...

42 B
64 B

50ms
50ms

Image
image/gif

2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-conversion/796512322/?random=2037443885&cv=9&fst=1640809990325&num=1&label=-M0ZCOPUuO0BEMKg5_sC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2F%3Bpage_title%3DOff%20The%20Grid%20Surplus&frm=0&url=https%3A%2F%2Foffthegridsurplus.com%2F%3Futm_source%3DALL%2520USERS&tiba=Off%20The%20Grid%20Surplus&auid=1395566923.1640809990&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=BsbMYY-OF76OoPMPufie4Ag&cid=CAQSKQCNIrLMvhbMbCSIyxmLFr-yGyRDf1rt-5fNfrQgTfog8KJG-BUUB-CU&random=2677564222&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 20:33:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 29 Dec 2021 20:33:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.ca/pagead/1p-conversion/796512322/?random=2037443885&cv=9&fst=1640809990325&num=1&label=-M0ZCOPUuO0BEMKg5_sC&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dpage_view%3Bpage_path%3D%2F%3Bpage_title%3DOff%20The%20Grid%20Surplus&frm=0&url=https%3A%2F%2Foffthegridsurplus.com%2F%3Futm_source%3DALL%2520USERS&tiba=Off%20The%20Grid%20Surplus&auid=1395566923.1640809990&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=BsbMYY-OF76OoPMPufie4Ag&cid=CAQSKQCNIrLMvhbMbCSIyxmLFr-yGyRDf1rt-5fNfrQgTfog8KJG-BUUB-CU&random=2677564222&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 50off-BANNER-DESK_2x_d6347c48-b707-4892-8a28-4296ddb25c42_1728x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/files/ 398 KB
399 KB 23ms
22ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/files/50off-BANNER-DESK_2x_d6347c48-b707-4892-8a28-4296ddb25c42_1728x.jpg?v=1640727256

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

0bf2fdd60382e270633e88d9273499f1f39a473ab21eaf65268bed67ee031e67

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=2.600,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 407916
x-xss-protection: 1; mode=block
x-request-id: e74d31406a617847f5ddae86b3f4e7f7
x-served-by: cache-lga21944-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809991.521156,VS0,VE3
date: Wed, 29 Dec 2021 20:33:10 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/files/50off-BANNER-DESK_2x_d6347c48-b707-4892-8a28-4296ddb25c42_1728x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Trailblazer_PRO_Pants_Standard_Fit_Charcoal_Full_OffTheGrid_540x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 70 KB
70 KB 16ms
15ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Trailblazer_PRO_Pants_Standard_Fit_Charcoal_Full_OffTheGrid_540x.jpg?v=1602868354

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

1e7134581c0410a49637126080ba67007e060a35a1fa8a22b2407edf4bbd4ccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=1.508,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 71584
x-xss-protection: 1; mode=block
x-request-id: 40f7e84b52d4a9a0d61ad8c71dc7a8c0
x-served-by: cache-lga21957-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809991.521313,VS0,VE2
date: Wed, 29 Dec 2021 20:33:10 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Trailblazer_PRO_Pants_Standard_Fit_Charcoal_Full_OffTheGrid_540x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 46 B
313 B 81ms
44ms Fetch
application/json 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=85b9b802-6e2e-4926-a484-f63f172d2bf0

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

fcd0e1cc60c87c8b844e2203e61394ce838b4b020b5ad26ecc1a3aadd849d903

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:10 GMT
via: 1.1 google
server: nginx/1.17.3
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame D9F5 672 B
1 KB 85ms
54ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=85b9b802-6e2e-4926-a484-f63f172d2bf0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/

Response headers

server: nginx/1.17.3
date: Wed, 29 Dec 2021 20:33:10 GMT
content-type: text/html
content-length: 672
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 p Show response
tr.snapchat.com/ Frame 6C05 0
207 B 50ms
49ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://offthegridsurplus.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/

Response headers

server: nginx/1.17.3
date: Wed, 29 Dec 2021 20:33:10 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 41ms
41ms Image
image/gif 2607:f8b0:4006:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-112975948-1&cid=1621766154.1640809991&jid=1378806251&_u=YGBAgEABBAAAAE~&z=1509994555

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 20:33:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 74ms
41ms Image
image/gif 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-112975948-1&cid=1621766154.1640809991&jid=1378806251&_u=YGBAgEABBAAAAE~&z=1509994555

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 20:33:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame D9F5 18 KB
7 KB 24ms
24ms Script
application/javascript 99.84.125.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=85b9b802-6e2e-4926-a484-f63f172d2bf0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.125.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-125-102.ewr52.r.cloudfront.net
Software: CloudFront /
Resource Hash: 86cef2add30bc2d72060cfa9bac755d279fbab4894012fac0db3aed74ef96dd4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tr.snapchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 22:35:35 GMT
content-encoding: gzip
server: CloudFront
age: 79055
etag: 0d6e407936704bd380072f5891d28b0e
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=86400, max-age=600
x-amz-cf-pop: EWR52-C3
access-control-allow-headers: Content-Type
content-length: 6867
via: 1.1 53465a830f1b7f4d109848deed6c5e85.cloudfront.net (CloudFront)
x-amz-cf-id: nJp8SXmqc1rLAb8wLxR5p7zzy-4YShjcmIPzxDXCyAW0nEryR743qA==

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 68ms
22ms Image
image/gif 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=152908632034579&ev=PageView&dl=https%3A%2F%2Foffthegridsurplus.com%2F%3Futm_source%3DALL%2520USERS&rl=&if=false&ts=1640809990706&sw=1600&sh=1200&v=2.9.48&r=stable&a=shopify&ec=0&o=30&fbp=fb.1.1640809990705.487413500&it=1640809990491&coo=false&eid=07e58ebb-B074-4F00-DC93-ACAE98A621AE&exp=p0&rqm=GET

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:10 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 29 Dec 2021 20:33:10 GMT

GET
H2 200 widget.js Show response
mccdn.me/assets/js/ 389 KB
94 KB 78ms
30ms Script
application/javascript 2606:4700:20::681a:e87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mccdn.me/assets/js/widget.js
Requested by: Host: widget.manychat.com
URL: https://widget.manychat.com/440003476104865.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e87 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1785d5d792bf4a89a05b874067db9ce766a324be2031adb48dca6c000cbbee5

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Dec 2021 15:43:37 GMT
server: cloudflare
age: 2948
etag: W/"61cc8229-6150d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NAF26HrBbtfPZ8IMS91hxdt2ztZjtx5bLBBQlFbMg5TcwphoVSH2CxEk%2FRvst4f3eQKd5DqFOQobIsvSPF7j47cXDp4QzZPWRgdvWYaV7RCgUx0u7ai9UKf1vkaQqrce%2FMYYeR0Y"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=7200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c55cd4a58754bb9-YUL

GET
H2 200 Hideout-Jeans_Vintage_Front_Off-The-Grid_d3824c5a-1cf9-4b49-a017-98235dfcec69_540x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 44 KB
45 KB 30ms
30ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Hideout-Jeans_Vintage_Front_Off-The-Grid_d3824c5a-1cf9-4b49-a017-98235dfcec69_540x.jpg?v=1602721190

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

c4635c43644d16797c891190380174d825f7675f98281b040bb43f36f8d2d6df

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, MISS
server-timing: cdn;dur=1.221,cdnPop;desc=LGA,cdnCache;desc=HIT-CLUSTER, cdn;dur=13.565,cdnPop;desc=YUL,cdnCache;desc=MISS-CLUSTER,cdnOriginTTFB;dur=12.407,cdnOriginTTLB;dur=13.430
content-length: 44918
x-xss-protection: 1; mode=block
x-request-id: a8002314ed0c9adf30be871eb1643e84
x-served-by: cache-lga21972-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809991.733759,VS0,VE14
date: Wed, 29 Dec 2021 20:33:10 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Hideout-Jeans_Vintage_Front_Off-The-Grid_d3824c5a-1cf9-4b49-a017-98235dfcec69_540x.jpg>; rel="canonical"
x-cache-hits: 1, 0

GET
H3

200

p Show response
tr.snapchat.com/cm/ Frame 8853
Redirect Chain

https://tr.snapchat.com/cm/s?pnid=140&cb=1640809990734
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1640762449714%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1640762449714%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://tr.snapchat.com/cm/p?rand=1640762449714&pnid=140&pcid=3ca8dc21-5f62-4fb3-a79f-c2f6e22c66e8

0
15 B

62ms
62ms

Document
text/html

35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/p?rand=1640762449714&pnid=140&pcid=3ca8dc21-5f62-4fb3-a79f-c2f6e22c66e8

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://tr.snapchat.com/

Response headers

server: nginx/1.17.3
date: Wed, 29 Dec 2021 20:33:10 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

date: Wed, 29 Dec 2021 20:33:10 GMT
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://tr.snapchat.com/cm/p?rand=1640762449714&pnid=140&pcid=3ca8dc21-5f62-4fb3-a79f-c2f6e22c66e8
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2 200 Hideout-Jeans_Vintage_Back_Off-The-Grid_3de39701-ebc4-4c6b-a1de-0c12c2b79a03_540x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 50 KB
51 KB 39ms
39ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Hideout-Jeans_Vintage_Back_Off-The-Grid_3de39701-ebc4-4c6b-a1de-0c12c2b79a03_540x.jpg?v=1602721190

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

a16fb99413a113a057376badcecfd2e3db74c0081efb42be390bf8a2136d319f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, MISS
server-timing: cdn;dur=1.320,cdnPop;desc=LGA,cdnCache;desc=HIT-CLUSTER, cdn;dur=24.332,cdnPop;desc=YUL,cdnCache;desc=MISS-CLUSTER,cdnOriginTTFB;dur=23.206,cdnOriginTTLB;dur=24.217
content-length: 51662
x-xss-protection: 1; mode=block
x-request-id: 4d6357f7d3c7e06784975676575d3785
x-served-by: cache-lga21958-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809991.747966,VS0,VE24
date: Wed, 29 Dec 2021 20:33:10 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Hideout-Jeans_Vintage_Back_Off-The-Grid_3de39701-ebc4-4c6b-a1de-0c12c2b79a03_540x.jpg>; rel="canonical"
x-cache-hits: 1, 0

OPTIONS
H2 204 logEvent
manychat.com/pixel/ Frame 0
0 331ms
105ms Preflight
text/plain 18.185.191.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://manychat.com/pixel/logEvent
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software: openresty/1.19.3.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://offthegridsurplus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: openresty/1.19.3.2
date: Wed, 29 Dec 2021 20:33:11 GMT
access-control-allow-origin: https://offthegridsurplus.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0

GET
H3 200 css
fonts.googleapis.com/ 1 KB
407 B 80ms
41ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:600,500,400,300&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a29ba0f6932eb8739dd912132b404719aee8a8506e428f4395fd7816f8312cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:33:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 29 Dec 2021 20:33:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Dec 2021 20:33:10 GMT

POST
H2 200 logEvent Show response
manychat.com/pixel/ 15 B
146 B 101ms
101ms XHR
application/json 18.185.191.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://manychat.com/pixel/logEvent
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software: openresty/1.19.3.2 /
Resource Hash: 52cea2e63fec4f8589406792b5194db66255cfb26b6a33b7971260a3852c7ba5

Request headers

Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 29 Dec 2021 20:33:11 GMT
content-encoding: gzip
server: openresty/1.19.3.2
content-type: application/json

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 31ms
31ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: mccdn.me
URL: https://mccdn.me/assets/js/widget.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4c6ec4281850d8e0d99163735ef9e216e31252c26ebb5e361a66d2bcf43991be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 4BO5OLrwuNPgMpvGZU3W/g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Wed, 29 Dec 2021 20:35:32 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: sLvMNcXQlDHR0iYyip8PmQT7a5347ut/XxrVXzxj9NSqxljUGX5T/l5kKGO5e49Qm4JIMnAuOcaI3L2Slp6qlQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 2c2859e43064cfceb15c9c8c34e64383
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 29 Dec 2021 20:33:10 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "b6c43a504a8590c232e015e4294a390c"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
24 KB 103ms
30ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:600,500,400,300&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offthegridsurplus.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 04:58:07 GMT
x-content-type-options: nosniff
age: 56104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Dec 2022 04:58:07 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 120ms
49ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:600,500,400,300&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offthegridsurplus.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:34:02 GMT
x-content-type-options: nosniff
age: 140349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23248
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:53 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Dec 2022 05:34:02 GMT

GET
H2 200 Lightning_Bolt_Short_Sleeve_Front_Army_Green_Offthegrid_540x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 88 KB
89 KB 18ms
18ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Lightning_Bolt_Short_Sleeve_Front_Army_Green_Offthegrid_540x.jpg?v=1614972298

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

720344334622595ed9890912fe29c081755933bd3b4ba2135e0fa52565a52b8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=1.566,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 90298
x-xss-protection: 1; mode=block
x-request-id: e478d77a0edb11ef9966abd1a1f87455
x-served-by: cache-lga21975-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809991.963809,VS0,VE2
date: Wed, 29 Dec 2021 20:33:10 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Lightning_Bolt_Short_Sleeve_Front_Army_Green_Offthegrid_540x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 284 KB
80 KB 65ms
29ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=690a80aaa2c4643596bbf52b35c9f18d

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fa14f9a6eef815bd8ed5bd4e83fb9d2e7a4a3200cb05089fbf5d633d6aa975fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://offthegridsurplus.com/
Origin: https://offthegridsurplus.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 79Bb+38s1O2h1wY1CrpRpQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Thu, 29 Dec 2022 19:38:23 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 81968
x-fb-rlafr: 0
x-fb-debug: LMEdMOBH9xNo5WLIAdRVVSUPHWAKi/mNhiWL8eJ0/SxCW0c1oZWhU/zMezQkc4JVxUHl1jT6eT/1/TkoAGvchg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 156e622d445c676924edf0c97fa481ce
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 29 Dec 2021 20:33:11 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "ea717297edfd77246c137534b5477203"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 Lightning_Bolt_Short_Sleeve_Pocket_Army_Green_Offthegrid_540x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 93 KB
93 KB 32ms
32ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Lightning_Bolt_Short_Sleeve_Pocket_Army_Green_Offthegrid_540x.jpg?v=1614972298

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

dc4d2afb89a1bf7645a4a755977b6a1dca9cbd337f1685a0a0f363738dac91ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, MISS
server-timing: cdn;dur=1.722,cdnPop;desc=LGA,cdnCache;desc=HIT-CLUSTER, cdn;dur=13.317,cdnPop;desc=YUL,cdnCache;desc=MISS-CLUSTER,cdnOriginTTFB;dur=11.315,cdnOriginTTLB;dur=13.183
content-length: 94750
x-xss-protection: 1; mode=block
x-request-id: 9da1d339e546c843acd38b8936361f72
x-served-by: cache-lga21957-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809991.976638,VS0,VE13
date: Wed, 29 Dec 2021 20:33:10 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Lightning_Bolt_Short_Sleeve_Pocket_Army_Green_Offthegrid_540x.jpg>; rel="canonical"
x-cache-hits: 1, 0

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 56ms
25ms Font
font/woff2 2607:f8b0:4006:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://offthegridsurplus.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 22:58:42 GMT
x-content-type-options: nosniff
age: 164069
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 27 Dec 2022 22:58:42 GMT

GET
H2 200 Trailblazer_Pro_Standard_Fit_Desert_Palm_Pants_OffTheGrid_540x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 45 KB
45 KB 31ms
31ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Trailblazer_Pro_Standard_Fit_Desert_Palm_Pants_OffTheGrid_540x.jpg?v=1602871582

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

5e937da787173d50e84a190b7e658710e21d0c2fd0fa2e728fcfe9d6540a059f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, MISS
server-timing: cdn;dur=1.044,cdnPop;desc=LGA,cdnCache;desc=HIT-CLUSTER, cdn;dur=10.679,cdnPop;desc=YUL,cdnCache;desc=MISS-CLUSTER,cdnOriginTTFB;dur=9.516,cdnOriginTTLB;dur=10.562
content-length: 45760
x-xss-protection: 1; mode=block
x-request-id: 94c9b95f05766f4cb3799848b8727953
x-served-by: cache-lga21966-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809991.109201,VS0,VE11
date: Wed, 29 Dec 2021 20:33:11 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Trailblazer_Pro_Standard_Fit_Desert_Palm_Pants_OffTheGrid_540x.jpg>; rel="canonical"
x-cache-hits: 1, 0

GET
H2 200 Trailblazer_PRO_Standard_Fit_Desert_Palm_Full_OffTheGrid_540x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 42 KB
43 KB 16ms
16ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Trailblazer_PRO_Standard_Fit_Desert_Palm_Full_OffTheGrid_540x.jpg?v=1602871582

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

f9933612f29ba23fce51018dbc5d901545554ef3e1a0072bcb4fdfac7369616a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.170,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 43392
x-xss-protection: 1; mode=block
x-request-id: af9af9132a9f5cdb708e96926fcdced5
x-served-by: cache-lga21923-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809991.152156,VS0,VE1
date: Wed, 29 Dec 2021 20:33:11 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Trailblazer_PRO_Standard_Fit_Desert_Palm_Full_OffTheGrid_540x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 53ms
26ms Image
image/gif 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=152908632034579&ev=Microdata&dl=https%3A%2F%2Foffthegridsurplus.com%2F%3Futm_source%3DALL%2520USERS&rl=&if=false&ts=1640809991210&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Off%20The%20Grid%20Surplus%22%2C%22meta%3Adescription%22%3A%22We%20make%20apparel%20for%20the%20motor-driven%20adventurist.%20Brought%20to%20you%20by%20action-sports%2Foutdoor%20clothing%20designer%2C%20Josh%20Patterson.%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Off%20The%20Grid%20Surplus%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Foffthegridsurplus.com%2F%22%2C%22og%3Atitle%22%3A%22Off%20The%20Grid%20Surplus%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Adescription%22%3A%22We%20make%20apparel%20for%20the%20motor-driven%20adventurist.%20Brought%20to%20you%20by%20action-sports%2Foutdoor%20clothing%20designer%2C%20Josh%20Patterson.%22%2C%22og%3Aimage%22%3A%22http%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0259%2F2112%2F6454%2Ffiles%2FFacebook-URL-image_1200x1200.jpg%3Fv%3D1596578496%22%2C%22og%3Aimage%3Asecure_url%22%3A%22https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0259%2F2112%2F6454%2Ffiles%2FFacebook-URL-image_1200x1200.jpg%3Fv%3D1596578496%22%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A60%2C%22w%22%3A148%7D%2C%22properties%22%3A%7B%22url%22%3A%22%2F%22%2C%22logo%22%3A%22%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0259%2F2112%2F6454%2Ffiles%2FOff-The-Grid-Dark-LOGO_300x.png%3Fv%3D1575529671%22%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FOrganization%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&a=shopify&ec=1&o=30&fbp=fb.1.1640809990705.487413500&it=1640809990491&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Wed, 29 Dec 2021 20:33:11 GMT

GET
H3 200 send_to_messenger.php Show response
www.facebook.com/v12.0/plugins/ Frame 1BBA 53 KB
16 KB 118ms
116ms Document
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7eecf418c9cd%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff5cf40d6b8a97%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_b976c65c95b119d84e709b3031368238a87bdfe0_89439e14-9cfd-3796-19b4-6d2c2e58e4b5&sdk=joey&size=xlarge

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=690a80aaa2c4643596bbf52b35c9f18d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

60f28df78a811d1ee0bc079d15fd7e12282d6dea5c3446f532591afc5f21ee6d

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v12.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 3+Gf4TldVZADyZDr8PFR9igDu3KludTiFMx3FxiKUVh1cGgVQ46lfrYCWbpaZhB/+y0DdrNDnQFCK51Q6dcl0w==
date: Wed, 29 Dec 2021 20:33:11 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 28ms
26ms Image
image/gif 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=532160876956612&ev=fb_page_view&dl=https%3A%2F%2Foffthegridsurplus.com%2F%3Futm_source%3DALL%2520USERS&rl=&if=false&ts=1640809991216&sw=1600&sh=1200&at=

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Wed, 29 Dec 2021 20:33:11 GMT

OPTIONS
H2 204 logEvent
manychat.com/pixel/ Frame 0
0 102ms
101ms Preflight
text/plain 18.185.191.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://manychat.com/pixel/logEvent
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software: openresty/1.19.3.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://offthegridsurplus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: openresty/1.19.3.2
date: Wed, 29 Dec 2021 20:33:11 GMT
access-control-allow-origin: https://offthegridsurplus.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0

POST
H2 200 logEvent Show response
manychat.com/pixel/ 15 B
146 B 102ms
100ms XHR
application/json 18.185.191.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://manychat.com/pixel/logEvent
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software: openresty/1.19.3.2 /
Resource Hash: 52cea2e63fec4f8589406792b5194db66255cfb26b6a33b7971260a3852c7ba5

Request headers

Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 29 Dec 2021 20:33:11 GMT
content-encoding: gzip
server: openresty/1.19.3.2
content-type: application/json

GET
H3 200 .json Show response
offthegridsurplus.com/ 307 KB
48 KB 762ms
762ms XHR
application/json 23.227.38.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offthegridsurplus.com/.json

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.65 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

83fe1b609e9f6e61c2630af39c760c0d3e75ae393e4abd34987ec7206aa479bf

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/?utm_source=ALL%20USERS
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-us-central1,gcp-us-central1,gcp-us-central1
x-shopify-stage: production
x-cache: miss
content-type: application/json; charset=utf-8
x-alternate-cache-key: cacheable:43b2bfe137a7ba891d31564af70b1c36
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 25921126454
x-shardid: 53
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
content-language: en
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7889238
x-download-options: noopen
x-shopid: 25921126454
x-request-id: 99b5421e-6235-4619-9688-836997b67c87
vary: Accept
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
cf-ray: 6c55cd4d5b824bd1-YUL
link: <https://cdn.shopify.com>; rel=preconnect, <https://cdn.shopify.com>; rel=preconnect; crossorigin
x-sorting-hat-podid: 53

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 1BBA 0
30 B 82ms
82ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7eecf418c9cd%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff5cf40d6b8a97%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_b976c65c95b119d84e709b3031368238a87bdfe0_89439e14-9cfd-3796-19b4-6d2c2e58e4b5&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: myO5mEdjH96ZRUt96PHNbrwWfonnjCLhhmnyg241u5k+SB4oQJUz0xoIxGMSlriUVCrlZb6ve59slvXcJSnyHQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 20:33:11 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 1BBA 0
30 B 84ms
83ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7eecf418c9cd%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff5cf40d6b8a97%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_b976c65c95b119d84e709b3031368238a87bdfe0_89439e14-9cfd-3796-19b4-6d2c2e58e4b5&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: j4eaazd+TbXK5VV/dSO+l3R7oCaVyQIr7cpHHkpEo7AxI+FcEJqceUZJn+Br0Mnetb7WsaNaABKyu/zxkmtL0g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 20:33:11 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 1BBA 0
30 B 88ms
88ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7eecf418c9cd%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff5cf40d6b8a97%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_b976c65c95b119d84e709b3031368238a87bdfe0_89439e14-9cfd-3796-19b4-6d2c2e58e4b5&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: aT2e6zFNCH+QFmh1mynQTFtH+Q+OccqaX+flw+rTg823vY+bCgyix24qdSX91zWtdsdhcvFD7TTQDh9sZpNqFw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 20:33:11 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 1BBA 0
30 B 82ms
82ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7eecf418c9cd%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff5cf40d6b8a97%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_b976c65c95b119d84e709b3031368238a87bdfe0_89439e14-9cfd-3796-19b4-6d2c2e58e4b5&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: BNzHOaQSHrvOX6YGwXHuJYk4qfAdEuMYZzbhdneQUaiBeUtv8FET8LtaaXN1YXacv66v6q2jyOlBJ1lVK0FJ9A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 20:33:11 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 1BBA 0
30 B 83ms
83ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7eecf418c9cd%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff5cf40d6b8a97%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_b976c65c95b119d84e709b3031368238a87bdfe0_89439e14-9cfd-3796-19b4-6d2c2e58e4b5&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: ++fj6Jw4Ox4jrjQvfRexAXktZ3Uyd0S9H3QxDJGp1V4Jk5c6+x9us01gUOMtPanEGYhNs6zaw9wYc7JUViNlgw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 20:33:11 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 1BBA 0
30 B 79ms
79ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7eecf418c9cd%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff5cf40d6b8a97%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_b976c65c95b119d84e709b3031368238a87bdfe0_89439e14-9cfd-3796-19b4-6d2c2e58e4b5&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: oM+LFvU6V53WfdLVDaTjW1Akp8BQ6i1iKYUDGu12iVyrpctQX2nkY6y1sV5UCKfoz0sPux3YVlxDdzil+Lo/Jg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 20:33:11 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 1BBA 0
30 B 83ms
83ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7eecf418c9cd%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff5cf40d6b8a97%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_b976c65c95b119d84e709b3031368238a87bdfe0_89439e14-9cfd-3796-19b4-6d2c2e58e4b5&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: AlUbIum0s4PmF3Hi+Blli+K1EBiH4W8HO+cd5uCXjOOOuNrGv9TT665apZo6CYaXJA/nNJjUSJ2CBcQbbOzT/w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 20:33:11 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 1BBA 0
30 B 82ms
82ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7eecf418c9cd%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff5cf40d6b8a97%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_b976c65c95b119d84e709b3031368238a87bdfe0_89439e14-9cfd-3796-19b4-6d2c2e58e4b5&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: NuWbPyHyMszQ7hswbu/I8nSiIDP+NH252mXbSH84RxAoBnODqw92J7Cizs2NINlgLZxRGTB+MbjY5Ux+xvs/Lw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 20:33:11 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 1BBA 0
30 B 83ms
83ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7eecf418c9cd%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff5cf40d6b8a97%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_b976c65c95b119d84e709b3031368238a87bdfe0_89439e14-9cfd-3796-19b4-6d2c2e58e4b5&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: HejCxObvkUTMId4L5eIUig1J46AXM46mnpy8fB0gGr9HCFqM3Ph50hpvXj8HL9vRkvyaCfTkdkTmlkirVwSAbQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 20:33:11 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 1BBA 0
30 B 99ms
99ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7eecf418c9cd%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff5cf40d6b8a97%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_b976c65c95b119d84e709b3031368238a87bdfe0_89439e14-9cfd-3796-19b4-6d2c2e58e4b5&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: UAodvIP9e+iOj1KiurkAThh/Gm+UNVpjS7aKm4vRe7CuHERkf6R9q0U0lF5Hp9X3GLcTZdFn6xxysRypxEOgYw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 20:33:11 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 1BBA 0
30 B 87ms
87ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7eecf418c9cd%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff5cf40d6b8a97%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_b976c65c95b119d84e709b3031368238a87bdfe0_89439e14-9cfd-3796-19b4-6d2c2e58e4b5&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: RkyF4DQ0mv/qmL5XTqm+f2Cc4bs8KM/Qwgx9Gb288wTf1Fa2K6HrfP3MCiZgXX36CqzmdhD/HlMnvl6MEDOCzQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 20:33:11 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 1BBA 0
30 B 89ms
89ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7eecf418c9cd%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff5cf40d6b8a97%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_b976c65c95b119d84e709b3031368238a87bdfe0_89439e14-9cfd-3796-19b4-6d2c2e58e4b5&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: +J+T4DUrQ+8/xCMHaKRetDqjIEXLzV5vqL1Zj5WDyqeV64s5cRItRuPcDVNaYbhGZpyFSfJCGR013WJ+q3e8qQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 20:33:11 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 1BBA 0
30 B 90ms
90ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7eecf418c9cd%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff5cf40d6b8a97%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_b976c65c95b119d84e709b3031368238a87bdfe0_89439e14-9cfd-3796-19b4-6d2c2e58e4b5&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: SA+JHE3qiZ5DqCViU17C7YqPFPTroHxP3Y8PKJzVoK27OBnO3rZgW5Gmc6kvtIyTXvTGRmBaTC41mA2EUH399A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 20:33:11 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 1BBA 0
30 B 174ms
173ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7eecf418c9cd%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff5cf40d6b8a97%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_b976c65c95b119d84e709b3031368238a87bdfe0_89439e14-9cfd-3796-19b4-6d2c2e58e4b5&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: bxuBNweiPuPIF4brhYwsAcEVDy6Nf3RzgVOlPmsyg7sH3q8N0+9wjhf7NPSVJBMfJ10FBMDJLjBkLj0NcVe1zQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 20:33:11 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 1BBA 0
30 B 89ms
88ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7eecf418c9cd%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff5cf40d6b8a97%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_b976c65c95b119d84e709b3031368238a87bdfe0_89439e14-9cfd-3796-19b4-6d2c2e58e4b5&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: qfcntT3NULWwb3qoteYWsxRV0u+TcBfF4cx/IU5nX9q1k9fVu1U1mVnwBzW1gInbM5gtgahq5O2Z3RJyCw2aNQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 20:33:11 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 1BBA 0
30 B 90ms
89ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7eecf418c9cd%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff5cf40d6b8a97%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_b976c65c95b119d84e709b3031368238a87bdfe0_89439e14-9cfd-3796-19b4-6d2c2e58e4b5&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: y7PNuw10ZQaAGWyC5JczbSFubshBJfBaQ6NUeHCENDhKVaWLWBmrOvwGD7P7QK7q5wgR25DVkHB0ksdLBPGLmQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 20:33:11 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 1BBA 0
30 B 92ms
92ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7eecf418c9cd%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff5cf40d6b8a97%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_b976c65c95b119d84e709b3031368238a87bdfe0_89439e14-9cfd-3796-19b4-6d2c2e58e4b5&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: 5cx8dMhukBN1PZddQ9wtJ/JxImRiom4y+IHMIPhg+n4cLKNlxzI/H0uDuuAx9IYvfbZWb7sYyunPPTLnm9EcGw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 20:33:11 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 1BBA 0
30 B 92ms
92ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7eecf418c9cd%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff5cf40d6b8a97%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_b976c65c95b119d84e709b3031368238a87bdfe0_89439e14-9cfd-3796-19b4-6d2c2e58e4b5&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: L+4/pkstGb5juf+yg5czdQfCshOdIdTXwOqYpcW08gi2eOSp4OMjDjcSOvArmXmOdWrMuHklxFXzxvjDfoKguw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 20:33:11 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 1BBA 0
30 B 93ms
93ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7eecf418c9cd%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff5cf40d6b8a97%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_b976c65c95b119d84e709b3031368238a87bdfe0_89439e14-9cfd-3796-19b4-6d2c2e58e4b5&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: kM5hX3EUki77z+CLGqDQOqoVwyf7erLKdR3hkBImMolac6eFENZhL5eBQN1MsFQo5egGYu5La3E/ucTMaQ5tjQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 20:33:11 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 1BBA 0
30 B 96ms
89ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7eecf418c9cd%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff5cf40d6b8a97%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_b976c65c95b119d84e709b3031368238a87bdfe0_89439e14-9cfd-3796-19b4-6d2c2e58e4b5&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: HwmjwHuGeq8niEloEBMo8QFZbESDROZpBZUqZwrj8Al8D9f11JL95mxV7phhQx8vtO7e5rPvpISWHfGhRwG5nA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 20:33:11 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3 200 /
www.facebook.com/csp/reporting/ Frame 1BBA 0
30 B 93ms
88ms Other
text/html 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/csp/reporting/?minimize=0

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7eecf418c9cd%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff5cf40d6b8a97%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_b976c65c95b119d84e709b3031368238a87bdfe0_89439e14-9cfd-3796-19b4-6d2c2e58e4b5&sdk=joey&size=xlarge
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: OZ7QEKQUgfnzQ7u3+j3nFftPaiBgr8tXGFwmXUew/FhpW3Edgt3sLXCrDTeZZvroKnX5O9rMAcYc7ZhrmAR6Kg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 29 Dec 2021 20:33:11 GMT
strict-transport-security: max-age=15552000; preload
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

GET
H2 200 W3iqaK3e_-l.css
static.xx.fbcdn.net/rsrc.php/v3/y_/l/0,cross/ Frame 1BBA 4 KB
1 KB 69ms
24ms Stylesheet
text/css 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y_/l/0,cross/W3iqaK3e_-l.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v12.0/plugins/send_to_messenger.php?app_id=532160876956612&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df7eecf418c9cd%26domain%3Doffthegridsurplus.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Foffthegridsurplus.com%252Ff5cf40d6b8a97%26relation%3Dparent.parent&color=blue&container_width=177&cta_text=LET_US_CHAT&locale=en_US&messenger_app_id=532160876956612&page_id=440003476104865&ref=optin_5859068_b976c65c95b119d84e709b3031368238a87bdfe0_89439e14-9cfd-3796-19b4-6d2c2e58e4b5&sdk=joey&size=xlarge

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e6da85a4bec604f66d52a323ba1ca9d7c2be3cfaf16f5757cd0818b54b03b2e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 7kUaMGDzZDRFTtF9PxxpiA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1002
x-fb-rlafr: 0
x-fb-debug: srmSFVQiUJz4QMwr2sXEZSBfulF+BY46kquy2eqZJM29zPNGfXyAQf/dIniEGyRWNMa069wGigdHq4wbq5jq5w==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 29 Dec 2022 16:59:58 GMT

GET
H2 200 4KBt2Pp4WBu.css
static.xx.fbcdn.net/rsrc.php/v3/yz/l/0,cross/ Frame 1BBA 18 KB
5 KB 67ms
23ms Stylesheet
text/css 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yz/l/0,cross/4KBt2Pp4WBu.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c59871d067734ba898b0b36216238c07c1666a2738d80b51c02e7600e6a0d278

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: gvwCe/B4EA/hmT70sley6w==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 4783
x-fb-rlafr: 0
x-fb-debug: Ou00f7DT0ofDV3ONEcX+QqZDjkxn7BPPpbsFyTDcBKhB9a3i3nrAI4Hq7Ji3znnhoRZMRGTzmhkf+tkC062uTg==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 29 Dec 2022 15:32:37 GMT

GET
H2 200 FPdNN1TK3wJ.css
static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/ Frame 1BBA 2 KB
1019 B 68ms
23ms Stylesheet
text/css 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/FPdNN1TK3wJ.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a33a18d3ade364ae94fdc88f786c869ff8b45cae9bf98f2e2a16dd1459d98cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qki4Wy05mlz5CwH9oqDKag==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 815
x-fb-rlafr: 0
x-fb-debug: vnsbWR6chFEsoNFRh6wY/YzGyGltHhS8QEFbZ6Mr/K8hysPwRxFcvtPC9aLppyv0MTbOVJNluhjmgfi0Iz2Ueg==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 15 Dec 2022 23:16:45 GMT

GET
H2 200 cvO2zc7y26E.css
static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/ Frame 1BBA 1 KB
705 B 69ms
25ms Stylesheet
text/css 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yO/l/0,cross/cvO2zc7y26E.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e69f9675af335e5c49650336904b99b413b49ac7f63f4f9a1f9aaf30a775643c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: R07D1ATBHUMvJsgs4zOLiw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 535
x-fb-rlafr: 0
x-fb-debug: rD4WUOwxqvufnVN2uyBLFBT2yQxvoTO7k/zkrjFd3yjGEF4yEEb63wRULEq6HMUgeKFZNCQ13jglr6pY8amPkA==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 29 Dec 2022 15:32:37 GMT

GET
H2 200 _NOVLGKyrR9.css
static.xx.fbcdn.net/rsrc.php/v3/yN/l/0,cross/ Frame 1BBA 19 KB
6 KB 67ms
24ms Stylesheet
text/css 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yN/l/0,cross/_NOVLGKyrR9.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

627769b33c02240b8125d37b8cb27eb06e15e158e60b89e3cba5547d9ac9a002

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: +Y4r3EinsdubpTZAjZCwlQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 4646
x-fb-rlafr: 0
x-fb-debug: JwdGZAw6k+l45ZAa921dYDERCDS33TkGzDim+hOIa8YJwJmN449jnDEfda0yPgiLQiXbDhTe9GGwRY4K/WVI8g==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 26 Dec 2022 15:57:20 GMT

GET
H2 200 48t_-mn1SY7.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yb/r/ Frame 1BBA 307 KB
83 KB 81ms
38ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yb/r/48t_-mn1SY7.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6ed035221de592eca192ee5188314f9879f9516ba6be35c782510c9964be6fe9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 73nT2ycd14UFUPADKUUxjQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 84528
x-fb-rlafr: 0
x-fb-debug: adtBm4I4Dbzg0n5IrfAKvCZl+ygVW2RjxPm+Wgogv5UMBfZCR/eED2zGOy4ZRx6369hYTk5v+eR+MMXA0dcdXw==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 16 Dec 2022 21:39:23 GMT

GET
H2 200 GG1Y0sYc7My.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 1BBA 5 KB
2 KB 102ms
59ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

39685db80e880ec9e59c22115c5bcbf76586a95bf618a714d61fc0e5f271fe77

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: kw22OIA6eDgOltzbJdNVmQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1640
x-fb-rlafr: 0
x-fb-debug: J26uyKV1MpMYImHu8jnttkHOj5x2wXEBFrGUGJ2W5OvOZ6XVeJUz2PV+fQjemSzWjkfedIniQaWattQM9EZ05w==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Mon, 26 Dec 2022 15:01:22 GMT

GET
H2 200 T8BJ7ETas0v.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame 1BBA 41 KB
13 KB 67ms
24ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/T8BJ7ETas0v.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ec967a9c7ef9f9b3498c4894319802b33f23d9aa08858d0db95a682f637cf305

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: VOcZ8I8uJKc3nOE1gwDd/g==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 13499
x-fb-rlafr: 0
x-fb-debug: hQyyBv0phLc1t6/8slDoyZ+c9jAKgTu4Fqb59EmjUR7H+Vyo9y4XOj+ulN+7DWswrMSVh0KdrLX50YXd+q0Omg==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 17 Dec 2022 15:21:32 GMT

GET
H2 200 xyCIQCGmYe4.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ye/r/ Frame 1BBA 46 KB
15 KB 80ms
38ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ye/r/xyCIQCGmYe4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

be307850d97a4cc3185166175515facde15350e4e7ab094000c8fd02edc3656d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: sR6bQ1Us80pnn5qvyfl2lg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 14881
x-fb-rlafr: 0
x-fb-debug: /N2c5NsXEug2OhWIqg7z8xqEUew3nPIrFnjcAcTV0xCMQpJ8xmjF4nw30++hSqhL49r8clKGObnETwAQAbZzqQ==
x-fb-trip-id: 1512268381
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sat, 17 Dec 2022 15:21:32 GMT

GET
H3 200 odA9sNLrE86.jpg
static.xx.fbcdn.net/rsrc.php/v1/yi/r/ Frame 1BBA 1 KB
1 KB 21ms
21ms Image
image/jpeg 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v1/yi/r/odA9sNLrE86.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:11 GMT
x-content-type-options: nosniff
content-md5: 8E8V7SJfv5OQxsrCIaL7hQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1131
x-fb-rlafr: 0
x-fb-debug: JR/IThXJaHP52LX6+/uQ9uNF89cu6WCbEHg+YzdGGQodyQ6UhVyCQyY5gLzM3iWJh7mpAzKD683o3TcDmuo/fg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 18 Dec 2022 07:07:31 GMT

GET
H2 200 gorgias-chat-bundle.js Show response
config.gorgias.chat/ 370 KB
115 KB 1803ms
1803ms Script
application/javascript 2606:4700::6812:1db4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://config.gorgias.chat/gorgias-chat-bundle.js?rev=4a35f4e5&applicationId=6898

Requested by

Host: client-builds.production.gorgias.chat
URL: https://client-builds.production.gorgias.chat/new_bundle/gorgias-chat-bundle-loader.js?applicationId=6898&ignore=/static/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1db4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73ac06ad3578c595df82a49b409adbe0e98ecdf149ddb5b6e7e899a65f25a06c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:13 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
surrogate-control: max-age=31536000
x-dns-prefetch-control: off
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c85f-4AHvTp1HmJzXLGXI6OtevPR0KxA"
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, s-max-age=31536000
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
sourcemap: gorgias-chat-bundle.js.map
cf-ray: 6c55cd4ed8447138-YUL

GET
H3 200 WSHYg2coDhd.png
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ Frame 1BBA 707 B
760 B 22ms
21ms Image
image/png 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/WSHYg2coDhd.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y_/l/0,cross/W3iqaK3e_-l.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a0b9959b58ce19a6cb1023d60b40a23216f2ce95996e50f3b8e7e177b65e8a9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y_/l/0,cross/W3iqaK3e_-l.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:11 GMT
x-content-type-options: nosniff
content-md5: biEGnrcqG9oA/B9m3ok9hQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 707
x-fb-rlafr: 0
x-fb-debug: tMhKbwtKa7jqk73DDj6nowBg1XVwz7CbB9jNzC2BTJgLPtWeUW8v7s0mAwJbe2mwjguy16VmBxrUJLbPow5BzA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 18 Dec 2022 08:49:59 GMT

GET
H3 200 x9ZrO_yAkJs.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/y0/l/en_US/ Frame 1BBA 82 KB
22 KB 25ms
24ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/y0/l/en_US/x9ZrO_yAkJs.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yb/r/48t_-mn1SY7.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4c0752b37b4f74e2e83dd5c1a8dda11d5f3a0534d857ea7a50a7e87530270d21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: s06YHKP82cEFC6ripSzfLA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 22909
x-fb-rlafr: 0
x-fb-debug: 64gPmDV/Ha9cQCJouaNZyZN1HNMrcJvdaHKIaaEC7bAcTo3Dz/dG3LAiiUDLfG3x4AaGBEH+nNQrGb32rbB66Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 17 Dec 2022 15:21:32 GMT

GET
H3 200 s2GsfEzFgLQ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yT/r/ Frame 1BBA 21 KB
7 KB 27ms
26ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yT/r/s2GsfEzFgLQ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yb/r/48t_-mn1SY7.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

97086e03343c6995a1f10f4fd6bcee26a26fcf5f94ad48a19f88bcb7d73cb59f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qvvAroZd2phd9jbIdj0DBg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 6965
x-fb-rlafr: 0
x-fb-debug: mlLV4FvJqCqed0Mlpp1tfM9Oji1KQd3HD2AUpEc+zF0iYbJjnCjDM3kTOXqb4IYMN39nsWOmH6B98WhM+sAhSQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 17 Dec 2022 15:21:32 GMT

GET
H3 200 CWJINsGKrOS.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y3/r/ Frame 1BBA 18 KB
6 KB 28ms
27ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/CWJINsGKrOS.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yb/r/48t_-mn1SY7.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e31058534b68e728b3cfe4d4f122333f19479a72ce4ac79b596ba346376f16c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4rHnUh0ztUMBselfW2HUmA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 5946
x-fb-rlafr: 0
x-fb-debug: EF9mUbNthLq5VU0z9gPdecN5YPb2v82MmWXa+tCdWVERkAPr/VOoE/xB/bYA62EbTDesrIA93q+P5Yiy4qQWmw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 26 Dec 2022 15:01:56 GMT

GET
H3 200 cN-N4Eu_deZ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 1BBA 7 KB
2 KB 29ms
28ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/cN-N4Eu_deZ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yb/r/48t_-mn1SY7.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

095eceabca5358699a8efc64f4e44b27576d45c2ab864f1f50c3401676f9a827

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: XkHzn1WHKMxOAJmWI3FJ7A==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 2277
x-fb-rlafr: 0
x-fb-debug: mkevL23y9t7hKYJg61D9YkklW/rGlnPXasW0e3qn6+0VVt1QTu53waXrBxL4vK0YHCY1JEJNmEzJI83HPzK5Lg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 26 Dec 2022 14:33:24 GMT

GET
H3 200 adkjEBzu5_0.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEBX4/yx/l/en_US/ Frame 1BBA 56 KB
16 KB 29ms
29ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEBX4/yx/l/en_US/adkjEBzu5_0.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yb/r/48t_-mn1SY7.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6383fbd9c9377155aec82349de48bb6c9e09066c3ccb361a9a7a403001e47614

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: n5bMU0fWuXK16juUMTSdYg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 16507
x-fb-rlafr: 0
x-fb-debug: zVH57C4IqjtrNMXFSz1b4NzCExoM/lAj3tkKhMiqJb8Hc6D9ipMRQXzJ4+eZDCmcerPE2CkPfSGothzjjS9nxw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 18 Dec 2022 15:27:16 GMT

GET
H3 200 zDWsfSIJBmh.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ Frame 1BBA 4 KB
2 KB 30ms
30ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/zDWsfSIJBmh.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yb/r/48t_-mn1SY7.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a4f00910898d52a5c3d43c47e6234d9bd6a1fbde7d85a1a0203fb861bae16470

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: vkh9n+8QoOwJ/6bbvMTzfQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1485
x-fb-rlafr: 0
x-fb-debug: dQipHe4U556GfWBJsW39SdqVVPfDw2V4YwhbrX2jC9r42d/FTcxtE5LgDHuGBiJhYQqWKvfnat6Rrp6AyT3u1Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 19 Dec 2022 07:43:54 GMT

GET
H2 200 linkifyjs-html.js
assets.gorgias.chat/1b75d4bb5ba323fd76f22cb39193891aef321c5f/static/js/ 0
12 KB 37ms
25ms Other
application/javascript 2606:4700::6812:1db4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.gorgias.chat/1b75d4bb5ba323fd76f22cb39193891aef321c5f/static/js/linkifyjs-html.js
Requested by: Host: config.gorgias.chat
URL: https://config.gorgias.chat/gorgias-chat-bundle.js?rev=4a35f4e5&applicationId=6898
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1db4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 2420
x-guploader-uploadid: ADPycdvN9tmvvkKRaeU9-2qfthlJRFCLE6sl-T8rwRXBCTa190I_aqq8qu3LiYe5tJBmYghh45GmX_cqF_C7ACDwSZs
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
last-modified: Fri, 24 Dec 2021 09:27:03 GMT
server: cloudflare
etag: W/"6dc90d80fdf77e9f7b2551fc808c2d78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=/edUyQ==, md5=bckNgP33fp97JVH8gIwteA==
x-goog-generation: 1640338023439507
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=14400
x-goog-stored-content-length: 12077
cf-ray: 6c55cd5aa9bb7138-YUL
expires: Thu, 30 Dec 2021 00:33:13 GMT

GET
H2 200 gcmw.js
assets.gorgias.chat/1b75d4bb5ba323fd76f22cb39193891aef321c5f/static/js/ 0
114 KB 46ms
34ms Other
application/javascript 2606:4700::6812:1db4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.gorgias.chat/1b75d4bb5ba323fd76f22cb39193891aef321c5f/static/js/gcmw.js
Requested by: Host: config.gorgias.chat
URL: https://config.gorgias.chat/gorgias-chat-bundle.js?rev=4a35f4e5&applicationId=6898
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1db4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:13 GMT
content-encoding: br
cf-cache-status: HIT
age: 2420
x-guploader-uploadid: ADPycduHnTEiI9Tkq9IqqECyo-UTyyoWEFp-p008TTBVw_fvGnfO2SMUF2lB3wVOjMGViOb1Mqgtr1TsRBINUIh1thonJh0WoQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
last-modified: Fri, 24 Dec 2021 09:27:03 GMT
server: cloudflare
etag: W/"6d31a318fdd388a40744c439d12ed153"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=aZmS9A==, md5=bTGjGP3TiKQHRMQ50S7RUw==
x-goog-generation: 1640338023659492
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=14400
x-goog-stored-content-length: 117889
cf-ray: 6c55cd5aa9bd7138-YUL
expires: Thu, 30 Dec 2021 00:33:13 GMT

GET
H2 206 notification-chat.97cd95d2.mp3
assets.gorgias.chat/1b75d4bb5ba323fd76f22cb39193891aef321c5f/static/media/ 4 KB
4 KB 24ms
23ms Media
audio/mpeg 2606:4700::6812:1db4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.gorgias.chat/1b75d4bb5ba323fd76f22cb39193891aef321c5f/static/media/notification-chat.97cd95d2.mp3
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1db4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d191bedb4ccc9fd7f7eb24b325fb64488c1ad0d949c3b644f5600eafd8aecb73

Request headers

Referer: https://offthegridsurplus.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 29 Dec 2021 20:33:13 GMT
cf-cache-status: HIT
age: 3016
x-guploader-uploadid: ADPycduAzOLMyfWDxG4gZkiwV9DZr7kMUdVwus1dlIuGAhxpmN3sYAK8HIhsoWNzyBsJDOYlUhLN6eBk64SlhBuDltw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: audio/mpeg
Content-Length: 3660
Content-Range: bytes 0-3659/3660
last-modified: Fri, 24 Dec 2021 09:27:04 GMT
server: cloudflare
etag: "97cd95d28b187ffc0c8455c08a688eef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=RoEABg==, md5=l82V0osYf/wMhFXAimiO7w==
x-goog-generation: 1640338024468657
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=14400
x-goog-stored-content-length: 3660
cf-ray: 6c55cd5aa9b87138-YUL
expires: Thu, 30 Dec 2021 00:33:13 GMT

GET
H2 200 collector.js Show response
analytics.getshogun.com/ 54 KB
17 KB 54ms
14ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.getshogun.com/collector.js?shop=otgsurplus.myshopify.com
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 3c370d894a4e5946cb161e6603763984c5d7b4f2b80a4ebd0fe9635834a5d558

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:13 GMT
via: 1.1 vegur, 1.1 varnish, 1.1 varnish
age: 1656
x-cache: HIT, HIT
content-encoding: gzip
content-length: 16556
x-served-by: cache-lga21929-LGA, cache-yul12826-YUL
last-modified: Wed, 07 Apr 2021 15:01:18 GMT
server: Cowboy
x-timer: S1640809993.469836,VS0,VE0
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits: 403, 10648

GET
H/1.1 200
OK redirect-app.js Show response
easy-redirects.s3-eu-west-1.amazonaws.com/ 15 KB
15 KB 441ms
118ms Script
application/javascript 52.218.44.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://easy-redirects.s3-eu-west-1.amazonaws.com/redirect-app.js?shop=otgsurplus.myshopify.com
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.44.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6b07d28a62fadeee2a1e118b23f9706eb02418e05d1e1498af5624fc7200c66f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 20:33:14 GMT
Last-Modified: Thu, 18 Nov 2021 11:54:01 GMT
Server: AmazonS3
x-amz-request-id: QVRPEY7PTHHBZS4Q
ETag: "97455a1c77cbd4f5612c3a6c28e3eb37"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 15322
x-amz-id-2: tuhKHd1fIGuuA0qv8ErcI6wwX+YEuHEOIOLNkU1uiorYcVzTJGnKzn07vU5odDJnX7d2bSRjMfs=

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/ 3 KB
1 KB 71ms
18ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=KLTimw&shop=otgsurplus.myshopify.com
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: aa283de802c9acd3b953b17f0886bc451df07e840451bad29f6100bc347ebfd5

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:13 GMT
content-encoding: gzip
age: 3221
x-cache: HIT, HIT
access-control-max-age: 86400
content-length: 989
x-served-by: cache-lga21956-LGA, cache-yul12833-YUL
access-control-allow-origin: *
allow: OPTIONS, GET
server: nginx
x-timer: S1640809993.485239,VS0,VE1
etag: W/"9845fb2ec18655916356d6ffce90c59a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 1, 1

GET
H2 200 source.js Show response
files-shpf.mageworx.com/productoptions/ 238 KB
69 KB 80ms
36ms Script
application/javascript 2606:4700:20::ac43:4454
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://files-shpf.mageworx.com/productoptions/source.js?mw_productoptions_t=1637342856&shop=otgsurplus.myshopify.com
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4454 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 813b228bfb997d61c1f33c8ed07cdcd92888efa200c5c2c95a2f1c2c9f18d368

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1221
last-modified: Tue, 07 Jul 2020 11:58:13 GMT
server: cloudflare
cache-control: max-age=14400
etag: W/"5f046355-3b9d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qPXUqwE3TKbx%2FBtskFXc2mfZLAaFZ4Fg1M2lU6w9XXn6jV4GL9Ec4LNpMOmnUicDW3f8srouO3PpofQCtNKK2NT1Ukb24WpdJJWYOS9jxp7ENV1L9Z%2FWg6jh3yOGviCBxAcPd0TtvniGuwo5EFeKca3sDybo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: CF-IPCountry, IP-Region
cf-ipcountry: CA
cf-ray: 6c55cd5b3daeecfe-YUL

GET
H2 200 shopify.js Show response
app.octaneai.com/79afenry9euxsfec/ 356 KB
88 KB 82ms
36ms Script
application/javascript 2606:4700:10::6816:22f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.octaneai.com/79afenry9euxsfec/shopify.js?x=J1N1ikKL3jrQKcyu&shop=otgsurplus.myshopify.com
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:22f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a01763cfabcc78df1a60aebad4eecee440a0f596379c4439811e3ee0c31329ee

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Dec 2021 20:12:52 GMT
server: cloudflare
age: 1221
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
cache-control: max-age=1800
cf-ray: 6c55cd5b4f60ecea-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 20149_1608398514.js Show response
app.backinstock.org/widget/ 98 KB
25 KB 70ms
25ms Script
text/javascript 2606:4700:3030::6815:3d8b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.backinstock.org/widget/20149_1608398514.js?v=6&shop=otgsurplus.myshopify.com

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:3d8b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03261fbbc905682630e5aa65bbadbcc06c525bf853844b015e02a3fddf385ab9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
age: 68398
p3p: CP="Not used"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0fMkJgMkMDdcm6BYbn2lWXocgDwXpNrXCZrGojtggs%2BFBbGS21%2F7ag0Uge6pCG0xqCfGoLHLUfod92673sBxUx1kQF2Vv6wtQb6T8PQVwfq1KKefTQDm2WJN6QP9zuKNhjJnlTIcDijRRnVj7iPO9dn5"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 9a1b0d19-0519-4921-8913-5a1df4cf2122
x-runtime: 0.042864
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 19 Dec 2020 17:21:54 GMT
server: cloudflare
x-frame-options: ALLOWALL
etag: W/"1d6ea081b1a095101bf15453ba4602d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
x-download-options: noopen
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2629746
cf-ray: 6c55cd5b4fa7ca53-YUL

GET
H2 200 widget.min.js Show response
cdn1.stamped.io/files/ 89 KB
26 KB 19ms
16ms Script
text/javascript 2620:1ec:bdf::70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.stamped.io/files/widget.min.js?shop=otgsurplus.myshopify.com
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::70 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 92cb1d5813aa2552b90961426870a4b29be2518a7353082bf19f726483420f9e

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Wed, 29 Dec 2021 20:33:12 GMT
content-encoding: br
last-modified: Fri, 19 Nov 2021 09:21:24 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: yjvFhLKLCvM8k51+QGf8yg==
etag: 0x8D9AB3DF5225B5C
x-azure-ref: 0CcbMYQAAAAA+wsuQI+LCQLyCW9bX82tRWU1RMDFFREdFMDkxOAAyZTViZDQxZS1kNDFkLTRlYjktYWUzMy1mYjVkMGU1Yjk3NGM=
x-cache: TCP_HIT
content-type: text/javascript
access-control-allow-origin: *
x-ms-request-id: 2e178215-701e-0114-749e-fc105e000000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0spDMYQAAAAAUrD8sePKRTIAi6AJtGMWfU04xRURHRTIxMTcAMmU1YmQ0MWUtZDQxZC00ZWI5LWFlMzMtZmI1ZDBlNWI5NzRj

GET
H2 200 launcher.js Show response
cdn.verifypass.com/seller/ 4 KB
2 KB 78ms
34ms Script
text/javascript 2606:4700:3034::6815:4436
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.verifypass.com/seller/launcher.js?shop=otgsurplus.myshopify.com
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4436 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4cbd80926d06eb9cb19c1498ef0a86446f65fc46fe8180230fcc7a43950c78f

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:13 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1221
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: R8QWSTGVXS196TH3
x-amz-id-2: pKnhRH0jrZDiRfae+PiDFA5E+aYBvwOwy6LuCywjJ1YHf2aqJ4IQgEI8X+BbQHdAcmW9gAXMRII=
last-modified: Fri, 27 Mar 2020 21:01:29 GMT
server: cloudflare
etag: W/"3de9072d7f2266e960535f403bf00e03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ehG%2B6kHw5rD9U5qiHYELgo79u%2BO%2FdNCUUrRKIdciaA32TBxWr63zseXFdgo%2B2SO%2FNdJ5zB4FdzQ3zdqe5swPSHC6gtbtoR1Jxe%2BQANJW6Qs9zXdgrgle18wjEXwfUor1%2BW3BNGiLuFea4SVWlfnMXmo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 6c55cd5b3ee27151-YUL

GET
H2 200 shopify-scevent-init.js Show response
intg.snapchat.com/shopify/ 10 KB
4 KB 102ms
24ms Script
application/javascript 2600:9000:202c:9800:7:67fb:be80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://intg.snapchat.com/shopify/shopify-scevent-init.js?id=85b9b802-6e2e-4926-a484-f63f172d2bf0&shop=otgsurplus.myshopify.com
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:202c:9800:7:67fb:be80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e754ac6a863e9650b4432de68b0cbc5deef2495a1573bbbc0ac607f35295b2ec

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:43:12 GMT
content-encoding: gzip
last-modified: Tue, 16 Nov 2021 02:43:00 GMT
server: AmazonS3
age: 64202
etag: W/"586e29f264cb912cd3ab8c1f8908ec65"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f912c5a5865a58aaaad9710240b6d2f3.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C2
x-amz-cf-id: OKhJICCo4ApOWCZ1G3vCM4hkiwRBhhaQ0pRAUmTzMX_m2JPmK7epSQ==

GET
H2 200 shopify.js Show response
manychat.com/static/js/ 155 KB
58 KB 217ms
215ms Script
application/javascript 18.185.191.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://manychat.com/static/js/shopify.js?account_id=440003476104865&shop=otgsurplus.myshopify.com
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.185.191.84 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-191-84.eu-central-1.compute.amazonaws.com
Software: openresty/1.19.3.2 /
Resource Hash: 81f7da941a82546d2f6d2e09319016668484769b4586f698e171f57c9cf464dd

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:13 GMT
cache-control: public, max-age=600
last-modified: Fri, 24 Dec 2021 10:28:39 GMT
server: openresty/1.19.3.2
content-encoding: gzip
etag: W/"61c5a0d7-26a05"
content-type: application/javascript; charset=utf-8

GET
H2 200 route-widget-shopify-stable-v2.min.js Show response
cdn.routeapp.io/route-widget-shopify/v2/ 119 KB
35 KB 124ms
37ms Script
application/javascript 2600:9000:2120:3800:16:4701:e4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.routeapp.io/route-widget-shopify/v2/route-widget-shopify-stable-v2.min.js?shop=otgsurplus.myshopify.com
Requested by: Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:3800:16:4701:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 098bfe70ca961917756a266f53c4bac68f64dbf6d2f310ae45cb423883b79568

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 23 Dec 2021 23:23:27 GMT
content-encoding: gzip
last-modified: Thu, 23 Dec 2021 23:23:24 GMT
server: AmazonS3
age: 508187
etag: W/"d1297ff8de06ba96bf234484b3724044"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: GZJ.AFfiwwPrc9D3jK4NOYFIxxFMP0A0
via: 1.1 a2b911ba341aa7e1e7d2f292be789000.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C4
content-type: application/javascript
x-amz-cf-id: Ddy2aX1QlBGLGpSLpPLBBVbrjhipHYYiT0HLTH-3eFE4x3ajsj6a9Q==

GET
H2 200 rebuy.js Show response
cdn.rebuyengine.com/onsite/js/ 4 KB
2 KB 78ms
31ms Script
application/javascript 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rebuyengine.com/onsite/js/rebuy.js?shop=otgsurplus.myshopify.com

Requested by

Host: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

85498129ec04880c8586191f63f549149f84f0e467c03adc6337366aadff879b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:13 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 5339
x-cache: HIT, MISS
content-length: 1542
x-served-by: cache-mdw17330-MDW, cache-yul12826-YUL
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Dec 2021 04:56:38 GMT
server: Apache/2.4.41 (Ubuntu)
x-timer: S1640809993.484389,VS0,VE18
etag: "f29-5d3c9103eed80-gzip"
strict-transport-security: max-age=300
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1800, stale-while-revalidate=10800
accept-ranges: bytes
access-control-allow-headers: Content-Type
x-cache-hits: 8, 0

POST
H2 200 produce
monorail-edge.shopifysvc.com/v1/ 0
477 B 48ms
48ms Ping
text/plain 34.138.230.116
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/v1/produce

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.138.230.116 North Charleston, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

116.230.138.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 29 Dec 2021 20:33:13 GMT
x-dc: gcp-us-east1
access-control-max-age: 86400
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: https://offthegridsurplus.com
access-control-allow-credentials: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length: 0
x-request-id: 4e6730eb-4459-483d-98dd-2953e9cad272

GET FALL19-3_300x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/files/ 0
0

GET
H2 200 FALL19-3_540x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/files/ 51 KB
51 KB 18ms
17ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/files/FALL19-3_540x.jpg?v=1575534171

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

72bc6a16fd01a83a282469da132926215c7cb24923d7b273ee3dfa1b3ea2d4af

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.990,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 52092
x-xss-protection: 1; mode=block
x-request-id: da010179e6eef3e910f0a13f126c9373
x-served-by: cache-lga13622-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809994.521715,VS0,VE1
date: Wed, 29 Dec 2021 20:33:13 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/files/FALL19-3_540x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 xmas.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/files/ 148 KB
148 KB 20ms
20ms Image
image/jpeg 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/files/xmas.jpg?v=1640377154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

dc1dae59f78ce91d304b678bc2726874bacab3aa98e28cf0133b52a5f51fa383

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=2.358,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 151657
x-xss-protection: 1; mode=block
x-request-id: dabefb4291c368dae7fbf814fb205005
x-served-by: cache-lga13628-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809994.528689,VS0,VE2
date: Wed, 29 Dec 2021 20:33:13 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/files/xmas.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 fender_analytics.0a3a4902c45a97656495.js Show response
static-tracking.klaviyo.com/onsite/js/ 22 KB
8 KB 64ms
12ms Script
application/x-javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.0a3a4902c45a97656495.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=KLTimw&shop=otgsurplus.myshopify.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f823340d01bd43ba9491e993bef0168de367e141395b1a578c1f0a7edbcb0e20

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: K3wbXiRug5Og6klVyuEUNeEAq1WqRZaJ
content-encoding: gzip
age: 3253
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 7504
x-amz-id-2: cSGieYsU9gNvTxmQGQ7ux+qttMEQ0ofSqmsT8Dwi1Y+83iXHE/Wy0oD5fQRmmyi2eqalWqKBkac=
x-served-by: cache-lga21948-LGA, cache-yul12828-YUL
last-modified: Wed, 29 Dec 2021 19:37:44 GMT
server: AmazonS3
etag: "b314b7a116de6791b53649fc627b7291"
vary: Accept-Encoding
x-amz-request-id: ZRZ3WGEDB2RWVYYH
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=2592000, stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/x-javascript
date: Wed, 29 Dec 2021 20:33:13 GMT
x-cache-hits: 1, 5287

GET
H2 200 static.73ecec61afdba0756d6b.js Show response
static-tracking.klaviyo.com/onsite/js/ 13 KB
6 KB 66ms
15ms Script
application/x-javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/static.73ecec61afdba0756d6b.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=KLTimw&shop=otgsurplus.myshopify.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ef5573e2cb3dd94bf0d45b0ece3d5c9760a6aa3cd9a35c3a2830325af668e91

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 2hM80l7xBrpLt3AQ4TFmfkjv6RxVcwRP
content-encoding: gzip
age: 3253
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 5503
x-amz-id-2: +l/rDINFJFo+ftyDpPBNShl4GGxZOgrWCFCUauPKFhJwScYXPMTUMyfexuioT6PUPwtIlwoMBsc=
x-served-by: cache-lga21949-LGA, cache-yul12828-YUL
last-modified: Wed, 29 Dec 2021 19:37:44 GMT
server: AmazonS3
etag: "9e1b59cb25183fe60839103e08045cea"
vary: Accept-Encoding
x-amz-request-id: ZRZ2GPAWGWRM7370
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=2592000, stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/x-javascript
date: Wed, 29 Dec 2021 20:33:13 GMT
x-cache-hits: 1, 5296

GET
H2 200 sharedUtils.22225e8be8c773a192b5.js Show response
static.klaviyo.com/onsite/js/ 35 KB
9 KB 17ms
16ms Script
application/x-javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sharedUtils.22225e8be8c773a192b5.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=KLTimw&shop=otgsurplus.myshopify.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3eac6b6ca0df419caa2b1951fef60f59bd036969221bc6d3d9784c5ba5d9a062

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: uAWDN8TletfdM1QPtUw2IWcHeHUdCEp7
content-encoding: gzip
age: 3253
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 9322
x-amz-id-2: D8jZOShmILYaB1VrsASVMCg19B6qq7b1x3pV9cRB9pWIR2DjlKti4OwVRAD28UZcQL03fMpsp/I=
x-served-by: cache-lga21962-LGA, cache-yul12833-YUL
last-modified: Thu, 23 Dec 2021 21:04:52 GMT
server: AmazonS3
etag: "19a7fdd374429418b6912c2497585cae"
vary: Accept-Encoding
x-amz-request-id: SD6FV2W0VB9S0KNX
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=2592000, stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/x-javascript
date: Wed, 29 Dec 2021 20:33:13 GMT
x-cache-hits: 1, 4370

GET
H2 200 sentry.3770b81f534eb4a7afe1.js Show response
static.klaviyo.com/onsite/js/ 40 KB
14 KB 17ms
17ms Script
application/x-javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sentry.3770b81f534eb4a7afe1.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=KLTimw&shop=otgsurplus.myshopify.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a5053567e6cb48aeb3cde3c48c745ef891dd0ea20ee643561facd301d24c9085

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: MMe1cNs52EUXdlJ8QD3kUGocQDfZvqeR
content-encoding: gzip
age: 3255
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 13798
x-amz-id-2: BF55xDnR1QzBCABTwDfPpWGrmp9ReeZkxY1yQXSDTpqeykWMUZmDyNDkZBR75UNxD4//xyImOTY=
x-served-by: cache-lga13621-LGA, cache-yul12833-YUL
last-modified: Thu, 23 Dec 2021 21:04:52 GMT
server: AmazonS3
etag: "ed55aff052cb09a4e554b42b64e82183"
vary: Accept-Encoding
x-amz-request-id: SD61K7Q186JNZY72
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=2592000, stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/x-javascript
date: Wed, 29 Dec 2021 20:33:13 GMT
x-cache-hits: 2, 3385

GET
H2 200 vendors~signup_forms.38221c7754f8383d1638.js Show response
static.klaviyo.com/onsite/js/ 87 KB
26 KB 28ms
27ms Script
application/x-javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.38221c7754f8383d1638.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=KLTimw&shop=otgsurplus.myshopify.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6aa25ca5722d4338a6435be63dcc872b5e435e41a859eead57cf9a5882a3b874

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: h1NA10622.0dv66qbv1QoJ42.RY6aEBX
content-encoding: gzip
age: 3253
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 26687
x-amz-id-2: +6hJGCknXcB5KWneAcWoWpCQYElcFYIlf4FFup47l+PdwSqm6J3rFOBLzs1GQkuXFJhzHqSKSmE=
x-served-by: cache-lga21972-LGA, cache-yul12833-YUL
last-modified: Wed, 29 Dec 2021 19:37:44 GMT
server: AmazonS3
etag: "279f31f5bb6037398fbbccdea33c4fbf"
vary: Accept-Encoding
x-amz-request-id: 60JYWMBX2N3MYW0Q
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=2592000, stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/x-javascript
date: Wed, 29 Dec 2021 20:33:13 GMT
x-cache-hits: 1, 4010

GET
H2 200 signup_forms.4363d703e363112be9b1.js Show response
static.klaviyo.com/onsite/js/ 122 KB
32 KB 36ms
35ms Script
application/x-javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/signup_forms.4363d703e363112be9b1.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=KLTimw&shop=otgsurplus.myshopify.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa7aa65a5e482203dccbdeb361737e99b6702f87f6c8e4b36ef5fd7b1e19bcc3

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: jj5KLYLCSicfIkdjgY1QEU8f2.sYrPxD
content-encoding: gzip
age: 3253
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 32222
x-amz-id-2: zO61txTlkm3252j4jvWDonp5oVzSm/mNxzApn1zVLwmHjxnk02FreDd4EbhrtnRk45NBl+ZT70I=
x-served-by: cache-lga21921-LGA, cache-yul12833-YUL
last-modified: Wed, 29 Dec 2021 17:25:42 GMT
server: AmazonS3
etag: "c5bcf12e112cd54dd002bbd005eb1d6f"
vary: Accept-Encoding
x-amz-request-id: 35V1J0A7X5PXP3C2
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=2592000, stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/x-javascript
date: Wed, 29 Dec 2021 20:33:13 GMT
x-cache-hits: 1, 3939

GET
H2 200 global.1640235389.js Show response
cdn.rebuyengine.com/onsite/js/ 553 KB
143 KB 126ms
126ms Script
application/javascript 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rebuyengine.com/onsite/js/global.1640235389.js

Requested by

Host: cdn.rebuyengine.com
URL: https://cdn.rebuyengine.com/onsite/js/rebuy.js?shop=otgsurplus.myshopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

a4a4a715624396db26d9da24f5d9df223c0d3834616ec994f53d2bc4c70cc355

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:13 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 5368
x-cache: HIT, MISS
content-length: 146135
x-served-by: cache-mdw17367-MDW, cache-yul12826-YUL
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Dec 2021 04:56:38 GMT
server: Apache/2.4.41 (Ubuntu)
x-timer: S1640809994.527420,VS0,VE112
etag: "8a582-5d3c9103eed80-gzip"
strict-transport-security: max-age=300
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1800, stale-while-revalidate=10800
accept-ranges: bytes
access-control-allow-headers: Content-Type
x-cache-hits: 10414, 0

GET
H2 200 global.min.1640235389.css
cdn.rebuyengine.com/onsite/css/ 1 MB
104 KB 14ms
13ms Stylesheet
text/css 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rebuyengine.com/onsite/css/global.min.1640235389.css

Requested by

Host: cdn.rebuyengine.com
URL: https://cdn.rebuyengine.com/onsite/js/rebuy.js?shop=otgsurplus.myshopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

16a2b7bd2888b4082a8dc33e0444e42c6aab20dc6178f523643339412c9c0683

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:13 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 5365
x-cache: HIT, HIT
content-length: 106122
x-served-by: cache-mdw17347-MDW, cache-yul12826-YUL
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 23 Dec 2021 04:56:39 GMT
server: Apache/2.4.41 (Ubuntu)
x-timer: S1640809994.527686,VS0,VE1
etag: "115bdf-5d3c9104e2fc0-gzip"
strict-transport-security: max-age=300
access-control-allow-methods: GET
content-type: text/css
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1800, stale-while-revalidate=10800
accept-ranges: bytes
access-control-allow-headers: Content-Type
x-cache-hits: 10255, 1

GET
H2 200 js-sha256-v1.min.js Show response
sc-static.net/ 22 KB
8 KB 69ms
24ms Script
application/javascript 99.84.125.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/js-sha256-v1.min.js
Requested by: Host: intg.snapchat.com
URL: https://intg.snapchat.com/shopify/shopify-scevent-init.js?id=85b9b802-6e2e-4926-a484-f63f172d2bf0&shop=otgsurplus.myshopify.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.125.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-125-102.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253

Request headers

Referer: https://offthegridsurplus.com/
Origin: https://offthegridsurplus.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 00:05:28 GMT
content-encoding: gzip
age: 73666
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 05 Apr 2019 00:32:08 GMT
server: AmazonS3
etag: W/"68f2467c84878293c9ee497dbc99a17f"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 77a52be30020596b6a87a26e3dcc75e7.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Type
cache-control: public, s-maxage=86400, max-age=600
x-amz-cf-pop: EWR52-C3
x-amz-cf-id: mVH4rSapkrBslQnP1ZYj_RGWMxycyMgsieu78L0Mne7W4ltmp1Rs0w==

GET
H2 200 config.js Show response
apps.mageworx.com/app/productoptions/config/otgsurplus.myshopify.com_1637342856/ 7 KB
3 KB 201ms
157ms XHR
application/json 2606:4700:20::ac43:4454
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.mageworx.com/app/productoptions/config/otgsurplus.myshopify.com_1637342856/config.js
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4454 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b70fc64b906a4a39809e011dc9783099231c58c948a5d02d86a81419638dcd9

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:13 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 29 Dec 2021 17:31:39 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cneUkIU6LSMXckq1E5BaXZmGJonhFr%2FRVyIRS8Ym4dqXX56oNmQLc8b93SJ5knKwhxdtbOG534N%2BZsUqXmxq1SrT5Rszk%2BkeN58%2Fbr6gCBqR7Mlbi4Vn72qGz8ldWZ4iGpHkLeRn2DyWxu8Ku2fU"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cf-ipcountry: CA
access-control-expose-headers: CF-IPCountry, IP-Region
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c55cd5c0bd64bd0-YUL

GET
H2 200 xmas.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/files/ 148 KB
148 KB 16ms
16ms Image
image/jpeg 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/files/xmas.jpg?v=1640377154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

dc1dae59f78ce91d304b678bc2726874bacab3aa98e28cf0133b52a5f51fa383

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.129,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 151657
x-xss-protection: 1; mode=block
x-request-id: dabefb4291c368dae7fbf814fb205005
x-served-by: cache-lga13628-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809994.612830,VS0,VE0
date: Wed, 29 Dec 2021 20:33:13 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/files/xmas.jpg>; rel="canonical"
x-cache-hits: 1, 2

OPTIONS /
offthegridsurplus.com/ 0
0

GET
H2 200 onsite Show response
fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/ 711 B
1 KB 72ms
27ms XHR
application/json 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=KLTimw

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

772775a8afe578b1d78779fe067fc20f252b86ca9deeed3750478974c01a8590

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:13 GMT
via: 1.1 varnish, 1.1 varnish
age: 583329
x-cache: HIT, HIT
access-control-max-age: 86400
strict-transport-security: max-age=900
content-length: 711
x-served-by: cache-bos4628-BOS, cache-yul12822-YUL
allow: GET, HEAD, OPTIONS
server: nginx
vary: Cookie
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 1, 1

GET
H2 200 full-forms Show response
static-forms.klaviyo.com/forms/api/v5/KLTimw/ 85 KB
10 KB 58ms
14ms XHR
application/json 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-forms.klaviyo.com/forms/api/v5/KLTimw/full-forms
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ae4b9635bca9a1055428b68cbcf464dc86ca0cfbfa523f00f3324bc859fbc27

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: nEQUMmyyhlD45D2u3VAAfVpVZo9CGtZR
content-encoding: gzip
age: 545199
via: 1.1 varnish
x-cache: HIT
client-geo-continent: NA
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: full-forms/shared full-forms/KLTimw custom-fonts/KLTimw
content-length: 9874
x-amz-id-2: rjqU0VPCEQqTB4eTL7wtgOZQ2oQkZEKsTMLJUOLYfuza07DDg/wHbPjM1NUv/SXyxVV7s1+lnXE=
x-served-by: cache-yul12827-YUL
client-geo-country: CA
last-modified: Thu, 23 Dec 2021 03:09:04 GMT
server: AmazonS3
x-timer: S1640809994.706380,VS0,VE1
etag: "9fa294753db58f49d1a095cd6dfbe150"
vary: Accept-Encoding
x-amz-request-id: QECSS1S7Y6ANST0F
access-control-allow-origin: *
access-control-expose-headers: client-geo-continent, client-geo-country
cache-control: max-age=5
accept-ranges: bytes
content-type: application/json
date: Wed, 29 Dec 2021 20:33:13 GMT
x-cache-hits: 1

POST
H3 200 79afenry9euxsfec Show response
app.octaneai.com/get_user_info/ 90 B
345 B 128ms
109ms XHR
application/json 2606:4700:10::6816:22f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.octaneai.com/get_user_info/79afenry9euxsfec
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:22f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe64de9c05d3f4ccbd302e2072d1ae56015678c72682d69ec6ac80c97666a455

Request headers

Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 29 Dec 2021 20:33:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json
access-control-allow-origin: *
cf-ray: 6c55cd5c9d06ca6f-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 is_enabled Show response
tr.snapchat.com/collector/ 46 B
61 B 59ms
43ms Fetch
application/json 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=85b9b802-6e2e-4926-a484-f63f172d2bf0

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

fcd0e1cc60c87c8b844e2203e61394ce838b4b020b5ad26ecc1a3aadd849d903

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:13 GMT
via: 1.1 google
server: nginx/1.17.3
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46

POST
H3 200 shopify
tr.snapchat.com/scs/ 0
0 56ms
42ms Fetch
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/scs/shopify

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 29 Dec 2021 20:33:13 GMT
via: 1.1 google
server: nginx/1.17.3
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache, no-transform
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 config Show response
cdn.rebuyengine.com/api/v1/user/ 623 B
768 B 60ms
32ms XHR
application/json 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rebuyengine.com/api/v1/user/config?shop=otgsurplus.myshopify.com

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

32d2a0a69e21d30ef5896266ee205a44cddf2b0215b125eb64468d5daad6adca

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept: */*
Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:13 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 135
x-cache: HIT, MISS
content-length: 414
x-served-by: cache-mdw17322-MDW, cache-yul12824-YUL
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
server: Apache/2.4.41 (Ubuntu)
x-timer: S1640809994.755830,VS0,VE18
strict-transport-security: max-age=300
access-control-allow-methods: GET
content-type: application/json
via: 1.1 varnish, 1.1 varnish
cache-control: s-maxage=1800, max-age=0
accept-ranges: bytes
access-control-allow-headers: Content-Type
x-cache-hits: 1, 0

GET
H3 200 css2
fonts.googleapis.com/ 9 KB
656 B 37ms
37ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

284640950d838451759afd9e4bb7e9569e8a5fee43105c87c8cd34aa57fa4b52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:28:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 29 Dec 2021 20:33:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Dec 2021 20:33:13 GMT

GET
H2 200 stylesheet
cdn.rebuyengine.com/api/v1/user/ 11 KB
2 KB 14ms
13ms Stylesheet
text/css 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rebuyengine.com/api/v1/user/stylesheet?shop=otgsurplus.myshopify.com&cache_key=1640289373

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

440f5c6f628d0b1dba7a3009f7f9b3937abf754c9b649ec8b161336db199b4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:13 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2123
x-cache: HIT, HIT
content-length: 1870
x-served-by: cache-mdw17351-MDW, cache-yul12826-YUL
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
server: Apache/2.4.41 (Ubuntu)
x-timer: S1640809994.805439,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET
content-type: text/css; charset: UTF-8;charset=UTF-8
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1800, stale-while-revalidate=10800
accept-ranges: bytes
access-control-allow-headers: Content-Type
x-cache-hits: 3, 1

GET
H2 200 templates Show response
cdn.rebuyengine.com/api/v1/user/ 69 KB
6 KB 15ms
14ms XHR
application/json 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rebuyengine.com/api/v1/user/templates?cache_key=1640289373&shop=otgsurplus.myshopify.com

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache/2.4.41 (Ubuntu) /

Resource Hash

0ce7b8ab76accede35d76c6d14a3a3f250081ece1344009a0262cec182a86a9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Accept: */*
Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:13 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2720
x-cache: HIT, HIT
content-length: 6261
x-served-by: cache-mdw17327-MDW, cache-yul12824-YUL
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
server: Apache/2.4.41 (Ubuntu)
x-timer: S1640809994.806523,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET
content-type: application/json
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1800, stale-while-revalidate=10800
accept-ranges: bytes
access-control-allow-headers: Content-Type
x-cache-hits: 2, 1

POST
H3 200 79afenry9euxsfec Show response
app.octaneai.com/get_user_info/ 70 B
292 B 102ms
102ms XHR
application/json 2606:4700:10::6816:22f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.octaneai.com/get_user_info/79afenry9euxsfec
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:22f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d90e5aee64ab9195d640649ec7b2e8d7c8d08439e427cfb9a3ee4b7eee577e23

Request headers

Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 29 Dec 2021 20:33:13 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json
access-control-allow-origin: *
cf-ray: 6c55cd5d7dadca6f-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 geolocation Show response
rebuyengine.com/api/v1/customers/ 238 B
460 B 122ms
66ms XHR
application/json 2606:4700:10::6816:21cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rebuyengine.com/api/v1/customers/geolocation?cache_key=1640289373&key=vDZL1FJJlM7JKGv5OYNfB72iIT6dFpNW7qIx33mDLhNFW3RAAdSP1lUzkzxHOSwTwwPbR7x1BBv1vJIhQTX%2BIg%3D%3D
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:21cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ccce4f091a6d13da4fe1cbfa53e0e896f56c95a1f632bdd7617fb012555bb5d

Request headers

Accept: */*
Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:14 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cf-ray: 6c55cd5e3e50ca6f-YUL
access-control-allow-headers: Content-Type

GET
H3 200 cart.json Show response
offthegridsurplus.com/ 283 B
619 B 52ms
52ms XHR
text/javascript 23.227.38.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offthegridsurplus.com/cart.json

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.65 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

4e5347fcba8b45ba6aa6203f6e43c61c2260c864f5ee54625a433be25d58b3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://offthegridsurplus.com/?utm_source=ALL%20USERS
X-Requested-With: XMLHttpRequest
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-us-central1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 25921126454
x-storefront-renderer-rendered: 1
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
content-type: text/javascript; charset=utf-8
x-request-id: d65c74cb-e624-4e24-99bc-ca22c87ae298
cache-control: no-cache, no-store
cf-ray: 6c55cd5deeaf4bd1-YUL
x-sorting-hat-podid: 53

GET
H2 200 Road-To-Racing-Web-Header.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/files/ 74 KB
75 KB 15ms
15ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/files/Road-To-Racing-Web-Header.jpg?v=1621368662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

deb5b413949afbe013136d17f77a1d49596ccaa1ba97d06b78789ee0727c1038

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=1.307,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 75924
x-xss-protection: 1; mode=block
x-request-id: 883d0d02acf312016fcaa322450c3cab
x-served-by: cache-lga13623-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809994.015037,VS0,VE1
date: Wed, 29 Dec 2021 20:33:14 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/files/Road-To-Racing-Web-Header.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Lifestyle_Photos_Off_The_Grid_Baja_029_844cf560-f024-49ca-b56c-e0ad80af6360_1728x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/files/ 177 KB
177 KB 17ms
17ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/files/Lifestyle_Photos_Off_The_Grid_Baja_029_844cf560-f024-49ca-b56c-e0ad80af6360_1728x.jpg?v=1629836920

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

40e616783bddf852035c8ac5232ac40e7e4858292231f50b89c27f5e6649ab69

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.388,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 180842
x-xss-protection: 1; mode=block
x-request-id: 149435e6f0d3d8b89e5f0bec8e85f3c3
x-served-by: cache-lga21980-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809994.015096,VS0,VE1
date: Wed, 29 Dec 2021 20:33:14 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/files/Lifestyle_Photos_Off_The_Grid_Baja_029_844cf560-f024-49ca-b56c-e0ad80af6360_1728x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Road-To-Racing-Web-Header.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/files/ 74 KB
74 KB 14ms
14ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/files/Road-To-Racing-Web-Header.jpg?v=1621368662

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

deb5b413949afbe013136d17f77a1d49596ccaa1ba97d06b78789ee0727c1038

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.174,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 75924
x-xss-protection: 1; mode=block
x-request-id: 883d0d02acf312016fcaa322450c3cab
x-served-by: cache-lga13623-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809994.048103,VS0,VE0
date: Wed, 29 Dec 2021 20:33:14 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/files/Road-To-Racing-Web-Header.jpg>; rel="canonical"
x-cache-hits: 1, 2

GET
H2 200 Lifestyle_Photos_Off_The_Grid_Baja_029_844cf560-f024-49ca-b56c-e0ad80af6360_1728x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/files/ 177 KB
177 KB 16ms
16ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/files/Lifestyle_Photos_Off_The_Grid_Baja_029_844cf560-f024-49ca-b56c-e0ad80af6360_1728x.jpg?v=1629836920

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

40e616783bddf852035c8ac5232ac40e7e4858292231f50b89c27f5e6649ab69

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.093,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 180842
x-xss-protection: 1; mode=block
x-request-id: 149435e6f0d3d8b89e5f0bec8e85f3c3
x-served-by: cache-lga21980-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809994.048954,VS0,VE0
date: Wed, 29 Dec 2021 20:33:14 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/files/Lifestyle_Photos_Off_The_Grid_Baja_029_844cf560-f024-49ca-b56c-e0ad80af6360_1728x.jpg>; rel="canonical"
x-cache-hits: 1, 2

GET
H2 200 Trailblazer_5.0_Pants_Dark_Brown_front_Offthegridsurplus_540x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 23 KB
24 KB 24ms
24ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Trailblazer_5.0_Pants_Dark_Brown_front_Offthegridsurplus_540x.jpg?v=1631655615

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

56e3ed65a4ea56ac97abf3183be3a6dcd4385d983d068b1dc33a23c9fb1f01de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=9.903,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 23950
x-xss-protection: 1; mode=block
x-request-id: 2dbbdd1acdaddeb5f999d89543971c26
x-served-by: cache-lga21959-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809994.133707,VS0,VE10
date: Wed, 29 Dec 2021 20:33:14 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Trailblazer_5.0_Pants_Dark_Brown_front_Offthegridsurplus_540x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Trailblazer_5.0_Pants_Dark_Brown_front_Offthegridsurplus_02_540x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 52 KB
53 KB 40ms
40ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Trailblazer_5.0_Pants_Dark_Brown_front_Offthegridsurplus_02_540x.jpg?v=1631655624

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

fd8da88227252d2fbe66fe708a0d96e63cdc86ce47ef92fac27d2e7a4af0c34b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=27.278,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 53700
x-xss-protection: 1; mode=block
x-request-id: 59bb0fd2477f46164e3b57eebdd032e0
x-served-by: cache-lga21941-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809994.148007,VS0,VE27
date: Wed, 29 Dec 2021 20:33:14 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Trailblazer_5.0_Pants_Dark_Brown_front_Offthegridsurplus_02_540x.jpg>; rel="canonical"
x-cache-hits: 2, 1

GET
H2 200 Trailblazer_5.0_Pants_Dark_Brown_front_Offthegridsurplus_02_d6083d63-002c-4c49-b5ee-5a53cd6fff65_540x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 52 KB
53 KB 15ms
14ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Trailblazer_5.0_Pants_Dark_Brown_front_Offthegridsurplus_02_d6083d63-002c-4c49-b5ee-5a53cd6fff65_540x.jpg?v=1631656078

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

fd8da88227252d2fbe66fe708a0d96e63cdc86ce47ef92fac27d2e7a4af0c34b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.212,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 53700
x-xss-protection: 1; mode=block
x-request-id: 07dc431e1dbae25f6967d21f75273ef4
x-served-by: cache-lga21920-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809994.148172,VS0,VE1
date: Wed, 29 Dec 2021 20:33:14 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Trailblazer_5.0_Pants_Dark_Brown_front_Offthegridsurplus_02_d6083d63-002c-4c49-b5ee-5a53cd6fff65_540x.jpg>; rel="canonical"
x-cache-hits: 1, 1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Trailblazer_5.0_Pants_Dark_Brown_front_Offthegridsurplus_02_d6083d63-002c-4c49-b5ee-5a53cd6fff65_540x.jpg?v=1631656078

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

fd8da88227252d2fbe66fe708a0d96e63cdc86ce47ef92fac27d2e7a4af0c34b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.129,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 53700
x-xss-protection: 1; mode=block
x-request-id: 07dc431e1dbae25f6967d21f75273ef4
x-served-by: cache-lga21920-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809994.183440,VS0,VE0
date: Wed, 29 Dec 2021 20:33:14 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Trailblazer_5.0_Pants_Dark_Brown_front_Offthegridsurplus_02_d6083d63-002c-4c49-b5ee-5a53cd6fff65_540x.jpg>; rel="canonical"
x-cache-hits: 1, 2

GET
H2 200 Trailblazer_5.0_Pants_Dark_Brown_front_Offthegridsurplus_02_540x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 52 KB
53 KB 13ms
13ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Trailblazer_5.0_Pants_Dark_Brown_front_Offthegridsurplus_02_540x.jpg?v=1631655624

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

fd8da88227252d2fbe66fe708a0d96e63cdc86ce47ef92fac27d2e7a4af0c34b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.155,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 53700
x-xss-protection: 1; mode=block
x-request-id: 59bb0fd2477f46164e3b57eebdd032e0
x-served-by: cache-lga21941-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809994.198112,VS0,VE0
date: Wed, 29 Dec 2021 20:33:14 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Trailblazer_5.0_Pants_Dark_Brown_front_Offthegridsurplus_02_540x.jpg>; rel="canonical"
x-cache-hits: 2, 2

GET
H2 200 Trailblazer_5.1_Pants_Dark_Brown_front_Offthegridsurplus_540x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 23 KB
23 KB 29ms
28ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Trailblazer_5.1_Pants_Dark_Brown_front_Offthegridsurplus_540x.jpg?v=1631656071

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

a230cc10d53014dfcc348810d1806aa5a5c270deb131b09845bbf6cd809714d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, MISS
server-timing: cdn;dur=1.081,cdnPop;desc=LGA,cdnCache;desc=HIT-CLUSTER, cdn;dur=14.366,cdnPop;desc=YUL,cdnCache;desc=MISS-CLUSTER,cdnOriginTTFB;dur=13.409,cdnOriginTTLB;dur=14.227
content-length: 23376
x-xss-protection: 1; mode=block
x-request-id: 994f16c14f153103a9c8e6abfa0abfcd
x-served-by: cache-lga21953-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809994.267382,VS0,VE14
date: Wed, 29 Dec 2021 20:33:14 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Trailblazer_5.1_Pants_Dark_Brown_front_Offthegridsurplus_540x.jpg>; rel="canonical"
x-cache-hits: 1, 0

GET
H2 200 Trailblazer_5.0_Pants_Dark-Olive_Front_Offthegridsurplus_540x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 26 KB
27 KB 25ms
24ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Trailblazer_5.0_Pants_Dark-Olive_Front_Offthegridsurplus_540x.jpg?v=1618689858

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

eb395cd085058056ebef913aa53f1b061b01b1838a0a32d6f1ec9d731e4d6120

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, MISS
server-timing: cdn;dur=1.475,cdnPop;desc=LGA,cdnCache;desc=HIT-CLUSTER, cdn;dur=10.725,cdnPop;desc=YUL,cdnCache;desc=MISS-CLUSTER,cdnOriginTTFB;dur=9.324,cdnOriginTTLB;dur=10.629
content-length: 26448
x-xss-protection: 1; mode=block
x-request-id: a37e9c626e2e98e1285a0e406188f340
x-served-by: cache-lga21974-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809994.267481,VS0,VE11
date: Wed, 29 Dec 2021 20:33:14 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Trailblazer_5.0_Pants_Dark-Olive_Front_Offthegridsurplus_540x.jpg>; rel="canonical"
x-cache-hits: 1, 0

GET
H2 200 Trailblazer_5.0_Pants_Dark-Olive_Side2_Offthegridsurplus_540x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 39 KB
39 KB 15ms
15ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Trailblazer_5.0_Pants_Dark-Olive_Side2_Offthegridsurplus_540x.jpg?v=1618689858

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

999c08b7be193cca7f26b400f07caa186fa012e77bcf344e8d2dc6c295283207

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=1.211,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 40100
x-xss-protection: 1; mode=block
x-request-id: dda82460416f01a2a243a5890cb20674
x-served-by: cache-lga21966-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809994.280958,VS0,VE1
date: Wed, 29 Dec 2021 20:33:14 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Trailblazer_5.0_Pants_Dark-Olive_Side2_Offthegridsurplus_540x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Trailblazer_5.0_Pants_Dark-Olive_Side2_Offthegridsurplus_540x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 39 KB
40 KB 15ms
15ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Trailblazer_5.0_Pants_Dark-Olive_Side2_Offthegridsurplus_540x.jpg?v=1618689858

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

999c08b7be193cca7f26b400f07caa186fa012e77bcf344e8d2dc6c295283207

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-central1
x-cache: HIT, HIT
server-timing: cdn;dur=0.164,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 40100
x-xss-protection: 1; mode=block
x-request-id: dda82460416f01a2a243a5890cb20674
x-served-by: cache-lga21966-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809994.315850,VS0,VE0
date: Wed, 29 Dec 2021 20:33:14 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Trailblazer_5.0_Pants_Dark-Olive_Side2_Offthegridsurplus_540x.jpg>; rel="canonical"
x-cache-hits: 1, 2

GET
H2 200 Trailblazer4KnifePatch_3230177b-7084-43ec-bec1-72b5c9bb4a9e_540x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 53 KB
53 KB 15ms
14ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Trailblazer4KnifePatch_3230177b-7084-43ec-bec1-72b5c9bb4a9e_540x.jpg?v=1611772596

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

c01fb9a697e12f8fd92b775bed131435b11556302f39b290a70a050b35046ff0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=1.148,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 53858
x-xss-protection: 1; mode=block
x-request-id: eb5c1f4884e5016e22afc172b709cb7d
x-served-by: cache-lga13620-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809995.533448,VS0,VE1
date: Wed, 29 Dec 2021 20:33:14 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Trailblazer4KnifePatch_3230177b-7084-43ec-bec1-72b5c9bb4a9e_540x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Trailblazer4MagPocket_c16f3994-9ce1-4e38-ad97-4777f4ea2cf4_540x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 55 KB
56 KB 16ms
15ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Trailblazer4MagPocket_c16f3994-9ce1-4e38-ad97-4777f4ea2cf4_540x.jpg?v=1611772596

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

58635be422aed9477773e3543c69d73111038496bb2d8fab42e2900a02f97a80

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=1.290,cdnPop;desc=YUL,cdnCache;desc=HIT-CLUSTER
content-length: 56652
x-xss-protection: 1; mode=block
x-request-id: 34ba8a05c129d63c9b6d880b0ab19c0c
x-served-by: cache-lga21939-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809995.549344,VS0,VE1
date: Wed, 29 Dec 2021 20:33:14 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Trailblazer4MagPocket_c16f3994-9ce1-4e38-ad97-4777f4ea2cf4_540x.jpg>; rel="canonical"
x-cache-hits: 1, 1

GET
H2 200 Trailblazer4MagPocket_c16f3994-9ce1-4e38-ad97-4777f4ea2cf4_540x.jpg
cdn.shopify.com/s/files/1/0259/2112/6454/products/ 55 KB
55 KB 15ms
15ms Image
image/webp 2a04:4e42:a00::268
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Trailblazer4MagPocket_c16f3994-9ce1-4e38-ad97-4777f4ea2cf4_540x.jpg?v=1611772596

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:a00::268 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cache-yul12823-YUL /

Resource Hash

58635be422aed9477773e3543c69d73111038496bb2d8fab42e2900a02f97a80

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-cdn: Fastly, http2
x-dc: gcp-us-east1
x-cache: HIT, HIT
server-timing: cdn;dur=0.154,cdnPop;desc=YUL,cdnCache;desc=HIT
content-length: 56652
x-xss-protection: 1; mode=block
x-request-id: 34ba8a05c129d63c9b6d880b0ab19c0c
x-served-by: cache-lga21939-LGA, cache-yul12823-YUL
server: cache-yul12823-YUL
x-timer: S1640809995.582393,VS0,VE0
date: Wed, 29 Dec 2021 20:33:14 GMT
vary: Accept
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifysvc.com/v1/reports/nel/20190325/imagery"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0259/2112/6454/products/Trailblazer4MagPocket_c16f3994-9ce1-4e38-ad97-4777f4ea2cf4_540x.jpg>; rel="canonical"
x-cache-hits: 1, 2

GET
H2 200 otgsurplus.myshopify.com Show response
shopify.route.com/v1/merchant-info/ 78 B
344 B 102ms
22ms XHR
application/json 2600:9000:202c:a200:11:4cd0:7f80:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://shopify.route.com/v1/merchant-info/otgsurplus.myshopify.com
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:202c:a200:11:4cd0:7f80:93a1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06b17fd2aa84c6e306fb5367d95f6ef2519cdaa1402fd09e06309c1cdd9cca05

Request headers

Accept: application/json, text/plain, */*
Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 02:42:46 GMT
via: 1.1 81dc2840587b5003ff52334e3af886a5.cloudfront.net (CloudFront)
age: 64229
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-amz-cf-pop: EWR52-C2
content-length: 78
x-amz-cf-id: U-cuo008U-fASwayJAq4XMNFutdveUFek_tw7VQD301snCPnsphUog==

GET
H2 200 index.html Show response
cdn.routeapp.io/route-analytics/ Frame C6FA 1 KB
929 B 21ms
21ms Document
text/html 2600:9000:2120:3800:16:4701:e4c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.routeapp.io/route-analytics/index.html
Requested by: Host: cdn.routeapp.io
URL: https://cdn.routeapp.io/route-widget-shopify/v2/route-widget-shopify-stable-v2.min.js?shop=otgsurplus.myshopify.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:3800:16:4701:e4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9eb7853461b30af5f2b92346fa97fdfbf22f07c34f01a8d8a574587535c175d6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/

Response headers

content-type: text/html
date: Thu, 02 Dec 2021 21:24:01 GMT
last-modified: Fri, 25 Oct 2019 22:19:29 GMT
etag: W/"4defc6d67c29e491df920f430c8be0cd"
x-amz-version-id: null
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b911ba341aa7e1e7d2f292be789000.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: CUgeTrSMN7r_cgpJeVJYkdkOVK9v-YMDE3XUZRCv-SgPgI8x86evDA==
age: 2329755

GET
H2 200 protect.core.js Show response
protection-widget.route.com/ 165 KB
38 KB 122ms
28ms Script
application/javascript 2600:9000:2120:2400:2:3d40:da40:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://protection-widget.route.com/protect.core.js?shop=otgsurplus.myshopify.com
Requested by: Host: cdn.routeapp.io
URL: https://cdn.routeapp.io/route-widget-shopify/v2/route-widget-shopify-stable-v2.min.js?shop=otgsurplus.myshopify.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2120:2400:2:3d40:da40:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a3e8afc7c4e74d0e002c6bc764e86d32ae1d21edbbccf0dc1eae17285c52fc5c

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://offthegridsurplus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 28 Dec 2021 21:34:56 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 19:18:54 GMT
server: AmazonS3
age: 82700
etag: W/"dcfaa7edb222bf2cbbb5a5dfa972dd23"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: OTZLhVNqfjH6GRcWcqQhAOj8KtDxk_4D
via: 1.1 5085d90866d21251d1299413c6f53213.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C4
content-type: application/javascript
x-amz-cf-id: tjrCl0mCrVAkFkaBgLQe0Embgzjn0jaMKKIfOgru7rDET33lKLSiHw==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame C6FA 90 KB
35 KB 68ms
39ms Script
application/javascript 2607:f8b0:4006:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-148920417-1

Requested by

Host: cdn.routeapp.io
URL: https://cdn.routeapp.io/route-analytics/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

114c3f9406dced76040bf504d7057ecc598986814f7dbbde9315e259589564d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.routeapp.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:33:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36189
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Dec 2021 20:33:15 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame C6FA 49 KB
20 KB 22ms
21ms Script
text/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-148920417-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://cdn.routeapp.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6736
date: Wed, 29 Dec 2021 18:40:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 29 Dec 2021 20:40:59 GMT

GET
H3 200 cart.js Show response
offthegridsurplus.com/ 283 B
1 KB 97ms
96ms XHR
text/javascript 23.227.38.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offthegridsurplus.com/cart.js?timestamp=1640809995279

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

23.227.38.65 , Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

myshopify.com

Software

cloudflare /

Resource Hash

b6abac84d0bc23aa729c096854a4d10bda2fc31208726bf966f669296274e2d2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://offthegridsurplus.com/?utm_source=ALL%20USERS
checkoutToken
shopifyCheckoutAuthorizationToken
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
shop: otgsurplus.myshopify.com

Response headers

date: Wed, 29 Dec 2021 20:33:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
x-dc: gcp-us-central1,gcp-us-central1,gcp-us-central1
x-shopify-stage: production
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=7889238
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 25921126454
x-shardid: 53
x-storefront-renderer-rendered: 1
server: cloudflare
x-frame-options: DENY
content-language: en
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept
x-download-options: noopen
x-shopid: 25921126454
x-request-id: 865430c4-8bea-4df9-819b-e1b777432ab7
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
cf-ray: 6c55cd6688ed4bd1-YUL
x-sorting-hat-podid: 53
x-cartjs-updatedat: 0

GET
H2 200 assets Show response
api.route.com/v1/protect/merchants/merch_rKR3pISx3ubAyhPkBLtH/ 2 B
308 B 114ms
36ms XHR
application/json 34.233.3.150

General

Check archive.org

Show headers Download Go to

Full URL

https://api.route.com/v1/protect/merchants/merch_rKR3pISx3ubAyhPkBLtH/assets

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.233.3.150 -, , ASN (),

Reverse DNS

Software

Caddy / Strapi <strapi.io>

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://offthegridsurplus.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-response-time: 3ms
date: Wed, 29 Dec 2021 20:33:16 GMT
vary: Origin
server: Caddy
x-powered-by: Strapi <strapi.io>
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2
x-request-id: a32f907c-bce7-4b1d-89fb-e5dac9b60917

OPTIONS /
offthegridsurplus.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/0259/2112/6454/files/FALL19-3_300x.jpg?v=1575534171

Domain: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Domain: offthegridsurplus.com
URL: https://offthegridsurplus.com/?utm_source=ALL%20USERS

Verdicts & Comments Add Verdict or Comment

218 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-19 23:48:16	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
offthegridsurplus.com/	1970-01-20 08:32:25	Name: secure_customer_sig Value:
offthegridsurplus.com/	1970-01-20 00:06:59	Name: localization Value: CA
offthegridsurplus.com/	1970-01-20 00:06:59	Name: cart_currency Value: USD
.offthegridsurplus.com/	1970-01-20 00:06:59	Name: _orig_referrer Value:
.offthegridsurplus.com/	1970-01-20 00:06:59	Name: _landing_page Value: %2F%3Futm_source%3DALL%2520USERS
.offthegridsurplus.com/	1970-01-20 08:32:25	Name: _y Value: 5303dfb6-1890-4522-b845-a6ba2a3f4779
.offthegridsurplus.com/	1970-01-19 23:46:51	Name: _s Value: 4801d3a9-3ca3-46cb-886a-7b95db1dce45
.offthegridsurplus.com/	1970-01-20 08:32:25	Name: _shopify_y Value: 5303dfb6-1890-4522-b845-a6ba2a3f4779
.offthegridsurplus.com/	1970-01-19 23:46:51	Name: _shopify_s Value: 4801d3a9-3ca3-46cb-886a-7b95db1dce45
.offthegridsurplus.com/	1970-01-20 01:56:25	Name: _gcl_au Value: 1.1.1395566923.1640809990
.offthegridsurplus.com/	1970-01-19 23:46:51	Name: _shopify_sa_t Value: 2021-12-29T20%3A33%3A10.312Z
.offthegridsurplus.com/	1970-01-19 23:46:51	Name: _shopify_sa_p Value: utm_source%3DALL%2520USERS
offthegridsurplus.com/	1970-01-19 23:46:53	Name: shopify_pay_redirect Value: pending
.offthegridsurplus.com/	1970-01-20 17:18:01	Name: _ga Value: GA1.2.1621766154.1640809991
.offthegridsurplus.com/	1970-01-19 23:48:16	Name: _gid Value: GA1.2.902786579.1640809991
.offthegridsurplus.com/	1970-01-19 23:46:50	Name: _gat Value: 1
.offthegridsurplus.com/	1970-01-20 09:16:36	Name: _scid Value: 0dca7102-030f-41c8-8e43-e50631b26682
.doubleclick.net/	1970-01-20 17:18:01	Name: IDE Value: AHWqTUlTskjrXOqm-WjpHwES4o_fLZZmLLnMzjniutqK6kEtQE7ACcl43skvXn5e
.offthegridsurplus.com/	1970-01-20 01:56:25	Name: _fbp Value: fb.1.1640809990705.487413500
.facebook.com/	1970-01-20 01:56:25	Name: fr Value: 05VvRORS6LNV1rFRC..BhzMYG...1.0.BhzMYG.
.snapchat.com/	1970-01-20 09:08:25	Name: sc_at Value: v2\|H4sIAAAAAAAAAE3GwQ3AMAgDwImQTGRRnG2SEqbI8P32XudURq02rUNjH1nuKBvQW/10bvh1YnoQCUm4v+IDy6NigUAAAAA=
.tapad.com/	1970-01-20 01:13:13	Name: TapAd_TS Value: 1640809990877
.tapad.com/	1970-01-20 01:13:13	Name: TapAd_DID Value: 3ca8dc21-5f62-4fb3-a79f-c2f6e22c66e8
.tapad.com/	1970-01-20 01:13:13	Name: TapAd_3WAY_SYNCS Value:
.offthegridsurplus.com/	1970-01-20 09:16:36	Name: _sctr Value: 1\|1640736000000
offthegridsurplus.com/	1970-01-19 23:46:51	Name: _shg_session_id Value: 515e7b37-e272-44ef-b040-4e4ed680ad75
offthegridsurplus.com/	1970-01-21 19:34:49	Name: _shg_user_id Value: e7d12a98-4d3a-4c8a-95f0-1b1c27d60f47
offthegridsurplus.com/	1970-01-23 15:22:49	Name: octane%2Fshopify%2Fuid Value: 693afb6710e61e7dc5918857e199897aff07eb786e404d0bff639c22334ef4e79a9238193b371ab6ae0e8d9e981e9dd7e59afa4908d5f9de31fecc93
offthegridsurplus.com/	1970-01-20 17:18:01	Name: __kla_id Value: eyIkcmVmZXJyZXIiOnsidHMiOjE2NDA4MDk5OTQsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vb2ZmdGhlZ3JpZHN1cnBsdXMuY29tLz91dG1fc291cmNlPUFMTCUyMFVTRVJTIn0sIiRsYXN0X3JlZmVycmVyIjp7InRzIjoxNjQwODA5OTk0LCJ2YWx1ZSI6IiIsImZpcnN0X3BhZ2UiOiJodHRwczovL29mZnRoZWdyaWRzdXJwbHVzLmNvbS8/dXRtX3NvdXJjZT1BTEwlMjBVU0VSUyJ9fQ==
offthegridsurplus.com/	1970-01-19 23:46:51	Name: _rsession Value: 95a404efca687d7b
offthegridsurplus.com/	1970-01-21 02:03:37	Name: _ruid Value: eyJ1dWlkIjoiNmUzY2RlNDMtYzc5NS00N2M2LWEzMWYtMWMzMTk2YjVkMDQ0In0%3D
offthegridsurplus.com/	1970-01-19 23:46:51	Name: _rutm Value: eyJ1dG1fc291cmNlIjoiQUxMIFVTRVJTIn0%3D

207 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://config.gorgias.io/production/B9Zby7Z0dN6eNk3R/chat/Oro0V7LQ5Wx9d83N.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://config.gorgias.io/production/B9Zby7Z0dN6eNk3R/chat/Oro0V7LQ5Wx9d83N.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://cdn.shopify.com/s/files/1/2333/0623/t/70/assets/masonry.min.js?v=5294686724106038817 Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 8) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 8) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 8) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 8) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' blob: data: 'self' connect.facebook.net".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

796512322.privacysandbox.googleadservices.com
analytics.getshogun.com
api.route.com
app.backinstock.org
app.octaneai.com
apps.mageworx.com
assets.gorgias.chat
cdn.avmws.com
cdn.rebuyengine.com
cdn.routeapp.io
cdn.shopify.com
cdn.verifypass.com
cdn1.stamped.io
cdn2.stamped.io
client-builds.production.gorgias.chat
config.gorgias.chat
config.gorgias.io
connect.facebook.net
easy-redirects.s3-eu-west-1.amazonaws.com
fast.a.klaviyo.com
files-shpf.mageworx.com
fonts.googleapis.com
fonts.gstatic.com
fonts.shopifycdn.com
googleads.g.doubleclick.net
intg.snapchat.com
manychat.com
mccdn.me
monorail-edge.shopifysvc.com
offthegridsurplus.com
pixel.tapad.com
protection-widget.route.com
rebuyengine.com
reginapps.com
sc-static.net
shop.app
shopify.route.com
stamped.io
static-forms.klaviyo.com
static-tracking.klaviyo.com
static.klaviyo.com
static.xx.fbcdn.net
stats.g.doubleclick.net
tr.snapchat.com
unpkg.com
widget.manychat.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
cdn.shopify.com
offthegridsurplus.com
107.178.246.49
13.33.46.51
142.250.72.98
142.250.80.66
151.101.130.132
151.101.130.133
151.101.130.217
151.101.2.133
151.101.66.133
18.185.191.84
23.227.38.33
23.227.38.65
2600:9000:202c:9800:7:67fb:be80:93a1
2600:9000:202c:a200:11:4cd0:7f80:93a1
2600:9000:2120:2400:2:3d40:da40:93a1
2600:9000:2120:3800:16:4701:e4c0:93a1
2606:4700:10::6816:21cd
2606:4700:10::6816:22f2
2606:4700:20::681a:e87
2606:4700:20::ac43:4454
2606:4700:3030::6815:3d8b
2606:4700:3034::6815:4436
2606:4700::6810:7caf
2606:4700::6812:1cb4
2606:4700::6812:1db4
2607:f8b0:4006:80d::200e
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81e::2003
2607:f8b0:4006:81e::2008
2607:f8b0:4006:81f::200e
2607:f8b0:4006:823::2003
2607:f8b0:4006:823::2004
2607:f8b0:4023:1404::9a
2620:1ec:46::70
2620:1ec:bdf::70
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:600::268
2a04:4e42:a00::268
34.138.230.116
34.233.3.150
35.186.226.184
52.218.44.138
52.34.127.135
67.205.138.90
99.84.125.102
000f368e166bff7134f2c0ff890f75cd706b90c0de1a9a0be5d0c6f464d8c13e
02e6ab2f6379b911bf475052aac8b7aeebe86ad0ade19f37d279906453d86bda
03261fbbc905682630e5aa65bbadbcc06c525bf853844b015e02a3fddf385ab9
04d7ca922b067aabd6a958b6bfc780390d9b6df764c1ca1b27f1639303726cec
06b17fd2aa84c6e306fb5367d95f6ef2519cdaa1402fd09e06309c1cdd9cca05
06e3d93380243529aed274572ba906df4fd457fc801674647ac73ff78a18e134
095eceabca5358699a8efc64f4e44b27576d45c2ab864f1f50c3401676f9a827
098bfe70ca961917756a266f53c4bac68f64dbf6d2f310ae45cb423883b79568
0bf2fdd60382e270633e88d9273499f1f39a473ab21eaf65268bed67ee031e67
0ce7b8ab76accede35d76c6d14a3a3f250081ece1344009a0262cec182a86a9e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
114c3f9406dced76040bf504d7057ecc598986814f7dbbde9315e259589564d2
11543aaf0e082bc518fb7c05df2438d1bd50e0d336d99d29053f7508c4182f3d
12c32726157ba0336b4c3ed889cc847c1f1e4d4db7c6ea1d02903957f1abbf63
16a2b7bd2888b4082a8dc33e0444e42c6aab20dc6178f523643339412c9c0683
17f1b082d0b9323263368914ebe3ddabc28bccb61396b6e199e92df155679206
18754e2fd15b48c74422a969233fbf8a6a0dcbf128964539dc88571b9cae165a
192c9286fd7c193075259538ec8ec23ce9e60655b1c4d8fa6081908e3e7f384b
1b70fc64b906a4a39809e011dc9783099231c58c948a5d02d86a81419638dcd9
1c67330c0947d3a696bfa47efb2f03f98e06d0d1b51b951289d434b876f3890b
1e7134581c0410a49637126080ba67007e060a35a1fa8a22b2407edf4bbd4ccd
210f80b61e1976137c421022760989a5f915d4fcd1c6f80a2513f9d4d18db40e
214ce8d0172cc246360b196f7b857bbb20b8fbafced395ea213da73523d7f3ba
218dcbd7e3915cb617e9d9e1a73ab67b5bf7c628332e779f3d1a40032d66509d
284640950d838451759afd9e4bb7e9569e8a5fee43105c87c8cd34aa57fa4b52
2deee13a48ba2fddd9440dd1b711193236285f8cc73ed5692055527a100cb35b
2e1af76b32424786d5f7c29d536a46040b1d80f4480d71d5956a80abbe65df59
32d2a0a69e21d30ef5896266ee205a44cddf2b0215b125eb64468d5daad6adca
344f09d7af11492e0921a69ce5d93a9ca2502a0aa30c6d5ca8b07c3b0e36afef
3625b8464841a2ec27f266bee5598c4c0ac84c4e0005e86c6d5610f8d8ee464d
369486ccabc778f274609c968be0dec7417f815c887db9b1ef6fab0d6a1e64da
39685db80e880ec9e59c22115c5bcbf76586a95bf618a714d61fc0e5f271fe77
399154eda542edbff4e9cabe507879badfe9c8c62e9b331dbca1c9ec39c4b581
3c370d894a4e5946cb161e6603763984c5d7b4f2b80a4ebd0fe9635834a5d558
3ccce4f091a6d13da4fe1cbfa53e0e896f56c95a1f632bdd7617fb012555bb5d
3eac6b6ca0df419caa2b1951fef60f59bd036969221bc6d3d9784c5ba5d9a062
40e616783bddf852035c8ac5232ac40e7e4858292231f50b89c27f5e6649ab69
440f5c6f628d0b1dba7a3009f7f9b3937abf754c9b649ec8b161336db199b4fe
447ccb8df2c63953398a998b636700ae581b269d498a044740e84d4e802dd512
48ae9ed1cac75b617355bdb11b27d4455b02e13f51d8cdccfb3262c195314f66
4c0752b37b4f74e2e83dd5c1a8dda11d5f3a0534d857ea7a50a7e87530270d21
4c6ec4281850d8e0d99163735ef9e216e31252c26ebb5e361a66d2bcf43991be
4c78f04dbe56a365a8164b3e075e85d84db39f5bbbfa28e6670899d539e393a1
4e5347fcba8b45ba6aa6203f6e43c61c2260c864f5ee54625a433be25d58b3c0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5111acbb9cd76911643a632103f4afbbb0588399e79b9c91f64ad2294907827e
52cea2e63fec4f8589406792b5194db66255cfb26b6a33b7971260a3852c7ba5
53e1c676e346080489adfcb36af1739b2d334a9e308c6ff2d84d3de1bc4e6ce0
55bfef53c0f1364e940a613be14eaeddd95641a48710b51b2456271d570dd0a3
56e3ed65a4ea56ac97abf3183be3a6dcd4385d983d068b1dc33a23c9fb1f01de
58635be422aed9477773e3543c69d73111038496bb2d8fab42e2900a02f97a80
5a318a449d0b1ec4b197604acdb23eff3a501cadf6d7481f5576fcb0a50cf212
5e937da787173d50e84a190b7e658710e21d0c2fd0fa2e728fcfe9d6540a059f
60f28df78a811d1ee0bc079d15fd7e12282d6dea5c3446f532591afc5f21ee6d
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
61f22f4fcb3beaf7ceed8d48827a9b505351ca31318ba468ec98e33f190f7e6c
627769b33c02240b8125d37b8cb27eb06e15e158e60b89e3cba5547d9ac9a002
6383fbd9c9377155aec82349de48bb6c9e09066c3ccb361a9a7a403001e47614
64a1f6134980632b52ad2b5d7b2bcca79944d0caa28b7d1dafd136e40a068a64
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
6aa25ca5722d4338a6435be63dcc872b5e435e41a859eead57cf9a5882a3b874
6b07d28a62fadeee2a1e118b23f9706eb02418e05d1e1498af5624fc7200c66f
6e7c72159cc27c709e5cd6857eb1ec68a7ab4935a791b076d59eb52f30e025cf
6ed035221de592eca192ee5188314f9879f9516ba6be35c782510c9964be6fe9
720344334622595ed9890912fe29c081755933bd3b4ba2135e0fa52565a52b8a
72bc6a16fd01a83a282469da132926215c7cb24923d7b273ee3dfa1b3ea2d4af
7317a02358b2b617ba0934b570c313ee76f29176c4821a9a5fd1656413e5f41b
739d9c3dcce08ba8861cac659dfd49232868b8081d81fd4e93c48820a9c9e319
73ac06ad3578c595df82a49b409adbe0e98ecdf149ddb5b6e7e899a65f25a06c
746401dfa2dc6a1def4de96f95a9106f90945baa927c8eeaf606c16e965d53eb
772775a8afe578b1d78779fe067fc20f252b86ca9deeed3750478974c01a8590
79885c42f306535793fe4985a6e7ad95e81f1c7cd6eed6cd487dd979c296b718
7c1e6a9ba802ea841ae37cf17c683478c8175ed42f0852ccb7c603ef8b3a33e1
7ca43cfa096f03e0d19adfc0dc6c70204a2f33b684060e9954f3e5e3187c1d4b
7cb0cf46b6f1e2835b35e23e27da070ac4bf1ba28239fbd413444c4a76b9cebb
7e72fb4d14f06d60c57306b80dc146f0ecdbe4e4c0941f4f3537bee4d54314af
7ef5573e2cb3dd94bf0d45b0ece3d5c9760a6aa3cd9a35c3a2830325af668e91
80ecdc5ea27ad0b02e22221601221ddd61b0492e09a122808b151b8013af7314
813b228bfb997d61c1f33c8ed07cdcd92888efa200c5c2c95a2f1c2c9f18d368
81f7da941a82546d2f6d2e09319016668484769b4586f698e171f57c9cf464dd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83fe1b609e9f6e61c2630af39c760c0d3e75ae393e4abd34987ec7206aa479bf
85498129ec04880c8586191f63f549149f84f0e467c03adc6337366aadff879b
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
86cef2add30bc2d72060cfa9bac755d279fbab4894012fac0db3aed74ef96dd4
87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae
886430890562cc216ae31a8047f07542f8df8c11f9465f9b08a8dd2da529ac9a
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
895a9abb219fd2af30ad07d7ed904c321249fa5d6a7cf966e69586443ff2ebca
9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
91b09653151ea91a2fd898b70a4f6f29106bc5a5a2c99090157081f0c04ae905
92cb1d5813aa2552b90961426870a4b29be2518a7353082bf19f726483420f9e
96b38302cfbad43622521e7e10577027299bc0070b50c2f0ab29afb927fa4f26
97086e03343c6995a1f10f4fd6bcee26a26fcf5f94ad48a19f88bcb7d73cb59f
981d749dfea45279e6980db98c3578386fdcee15377afcb7fe27b7c3622bf46f
983afe64da5df7bdc7f03f38f071903f6f1cd4bdf4243716ead1832309ab5c3c
999c08b7be193cca7f26b400f07caa186fa012e77bcf344e8d2dc6c295283207
9a29ba0f6932eb8739dd912132b404719aee8a8506e428f4395fd7816f8312cc
9ae4b9635bca9a1055428b68cbcf464dc86ca0cfbfa523f00f3324bc859fbc27
9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f
9cb727cf2682c975a79366d9b2a86dbae1709904c579a19e4270f02e56ac0fd0
9e31058534b68e728b3cfe4d4f122333f19479a72ce4ac79b596ba346376f16c
9eb7853461b30af5f2b92346fa97fdfbf22f07c34f01a8d8a574587535c175d6
a01763cfabcc78df1a60aebad4eecee440a0f596379c4439811e3ee0c31329ee
a0b9959b58ce19a6cb1023d60b40a23216f2ce95996e50f3b8e7e177b65e8a9e
a16fb99413a113a057376badcecfd2e3db74c0081efb42be390bf8a2136d319f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a230cc10d53014dfcc348810d1806aa5a5c270deb131b09845bbf6cd809714d3
a33a18d3ade364ae94fdc88f786c869ff8b45cae9bf98f2e2a16dd1459d98cdc
a3e8afc7c4e74d0e002c6bc764e86d32ae1d21edbbccf0dc1eae17285c52fc5c
a4210ade60d5b7d00769d91619148e738767108818212e45edbf32996c9adf00
a4a4a715624396db26d9da24f5d9df223c0d3834616ec994f53d2bc4c70cc355
a4cbd80926d06eb9cb19c1498ef0a86446f65fc46fe8180230fcc7a43950c78f
a4f00910898d52a5c3d43c47e6234d9bd6a1fbde7d85a1a0203fb861bae16470
a5053567e6cb48aeb3cde3c48c745ef891dd0ea20ee643561facd301d24c9085
a688b2f6a4f1192454b282c3c48eceef618d23c7d8e5e50fd9c814397c2a2730
a90ecd284d3954bf4c0baecf5df70b44552476ea5ef593aecd01b273b6f112e5
a9a20d888f62c6494994de1f41796c3ebce909df4301a1545c01c746859f6b93
aa283de802c9acd3b953b17f0886bc451df07e840451bad29f6100bc347ebfd5
aa7aa65a5e482203dccbdeb361737e99b6702f87f6c8e4b36ef5fd7b1e19bcc3
b09f95c67a1eeb461621224361d070461774ac807df1110cd23614d217f1beec
b1785d5d792bf4a89a05b874067db9ce766a324be2031adb48dca6c000cbbee5
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b2f365310c35cf84e0ab011e82072fe91bb97f1e7a159fb7806e4f79172bec33
b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8
b6abac84d0bc23aa729c096854a4d10bda2fc31208726bf966f669296274e2d2
b6ea714416b74a1f46f7904b74e87cc9154272f02f2be0cd6bf589a05cc30b56
b75e2eaf064cf7619e6e397cb613befd6b3490714b02f4e8071646b26389b83d
ba3d77e0be4f968f93a865602a9d4c51631083244a570b7a31690cc9e414a253
be307850d97a4cc3185166175515facde15350e4e7ab094000c8fd02edc3656d
c01fb9a697e12f8fd92b775bed131435b11556302f39b290a70a050b35046ff0
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c4635c43644d16797c891190380174d825f7675f98281b040bb43f36f8d2d6df
c4e10ce636e43c5a41767356fe4530b8e083a98530d8d97f93df7f533e9d93fc
c59871d067734ba898b0b36216238c07c1666a2738d80b51c02e7600e6a0d278
cc0471d6ed70bbf70f3ea7c0d4d0237544907cd43f6259b0c239720dbd3cbba7
d128853c54f6a7bbc8ef185b03a262de8fe1b5c559d25c372f7ee5de40181f5e
d191bedb4ccc9fd7f7eb24b325fb64488c1ad0d949c3b644f5600eafd8aecb73
d6a8ea5f458f12da9512a1b7a1a5e7123fc1a30a90ea24f54e2df5cc05c25b61
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
d7de4f63af858f8fe7771c4fb609177421050de304bb7935e6cc5261b6e515ff
d90e5aee64ab9195d640649ec7b2e8d7c8d08439e427cfb9a3ee4b7eee577e23
da84cc5f9cd563228b5dd4a1cddd2536095db5d75856262324411f8b484b3553
db5a1af6805feccb072ef3f8f4b0fd2de21422dcf655e34208782d411b03c22d
dc1dae59f78ce91d304b678bc2726874bacab3aa98e28cf0133b52a5f51fa383
dc4d2afb89a1bf7645a4a755977b6a1dca9cbd337f1685a0a0f363738dac91ee
ddcaa4f88eb71e796c03f88db98bec425c8264f1956b40fb39a4b4bd210207d6
deb5b413949afbe013136d17f77a1d49596ccaa1ba97d06b78789ee0727c1038
e0e7a66791325527c20e666694fc3c1dbbf4056420b5b28eb775b15ad0dd5002
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69f9675af335e5c49650336904b99b413b49ac7f63f4f9a1f9aaf30a775643c
e6da85a4bec604f66d52a323ba1ca9d7c2be3cfaf16f5757cd0818b54b03b2e7
e754ac6a863e9650b4432de68b0cbc5deef2495a1573bbbc0ac607f35295b2ec
eb395cd085058056ebef913aa53f1b061b01b1838a0a32d6f1ec9d731e4d6120
ec967a9c7ef9f9b3498c4894319802b33f23d9aa08858d0db95a682f637cf305
edb9281aa25ec75980088ecf512d0a28274b484a7a4745a2a3b7c32049506ffd
edd6d17801d56024162590291490d1560ef06d1831ed0721d2191841367a74b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05d6b52b5a3eb0ca8d1011dd7ac780ead493c5643f7b6fe01792083f608962c
f18ffe3c0db4fb9f98235581ffc3020d6388fc6a1df8a9f51051c107c8ada786
f823340d01bd43ba9491e993bef0168de367e141395b1a578c1f0a7edbcb0e20
f8bab8aa4042ca7b45b599e7d4e496146ebf1b45aabb8ff96ad79393ebd10840
f9933612f29ba23fce51018dbc5d901545554ef3e1a0072bcb4fdfac7369616a
fa14f9a6eef815bd8ed5bd4e83fb9d2e7a4a3200cb05089fbf5d633d6aa975fb
fbe5c6d5f501249b3a91381155a58a017883450ea5483688a98014a16963066a
fcd0e1cc60c87c8b844e2203e61394ce838b4b020b5ad26ecc1a3aadd849d903
fd8da88227252d2fbe66fe708a0d96e63cdc86ce47ef92fac27d2e7a4af0c34b
fe64de9c05d3f4ccbd302e2072d1ae56015678c72682d69ec6ac80c97666a455
ffe5ded2b2f74a469739ae0672374c397de9c5a11acd3eaf29f496bbe681eb52

offthegridsurplus.com Open in urlscan Pro 23.227.38.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

231 Requests

98 %HTTPS

60 %IPv6

38 Domains

53 Subdomains

47 IPs

4 Countries

4988 kBTransfer

11097 kBSize

33 Cookies

15 Outgoing links

Redirected requests

231 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

offthegridsurplus.com Open in urlscan Pro
23.227.38.65 Public Scan

Screenshot
Live screenshot

Full Image

231
Requests

98 %
HTTPS

60 %
IPv6

38
Domains

53
Subdomains

47
IPs

4
Countries

4988 kB
Transfer

11097 kB
Size

33
Cookies

231 HTTP transactions
1 data transactions