checkout.gymclothesau.com Open in urlscan Pro
104.21.16.1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://checkout.gymclothesau.com/
Submission: On May 28 via api (May 28th 2025, 6:50:17 am UTC) from US — Scanned from PT

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 24 HTTP transactions. The main IP is 104.21.16.1, located in and belongs to CLOUDFLARENET, US. The main domain is checkout.gymclothesau.com.
TLS certificate: Issued by WE1 on May 28th 2025. Valid for: 3 months.

This is the only time checkout.gymclothesau.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	104.21.16.1 104.21.16.1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.18.10 172.217.18.10	15169 (GOOGLE) (GOOGLE)
1	76.76.21.164 76.76.21.164	16509 (AMAZON-02) (AMAZON-02)
2	13.107.253.45 13.107.253.45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	172.67.173.245 172.67.173.245	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	13.74.129.1 13.74.129.1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	150.171.28.10 150.171.28.10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	57.151.77.234 57.151.77.234	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	104.21.112.1 104.21.112.1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	8

7 104.21.16.1 (None, )

ASN13335 (CLOUDFLARENET, US)

checkout.gymclothesau.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 76.76.21.164 (Walnut, United States)

ASN16509 (AMAZON-02, US)

api.blackpayments.pro	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 13.107.253.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

6 172.67.173.245 (United States)

ASN13335 (CLOUDFLARENET, US)

api-compra.rastreio-correio.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 13.74.129.1 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 150.171.28.10 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 57.151.77.234 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

d.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 104.21.112.1 (None, )

ASN13335 (CLOUDFLARENET, US)

s3.ameii.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 764 c.clarity.ms — Cisco Umbrella Rank: 1550 d.clarity.ms — Cisco Umbrella Rank: 9077	33 KB
7	gymclothesau.com checkout.gymclothesau.com	203 KB
6	rastreio-correio.com api-compra.rastreio-correio.com	4 KB
2	ameii.com.br s3.ameii.com.br	10 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 320	771 B
1	blackpayments.pro api.blackpayments.pro	26 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 107	943 B
24	7

	Domain	Requested by
7	checkout.gymclothesau.com	checkout.gymclothesau.com
6	api-compra.rastreio-correio.com	checkout.gymclothesau.com
4	d.clarity.ms	www.clarity.ms
2	s3.ameii.com.br
2	c.clarity.ms	1 redirects
2	www.clarity.ms	checkout.gymclothesau.com www.clarity.ms
1	c.bing.com	1 redirects
1	api.blackpayments.pro	checkout.gymclothesau.com
1	fonts.googleapis.com	checkout.gymclothesau.com
24	9

This site contains no links.

Subject Issuer	Validity	Valid
checkout.gymclothesau.com WE1	`2025-05-28` - `2025-08-26`	3 months	crt.sh
upload.video.google.com WE2	`2025-05-12` - `2025-08-04`	3 months	crt.sh
api.blackpayments.pro R11	`2025-05-08` - `2025-08-06`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
api-compra.rastreio-correio.com WE1	`2025-03-31` - `2025-06-29`	3 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2025-05-21` - `2025-11-17`	6 months	crt.sh
ameii.com.br WE1	`2025-05-25` - `2025-08-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://checkout.gymclothesau.com/
Frame ID: 159F3BA667CBB31C07B2E32CDFAA0CD1
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TENF | Checkout

Detected technologies

Vue.js (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Google Font API (Font scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

24
Requests

96 %
HTTPS

0 %
IPv6

7
Domains

9
Subdomains

8
IPs

3
Countries

276 kB
Transfer

736 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=35BD19DD843A45728DC211D469E81054&RedC=c.clarity.ms&MXFR=27EA569A0DB161BE29C4436009B16F85 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=35BD19DD843A45728DC211D469E81054&MUID=3DD306CB525A6B5A0ACB1331531D6AA3

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
checkout.gymclothesau.com/ 1 KB
1 KB 591ms
358ms Document
text/html 104.21.16.1
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://checkout.gymclothesau.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fdca186c148c34b3f1259909f3a8c13f96726087ded0b4a9be49607f89add6a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 946bd123cac60321-MAD
content-encoding: zstd
content-type: text/html
date: Wed, 28 May 2025 06:50:17 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=LY5RXFXcbyTbY%2BKMGoHmkRBc1F1Ijt3Ro8v1KSlZFMKXQ4EbC99eIbpPvQ5l7TolHUd3hiRGRLBE9eHnNDX%2BYARQtLS91Kcs2qmMFaiyWoaRwMK%2FwEllDy4%3D"}]}
server: cloudflare
vary: Origin accept-encoding

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
943 B 313ms
91ms Stylesheet
text/css 172.217.18.10
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Public+Sans:wght@100..900&display=swap

Requested by

Host: checkout.gymclothesau.com
URL: https://checkout.gymclothesau.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f10.1e100.net

Software

ESF /

Resource Hash

d20f3e50f69cd4e7f8d577e3dc197b0a0841be72dd690aebeeba537299c204ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://checkout.gymclothesau.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 28 May 2025 06:50:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 28 May 2025 06:50:18 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 28 May 2025 06:50:18 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 index-B5U3KwCO.js Show response
checkout.gymclothesau.com/assets/ 498 KB
175 KB 355ms
354ms Script
text/javascript 104.21.16.1
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://checkout.gymclothesau.com/assets/index-B5U3KwCO.js
Requested by: Host: checkout.gymclothesau.com
URL: https://checkout.gymclothesau.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54e59c2fe785a5684c2d123320bf31ae16e8a657813e4a1031b6ecaeed1b1f03

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://checkout.gymclothesau.com
Referer: https://checkout.gymclothesau.com/

Response headers

cache-control: max-age=14400
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"510432-1748381710000"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=fw9hpJzXmXd%2BfB9DBXdrd30iIeFWrjTc%2F8Xi4FvBp3E8qArXmYJmso4MIGWvRpiBCSXZgSVRSzkEp5nk7HYywNu0u1MKujAY0eU8Zz1SEJScCHgUCSyH%2Fo8%3D"}]}
cf-ray: 946bd1261faa0321-MAD
alt-svc: h3=":443"; ma=86400
date: Wed, 28 May 2025 06:50:18 GMT
content-type: text/javascript
last-modified: Tue, 27 May 2025 21:35:10 GMT
vary: Origin, accept-encoding
server: cloudflare

GET
H2 200 index-BnQr31c6.css
checkout.gymclothesau.com/assets/ 80 KB
14 KB 443ms
442ms Stylesheet
text/css 104.21.16.1
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://checkout.gymclothesau.com/assets/index-BnQr31c6.css
Requested by: Host: checkout.gymclothesau.com
URL: https://checkout.gymclothesau.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26d2d53b14f298a9c290983fa5e51e70368f89d18136391aacb694254d9ac158

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://checkout.gymclothesau.com
Referer: https://checkout.gymclothesau.com/

Response headers

nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: max-age=14400
content-encoding: gzip
cf-cache-status: MISS
etag: W/"82092-1748381710000"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=yu47RAPFJyxERq5SgIab6CMRpIEVhaKUQkZvcW%2BLOlk4XdkESVkNRny2ZiAaTIroOoaBs83sUKCw55ZYb4KmbEfseH4XoBN38w27U%2B7HrY9rvDl8cq4v858%3D"}]}
cf-ray: 946bd1261fa90321-MAD
alt-svc: h3=":443"; ma=86400
date: Wed, 28 May 2025 06:50:18 GMT
content-type: text/css
last-modified: Tue, 27 May 2025 21:35:10 GMT
server: cloudflare
vary: Origin, accept-encoding

GET
H2 200 js Show response
api.blackpayments.pro/v1/ 25 KB
26 KB 662ms
418ms Script
text/plain 76.76.21.164
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://api.blackpayments.pro/v1/js

Requested by

Host: checkout.gymclothesau.com
URL: https://checkout.gymclothesau.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

aef4a61bccf99900fa5f18bd5688bcc80959703e52e9d96d2aa857cba09bb699

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://checkout.gymclothesau.com/

Response headers

strict-transport-security: max-age=63072000
cache-control: public, max-age=0, must-revalidate
x-vercel-cache: MISS
etag: "612qymiqzak3m"
age: 0
x-matched-path: /api/v1/js
content-length: 26064
date: Wed, 28 May 2025 06:50:18 GMT
server: Vercel
x-vercel-id: fra1::gru1::gkzw2-1748415018195-4e575aebebdf

GET
H2 200 px07g678gl Show response
www.clarity.ms/tag/ 636 B
1001 B 444ms
168ms Script
application/x-javascript 13.107.253.45
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://www.clarity.ms/tag/px07g678gl
Requested by: Host: checkout.gymclothesau.com
URL: https://checkout.gymclothesau.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.253.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cca52d5b9b4ddeed6bcd3b080b7ea2cf5ce8c70c1dbe822695e1c678479d9cd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://checkout.gymclothesau.com/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 636
date: Wed, 28 May 2025 06:50:19 GMT
content-type: application/x-javascript
x-azure-ref: 20250528T065018Z-1845fb7f5dflstdmhC1PAR1fp00000000dx00000000075g5

OPTIONS
H3 204 customization
api-compra.rastreio-correio.com/ 0
0 590ms
502ms Preflight
text/html 172.67.173.245
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://api-compra.rastreio-correio.com/customization
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.173.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ngrok-skip-browser-warning
Access-Control-Request-Method: GET
Origin: https://checkout.gymclothesau.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: ngrok-skip-browser-warning
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 946bd12b6e8c1a80-MAD
content-type: text/html; charset=UTF-8
date: Wed, 28 May 2025 06:50:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6gMxlp1irV5pqYBTpsc0emOvTQy6311uQe3C%2FNH0Pq8R0H2pWY31C5MNVtTjLooGwNDHMK9tmYSv4l2ZNU596lzSnYhsHRNodEp2ueETsMkwY9MlyhVJFsah6G%2BvJ7rq6fZY1v5wanSFDGyXpByOQwJp"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=62553&min_rtt=62409&rtt_var=7594&sent=11&recv=11&lost=0&retrans=0&sent_bytes=3716&recv_bytes=3312&delivery_rate=45326&cwnd=12000&unsent_bytes=0&cid=dfa6069925f167c9&ts=507&x=80"
vary: Access-Control-Request-Method, Access-Control-Request-Headers

GET
H3 200 customization Show response
api-compra.rastreio-correio.com/ 5 KB
2 KB 468ms
468ms XHR
application/json 172.67.173.245
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://api-compra.rastreio-correio.com/customization
Requested by: Host: checkout.gymclothesau.com
URL: https://checkout.gymclothesau.com/assets/index-B5U3KwCO.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.173.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9203680d5ee838a8b4aa152adef397365126fa21b40772e42e70fd1885d4f9ff

Request headers

ngrok-skip-browser-warning: skip-browser-warning
Referer: https://checkout.gymclothesau.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept: application/json

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: no-cache, private
content-encoding: gzip
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oFlYNUdsaXCYZ%2BX11nXC%2FULXLHe1TQRYt%2FLv9mnRZxX706Vip2V3lbxRRCHDS%2FFN67brSOJvqyU%2BswGHPNQlpceqMxYPYh07Pg0MtnWxx8%2FwY6Hig%2F2omVS8nG86Yluhbs3fcr%2FfkIIHJDePhQIIEfus"}],"group":"cf-nel","max_age":604800}
cf-ray: 946bd12e9e981a80-MAD
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=62539&min_rtt=62409&rtt_var=5722&sent=13&recv=12&lost=0&retrans=0&sent_bytes=4488&recv_bytes=3702&delivery_rate=45326&cwnd=12000&unsent_bytes=0&cid=dfa6069925f167c9&ts=976&x=80"
date: Wed, 28 May 2025 06:50:19 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.8.9/ 71 KB
30 KB 109ms
109ms Script
application/javascript 13.107.253.45
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://www.clarity.ms/s/0.8.9/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/px07g678gl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.107.253.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 084071240372dd7551408ffeb5c5b374d183118aa1e4030419138fbea2551356

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://checkout.gymclothesau.com/

Response headers

x-azure-ref: 20250528T065019Z-1845fb7f5dflstdmhC1PAR1fp00000000dx00000000075gn
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DD9806EE5E13E7"
x-fd-int-roxy-purgeid: 83967209
x-ms-request-id: 7b76c444-701e-003e-1c7d-cab9a4000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Wed, 28 May 2025 06:50:19 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 21 May 2025 01:29:29 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=35BD19DD843A45728DC211D469E81054&RedC=c.clarity.ms&MXFR=27EA569A0DB161BE29C4436009B16F85
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=35BD19DD843A45728DC211D469E81054&MUID=3DD306CB525A6B5A0ACB1331531D6AA3

42 B
443 B

95ms
95ms

Image
image/gif

13.74.129.1
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=35BD19DD843A45728DC211D469E81054&MUID=3DD306CB525A6B5A0ACB1331531D6AA3
Protocol: H2
Server: 13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://checkout.gymclothesau.com/

Response headers

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
etag: "c7681e5694c3db1:0"
accept-ranges: bytes
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 42
date: Wed, 28 May 2025 06:50:19 GMT
content-type: image/gif
last-modified: Mon, 12 May 2025 23:19:40 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

Redirect headers

cache-control: private, no-cache, proxy-revalidate, no-store
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=35BD19DD843A45728DC211D469E81054&MUID=3DD306CB525A6B5A0ACB1331531D6AA3
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0621E691BFFD40D49D6C5C978138FC12 Ref B: PAR02EDGE1007 Ref C: 2025-05-28T06:50:19Z
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 0
date: Wed, 28 May 2025 06:50:19 GMT
x-powered-by: ASP.NET

GET
H3 200 favicon.png
checkout.gymclothesau.com/ 11 KB
12 KB 364ms
364ms Other
image/png 104.21.16.1
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://checkout.gymclothesau.com/favicon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d36317fe38e848320645fe17ce4d01313faeee79486331b648bf82c28d4cf48a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://checkout.gymclothesau.com/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: W/"11295-1748381708000"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FmxelVeelreMk913sRbYUanBGakodMdfVxU3c5aZ%2BqgJT%2FRDYkVRev7Vr2Fv0Q3b6sG%2FgyXvv2%2F86kOrPkaSkL4fbj0OVVNogDJdOAnbigvAW5Y4QZGIJ6BJJzaDfLENcIyd9VirL478nzPj"}],"group":"cf-nel","max_age":604800}
cf-ray: 946bd12e5b48f778-MAD
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=62827&min_rtt=62586&rtt_var=7742&sent=12&recv=10&lost=0&retrans=0&sent_bytes=3796&recv_bytes=3283&delivery_rate=46087&cwnd=12000&unsent_bytes=0&cid=4de0e3c3893420b6&ts=1625&x=80"
content-length: 11295
date: Wed, 28 May 2025 06:50:19 GMT
content-type: image/png
last-modified: Tue, 27 May 2025 21:35:08 GMT
vary: Origin, Accept-Encoding
server: cloudflare

POST
H/1.1 204
No Content collect Show response
d.clarity.ms/ 0
289 B 529ms
169ms XHR
text/plain 57.151.77.234
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.8.9/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 57.151.77.234 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://checkout.gymclothesau.com/

Response headers

Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
Access-Control-Allow-Origin: https://checkout.gymclothesau.com
Date: Wed, 28 May 2025 06:50:19 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

OPTIONS
H3 204 undefined
api-compra.rastreio-correio.com/cart/ 0
0 448ms
448ms Preflight
text/html 172.67.173.245
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://api-compra.rastreio-correio.com/cart/undefined
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.173.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ngrok-skip-browser-warning
Access-Control-Request-Method: GET
Origin: https://checkout.gymclothesau.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: ngrok-skip-browser-warning
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 946bd1318eae1a80-MAD
content-type: text/html; charset=UTF-8
date: Wed, 28 May 2025 06:50:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KJzpMrYHYCcvcA8DSm2PD9GBtLBpkk1thzfnWidcim1%2FQ%2BHt%2FN4WlM2xMtS%2FYe5XzQCptrShSalcG9d1iHSZCPWkKnabAVrAsA9nEgX0YUwPfH41lwDy0e3dq4zOOuffpAdad2u9Cny5tIY3bgwcfdYO"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=62521&min_rtt=62409&rtt_var=3247&sent=17&recv=14&lost=0&retrans=0&sent_bytes=6982&recv_bytes=4115&delivery_rate=45326&cwnd=12000&unsent_bytes=0&cid=dfa6069925f167c9&ts=1429&x=80"
vary: Access-Control-Request-Method, Access-Control-Request-Headers

GET
H3 404 undefined Show response
api-compra.rastreio-correio.com/cart/ 28 B
639 B 400ms
400ms XHR
application/json 172.67.173.245
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://api-compra.rastreio-correio.com/cart/undefined
Requested by: Host: checkout.gymclothesau.com
URL: https://checkout.gymclothesau.com/assets/index-B5U3KwCO.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.173.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03973b51ea499183a26524c44de326a6c4bf30e70fd2c9a6eaf34819092bbd48

Request headers

ngrok-skip-browser-warning: skip-browser-warning
Referer: https://checkout.gymclothesau.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept: application/json

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: no-cache, private
content-encoding: gzip
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nT0ZAQ3mOXDo4TKjPtDmLHdkO41pyM4GFSAHKjFD2eQvprmlXV3AhblSYkYDsY5axuXdVaphCp1E8vel1eQZaSXzHWOkeSYWok5g8zVMdGR9bpkP45lktZmSCFmHUxhhneinWtjPU3mfoPrKja%2BMrAGz"}],"group":"cf-nel","max_age":604800}
cf-ray: 946bd1345eb91a80-MAD
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=62510&min_rtt=62409&rtt_var=2457&sent=19&recv=15&lost=0&retrans=0&sent_bytes=7719&recv_bytes=4507&delivery_rate=45326&cwnd=12000&unsent_bytes=0&cid=dfa6069925f167c9&ts=1830&x=80"
date: Wed, 28 May 2025 06:50:20 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare

GET
H3 200 67d377b6c512c.webp
s3.ameii.com.br/main-bucket/customization-checkout/ 9 KB
10 KB 502ms
433ms Other
image/webp 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://s3.ameii.com.br/main-bucket/customization-checkout/67d377b6c512c.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a954372ae8210f5a9cf6af89791dbe1ff4cc3f9549938921c8366acd2c3d9aa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://checkout.gymclothesau.com/

Response headers

cf-cache-status: MISS
etag: "74354a324dddf56998edecbad06e427b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IHJHXoc0dJ5dJr78JtBjlFkvmrv8ooJf3U3DD5fkF%2Fplayg00Px%2FAUpXI1xgcxCDlT6ck1tbKTgiyzmpDyF23S%2FXQAP78wJxAaIuqIykOV514tMEwtdKiyjzyEvIA3TEnpw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=48593&min_rtt=48370&rtt_var=5946&sent=11&recv=11&lost=0&retrans=0&sent_bytes=3694&recv_bytes=3350&delivery_rate=58310&cwnd=12000&unsent_bytes=0&cid=d632a1bc06315e8b&ts=439&x=80"
date: Wed, 28 May 2025 06:50:20 GMT
content-type: image/webp
last-modified: Fri, 14 Mar 2025 00:26:31 GMT
vary: Origin, Accept-Encoding
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 18439E327F72867B
x-ratelimit-remaining: 4156
accept-ranges: bytes
content-length: 9680
x-xss-protection: 1; mode=block
x-ratelimit-limit: 4156
cf-ray: 946bd131efbcab0d-LIS
server: cloudflare

GET
H3 200 favicon.png
checkout.gymclothesau.com/ 11 KB
0 0ms
0ms Other
image/png 104.21.16.1
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://checkout.gymclothesau.com/favicon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d36317fe38e848320645fe17ce4d01313faeee79486331b648bf82c28d4cf48a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://checkout.gymclothesau.com/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: W/"11295-1748381708000"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FmxelVeelreMk913sRbYUanBGakodMdfVxU3c5aZ%2BqgJT%2FRDYkVRev7Vr2Fv0Q3b6sG%2FgyXvv2%2F86kOrPkaSkL4fbj0OVVNogDJdOAnbigvAW5Y4QZGIJ6BJJzaDfLENcIyd9VirL478nzPj"}],"group":"cf-nel","max_age":604800}
cf-ray: 946bd12e5b48f778-MAD
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=62827&min_rtt=62586&rtt_var=7742&sent=12&recv=10&lost=0&retrans=0&sent_bytes=3796&recv_bytes=3283&delivery_rate=46087&cwnd=12000&unsent_bytes=0&cid=4de0e3c3893420b6&ts=1625&x=80"
content-length: 11295
date: Wed, 28 May 2025 06:50:19 GMT
content-type: image/png
last-modified: Tue, 27 May 2025 21:35:08 GMT
vary: Origin, Accept-Encoding
server: cloudflare

GET
H3 200 pixel Show response
api-compra.rastreio-correio.com/ 2 B
617 B 278ms
278ms XHR
application/json 172.67.173.245
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://api-compra.rastreio-correio.com/pixel
Requested by: Host: checkout.gymclothesau.com
URL: https://checkout.gymclothesau.com/assets/index-B5U3KwCO.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.173.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

ngrok-skip-browser-warning: skip-browser-warning
Referer: https://checkout.gymclothesau.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept: application/json

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: no-cache, private
content-encoding: gzip
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7jBdNtzg5Lxg3EDwKnQnhJ7LpOEx98EY%2BkguKL7sANkH6gdOf%2B6mJvQDsS%2BnQYsyBWCrBU8EgRrD%2FuArw85a5HfG5yelQPwR2o5Ui13Hz8vCIRqa5HogH1Ai2IDAr32vfBArArJXwJQedvHekg6y5m8o"}],"group":"cf-nel","max_age":604800}
cf-ray: 946bd1388ed41a80-MAD
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=62668&min_rtt=62409&rtt_var=1714&sent=23&recv=17&lost=0&retrans=0&sent_bytes=9146&recv_bytes=5257&delivery_rate=45326&cwnd=12000&unsent_bytes=0&cid=dfa6069925f167c9&ts=2382&x=80"
date: Wed, 28 May 2025 06:50:21 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare

OPTIONS
H3 204 pixel
api-compra.rastreio-correio.com/ 0
0 269ms
269ms Preflight
text/html 172.67.173.245
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://api-compra.rastreio-correio.com/pixel
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.173.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ngrok-skip-browser-warning
Access-Control-Request-Method: GET
Origin: https://checkout.gymclothesau.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: ngrok-skip-browser-warning
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 946bd136dec61a80-MAD
content-type: text/html; charset=UTF-8
date: Wed, 28 May 2025 06:50:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pSrFyHIC%2F%2BQhVtlgpD%2FnVX0wDO9a9sJPDFQeT%2FHpIFAUr6NpdO5sHaAfpxabZuI0nP5NnfN%2BWe6dGJGjpxb1DKH3aXbu4001gnLaO9iJC09GQvcUw0UhaAZZzJlI6GvSuV%2BS25IsAThMZXuVB2YbDPKz"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=62506&min_rtt=62409&rtt_var=1852&sent=21&recv=16&lost=0&retrans=0&sent_bytes=8404&recv_bytes=4871&delivery_rate=45326&cwnd=12000&unsent_bytes=0&cid=dfa6069925f167c9&ts=2103&x=80"
vary: Access-Control-Request-Method, Access-Control-Request-Headers

POST
H/1.1 204
No Content collect Show response
d.clarity.ms/ 0
289 B 167ms
165ms XHR
text/plain 57.151.77.234
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.8.9/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 57.151.77.234 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://checkout.gymclothesau.com/

Response headers

Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
Access-Control-Allow-Origin: https://checkout.gymclothesau.com
Date: Wed, 28 May 2025 06:50:20 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H3 200 NoCart-B04OEKPq.js Show response
checkout.gymclothesau.com/assets/ 471 B
991 B 352ms
351ms Script
text/javascript 104.21.16.1
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://checkout.gymclothesau.com/assets/NoCart-B04OEKPq.js
Requested by: Host: checkout.gymclothesau.com
URL: https://checkout.gymclothesau.com/assets/index-B5U3KwCO.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e38d6079ea685546c9ac499422b9443a11e01015c79a36bcbfbe959dae89327c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Origin: https://checkout.gymclothesau.com
Referer: https://checkout.gymclothesau.com/assets/index-B5U3KwCO.js

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=14400
content-encoding: zstd
cf-cache-status: MISS
etag: W/"471-1748381710000"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zLYImEkY9sVYnbLEOGPilfQEr%2B%2BEBmNo%2BirUm8y8jP92aa7QzDUXxPY2zKNj%2F08lXg3XFstfQjlvaavBFHlUR7%2FR6OnXwfuaICORIBqJjDQixkUHrHnNmB2KTK7U8Ob29X7FTeScKP%2FkQWnf"}],"group":"cf-nel","max_age":604800}
cf-ray: 946bd13a4be7f778-MAD
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=63483&min_rtt=62586&rtt_var=2075&sent=25&recv=18&lost=0&retrans=0&sent_bytes=16074&recv_bytes=4015&delivery_rate=131865&cwnd=13200&unsent_bytes=0&cid=4de0e3c3893420b6&ts=3523&x=80"
date: Wed, 28 May 2025 06:50:21 GMT
content-type: text/javascript
last-modified: Tue, 27 May 2025 21:35:10 GMT
vary: Origin, Accept-Encoding
server: cloudflare

POST
H/1.1 204
No Content collect
d.clarity.ms/ 0
289 B 166ms
165ms Ping
text/plain 57.151.77.234
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.8.9/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 57.151.77.234 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://checkout.gymclothesau.com/

Response headers

Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
Access-Control-Allow-Origin: https://checkout.gymclothesau.com
Date: Wed, 28 May 2025 06:50:21 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H3 200 67d377b6c512c.webp
s3.ameii.com.br/main-bucket/customization-checkout/ 9 KB
0 1ms
1ms Other
image/webp 104.21.112.1
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://s3.ameii.com.br/main-bucket/customization-checkout/67d377b6c512c.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.112.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a954372ae8210f5a9cf6af89791dbe1ff4cc3f9549938921c8366acd2c3d9aa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://checkout.gymclothesau.com/

Response headers

cf-cache-status: MISS
etag: "74354a324dddf56998edecbad06e427b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IHJHXoc0dJ5dJr78JtBjlFkvmrv8ooJf3U3DD5fkF%2Fplayg00Px%2FAUpXI1xgcxCDlT6ck1tbKTgiyzmpDyF23S%2FXQAP78wJxAaIuqIykOV514tMEwtdKiyjzyEvIA3TEnpw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=48593&min_rtt=48370&rtt_var=5946&sent=11&recv=11&lost=0&retrans=0&sent_bytes=3694&recv_bytes=3350&delivery_rate=58310&cwnd=12000&unsent_bytes=0&cid=d632a1bc06315e8b&ts=439&x=80"
date: Wed, 28 May 2025 06:50:20 GMT
content-type: image/webp
last-modified: Fri, 14 Mar 2025 00:26:31 GMT
vary: Origin, Accept-Encoding
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 18439E327F72867B
x-ratelimit-remaining: 4156
accept-ranges: bytes
content-length: 9680
x-xss-protection: 1; mode=block
x-ratelimit-limit: 4156
cf-ray: 946bd131efbcab0d-LIS
server: cloudflare

GET
H3 200 favicon.png
checkout.gymclothesau.com/ 11 KB
0 0ms
0ms Other
image/png 104.21.16.1
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://checkout.gymclothesau.com/favicon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d36317fe38e848320645fe17ce4d01313faeee79486331b648bf82c28d4cf48a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Referer: https://checkout.gymclothesau.com/not-found

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: W/"11295-1748381708000"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FmxelVeelreMk913sRbYUanBGakodMdfVxU3c5aZ%2BqgJT%2FRDYkVRev7Vr2Fv0Q3b6sG%2FgyXvv2%2F86kOrPkaSkL4fbj0OVVNogDJdOAnbigvAW5Y4QZGIJ6BJJzaDfLENcIyd9VirL478nzPj"}],"group":"cf-nel","max_age":604800}
cf-ray: 946bd12e5b48f778-MAD
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=62827&min_rtt=62586&rtt_var=7742&sent=12&recv=10&lost=0&retrans=0&sent_bytes=3796&recv_bytes=3283&delivery_rate=46087&cwnd=12000&unsent_bytes=0&cid=4de0e3c3893420b6&ts=1625&x=80"
content-length: 11295
date: Wed, 28 May 2025 06:50:19 GMT
content-type: image/png
last-modified: Tue, 27 May 2025 21:35:08 GMT
vary: Origin, Accept-Encoding
server: cloudflare

POST
H/1.1 204
No Content collect Show response
d.clarity.ms/ 0
289 B 181ms
179ms XHR
text/plain 57.151.77.234
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://d.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.8.9/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 57.151.77.234 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://checkout.gymclothesau.com/

Response headers

Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
Access-Control-Allow-Origin: https://checkout.gymclothesau.com
Date: Wed, 28 May 2025 06:50:21 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

Verdicts & Comments Add Verdict or Comment

24 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.clarity.ms/	1970-01-21 14:25:51	Name: CLID Value: 992e5df460574c63ad84d2debfc54a7e.20250528.20260528
.gymclothesau.com/	1970-01-21 14:25:51	Name: _clck Value: mex8qa%7C2%7Cfwa%7C0%7C1974
.bing.com/	1970-01-21 15:01:51	Name: MUID Value: 3DD306CB525A6B5A0ACB1331531D6AA3
.c.bing.com/	1970-01-21 05:50:19	Name: MR Value: 0
.c.bing.com/	1970-01-21 15:01:51	Name: SRM_B Value: 3DD306CB525A6B5A0ACB1331531D6AA3
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 15:01:51	Name: MUID Value: 3DD306CB525A6B5A0ACB1331531D6AA3
.c.clarity.ms/	1970-01-21 05:50:19	Name: MR Value: 0
.c.clarity.ms/	1970-01-21 05:40:15	Name: ANONCHK Value: 0
.gymclothesau.com/	1970-01-21 05:41:41	Name: _clsk Value: 1mv4e1e%7C1748415022021%7C2%7C1%7Cd.clarity.ms%2Fcollect

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api-compra.rastreio-correio.com/cart/undefined Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-compra.rastreio-correio.com
api.blackpayments.pro
c.bing.com
c.clarity.ms
checkout.gymclothesau.com
d.clarity.ms
fonts.googleapis.com
s3.ameii.com.br
www.clarity.ms
104.21.112.1
104.21.16.1
13.107.253.45
13.74.129.1
150.171.28.10
172.217.18.10
172.67.173.245
57.151.77.234
76.76.21.164
03973b51ea499183a26524c44de326a6c4bf30e70fd2c9a6eaf34819092bbd48
084071240372dd7551408ffeb5c5b374d183118aa1e4030419138fbea2551356
26d2d53b14f298a9c290983fa5e51e70368f89d18136391aacb694254d9ac158
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
54e59c2fe785a5684c2d123320bf31ae16e8a657813e4a1031b6ecaeed1b1f03
8fdca186c148c34b3f1259909f3a8c13f96726087ded0b4a9be49607f89add6a
9203680d5ee838a8b4aa152adef397365126fa21b40772e42e70fd1885d4f9ff
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a954372ae8210f5a9cf6af89791dbe1ff4cc3f9549938921c8366acd2c3d9aa1
aef4a61bccf99900fa5f18bd5688bcc80959703e52e9d96d2aa857cba09bb699
cca52d5b9b4ddeed6bcd3b080b7ea2cf5ce8c70c1dbe822695e1c678479d9cd7
d20f3e50f69cd4e7f8d577e3dc197b0a0841be72dd690aebeeba537299c204ec
d36317fe38e848320645fe17ce4d01313faeee79486331b648bf82c28d4cf48a
e38d6079ea685546c9ac499422b9443a11e01015c79a36bcbfbe959dae89327c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

checkout.gymclothesau.com Open in urlscan Pro 104.21.16.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

24 Requests

96 %HTTPS

0 %IPv6

7 Domains

9 Subdomains

8 IPs

3 Countries

276 kBTransfer

736 kBSize

10 Cookies

0 Outgoing links

Redirected requests

24 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

24 JavaScript Window variables

10 Cookies

1 Console Messages

Indicators

checkout.gymclothesau.com Open in urlscan Pro
104.21.16.1 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

96 %
HTTPS

0 %
IPv6

7
Domains

9
Subdomains

8
IPs

3
Countries

276 kB
Transfer

736 kB
Size

10
Cookies

24 HTTP transactions
0 data transactions