urlscan.io logo urlscan.io
SecurityTrails logo

www.shiftingretail.com Open in urlscan Pro
104.18.28.75  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://shiftingretail.com/
Effective URL: https://www.shiftingretail.com/
Submission Tags: tranco_l324
Submission: On April 27 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 68 HTTP transactions. The main IP is 104.18.28.75, located in and belongs to CLOUDFLARENET, US. The main domain is www.shiftingretail.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 23rd 2023. Valid for: a year.
This is the only time www.shiftingretail.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 104.18.28.75 13335 (CLOUDFLAR...)
2 40 104.18.29.75 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:266... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
4 104.18.2.165 13335 (CLOUDFLAR...)
4 151.101.2.137 54113 (FASTLY)
1 151.101.65.21 54113 (FASTLY)
3 192.229.221.25 15133 (EDGECAST)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 172.217.18.104 15169 (GOOGLE)
68 12
2    104.18.28.75 (None, )

ASN13335 (CLOUDFLARENET, US)
shiftingretail.com
www.shiftingretail.com
40    104.18.29.75 (None, )

ASN13335 (CLOUDFLARENET, US)
www.shiftingretail.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    2600:9000:266e:8c00:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.osano.com
3    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    104.18.2.165 (None, )

ASN13335 (CLOUDFLARENET, US)
flags.modere.com
4    151.101.2.137 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.contentstack.io
1    151.101.65.21 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.paypal.com
3    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
js.braintreegateway.com
5    2606:4700::6813:a641 (United States)

ASN13335 (CLOUDFLARENET, US)
res.cloudinary.com
1    172.217.18.104 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f104.1e100.net
www.googletagmanager.com
Apex Domain
Subdomains		 Transfer
42 shiftingretail.com
shiftingretail.com
www.shiftingretail.com
3 MB
5 cloudinary.com
res.cloudinary.com — Cisco Umbrella Rank: 2501
47 KB
4 contentstack.io
cdn.contentstack.io — Cisco Umbrella Rank: 35135
2 KB
4 modere.com
flags.modere.com — Cisco Umbrella Rank: 923370
590 B
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
329 KB
3 braintreegateway.com
js.braintreegateway.com — Cisco Umbrella Rank: 8440
36 KB
1 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2924
83 KB
1 osano.com
cmp.osano.com — Cisco Umbrella Rank: 5123
62 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 817
7 KB
68 9
Domain Requested by
41 www.shiftingretail.com 2 redirects www.shiftingretail.com
5 res.cloudinary.com
4 cdn.contentstack.io www.shiftingretail.com
4 flags.modere.com www.shiftingretail.com
4 www.googletagmanager.com cmp.osano.com
3 js.braintreegateway.com cmp.osano.com
1 www.paypal.com cmp.osano.com
1 cmp.osano.com www.shiftingretail.com
1 static.cloudflareinsights.com www.shiftingretail.com
1 shiftingretail.com 1 redirects
68 10

This site contains links to these domains. Also see Links.

Domain
res.cloudinary.com
buzz.shiftingretail.com
events.shiftingretail.com
www.modere.com
www.dsa.org
Subject Issuer Validity Valid
shiftingretail.com
Cloudflare Inc ECC CA-3		 2023-07-23 -
2024-07-22		 a year crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-03-10 -
2024-06-08		 3 months crt.sh
*.osano.com
Amazon RSA 2048 M03		 2023-10-18 -
2024-11-15		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-08 -
2024-07-01		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-06-09 -
2024-06-07		 a year crt.sh
*.contentstack.io
Gandi RSA Domain Validation Secure Server CA 3		 2024-04-10 -
2025-05-04		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-02-08 -
2025-02-08		 a year crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2023-12-14 -
2024-06-22		 6 months crt.sh

This page contains 2 frames:

Primary Page: https://www.shiftingretail.com/
Frame ID: 251A10DDFEA254A6B624D13B5A0D2718
Requests: 60 HTTP requests in this frame

Frame: https://www.shiftingretail.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
Frame ID: CC874F41634E370A806C185F153B0B47
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Shifting Retail

Page URL History Show full URLs

  1. http://shiftingretail.com/ HTTP 307
    https://shiftingretail.com/ HTTP 301
    https://www.shiftingretail.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.braintreegateway\.com
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

68
Requests

88 %
HTTPS

36 %
IPv6

9
Domains

10
Subdomains

12
IPs

3
Countries

3374 kB
Transfer

16245 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://shiftingretail.com/ HTTP 307
    https://shiftingretail.com/ HTTP 301
    https://www.shiftingretail.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://www.shiftingretail.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.shiftingretail.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
Request Chain 36
  • https://www.shiftingretail.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.shiftingretail.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js

68 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.shiftingretail.com/
Redirect Chain
  • http://shiftingretail.com/
  • https://shiftingretail.com/
  • https://www.shiftingretail.com/
10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc1855ea2b3e73ccb18d570e1b17a9a59f99c103cbc6e82536f50bd59aff4d49

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
87aae017cae8917a-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 27 Apr 2024 01:00:23 GMT
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87aae0164a09917a-FRA
content-type
text/html
date
Sat, 27 Apr 2024 01:00:23 GMT
location
https://www.shiftingretail.com/
server
cloudflare
style
www.shiftingretail.com/Content/ 		623 KB
115 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/Content/style?v=fv2Uydofxo8_mQXpFnI3GyuDwF7rX-3kmRgeaRXQKEM1
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f766fdce2e8676d4711fc605e56b8fa2c93e0fbcde1776f86d64d39174dea46a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 27 Apr 2024 01:00:23 GMT
server
cloudflare
vary
User-Agent
content-type
text/css; charset=utf-8
cache-control
public
cf-ray
87aae018ff4865d9-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 27 Apr 2025 01:00:23 GMT
rocket-loader.min.js
www.shiftingretail.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Apr 2024 20:54:07 GMT
server
cloudflare
etag
W/"6622d9ef-302c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
87aae018ff4965d9-FRA
expires
Mon, 29 Apr 2024 01:00:23 GMT
v55bfa2fee65d44688e90c00735ed189a1713218998793
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Origin
https://www.shiftingretail.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:23 GMT
content-encoding
gzip
last-modified
Tue, 23 Apr 2024 12:12:17 GMT
server
cloudflare
etag
W/"2024.4.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
87aae0193a4abb7f-FRA
print
www.shiftingretail.com/Content/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/Content/print?v=yYu-nZu5rShoYPhRxT_05kMH42Zh5XMcEydKo-F8aDI1
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5007b859c24d9a5d66dd5f3d6c72a6b4bdc0bd16e14b84ace9229a665ebdc12a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 27 Apr 2024 01:00:23 GMT
server
cloudflare
vary
User-Agent
content-type
text/css; charset=utf-8
cache-control
public
cf-ray
87aae0190f5265d9-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 27 Apr 2025 01:00:23 GMT
Metropolis-Regular.woff
www.shiftingretail.com/Content/fonts/metropolis/fonts/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/Content/fonts/metropolis/fonts/Metropolis-Regular.woff
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/Content/style?v=fv2Uydofxo8_mQXpFnI3GyuDwF7rX-3kmRgeaRXQKEM1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b19e89510724e051e69978811e5c17a6f2e50183c97f11a5d53504fb381abf89

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/Content/style?v=fv2Uydofxo8_mQXpFnI3GyuDwF7rX-3kmRgeaRXQKEM1
Origin
https://www.shiftingretail.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:24 GMT
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 03:13:07 GMT
server
cloudflare
etag
"f8cba7ff6294da1:0"
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=p8RRvEswav7YQIXbP8nZSPae8sGGZyN92OuLmSyQkc8-1714179624-1.0.1.1-AceNmirjp9vhvIoau1lM.hm.SCdMXMNy8xB9s3JsDVwDTclqe.Frrx2Mvuyc.2jV4ha_vWmiBlDPJZZ6yHMVF8sVsNVBIgGIPUR_tB_NAQ2iR_.gssrs2xj7P3c6o1Az5Mw4wcWQBScz5SrMNTlzl43XMPo256olklY6M5Cucu8; report-to cf-csp-endpoint
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=p8RRvEswav7YQIXbP8nZSPae8sGGZyN92OuLmSyQkc8-1714179624-1.0.1.1-AceNmirjp9vhvIoau1lM.hm.SCdMXMNy8xB9s3JsDVwDTclqe.Frrx2Mvuyc.2jV4ha_vWmiBlDPJZZ6yHMVF8sVsNVBIgGIPUR_tB_NAQ2iR_.gssrs2xj7P3c6o1Az5Mw4wcWQBScz5SrMNTlzl43XMPo256olklY6M5Cucu8"}],"group":"cf-csp-endpoint","max_age":86400}
content-type
application/x-font-woff
vary
Accept-Encoding
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
87aae01d198365d9-FRA
alt-svc
h3=":443"; ma=86400
content-length
26876
expires
Sat, 27 Apr 2024 03:00:24 GMT
app_d22b2c9c.dfce927d708b5463ade5.bundle.js
www.shiftingretail.com/Scripts/ 		444 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/Scripts/app_d22b2c9c.dfce927d708b5463ade5.bundle.js
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cd06b98bfbc20f4eeca3672e494c20270f2c41028e6bd01123df9ad164663ac

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 03:13:09 GMT
server
cloudflare
etag
W/"e376cb06394da1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
cf-ray
87aae01d198565d9-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 27 Apr 2024 03:00:24 GMT
app_04011429.11c0473f748c3959f355.bundle.js
www.shiftingretail.com/Scripts/ 		1 MB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/Scripts/app_04011429.11c0473f748c3959f355.bundle.js
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40183bc902ba21f52f2628e1b67421d48165c2f5a58ab9b53f072a10697d99fc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 03:13:09 GMT
server
cloudflare
etag
W/"24aba06394da1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
cf-ray
87aae01d198665d9-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 27 Apr 2024 03:00:25 GMT
app_324de96e.2c88d7cecfe51b9e5f86.bundle.js
www.shiftingretail.com/Scripts/ 		492 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/Scripts/app_324de96e.2c88d7cecfe51b9e5f86.bundle.js
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9d57c77105788c43f58d1d44d206a6a34b626e1a373c26047a7b7832bce2d49

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 03:13:09 GMT
server
cloudflare
etag
W/"24aba06394da1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
cf-ray
87aae01d198765d9-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 27 Apr 2024 03:00:25 GMT
app_3443ac07.aac90b899a2b60420471.bundle.js
www.shiftingretail.com/Scripts/ 		664 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/Scripts/app_3443ac07.aac90b899a2b60420471.bundle.js
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3fa8ff47c88968e0d0f6fc0c27573a282913a4c5fd4d05eff723174acb8170d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 03:13:09 GMT
server
cloudflare
etag
W/"4333bf06394da1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
cf-ray
87aae01d198965d9-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 27 Apr 2024 03:00:25 GMT
app_402f6fec.933a993c065489b53f43.bundle.js
www.shiftingretail.com/Scripts/ 		592 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/Scripts/app_402f6fec.933a993c065489b53f43.bundle.js
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5e9e3e65da6e1064399f1233fb31e64956110c3edaf899c9417b89814db424e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 03:13:09 GMT
server
cloudflare
etag
W/"29a6c106394da1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
cf-ray
87aae01d198a65d9-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 27 Apr 2024 03:00:25 GMT
app_4134d62c.2266f7e5ba120c78cc26.bundle.js
www.shiftingretail.com/Scripts/ 		602 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/Scripts/app_4134d62c.2266f7e5ba120c78cc26.bundle.js
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab3606eb8f5d8228b0221c06adbb0fdcee947ed5c2867ab54eeb049eaa3d91f7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 03:13:09 GMT
server
cloudflare
etag
W/"4333bf06394da1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
cf-ray
87aae01d198b65d9-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 27 Apr 2024 03:00:24 GMT
app_493df0b3.5712be82c643cb598fc0.bundle.js
www.shiftingretail.com/Scripts/ 		766 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/Scripts/app_493df0b3.5712be82c643cb598fc0.bundle.js
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46a9f7aa84f205a9f1d26e1899f4a2282f08df4c5b2e55c291e0efd6161463e1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 03:13:09 GMT
server
cloudflare
etag
W/"f8ec606394da1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
cf-ray
87aae01d198d65d9-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 27 Apr 2024 03:00:25 GMT
app_4f3a1aee.7bca3219d8024cb1386a.bundle.js
www.shiftingretail.com/Scripts/ 		601 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/Scripts/app_4f3a1aee.7bca3219d8024cb1386a.bundle.js
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d78ab52bc80b5a7a9d4cfd3250e08f62c724e883e4cafa8550bde0f3023aa803

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 03:13:09 GMT
server
cloudflare
etag
W/"f8ec606394da1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
cf-ray
87aae01d198f65d9-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 27 Apr 2024 03:00:25 GMT
app_66c336cc.511f6db847e3119623bc.bundle.js
www.shiftingretail.com/Scripts/ 		708 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/Scripts/app_66c336cc.511f6db847e3119623bc.bundle.js
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f439b864e089f765975d87de963cadfd2666b23800661b7b7d0dd7eabfae8d6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 03:13:09 GMT
server
cloudflare
etag
W/"f8ec606394da1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
cf-ray
87aae01d199165d9-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 27 Apr 2024 03:00:25 GMT
app_a24665f0.bcf1212ae92c58ac04be.bundle.js
www.shiftingretail.com/Scripts/ 		1 MB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/Scripts/app_a24665f0.bcf1212ae92c58ac04be.bundle.js
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caef75e9711b9c7ec8562966367cb95684d9aa793dfdca29c6fe0f874e042b03

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 03:13:09 GMT
server
cloudflare
etag
W/"521c906394da1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
cf-ray
87aae01d199265d9-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 27 Apr 2024 03:00:24 GMT
app_af83f738.239a9c183f14c084410b.bundle.js
www.shiftingretail.com/Scripts/ 		781 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/Scripts/app_af83f738.239a9c183f14c084410b.bundle.js
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c89e0accc3d34aefdf414438218d524f0a64564325df7506c340f7a2d40116ac

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 03:13:09 GMT
server
cloudflare
etag
W/"e376cb06394da1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
cf-ray
87aae01d199465d9-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 27 Apr 2024 03:00:25 GMT
app_30ccc425.f56c4f336e3597693b4d.bundle.js
www.shiftingretail.com/Scripts/ 		624 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/Scripts/app_30ccc425.f56c4f336e3597693b4d.bundle.js
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481b370b13af50718e2a31fa1d03e10615e97e8b72bd83f238c4dd2b584b3bcc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 03:13:09 GMT
server
cloudflare
etag
W/"14bfbc06394da1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
cf-ray
87aae01d199565d9-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 27 Apr 2024 03:00:25 GMT
app_da9d6f9e.2fa7c9c2db87d44f58de.bundle.js
www.shiftingretail.com/Scripts/ 		839 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/Scripts/app_da9d6f9e.2fa7c9c2db87d44f58de.bundle.js
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28f9639156acb186b877e10a4efd23fddabde7ad3e3f0f397c86864da560de78

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 03:13:09 GMT
server
cloudflare
etag
W/"82eacd06394da1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
cf-ray
87aae01d199665d9-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 27 Apr 2024 03:00:25 GMT
app_e2e93592.b33dc1e7cbaffee1b02b.bundle.js
www.shiftingretail.com/Scripts/ 		583 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/Scripts/app_e2e93592.b33dc1e7cbaffee1b02b.bundle.js
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
889316323cff9aaef5a38cee7d966453f96a642b6c8640499a3335215a918354

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 03:13:09 GMT
server
cloudflare
etag
W/"e25dcf06394da1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
cf-ray
87aae01d199765d9-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 27 Apr 2024 03:00:24 GMT
vendor_26b2b91e.ebe3367bab34786f364c.bundle.js
www.shiftingretail.com/Scripts/ 		446 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/Scripts/vendor_26b2b91e.ebe3367bab34786f364c.bundle.js
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b979569a8f8fba8e2673d908fafccfc095c3a497b67456b59d1419b9155486c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 03:13:09 GMT
server
cloudflare
etag
W/"3dd1d206394da1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
cf-ray
87aae01d199865d9-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 27 Apr 2024 03:00:24 GMT
vendor_324de96e.eaa2051939950f1ab556.bundle.js
www.shiftingretail.com/Scripts/ 		492 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/Scripts/vendor_324de96e.eaa2051939950f1ab556.bundle.js
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3df4cb2e3eb19d6c739ae72e2af991516893b0b0bc5eff8441406fd089d5d14

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 03:13:09 GMT
server
cloudflare
etag
W/"123bda06394da1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
cf-ray
87aae01d199965d9-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 27 Apr 2024 03:00:25 GMT
vendor_493df0b3.f598c95c5b05009fab4c.bundle.js
www.shiftingretail.com/Scripts/ 		800 KB
176 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/Scripts/vendor_493df0b3.f598c95c5b05009fab4c.bundle.js
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeaeafc63739db98a5cac678a6b992a9aafd6332b87406b4e65f85b253719cc3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 03:13:09 GMT
server
cloudflare
etag
W/"123bda06394da1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
cf-ray
87aae01d199a65d9-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 27 Apr 2024 03:00:24 GMT
vendor_4f3a1aee.6fd89411a748ec5c5000.bundle.js
www.shiftingretail.com/Scripts/ 		766 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/Scripts/vendor_4f3a1aee.6fd89411a748ec5c5000.bundle.js
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8acb198534c162b31f8abf88740e58d88a9c5fc7df250253e23bf9578a81767e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 03:13:09 GMT
server
cloudflare
etag
W/"5ec1d706394da1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
cf-ray
87aae01d199b65d9-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 27 Apr 2024 03:00:24 GMT
vendor_66c336cc.75951346a22b01c0137a.bundle.js
www.shiftingretail.com/Scripts/ 		706 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/Scripts/vendor_66c336cc.75951346a22b01c0137a.bundle.js
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8acb18b4c04f610f326f5a0e2376b2bcb43efd6349afac240627601a795a5f99

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:24 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 03:13:09 GMT
server
cloudflare
etag
W/"dc34d906394da1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
cf-ray
87aae01d199d65d9-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 27 Apr 2024 03:00:24 GMT
polyfills_493df0b3.60f1c98e5f02f0739d50.bundle.js
www.shiftingretail.com/Scripts/ 		276 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/Scripts/polyfills_493df0b3.60f1c98e5f02f0739d50.bundle.js
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef99182f5dedc492884469ec9c35c6e5e3867931135f2c4b0139ea0db356c319

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 03:13:09 GMT
server
cloudflare
etag
W/"3dd1d206394da1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=7200
cf-ray
87aae01d199e65d9-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 27 Apr 2024 03:00:25 GMT
osano.js
cmp.osano.com/6olH3SACLXqV1Rjp/7d464d51-8369-4f0a-9bdd-dfdacb89e0e4/ 		241 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/6olH3SACLXqV1Rjp/7d464d51-8369-4f0a-9bdd-dfdacb89e0e4/osano.js
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:8c00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
36ad71cf577a5a9bd1542a5e7bb5dfe8dee5272e7fb641ae8d06afca7ccd533a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:24 GMT
content-encoding
br
via
1.1 90d4d7d1a3cebe66392e229fd5792ae0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P8
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
62926
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 24 Jan 2023 16:29:50 GMT
server
CloudFront
etag
"2d59a160512b8c9fd8ef7a9f00e23244"
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id
YA1LKX9epGDPlar2lz958AmOcXtSJo2-zo8zqv8ZpEbRC_ji8VzbqA==
main.js
www.shiftingretail.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/ Frame CC87
Redirect Chain
  • https://www.shiftingretail.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.shiftingretail.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/
Protocol
H3
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3edfe5a2f7773b08d6adb625778d06929ed455923f8282043d61aac5d9269beb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Apr 2024 01:00:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
87aae01d49b065d9-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 27 Apr 2024 01:00:24 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
cache-control
max-age=300, public
cf-ray
87aae01d199f65d9-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
87aae017cae8917a
www.shiftingretail.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame CC87 		0
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/cdn-cgi/challenge-platform/h/b/jsd/r/87aae017cae8917a
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 27 Apr 2024 01:00:24 GMT
server
cloudflare
cf-ray
87aae01dc9f465d9-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain; charset=UTF-8
gtm.js
www.googletagmanager.com/ 		203 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WX8ZRCD
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/6olH3SACLXqV1Rjp/7d464d51-8369-4f0a-9bdd-dfdacb89e0e4/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6ad546e40e89de247cd15723f6372ab5790cdad2283da868159ab00fdb0f929e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72279
x-xss-protection
0
last-modified
Sat, 27 Apr 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 27 Apr 2024 01:00:25 GMT
js
www.googletagmanager.com/gtag/ 		198 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-41550252-2
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/6olH3SACLXqV1Rjp/7d464d51-8369-4f0a-9bdd-dfdacb89e0e4/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
075756af30f22573b6c34c1f1b0be77976f067255bf70c54e7fb442210f999c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73214
x-xss-protection
0
last-modified
Sat, 27 Apr 2024 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 27 Apr 2024 01:00:25 GMT
2887dc35-4b61-409f-ad72-cba9a1eeafe1
https://www.shiftingretail.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.shiftingretail.com/2887dc35-4b61-409f-ad72-cba9a1eeafe1
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
favicon.ico
www.shiftingretail.com/images/icons/ 		15 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/images/icons/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce365d8b84a78bd53a4fb0b95d3ad754ac130d7dca4631885e036c2a65254846

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 03:13:09 GMT
server
cloudflare
etag
W/"44b69006394da1:0"
vary
Accept-Encoding
content-type
image/x-icon
cache-control
public, max-age=7200
cf-ray
87aae020cb5865d9-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 27 Apr 2024 03:00:25 GMT
833d4e89-77cb-496c-93ef-779da39b309a
https://www.shiftingretail.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.shiftingretail.com/833d4e89-77cb-496c-93ef-779da39b309a
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
js
www.googletagmanager.com/gtag/ 		251 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5F0ZJ363W8&l=dataLayer&cx=c
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/6olH3SACLXqV1Rjp/7d464d51-8369-4f0a-9bdd-dfdacb89e0e4/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
96f603428a965119d403e03f97faa68121d978751ceb107076b4e952d1b54ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91154
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 27 Apr 2024 01:00:25 GMT
getwebconfigsettings
www.shiftingretail.com/home/ 		2 KB
983 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/home/getwebconfigsettings
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/Scripts/polyfills_493df0b3.60f1c98e5f02f0739d50.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c694ab1800ec56e5fbf4512acdbfcb136b781a93ee2c96e99c514005ee8b76ae

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
*/*
Referer
https://www.shiftingretail.com/
X-Requested-With
XMLHttpRequest
Client-Id
shiftingretail-us
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json; charset=utf-8
cache-control
private
cf-ray
87aae0236c8965d9-FRA
alt-svc
h3=":443"; ma=86400
getsiteconfig
www.shiftingretail.com/config/ 		50 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/config/getsiteconfig?cache=2732024&country=US
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/Scripts/polyfills_493df0b3.60f1c98e5f02f0739d50.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff0eb6ba21b364d2634724a348d074c729f2f781f6b360f97ae03c17c9a04195

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
*/*
Referer
https://www.shiftingretail.com/
X-Requested-With
XMLHttpRequest
Client-Id
shiftingretail-us
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
etag
W/"kKzswGYBeeG2jJt9F6SnOQ=="
content-type
application/json; charset=utf-8
cache-control
private
cf-ray
87aae0236c8b65d9-FRA
alt-svc
h3=":443"; ma=86400
main.js
www.shiftingretail.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/ Frame CC87
Redirect Chain
  • https://www.shiftingretail.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.shiftingretail.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
8 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
Protocol
H3
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3edfe5a2f7773b08d6adb625778d06929ed455923f8282043d61aac5d9269beb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Sat, 27 Apr 2024 01:00:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
87aae01d49b065d9-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 27 Apr 2024 01:00:24 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
cache-control
max-age=300, public
cf-ray
87aae01d199f65d9-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
rum
www.shiftingretail.com/cdn-cgi/ 		0
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/cdn-cgi/rum?
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/Scripts/polyfills_493df0b3.60f1c98e5f02f0739d50.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Sat, 27 Apr 2024 01:00:25 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.shiftingretail.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
87aae0237c9465d9-FRA
87aae017cae8917a
www.shiftingretail.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame CC87 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/cdn-cgi/challenge-platform/h/b/jsd/r/87aae017cae8917a
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 27 Apr 2024 01:00:25 GMT
server
cloudflare
cf-ray
87aae0241cda65d9-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain; charset=UTF-8
enrollment
www.shiftingretail.com/api/dynamic-route/2/ 		30 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/api/dynamic-route/2/enrollment
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/Scripts/polyfills_493df0b3.60f1c98e5f02f0739d50.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0eaf359e9457a05a17aff833189a6bc759647e93bf777cfdefb48ac4ed2a44ea

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Country-Code
US
Accept
*/*
Referer
https://www.shiftingretail.com/
X-Requested-With
XMLHttpRequest
Client-Id
shiftingretail-us
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 27 Apr 2024 01:00:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json; charset=utf-8
cache-control
no-store, must-revalidate, no-cache
cf-ray
87aae027bec865d9-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 27 Apr 2024 01:00:26 GMT
frontend
flags.modere.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://flags.modere.com/api/frontend?environment=production&appName=Modere-Web&properties%5Bmarket%5D=US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.165 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,if-none-match
Access-Control-Request-Method
GET
Origin
https://www.shiftingretail.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
authorization,content-type,if-none-match
access-control-allow-methods
PUT, CONNECT, OPTIONS, GET, POST, PATCH, TRACE, HEAD, DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87aae02909ac9b46-FRA
content-length
0
date
Sat, 27 Apr 2024 01:00:26 GMT
server
cloudflare
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
frontend
flags.modere.com/api/ 		517 B
590 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://flags.modere.com/api/frontend?environment=production&appName=Modere-Web&properties%5Bmarket%5D=US
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/Scripts/polyfills_493df0b3.60f1c98e5f02f0739d50.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.165 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
633436864ad5097f1e891bc7e831b4d0718b7a12c9877e2e6d18d9de6742a08a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
*:production.fea9b02668b99fa56a4d36bdabdee11a1408c578b3447854545c75d0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://www.shiftingretail.com/
If-None-Match
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:27 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
etag
W/"205-gLvJJx_ZPtpV7Ni6e7_HCA=="
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=1800
cf-ray
87aae02a0a0b9b46-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 27 Apr 2024 01:30:27 GMT
/
cdn.contentstack.io/v3/content_types/modere_logo/entries/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.contentstack.io/v3/content_types/modere_logo/entries/?locale=en-us&include_fallback=true&environment=production
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
contentstack /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access_token,api_key,content-type,x-user-agent
Access-Control-Request-Method
GET
Origin
https://www.shiftingretail.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
access_token,api_key,content-type,x-user-agent
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE, OPTIONS, PATCH
access-control-allow-origin
*
access-control-expose-headers
access_token,api_key,content-type,x-user-agent
age
20
content-length
0
date
Sat, 27 Apr 2024 01:00:26 GMT
server
contentstack
via
1.1 varnish, 1.1 varnish
x-cache
HIT, MISS
x-cache-hits
272, 0
x-request-id
a06b5242-3479-45b3-94e1-ed865235c9b5
x-runtime
0ms
x-served-by
cache-bur-kbur8200178-BUR, cache-fra-eddf8230073-FRA
x-timer
S1714179626.436269,VS0,VE145
/
cdn.contentstack.io/v3/content_types/modere_logo/entries/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.contentstack.io/v3/content_types/modere_logo/entries/?locale=en-us&include_fallback=true&environment=production
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
contentstack /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access_token,api_key,content-type,x-user-agent
Access-Control-Request-Method
GET
Origin
https://www.shiftingretail.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
access_token,api_key,content-type,x-user-agent
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE, OPTIONS, PATCH
access-control-allow-origin
*
access-control-expose-headers
access_token,api_key,content-type,x-user-agent
age
20
content-length
0
date
Sat, 27 Apr 2024 01:00:26 GMT
server
contentstack
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-cache-hits
272, 1
x-request-id
a06b5242-3479-45b3-94e1-ed865235c9b5
x-runtime
0ms
x-served-by
cache-bur-kbur8200178-BUR, cache-fra-eddf8230073-FRA
x-timer
S1714179626.436351,VS0,VE145
general,account,accountsettings,checkout
www.shiftingretail.com/api/resource/cmsresources/ 		67 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/api/resource/cmsresources/general,account,accountsettings,checkout?langCode=en-US
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/Scripts/polyfills_493df0b3.60f1c98e5f02f0739d50.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae64e22096fa5b3824c9aaaccf8b25f5f222b44a9be902c934c4c64857d6e40f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Pragma
no-cache
Expires
Sat, 01 Jan 2000 00:00:00 GMT
Accept-Language
en-US
sec-ch-ua-mobile
?0
Request-Locale
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Country-Code
US
Content-Type
application/json
Accept
application/json, text/plain, */*
Cache-Control
no-cache, no-store, must-revalidate
Referer
https://www.shiftingretail.com/
Client-Id
shiftingretail-us
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
etag
W/"59QlCXh8US1gAbaX4p6VpQ=="
content-type
application/json; charset=utf-8
cache-control
public, max-age=600
cf-ray
87aae0290fbd65d9-FRA
alt-svc
h3=":443"; ma=86400
/
cdn.contentstack.io/v3/content_types/modere_logo/entries/ 		2 KB
1023 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.contentstack.io/v3/content_types/modere_logo/entries/?locale=en-us&include_fallback=true&environment=production
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/Scripts/polyfills_493df0b3.60f1c98e5f02f0739d50.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
contentstack /
Resource Hash
25079b54a67fb79ed972fd6db3faf7fc70474781e3258a85753575f4dae0c183

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-User-Agent
contentstack-web/3.13.3
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
api_key
blt8ac5709d6167e9ee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer
https://www.shiftingretail.com/
access_token
cs25be9b27dae7178b39918004
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:26 GMT
x-cluster
scale01
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
cache-tag
blt8ac5709d6167e9ee.entries,blt8ac5709d6167e9ee.entries.modere_logo,blt8ac5709d6167e9ee.entries.modere_logo.en-us,blt8ac5709d6167e9ee.entries.en-us,blt8ac5709d6167e9ee.entries.production,blt8ac5709d6167e9ee.entries.modere_logo.production,blt8ac5709d6167e9ee.entries.modere_logo.en-us.production,blt8ac5709d6167e9ee.entries.en-us.production
content-length
571
x-served-by
cache-bfi-krnt7300068-BFI, cache-fra-eddf8230073-FRA
x-runtime
4
server
contentstack
x-timer
S1714179627.588551,VS0,VE1
x-contentstack-organization
bltfecbcdad514496d2
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
83, 0
js
www.paypal.com/sdk/ 		303 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AcSYhth7QwdM6PbkK9IdLlWrX2SnQZ_EwnyUmpXZ1zYW509Ljc5lO6GxAfwNP3KQhZPWm-hC0jP1AmTA&vault=true&disable-funding=card,credit&locale=en_US
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/6olH3SACLXqV1Rjp/7d464d51-8369-4f0a-9bdd-dfdacb89e0e4/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
85f8b22a68af9f88483d0888e7bb38c9e917b1d1dca2a0f6edafdce5e1e437ab
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-RJCZ0iPOIprMkazTaAoOtOBUKNJqReo0B2EiM4Sw/wlFYPkw' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-RJCZ0iPOIprMkazTaAoOtOBUKNJqReo0B2EiM4Sw/wlFYPkw' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-RJCZ0iPOIprMkazTaAoOtOBUKNJqReo0B2EiM4Sw/wlFYPkw' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-RJCZ0iPOIprMkazTaAoOtOBUKNJqReo0B2EiM4Sw/wlFYPkw' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish
date
Sat, 27 Apr 2024 01:00:27 GMT
age
0
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT, MISS
p3p
true
paypal-debug-id
f789137a5c3a1
server-timing
"traceparent;desc="00-0000000000000000000f789137a5c3a1-8cd13a926f09bb91-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
82792
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230146-FRA, cache-fra-eddf8230146-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f789137a5c3a1-f3582efb58493233-01
x-timer
S1714179626.443250,VS0,VE1170
etag
W/"14368-zYhzT2+qzpxedgTVKBUgVlMrcnM"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
client.min.js
js.braintreegateway.com/web/3.60.0/js/ 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.braintreegateway.com/web/3.60.0/js/client.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/6olH3SACLXqV1Rjp/7d464d51-8369-4f0a-9bdd-dfdacb89e0e4/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBD) /
Resource Hash
1e4639a42b337592bb7a05870cee005b268bcd5d831b9a8f0b0ae97dc8c326c5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
fa3cbb3eff67a
dc
ccg11-origin-www-1.paypal.com
content-length
12446
last-modified
Fri, 10 Dec 2021 00:01:53 GMT
server
ECAcc (frc/4CBD)
traceparent
00-0000000000000000000fa3cbb3eff67a-672944cfbbcb8235-01
etag
W/"61b298f1-a3d9"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
paypal-checkout.min.js
js.braintreegateway.com/web/3.60.0/js/ 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.braintreegateway.com/web/3.60.0/js/paypal-checkout.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/6olH3SACLXqV1Rjp/7d464d51-8369-4f0a-9bdd-dfdacb89e0e4/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CA8) /
Resource Hash
6a246ba160a0aa36b7b8a3578b66acead220528e72b6768d4d839bcae8d74501
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
85943819be200
dc
ccg11-origin-www-1.paypal.com
content-length
13665
last-modified
Fri, 10 Dec 2021 00:01:53 GMT
server
ECAcc (frc/4CA8)
traceparent
00-000000000000000000085943819be200-4992d5c56cbb64f7-01
etag
W/"61b298f1-c2f1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
data-collector.min.js
js.braintreegateway.com/web/3.60.0/js/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.braintreegateway.com/web/3.60.0/js/data-collector.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/6olH3SACLXqV1Rjp/7d464d51-8369-4f0a-9bdd-dfdacb89e0e4/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C89) /
Resource Hash
36c79905a1ea8cd7e2b1f5538c3952ffe96f32b29cd75671dc27bfbb6b3ca62e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
216565e98656e
dc
ccg11-origin-www-1.paypal.com
content-length
10392
last-modified
Fri, 10 Dec 2021 00:01:53 GMT
server
ECAcc (frc/4C89)
traceparent
00-0000000000000000000216565e98656e-a04835470e1fc443-01
etag
W/"61b298f1-7a19"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
/
cdn.contentstack.io/v3/content_types/modere_logo/entries/ 		2 KB
648 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.contentstack.io/v3/content_types/modere_logo/entries/?locale=en-us&include_fallback=true&environment=production
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/Scripts/polyfills_493df0b3.60f1c98e5f02f0739d50.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
contentstack /
Resource Hash
25079b54a67fb79ed972fd6db3faf7fc70474781e3258a85753575f4dae0c183

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-User-Agent
contentstack-web/3.13.3
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
api_key
blt8ac5709d6167e9ee
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8
Referer
https://www.shiftingretail.com/
access_token
cs25be9b27dae7178b39918004
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:26 GMT
x-cluster
scale01
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1765687
x-cache
HIT, HIT
cache-tag
blt8ac5709d6167e9ee.entries,blt8ac5709d6167e9ee.entries.modere_logo,blt8ac5709d6167e9ee.entries.modere_logo.en-us,blt8ac5709d6167e9ee.entries.en-us,blt8ac5709d6167e9ee.entries.production,blt8ac5709d6167e9ee.entries.modere_logo.production,blt8ac5709d6167e9ee.entries.modere_logo.en-us.production,blt8ac5709d6167e9ee.entries.en-us.production
content-length
571
x-served-by
cache-bfi-krnt7300068-BFI, cache-fra-eddf8230073-FRA
x-runtime
4
server
contentstack
x-timer
S1714179627.596249,VS0,VE1
x-contentstack-organization
bltfecbcdad514496d2
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
accept-ranges
bytes
x-cache-hits
83, 1
down-arrow.png
www.shiftingretail.com/images/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shiftingretail.com/images/icons/down-arrow.png
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/Content/style?v=fv2Uydofxo8_mQXpFnI3GyuDwF7rX-3kmRgeaRXQKEM1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43f798ab188795e1f4255eba60ed4e08d0b6cf112be50fa91f8a49140617028b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/Content/style?v=fv2Uydofxo8_mQXpFnI3GyuDwF7rX-3kmRgeaRXQKEM1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:26 GMT
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 03:13:09 GMT
server
cloudflare
etag
"44b69006394da1:0"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
87aae0292fc965d9-FRA
alt-svc
h3=":443"; ma=86400
content-length
1055
expires
Sat, 27 Apr 2024 03:00:26 GMT
icomoon.ttf
www.shiftingretail.com/Content/fonts/icomoon/fonts/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/Content/fonts/icomoon/fonts/icomoon.ttf?hrl9mg
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/Content/style?v=fv2Uydofxo8_mQXpFnI3GyuDwF7rX-3kmRgeaRXQKEM1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f86be55645ba1b65f21b56e5b0307b98df525e189bcf2aaf05229a8d72f0f158

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/Content/style?v=fv2Uydofxo8_mQXpFnI3GyuDwF7rX-3kmRgeaRXQKEM1
Origin
https://www.shiftingretail.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:26 GMT
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 03:13:07 GMT
server
cloudflare
etag
"7d1e6dff6294da1:0"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
87aae0292fce65d9-FRA
alt-svc
h3=":443"; ma=86400
content-length
46944
expires
Sat, 27 Apr 2024 05:00:26 GMT
Metropolis-Bold.woff
www.shiftingretail.com/Content/fonts/metropolis/fonts/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/Content/fonts/metropolis/fonts/Metropolis-Bold.woff
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/Content/style?v=fv2Uydofxo8_mQXpFnI3GyuDwF7rX-3kmRgeaRXQKEM1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd1f838239b8a05ff1cdb72064799803371e037fb7d15e8358756a2d19c28f26

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/Content/style?v=fv2Uydofxo8_mQXpFnI3GyuDwF7rX-3kmRgeaRXQKEM1
Origin
https://www.shiftingretail.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:26 GMT
cf-cache-status
HIT
last-modified
Mon, 22 Apr 2024 03:13:07 GMT
server
cloudflare
etag
"c3c07bff6294da1:0"
vary
Accept-Encoding
content-type
application/x-font-woff
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
87aae0292fcf65d9-FRA
alt-svc
h3=":443"; ma=86400
content-length
29916
expires
Sat, 27 Apr 2024 03:00:26 GMT
383e0908-43c5-4b52-b197-70c49a95c2f8
https://www.shiftingretail.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.shiftingretail.com/383e0908-43c5-4b52-b197-70c49a95c2f8
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
modere-logo-lifebydesign-black.svg
res.cloudinary.com/modere/Common/logos/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/modere/Common/logos/modere-logo-lifebydesign-black.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:a641 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e224e64bdfa12d5dc3d731bd46fdddedf5322dabf47db2fac8b43669ef59c5df
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:26 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=604800
content-disposition
attachment; filename="modere-logo-lifebydesign-black.svg"
server-timing
cld-cloudflare;dur=164;start=2024-04-27T01:00:26.666Z;desc=miss,rtt;dur=7,content-info;desc="width=724,height=83,bytes=4280,o=1,ef=(17);";cloudinary;dur=49;start=2024-04-27T01:00:26.734Z
content-length
1640
last-modified
Thu, 08 Feb 2024 20:39:42 GMT
server
cloudflare
etag
W/"a948696c89f543bfa3cf34286efd32ac"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=2592000
accept-ranges
bytes
cf-ray
87aae02aa9ce9978-FRA
timing-allow-origin
*
modere-logo-lifebydesign-white.svg
res.cloudinary.com/modere/common/logos/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/modere/common/logos/modere-logo-lifebydesign-white.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:a641 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c538607fa33eeb583e5af327dd88c1d5f649b47dd313b8adb04266e51e7d0f9
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:27 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=604800
content-disposition
attachment; filename="modere-logo-lifebydesign-white.svg"
server-timing
cld-cloudflare;dur=335;start=2024-04-27T01:00:26.665Z;desc=miss,rtt;dur=7,content-info;desc="width=724,height=83,bytes=4271,o=1,ef=(17);";cloudinary;dur=102;start=2024-04-27T01:00:26.727Z,cld-id;desc=4f96e832c868fa3486259f1a12c6ea3d
content-length
1630
x-request-id
4f96e832c868fa3486259f1a12c6ea3d
last-modified
Thu, 08 Feb 2024 20:39:42 GMT
server
cloudflare
etag
W/"e5893942a04e68b8e71ed15465a875a0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, max-age=2592000
accept-ranges
bytes
cf-ray
87aae02aa9cc9978-FRA
timing-allow-origin
*
cmscontentlist
www.shiftingretail.com/api/resource/ 		57 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.shiftingretail.com/api/resource/cmscontentlist?stublist=sr-header,sr-navigation-links,sr-home-content-01,sr-home-content-02,sr-footer-content,sr-navigation-links,sr-cookie-more-info-modal&langCode=en-US&countryCode=US
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/Scripts/polyfills_493df0b3.60f1c98e5f02f0739d50.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.75 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73e361d096c9e8c33f92066fadc18af654a8d6342f61e33c9fd59b9479511abb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Pragma
no-cache
Expires
Sat, 01 Jan 2000 00:00:00 GMT
Accept-Language
en-US
sec-ch-ua-mobile
?0
Request-Locale
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Country-Code
US
Content-Type
application/json
Accept
application/json, text/plain, */*
Cache-Control
no-cache, no-store, must-revalidate
Referer
https://www.shiftingretail.com/
Client-Id
shiftingretail-us
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:26 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
etag
W/"IUUVHpL724/olNJOdMLPHw=="
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
public, max-age=7200
cf-ray
87aae02a686565d9-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 27 Apr 2024 03:00:26 GMT
modere-logo-white.png
res.cloudinary.com/modere/f_auto,q_auto/Common/logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/modere/f_auto,q_auto/Common/logos/modere-logo-white.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:a641 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5721f244de1ac2d8b799eed7991eb5f782d0885d1fbbd710912acc2e34509af0
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:27 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="modere-logo-white.webp"
server-timing
cld-cloudflare;dur=16;start=2024-04-27T01:00:27.084Z;desc=hit,rtt;dur=10
content-length
1696
last-modified
Mon, 08 Oct 2018 15:13:40 GMT
server
cloudflare
etag
"7115849409103dc3643a73f57a33ec63"
vary
Accept,User-Agent,Save-Data, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,x-content-type-options
cache-control
private, no-transform, max-age=2592000
accept-ranges
bytes
cf-ray
87aae02d3a9d9978-FRA
timing-allow-origin
*
DSAlogoNA.png
res.cloudinary.com/modere/f_auto,q_auto/common/logos/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/modere/f_auto,q_auto/common/logos/DSAlogoNA.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:a641 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59b39a2f7ce730114ef3dc05af550119c23c74f9e5b8785e0225096363af7108
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:27 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="DSAlogoNA.webp"
server-timing
cld-cloudflare;dur=220;start=2024-04-27T01:00:27.085Z;desc=miss,rtt;dur=10;cloudinary;dur=105;start=2024-04-27T01:00:27.153Z,cld-id;desc=7af8137d72c5af37e307d389c60e4f8b
content-length
14942
x-request-id
7af8137d72c5af37e307d389c60e4f8b
last-modified
Thu, 06 Sep 2018 14:24:41 GMT
server
cloudflare
etag
"0705d9d9afdce8ddd4e5d32b267aef34"
vary
Accept,User-Agent,Save-Data, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,x-content-type-options
cache-control
private, no-transform, max-age=2592000
accept-ranges
bytes
cf-ray
87aae02d3a9e9978-FRA
timing-allow-origin
*
social-retail-header-dsk.jpg
res.cloudinary.com/modere-eu/f_auto,q_auto/shiftingretail/home/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/modere-eu/f_auto,q_auto/shiftingretail/home/social-retail-header-dsk.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:a641 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb47a5990ad219e756b88a223744334ebe200b32d290102f6c14ff9ac449a685
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:27 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="social-retail-header-dsk.webp"
server-timing
cld-cloudflare;dur=17;start=2024-04-27T01:00:27.088Z;desc=hit,rtt;dur=10
content-length
26972
last-modified
Thu, 06 Sep 2018 15:24:55 GMT
server
cloudflare
etag
"b93a25916046b6321248825343a9cf53"
vary
Accept,User-Agent,Save-Data, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,x-content-type-options
cache-control
private, no-transform, max-age=2592000
accept-ranges
bytes
cf-ray
87aae02d4aa19978-FRA
timing-allow-origin
*
dcf5d143-a3ea-4d96-abd2-6b27766de9cf
https://www.shiftingretail.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.shiftingretail.com/dcf5d143-a3ea-4d96-abd2-6b27766de9cf
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
edc7d6b7-c05f-436d-b403-e837e9ae9e21
https://www.shiftingretail.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.shiftingretail.com/edc7d6b7-c05f-436d-b403-e837e9ae9e21
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
9bca618c-edbc-47dc-a078-ade58138db83
https://www.shiftingretail.com/ 		390 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.shiftingretail.com/9bca618c-edbc-47dc-a078-ade58138db83
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
390
Content-Type
text/javascript
js
www.googletagmanager.com/gtag/ 		284 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D9P1MZ7LZW&l=dataLayer&cx=c
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/6olH3SACLXqV1Rjp/7d464d51-8369-4f0a-9bdd-dfdacb89e0e4/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f104.1e100.net
Software
Google Tag Manager /
Resource Hash
2f92c682580d856ffc50f69b30859ed071fb9c8d9614b0d40ac9831d8ed9dc8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.shiftingretail.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
99301
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 27 Apr 2024 01:00:27 GMT
metrics
flags.modere.com/api/frontend/client/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://flags.modere.com/api/frontend/client/metrics
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.165 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://www.shiftingretail.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
authorization,content-type
access-control-allow-methods
PUT, CONNECT, OPTIONS, GET, POST, PATCH, TRACE, HEAD, DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87aae0355f749b46-FRA
content-length
0
date
Sat, 27 Apr 2024 01:00:28 GMT
server
cloudflare
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
metrics
flags.modere.com/api/frontend/client/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://flags.modere.com/api/frontend/client/metrics
Requested by
Host: www.shiftingretail.com
URL: https://www.shiftingretail.com/Scripts/polyfills_493df0b3.60f1c98e5f02f0739d50.bundle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.165 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Authorization
*:production.fea9b02668b99fa56a4d36bdabdee11a1408c578b3447854545c75d0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://www.shiftingretail.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 27 Apr 2024 01:00:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin
*
cf-ray
87aae0363fc79b46-FRA
alt-svc
h3=":443"; ma=86400
content-length
0

Verdicts & Comments Add Verdict or Comment

203 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| __cfQR object| __cfBeacon function| Osano function| __uspapi string| theUserAgent string| modereFPGoogleTagManagerId object| dataLayer string| modereProductName string| existingReferralCode string| modereToken string| paResponse string| moderePath string| modereApiUrl string| modereDefaultMarket string| modereAuthServerUrl string| modereGoogleAnalyticsTrackingId string| googleTrackingUrl string| siteMarket object| s function| trackOutboundLink function| gtag object| fby object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__setImmediate function| __zone_symbol__clearImmediate function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched object| webpackJsonp object| ngDevMode object| __zone_symbol__loadfalse function| _ object| __zone_symbol__testfalse function| jQuery object| d3 object| google_tag_manager object| google_tag_data object| ng object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse boolean| __cfRLUnblockHandlers object| litHtmlVersions object| __zone_symbol__pageshowtrue object| __zone_symbol__resizefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers string| GoogleAnalyticsObject function| ga object| __zone_symbol__focusfalse object| __zone_symbol__blurfalse object| __zone_symbol__pageshowfalse object| __zone_symbol__pagehidefalse object| gaGlobal function| __zone_symbol__ON_PROPERTYbeforeunload object| __zone_symbol__beforeunloadfalse object| __zone_symbol__touchmovefalse object| __zone_symbol__scrollfalse object| braintree object| __zone_symbol__messagefalse function| onYouTubeIframeAPIReady object| __zone_symbol__scrollendfalse object| __post_robot_11_0_0___uid_buqvfvdtphzbdzfisewywfrqccypzs object| paypal object| __zone_symbol__unloadfalse object| __zoid_10_3_3___uid_buqvfvdtphzbdzfisewywfrqccypzs function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

6 Cookies

Domain/Path Name / Value
.shiftingretail.com/ Name: __cf_bm
Value: 7kWLfmIBOUVgN.5mEMV4x2J5.ZOh3zkEuPkndOmUYkY-1714179623-1.0.1.1-PUmZvtiYq2F9rMx3QKygpgF_CUgEH3NS1tQakYLADmCVj6HSwNg6xJOHOGcGl39y3BAqhzVsatqvFPLkrLzVnA
www.shiftingretail.com/ Name: __DEFAULT_LANGUAGE
Value: en-US
www.shiftingretail.com/ Name: ASP.NET_SessionId
Value: htgvjtkvrkshtewjbdouprki
.shiftingretail.com/ Name: cf_clearance
Value: lSfBWQWEsRvkghsbT5vjPeOc9tP5yiyHro6zyfp7N9U-1714179625-1.0.1.1-8d.4sLChte1G9mcOP.euh04ZA0PirBtHG1yvhYtzBV3p5wBbiCnCXnfA5f6ToEjupGJUPj635NKoaYsml33WkQ
www.shiftingretail.com/ Name: __MODERE_COUNTRY
Value: US
.shiftingretail.com/ Name: __MODERE_LANGUAGE
Value: en-US

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.contentstack.io
cmp.osano.com
flags.modere.com
js.braintreegateway.com
res.cloudinary.com
shiftingretail.com
static.cloudflareinsights.com
www.googletagmanager.com
www.paypal.com
www.shiftingretail.com
104.18.2.165
104.18.28.75
104.18.29.75
151.101.2.137
151.101.65.21
172.217.18.104
192.229.221.25
2600:9000:266e:8c00:3:b7e:8940:93a1
2606:4700::6810:5049
2606:4700::6813:a641
2a00:1450:4001:831::2008
075756af30f22573b6c34c1f1b0be77976f067255bf70c54e7fb442210f999c9
0eaf359e9457a05a17aff833189a6bc759647e93bf777cfdefb48ac4ed2a44ea
17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee
1e4639a42b337592bb7a05870cee005b268bcd5d831b9a8f0b0ae97dc8c326c5
25079b54a67fb79ed972fd6db3faf7fc70474781e3258a85753575f4dae0c183
28f9639156acb186b877e10a4efd23fddabde7ad3e3f0f397c86864da560de78
2c538607fa33eeb583e5af327dd88c1d5f649b47dd313b8adb04266e51e7d0f9
2f92c682580d856ffc50f69b30859ed071fb9c8d9614b0d40ac9831d8ed9dc8d
36ad71cf577a5a9bd1542a5e7bb5dfe8dee5272e7fb641ae8d06afca7ccd533a
36c79905a1ea8cd7e2b1f5538c3952ffe96f32b29cd75671dc27bfbb6b3ca62e
3edfe5a2f7773b08d6adb625778d06929ed455923f8282043d61aac5d9269beb
40183bc902ba21f52f2628e1b67421d48165c2f5a58ab9b53f072a10697d99fc
43f798ab188795e1f4255eba60ed4e08d0b6cf112be50fa91f8a49140617028b
46a9f7aa84f205a9f1d26e1899f4a2282f08df4c5b2e55c291e0efd6161463e1
481b370b13af50718e2a31fa1d03e10615e97e8b72bd83f238c4dd2b584b3bcc
5007b859c24d9a5d66dd5f3d6c72a6b4bdc0bd16e14b84ace9229a665ebdc12a
5721f244de1ac2d8b799eed7991eb5f782d0885d1fbbd710912acc2e34509af0
59b39a2f7ce730114ef3dc05af550119c23c74f9e5b8785e0225096363af7108
633436864ad5097f1e891bc7e831b4d0718b7a12c9877e2e6d18d9de6742a08a
6a246ba160a0aa36b7b8a3578b66acead220528e72b6768d4d839bcae8d74501
6ad546e40e89de247cd15723f6372ab5790cdad2283da868159ab00fdb0f929e
6f439b864e089f765975d87de963cadfd2666b23800661b7b7d0dd7eabfae8d6
73e361d096c9e8c33f92066fadc18af654a8d6342f61e33c9fd59b9479511abb
85f8b22a68af9f88483d0888e7bb38c9e917b1d1dca2a0f6edafdce5e1e437ab
889316323cff9aaef5a38cee7d966453f96a642b6c8640499a3335215a918354
8acb18b4c04f610f326f5a0e2376b2bcb43efd6349afac240627601a795a5f99
8acb198534c162b31f8abf88740e58d88a9c5fc7df250253e23bf9578a81767e
96f603428a965119d403e03f97faa68121d978751ceb107076b4e952d1b54ecd
9b979569a8f8fba8e2673d908fafccfc095c3a497b67456b59d1419b9155486c
9cd06b98bfbc20f4eeca3672e494c20270f2c41028e6bd01123df9ad164663ac
ab3606eb8f5d8228b0221c06adbb0fdcee947ed5c2867ab54eeb049eaa3d91f7
ae64e22096fa5b3824c9aaaccf8b25f5f222b44a9be902c934c4c64857d6e40f
b19e89510724e051e69978811e5c17a6f2e50183c97f11a5d53504fb381abf89
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5
b9d57c77105788c43f58d1d44d206a6a34b626e1a373c26047a7b7832bce2d49
bc1855ea2b3e73ccb18d570e1b17a9a59f99c103cbc6e82536f50bd59aff4d49
c694ab1800ec56e5fbf4512acdbfcb136b781a93ee2c96e99c514005ee8b76ae
c89e0accc3d34aefdf414438218d524f0a64564325df7506c340f7a2d40116ac
caef75e9711b9c7ec8562966367cb95684d9aa793dfdca29c6fe0f874e042b03
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd1f838239b8a05ff1cdb72064799803371e037fb7d15e8358756a2d19c28f26
ce365d8b84a78bd53a4fb0b95d3ad754ac130d7dca4631885e036c2a65254846
d3fa8ff47c88968e0d0f6fc0c27573a282913a4c5fd4d05eff723174acb8170d
d78ab52bc80b5a7a9d4cfd3250e08f62c724e883e4cafa8550bde0f3023aa803
e224e64bdfa12d5dc3d731bd46fdddedf5322dabf47db2fac8b43669ef59c5df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3df4cb2e3eb19d6c739ae72e2af991516893b0b0bc5eff8441406fd089d5d14
e5e9e3e65da6e1064399f1233fb31e64956110c3edaf899c9417b89814db424e
eb47a5990ad219e756b88a223744334ebe200b32d290102f6c14ff9ac449a685
eeaeafc63739db98a5cac678a6b992a9aafd6332b87406b4e65f85b253719cc3
ef99182f5dedc492884469ec9c35c6e5e3867931135f2c4b0139ea0db356c319
f766fdce2e8676d4711fc605e56b8fa2c93e0fbcde1776f86d64d39174dea46a
f86be55645ba1b65f21b56e5b0307b98df525e189bcf2aaf05229a8d72f0f158
ff0eb6ba21b364d2634724a348d074c729f2f781f6b360f97ae03c17c9a04195