urlscan.io logo urlscan.io
SecurityTrails logo

btoes.regfox.com Open in urlscan Pro
104.18.23.85  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://insights.btoes.com/e3t/Ctc/P+113/c32Dm04/VX9g0q6jNY39W16hqh9179cQXW5l3Nw35KmjJjN4vJDL83lYM-W6N1vHY6lZ3p8W7ZLKTs1bGH...
Effective URL: https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7Atw...
Submission: On February 11 via manual from PK — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 3 countries across 17 domains to perform 56 HTTP transactions. The main IP is 104.18.23.85, located in Ascension Island and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is btoes.regfox.com.
TLS certificate: Issued by WE1 on January 28th 2026. Valid for: 3 months.
This is the only time btoes.regfox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 199.60.103.2 209242 (CLOUDFLAR...)
1 15 104.18.23.85 13335 (CLOUDFLAR...)
2 172.217.20.138 15169 (GOOGLE)
3 104.18.10.207 13335 (CLOUDFLAR...)
2 142.251.127.97 15169 (GOOGLE)
2 17.253.15.142 6185 (APPLE-AUSTIN)
2 185.199.110.153 54113 (FASTLY)
1 65.8.131.32 16509 (AMAZON-02)
2 52.222.136.107 16509 (AMAZON-02)
1 104.16.79.73 13335 (CLOUDFLAR...)
1 184.24.77.156 20940 (AKAMAI-AS...)
1 184.24.77.154 20940 (AKAMAI-AS...)
1 142.251.143.99 15169 (GOOGLE)
2 216.239.32.36 15169 (GOOGLE)
2 157.240.0.6 32934 (FACEBOOK)
1 100.21.144.172 16509 (AMAZON-02)
2 146.75.116.157 54113 (FASTLY)
8 52.222.136.90 16509 (AMAZON-02)
1 162.159.140.229 13335 (CLOUDFLAR...)
1 157.240.0.35 32934 (FACEBOOK)
2 151.101.192.176 54113 (FASTLY)
1 54.213.185.99 16509 (AMAZON-02)
3 54.186.23.98 16509 (AMAZON-02)
56 24
2    199.60.103.2 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)
insights.btoes.com
15    104.18.23.85 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
btoes.regfox.com
cdn.uploads.webconnex.com
2    172.217.20.138 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: lcfraa-bo-in-f10.1e100.net
fonts.googleapis.com
3    104.18.10.207 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
netdna.bootstrapcdn.com
2    142.251.127.97 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: lcfrai-in-f97.1e100.net
www.googletagmanager.com
2    17.253.15.142 (Frankfurt am Main, Germany)

ASN6185 (APPLE-AUSTIN - Apple Inc., US)
PTR: defra1-vip-fx-106.b.aaplimg.com
applepay.cdn-apple.com
2    185.199.110.153 (United States)

ASN54113 (FASTLY - Fastly, Inc., US)
PTR: cdn-185-199-110-153.github.com
purecatamphetamine.github.io
1    65.8.131.32 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-65-8-131-32.fra60.r.cloudfront.net
images.webconnex.com
2    52.222.136.107 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-136-107.fra50.r.cloudfront.net
js.stripe.com
1    104.16.79.73 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
static.cloudflareinsights.com
1    184.24.77.156 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a184-24-77-156.deploy.static.akamaitechnologies.com
use.typekit.net
1    184.24.77.154 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a184-24-77-154.deploy.static.akamaitechnologies.com
p.typekit.net
1    142.251.143.99 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: lcfraa-bu-in-f3.1e100.net
fonts.gstatic.com
2    216.239.32.36 (United States)

ASN15169 (GOOGLE - Google LLC, US)
region1.google-analytics.com
2    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK - Facebook, Inc., US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
1    100.21.144.172 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-100-21-144-172.us-west-2.compute.amazonaws.com
bouncer.webconnex.com
2    146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, Inc., US)
platform.twitter.com
8    52.222.136.90 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-136-90.fra50.r.cloudfront.net
js.stripe.com
1    162.159.140.229 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
syndication.twitter.com
1    157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK - Facebook, Inc., US)
PTR: edge-star-mini-shv-02-fra3.facebook.com
www.facebook.com
2    151.101.192.176 (United States)

ASN54113 (FASTLY - Fastly, Inc., US)
m.stripe.network
1    54.213.185.99 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-213-185-99.us-west-2.compute.amazonaws.com
m.stripe.com
3    54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ip-54-186-23-98.stripe.com
r.stripe.com
Apex Domain
Subdomains		 Transfer
14 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2167
m.stripe.com — Cisco Umbrella Rank: 2118
r.stripe.com — Cisco Umbrella Rank: 4471
663 KB
13 regfox.com
btoes.regfox.com
824 KB
4 webconnex.com
cdn.uploads.webconnex.com — Cisco Umbrella Rank: 420571
images.webconnex.com — Cisco Umbrella Rank: 514853
bouncer.webconnex.com — Cisco Umbrella Rank: 558040
1 MB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 2969
syndication.twitter.com — Cisco Umbrella Rank: 3593
132 KB
3 bootstrapcdn.com
netdna.bootstrapcdn.com — Cisco Umbrella Rank: 11792
101 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 2462
15 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 306
83 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3239
2 typekit.net
use.typekit.net — Cisco Umbrella Rank: 1058
p.typekit.net — Cisco Umbrella Rank: 1362
1 KB
2 github.io
purecatamphetamine.github.io — Cisco Umbrella Rank: 46248
886 B
2 cdn-apple.com
applepay.cdn-apple.com — Cisco Umbrella Rank: 9162
18 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 99
225 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 124
4 KB
2 btoes.com
insights.btoes.com
4 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 143
107 B
1 gstatic.com
fonts.gstatic.com
49 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 420
7 KB
56 17
Domain Requested by
13 btoes.regfox.com 1 redirects insights.btoes.com
btoes.regfox.com
static.cloudflareinsights.com
10 js.stripe.com btoes.regfox.com
js.stripe.com
3 r.stripe.com js.stripe.com
3 netdna.bootstrapcdn.com btoes.regfox.com
netdna.bootstrapcdn.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 platform.twitter.com btoes.regfox.com
platform.twitter.com
2 connect.facebook.net btoes.regfox.com
connect.facebook.net
2 region1.google-analytics.com www.googletagmanager.com
2 purecatamphetamine.github.io btoes.regfox.com
2 cdn.uploads.webconnex.com btoes.regfox.com
2 applepay.cdn-apple.com btoes.regfox.com
2 www.googletagmanager.com btoes.regfox.com
www.googletagmanager.com
2 fonts.googleapis.com btoes.regfox.com
2 insights.btoes.com 1 redirects
1 m.stripe.com m.stripe.network
1 www.facebook.com connect.facebook.net
1 syndication.twitter.com platform.twitter.com
1 bouncer.webconnex.com btoes.regfox.com
1 fonts.gstatic.com fonts.googleapis.com
1 p.typekit.net use.typekit.net
1 use.typekit.net btoes.regfox.com
1 static.cloudflareinsights.com btoes.regfox.com
1 images.webconnex.com btoes.regfox.com
56 23

This site contains links to these domains. Also see Links.

Domain
www.regfox.com
Subject Issuer Validity Valid
insights.btoes.com
WE1		 2025-12-27 -
2026-03-27		 3 months crt.sh
regfox.com
WE1		 2026-01-28 -
2026-04-28		 3 months crt.sh
upload.video.google.com
WE2		 2026-01-26 -
2026-04-20		 3 months crt.sh
bootstrapcdn.com
WE1		 2026-01-05 -
2026-04-05		 3 months crt.sh
*.google-analytics.com
WE2		 2026-01-26 -
2026-04-20		 3 months crt.sh
pay.apple.com
Apple Public Server ECC CA 11 - G1		 2026-01-19 -
2026-04-14		 3 months crt.sh
cdn.uploads.webconnex.com
E7		 2025-12-29 -
2026-03-29		 3 months crt.sh
*.github.io
Sectigo RSA Domain Validation Secure Server CA		 2025-03-07 -
2026-03-07		 a year crt.sh
*.webconnex.com
Amazon RSA 2048 M02		 2025-06-01 -
2026-06-30		 a year crt.sh
a.stripecdn.com
DigiCert EV RSA CA G2		 2026-01-29 -
2026-04-30		 3 months crt.sh
cloudflareinsights.com
WE1		 2025-12-20 -
2026-03-20		 3 months crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-12-12 -
2027-01-12		 a year crt.sh
*.gstatic.com
WE2		 2026-01-26 -
2026-04-20		 3 months crt.sh
*.facebook.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-11-20 -
2026-02-18		 3 months crt.sh
*.twimg.com
R12		 2026-02-02 -
2026-05-03		 3 months crt.sh
twitter.com
E7		 2026-02-01 -
2026-05-02		 3 months crt.sh
m.stripe.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2026-01-23 -
2026-05-07		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2026-01-21 -
2026-04-14		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm_source=hs_email
Frame ID: 317156AE0299C044E9DDC5C08B9D0044
Requests: 39 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-64233e3799cab7a991a4d07c0dba766d.html
Frame ID: 28649E53E3DF97AD68F390BA292A8058
Requests: 9 HTTP requests in this frame

Frame: https://btoes.regfox.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/d251aa49a8a3/main.js
Frame ID: DF3A3AE7EF69D0A41A5530E229677A9D
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fbtoes.regfox.com
Frame ID: 4ABAAD8973CA4D834320A797E275E882
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=474623162669917&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd3ccc7381f85f812%26domain%3Dbtoes.regfox.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbtoes.regfox.com%252Fff564a10854192e7d%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fbtoes.com%2Fhome&layout=standard&locale=en_US&sdk=joey&size=small
Frame ID: A4C55668D4593D8A00C509CD01B3F2E1
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 492A45C98EF7613DA48CC9E755D72607
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 30C85227B4BC2E203FBF7A54DFC20AAA
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BTOES

Page URL History Show full URLs

  1. https://insights.btoes.com/e3t/Ctc/P+113/c32Dm04/VX9g0q6jNY39W16hqh9179cQXW5l3Nw35KmjJjN4vJDL83lYM-W6N1... Page URL
  2. https://insights.btoes.com/events/public/v1/encoded/track/tc/P+113/c32Dm04/VX9g0q6jNY39W16hqh9179cQXW5l... HTTP 307
    https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IW... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>-]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • \.googletagmanager\.com/
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns

Page Statistics

56
Requests

98 %
HTTPS

0 %
IPv6

17
Domains

23
Subdomains

24
IPs

3
Countries

3182 kB
Transfer

8897 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://insights.btoes.com/e3t/Ctc/P+113/c32Dm04/VX9g0q6jNY39W16hqh9179cQXW5l3Nw35KmjJjN4vJDL83lYM-W6N1vHY6lZ3p8W7ZLKTs1bGHLPW4LFN551_gKsSW5DpK4G4lP5gtW5X_61H1LkyRWW51kHmz2_CYHyN44R52HvkwHTW2Kxdhy78kG3_W631B2T5_jCyLW3D-dYw4j6f16W19yPQ39lMPJ4W8yFf2g7glW6WW2kR48M3lKHn0W6nbNVj4t4v-cW4PnTmx9jrWYSW17Jslh4RflpTW245cZV5YzK25W6MrSF38m7sCgW55ChdL34X9gwW1ylT8k7dT9l5VG76RH17BDK8W5cxYCy94xxG6W7-vyBj5lyX_Yf1d8qMs04 Page URL
  2. https://insights.btoes.com/events/public/v1/encoded/track/tc/P+113/c32Dm04/VX9g0q6jNY39W16hqh9179cQXW5l3Nw35KmjJjN4vJDL83lYM-W6N1vHY6lZ3p8W7ZLKTs1bGHLPW4LFN551_gKsSW5DpK4G4lP5gtW5X_61H1LkyRWW51kHmz2_CYHyN44R52HvkwHTW2Kxdhy78kG3_W631B2T5_jCyLW3D-dYw4j6f16W19yPQ39lMPJ4W8yFf2g7glW6WW2kR48M3lKHn0W6nbNVj4t4v-cW4PnTmx9jrWYSW17Jslh4RflpTW245cZV5YzK25W6MrSF38m7sCgW55ChdL34X9gwW1ylT8k7dT9l5VG76RH17BDK8W5cxYCy94xxG6W7-vyBj5lyX_Yf1d8qMs04?_ud=f872d94f-cc6c-4c0a-ae7b-1535dc2ebf56&_jss=1&_fl=8&_pl=5&_hc=30&_lg=en-US,en&_plt=Linux%20x86_64&_scr=1600,1200 HTTP 307
    https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://btoes.regfox.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://btoes.regfox.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/d251aa49a8a3/main.js

56 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VX9g0q6jNY39W16hqh9179cQXW5l3Nw35KmjJjN4vJDL83lYM-W6N1vHY6lZ3p8W7ZLKTs1bGHLPW4LFN551_gKsSW5DpK4G4lP5gtW5X_61H1LkyRWW51kHmz2_CYHyN44R52HvkwHTW2Kxdhy78kG3_W631B2T5_jCyLW3D-dYw4j6f16W19yPQ39lMPJ4W8yFf...
insights.btoes.com/e3t/Ctc/P+113/c32Dm04/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://insights.btoes.com/e3t/Ctc/P+113/c32Dm04/VX9g0q6jNY39W16hqh9179cQXW5l3Nw35KmjJjN4vJDL83lYM-W6N1vHY6lZ3p8W7ZLKTs1bGHLPW4LFN551_gKsSW5DpK4G4lP5gtW5X_61H1LkyRWW51kHmz2_CYHyN44R52HvkwHTW2Kxdhy78kG3_W631B2T5_jCyLW3D-dYw4j6f16W19yPQ39lMPJ4W8yFf2g7glW6WW2kR48M3lKHn0W6nbNVj4t4v-cW4PnTmx9jrWYSW17Jslh4RflpTW245cZV5YzK25W6MrSF38m7sCgW55ChdL34X9gwW1ylT8k7dT9l5VG76RH17BDK8W5cxYCy94xxG6W7-vyBj5lyX_Yf1d8qMs04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
199.60.103.2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
false
alt-svc
h3=":443"; ma=86400
cf-cache-status
MISS
cf-ray
9cc155615c480cf2-FRA
content-encoding
br
content-type
text/html;charset=utf-8
date
Wed, 11 Feb 2026 05:09:20 GMT
last-modified
Wed, 11 Feb 2026 05:09:20 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a8UNwB1BS7p%2FPIdKgxVsnCUt8%2FdoR%2Fy0YAs%2FiI94F1ZBB9U9A0E6HX1Qtz2VpwrDIrZkHpzyoHMye7hYU5lfbibP3WaXwaCCuZ4%2Fdcj8JDJXMFtlnTBirY%2BRhAUbHqmH88xtcg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfExtPri
strict-transport-security
max-age=31536000
vary
origin, Accept-Encoding
x-content-type-options
nosniff
x-hs-cfworker-meta
{"resolver":"EventTrackingResolver"}
x-hs-portal-id
480025
x-hubspot-correlation-id
15fd0c08-d5f7-48f3-938c-7ea14e1158bf
x-robots-tag
none
Primary Request btoes
btoes.regfox.com/
Redirect Chain
  • https://insights.btoes.com/events/public/v1/encoded/track/tc/P+113/c32Dm04/VX9g0q6jNY39W16hqh9179cQXW5l3Nw35KmjJjN4vJDL83lYM-W6N1vHY6lZ3p8W7ZLKTs1bGHLPW4LFN551_gKsSW5DpK4G4lP5gtW5X_61H1LkyRWW51kHmz...
  • https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm...
175 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm_source=hs_email
Requested by
Host: insights.btoes.com
URL: https://insights.btoes.com/e3t/Ctc/P+113/c32Dm04/VX9g0q6jNY39W16hqh9179cQXW5l3Nw35KmjJjN4vJDL83lYM-W6N1vHY6lZ3p8W7ZLKTs1bGHLPW4LFN551_gKsSW5DpK4G4lP5gtW5X_61H1LkyRWW51kHmz2_CYHyN44R52HvkwHTW2Kxdhy78kG3_W631B2T5_jCyLW3D-dYw4j6f16W19yPQ39lMPJ4W8yFf2g7glW6WW2kR48M3lKHn0W6nbNVj4t4v-cW4PnTmx9jrWYSW17Jslh4RflpTW245cZV5YzK25W6MrSF38m7sCgW55ChdL34X9gwW1ylT8k7dT9l5VG76RH17BDK8W5cxYCy94xxG6W7-vyBj5lyX_Yf1d8qMs04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.85 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d3ac0da4c8dbe42b096eb07e32a58d3a59e95934863762df260d36dfca36c6eb
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://insights.btoes.com/e3t/Ctc/P+113/c32Dm04/VX9g0q6jNY39W16hqh9179cQXW5l3Nw35KmjJjN4vJDL83lYM-W6N1vHY6lZ3p8W7ZLKTs1bGHLPW4LFN551_gKsSW5DpK4G4lP5gtW5X_61H1LkyRWW51kHmz2_CYHyN44R52HvkwHTW2Kxdhy78kG3_W631B2T5_jCyLW3D-dYw4j6f16W19yPQ39lMPJ4W8yFf2g7glW6WW2kR48M3lKHn0W6nbNVj4t4v-cW4PnTmx9jrWYSW17Jslh4RflpTW245cZV5YzK25W6MrSF38m7sCgW55ChdL34X9gwW1ylT8k7dT9l5VG76RH17BDK8W5cxYCy94xxG6W7-vyBj5lyX_Yf1d8qMs04
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
9cc15564ed8d9bbf-FRA
content-encoding
br
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' google.com *.google.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.doubleclick.net applepay.cdn-apple.com *.stripe.com *.adyen.com *.wepay.com *.klarnacdn.net *.twitter.com *.x.com *.facebook.com *.facebook.net *.datadoghq.com *.cloudflareinsights.com *.clarity.ms *.tiktok.com *.tiktokw.us *.ttwstatic.com *.bing.com *.licdn.com *.linkedin.com *.sc-static.net *.snapchat.com *.pinterest.com *.pinimg.com *.braintreegateway.com *.braintree-api.com *.paypal.com *.paypalobjects.com unpkg.com *.jsdelivr.net *.cloudflare.com *.polyfill.io *.hsforms.net *.hs-scripts.com *.hs-analytics.net *.hubspot.com *.hscollectedforms.net *.webflow.com *.website-files.com *.plyr.io *.vimeo.com *.vimeocdn.com *.youtube.com *.ytimg.com *.twimg.com challenges.cloudflare.com *.fontawesome.com *.paybright.com *.sentry.io *.sentry-cdn.com *.razorpay.com *.mapbox.com *.amazonaws.com *.thetradedesk.com *.adsrvr.org *.rlcdn.com *.pippio.com *.agkn.com *.everesttech.net *.demdex.net *.heapanalytics.com *.segment.com *.segment.io *.pingdom.net *.mouseflow.com *.mxpnl.com *.mixpanel.com *.usefathom.com *.enegel.ai *.promolayer.io *.run.app *.statuspage.io *.simpli.fi code.jquery.com *.clickcease.com *.thehotelsnetwork.com *.verygoodproxy.com *.tambourine.com *.mountain.com *.logwork.com samsung.com *.samsung.com pay.google.com *.squarespace-cdn.com *.uploads.webconnex.com; style-src * 'unsafe-inline'; img-src * data: blob:; font-src * data:; media-src * data: blob:; connect-src 'self' google.com *.google.com *.google-analytics.com *.analytics.google.com *.facebook.com *.facebook.net *.stripe.com *.adyen.com *.webconnex.com *.webconnex.io *.uploads.webconnex.com api.purchaseprotection.com dev.triorewards.com member.usatriathlon.org *.amazonaws.com *.datadoghq.com *.clarity.ms *.cloudflareinsights.com *.tiktok.com *.tiktokw.us *.sc-static.net *.snapchat.com *.linkedin.com *.licdn.com *.twitter.com *.twimg.com *.x.com *.pinterest.com *.braintreegateway.com *.braintree-api.com *.paypal.com *.paypalobjects.com *.bing.com *.youtube.com *.ytimg.com *.hsforms.net *.hubspot.com *.hs-analytics.net *.hscollectedforms.net *.webflow.com *.sentry.io *.ingest.sentry.io *.mapbox.com *.thetradedesk.com *.adsrvr.org *.rlcdn.com *.pippio.com *.agkn.com *.doubleclick.net *.everesttech.net *.demdex.net *.vimeo.com *.vimeocdn.com *.heapanalytics.com *.segment.com *.segment.io *.mxpnl.com *.mixpanel.com *.mouseflow.com *.usefathom.com *.calendly.com *.razorpay.com wss://*.pusher.com *.criteo.com *.pingdom.net *.enegel.ai wss://*.enegel.ai *.peakdigital.cloud *.promolayer.io *.run.app *.stape.us *.shopifysvc.com *.googleapis.com *.simpli.fi *.clickcease.com *.thehotelsnetwork.com *.verygoodproxy.com *.mountain.com samsung.com *.samsung.com pay.google.com *.pinimg.com wss://*.webconnex.com; frame-src 'self' google.com *.google.com *.stripe.com *.adyen.com member.usatriathlon.org *.youtube.com *.youtube-nocookie.com *.vimeo.com *.braintreegateway.com *.paypal.com *.paypalobjects.com *.twitter.com *.x.com *.facebook.com *.facebook.net *.pinterest.com *.doubleclick.net challenges.cloudflare.com *.razorpay.com *.paybright.com *.webflow.com *.hsforms.net *.calendly.com *.spotify.com *.statuspage.io *.logwork.com; object-src 'none'; base-uri 'self'; form-action 'self'; report-to browser-intake-datadoghq
content-type
text/html; charset=utf-8
date
Wed, 11 Feb 2026 05:09:21 GMT
reporting-endpoints
browser-intake-datadoghq="https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub45cd674fc217697f6b7c7995f7225a7b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddenv=prod"
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC" cfEdge;dur=156,cfOrigin;dur=118
speculation-rules
"/cdn-cgi/speculation"
strict-transport-security
max-age=0; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-powered-by
Express
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-credentials
false
alt-svc
h3=":443"; ma=86400
cf-cache-status
MISS
cf-ray
9cc15562be0e0cf2-FRA
date
Wed, 11 Feb 2026 05:09:20 GMT
link
<https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm_source=hs_email>; rel="canonical"
location
https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm_source=hs_email
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=78%2FW9NRxWgCzVIu5vTnonz%2FPQ746IpsDanT2XZY69tqal69VEKotmp7oRMqd98zJoKMSe%2BiV8kwltW0ZYHSlSgdRUxc4sNFSjgI1%2BTxCbkC7m6%2B%2BatdLgxFKP%2BJPXJc3az1ONQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfExtPri
strict-transport-security
max-age=31536000
vary
origin, Accept-Encoding
x-content-type-options
nosniff
x-hs-cfworker-meta
{"resolver":"EventTrackingResolver"}
x-hs-portal-id
480025
x-hubspot-correlation-id
47580d02-12f7-48fc-8856-771565a9b82e
x-robots-tag
none
speculation
btoes.regfox.com/cdn-cgi/ 		128 B
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://btoes.regfox.com/cdn-cgi/speculation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.85 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Origin
https://btoes.regfox.com
Referer
https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm_source=hs_email

Response headers

strict-transport-security
max-age=0; includeSubDomains
reporting-endpoints
browser-intake-datadoghq="https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub45cd674fc217697f6b7c7995f7225a7b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddenv=prod"
speculation-rules
"/cdn-cgi/speculation"
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' google.com *.google.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.doubleclick.net applepay.cdn-apple.com *.stripe.com *.adyen.com *.wepay.com *.klarnacdn.net *.twitter.com *.x.com *.facebook.com *.facebook.net *.datadoghq.com *.cloudflareinsights.com *.clarity.ms *.tiktok.com *.tiktokw.us *.ttwstatic.com *.bing.com *.licdn.com *.linkedin.com *.sc-static.net *.snapchat.com *.pinterest.com *.pinimg.com *.braintreegateway.com *.braintree-api.com *.paypal.com *.paypalobjects.com unpkg.com *.jsdelivr.net *.cloudflare.com *.polyfill.io *.hsforms.net *.hs-scripts.com *.hs-analytics.net *.hubspot.com *.hscollectedforms.net *.webflow.com *.website-files.com *.plyr.io *.vimeo.com *.vimeocdn.com *.youtube.com *.ytimg.com *.twimg.com challenges.cloudflare.com *.fontawesome.com *.paybright.com *.sentry.io *.sentry-cdn.com *.razorpay.com *.mapbox.com *.amazonaws.com *.thetradedesk.com *.adsrvr.org *.rlcdn.com *.pippio.com *.agkn.com *.everesttech.net *.demdex.net *.heapanalytics.com *.segment.com *.segment.io *.pingdom.net *.mouseflow.com *.mxpnl.com *.mixpanel.com *.usefathom.com *.enegel.ai *.promolayer.io *.run.app *.statuspage.io *.simpli.fi code.jquery.com *.clickcease.com *.thehotelsnetwork.com *.verygoodproxy.com *.tambourine.com *.mountain.com *.logwork.com samsung.com *.samsung.com pay.google.com *.squarespace-cdn.com *.uploads.webconnex.com; style-src * 'unsafe-inline'; img-src * data: blob:; font-src * data:; media-src * data: blob:; connect-src 'self' google.com *.google.com *.google-analytics.com *.analytics.google.com *.facebook.com *.facebook.net *.stripe.com *.adyen.com *.webconnex.com *.webconnex.io *.uploads.webconnex.com api.purchaseprotection.com dev.triorewards.com member.usatriathlon.org *.amazonaws.com *.datadoghq.com *.clarity.ms *.cloudflareinsights.com *.tiktok.com *.tiktokw.us *.sc-static.net *.snapchat.com *.linkedin.com *.licdn.com *.twitter.com *.twimg.com *.x.com *.pinterest.com *.braintreegateway.com *.braintree-api.com *.paypal.com *.paypalobjects.com *.bing.com *.youtube.com *.ytimg.com *.hsforms.net *.hubspot.com *.hs-analytics.net *.hscollectedforms.net *.webflow.com *.sentry.io *.ingest.sentry.io *.mapbox.com *.thetradedesk.com *.adsrvr.org *.rlcdn.com *.pippio.com *.agkn.com *.doubleclick.net *.everesttech.net *.demdex.net *.vimeo.com *.vimeocdn.com *.heapanalytics.com *.segment.com *.segment.io *.mxpnl.com *.mixpanel.com *.mouseflow.com *.usefathom.com *.calendly.com *.razorpay.com wss://*.pusher.com *.criteo.com *.pingdom.net *.enegel.ai wss://*.enegel.ai *.peakdigital.cloud *.promolayer.io *.run.app *.stape.us *.shopifysvc.com *.googleapis.com *.simpli.fi *.clickcease.com *.thehotelsnetwork.com *.verygoodproxy.com *.mountain.com samsung.com *.samsung.com pay.google.com *.pinimg.com wss://*.webconnex.com; frame-src 'self' google.com *.google.com *.stripe.com *.adyen.com member.usatriathlon.org *.youtube.com *.youtube-nocookie.com *.vimeo.com *.braintreegateway.com *.paypal.com *.paypalobjects.com *.twitter.com *.x.com *.facebook.com *.facebook.net *.pinterest.com *.doubleclick.net challenges.cloudflare.com *.razorpay.com *.paybright.com *.webflow.com *.hsforms.net *.calendly.com *.spotify.com *.statuspage.io *.logwork.com; object-src 'none'; base-uri 'self'; form-action 'self'; report-to browser-intake-datadoghq
cf-ray
9cc15566cec19bbf-FRA
access-control-allow-origin
https://btoes.regfox.com
content-length
128
date
Wed, 11 Feb 2026 05:09:21 GMT
content-type
application/speculationrules+json
vary
Origin
server
cloudflare
css
fonts.googleapis.com/ 		55 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400italic,600italic,400,600|Roboto:400,400italic,500,500italic
Requested by
Host: btoes.regfox.com
URL: https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.217.20.138 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
lcfraa-bo-in-f10.1e100.net
Software
ESF /
Resource Hash
60e0b83016fa0a3c2a6fd849d6a71e7f8684202f6af15a9abfe9a9fbe045fbd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://btoes.regfox.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 11 Feb 2026 05:09:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Feb 2026 05:09:21 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 11 Feb 2026 05:09:21 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
bootstrap.min.css
netdna.bootstrapcdn.com/bootstrap/3.0.3/css/ 		97 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/bootstrap/3.0.3/css/bootstrap.min.css
Requested by
Host: btoes.regfox.com
URL: https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
46a2de362f54e3c988cc8c9fbf68fe12018c8ae42fe11509a747f52f17834466
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Origin
https://btoes.regfox.com
Referer
https://btoes.regfox.com/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
"35fc838ce584c1eb81b3bebe245442d6"
age
52411
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 11 Feb 2026 05:09:21 GMT
last-modified
Mon, 25 Jan 2021 22:03:56 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-requestpullcode
200
priority
u=0,i=?0
cdn-cachedat
01/28/2026 17:12:19
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-requestid
6b74a1efb43b111de9f9653c490f2551
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.43
cf-ray
9cc15566ed4adcb0-FRA
access-control-allow-origin
*
cdn-edgestorageid
723
server
cloudflare
cdn-requestcountrycode
DE
font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: btoes.regfox.com
URL: https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Origin
https://btoes.regfox.com
Referer
https://btoes.regfox.com/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
"269550530cc127b6aa5a35925a7de6ce"
age
133172
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 11 Feb 2026 05:09:21 GMT
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
08/01/2025 14:01:18
cdn-requestpullcode
200
priority
u=0,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-requestid
6bf117b6caf08f1597d1abc55938fe76
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.33
cf-ray
9cc15566ed4bdcb0-FRA
access-control-allow-origin
*
cdn-edgestorageid
1334
server
cloudflare
cdn-requestcountrycode
DE
app.adb0b4c9.css
btoes.regfox.com/css/ 		588 KB
121 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://btoes.regfox.com/css/app.adb0b4c9.css
Requested by
Host: btoes.regfox.com
URL: https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.85 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
80ca2169a23204f45b4370b6329da41bd928a3be4705295c8f3c6652704e0d0b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Origin
https://btoes.regfox.com
Referer
https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm_source=hs_email

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"92e2e-19c44bd8cd8"
x-content-type-options
nosniff
expires
Thu, 11 Feb 2027 05:09:21 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 11 Feb 2026 05:09:22 GMT
content-type
text/css; charset=UTF-8
last-modified
Mon, 09 Feb 2026 23:29:59 GMT
vary
Accept-Encoding
strict-transport-security
max-age=0; includeSubDomains
reporting-endpoints
browser-intake-datadoghq="https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub45cd674fc217697f6b7c7995f7225a7b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddenv=prod"
cache-control
public, max-age=31536000
speculation-rules
"/cdn-cgi/speculation"
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' google.com *.google.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.doubleclick.net applepay.cdn-apple.com *.stripe.com *.adyen.com *.wepay.com *.klarnacdn.net *.twitter.com *.x.com *.facebook.com *.facebook.net *.datadoghq.com *.cloudflareinsights.com *.clarity.ms *.tiktok.com *.tiktokw.us *.ttwstatic.com *.bing.com *.licdn.com *.linkedin.com *.sc-static.net *.snapchat.com *.pinterest.com *.pinimg.com *.braintreegateway.com *.braintree-api.com *.paypal.com *.paypalobjects.com unpkg.com *.jsdelivr.net *.cloudflare.com *.polyfill.io *.hsforms.net *.hs-scripts.com *.hs-analytics.net *.hubspot.com *.hscollectedforms.net *.webflow.com *.website-files.com *.plyr.io *.vimeo.com *.vimeocdn.com *.youtube.com *.ytimg.com *.twimg.com challenges.cloudflare.com *.fontawesome.com *.paybright.com *.sentry.io *.sentry-cdn.com *.razorpay.com *.mapbox.com *.amazonaws.com *.thetradedesk.com *.adsrvr.org *.rlcdn.com *.pippio.com *.agkn.com *.everesttech.net *.demdex.net *.heapanalytics.com *.segment.com *.segment.io *.pingdom.net *.mouseflow.com *.mxpnl.com *.mixpanel.com *.usefathom.com *.enegel.ai *.promolayer.io *.run.app *.statuspage.io *.simpli.fi code.jquery.com *.clickcease.com *.thehotelsnetwork.com *.verygoodproxy.com *.tambourine.com *.mountain.com *.logwork.com samsung.com *.samsung.com pay.google.com *.squarespace-cdn.com *.uploads.webconnex.com; style-src * 'unsafe-inline'; img-src * data: blob:; font-src * data:; media-src * data: blob:; connect-src 'self' google.com *.google.com *.google-analytics.com *.analytics.google.com *.facebook.com *.facebook.net *.stripe.com *.adyen.com *.webconnex.com *.webconnex.io *.uploads.webconnex.com api.purchaseprotection.com dev.triorewards.com member.usatriathlon.org *.amazonaws.com *.datadoghq.com *.clarity.ms *.cloudflareinsights.com *.tiktok.com *.tiktokw.us *.sc-static.net *.snapchat.com *.linkedin.com *.licdn.com *.twitter.com *.twimg.com *.x.com *.pinterest.com *.braintreegateway.com *.braintree-api.com *.paypal.com *.paypalobjects.com *.bing.com *.youtube.com *.ytimg.com *.hsforms.net *.hubspot.com *.hs-analytics.net *.hscollectedforms.net *.webflow.com *.sentry.io *.ingest.sentry.io *.mapbox.com *.thetradedesk.com *.adsrvr.org *.rlcdn.com *.pippio.com *.agkn.com *.doubleclick.net *.everesttech.net *.demdex.net *.vimeo.com *.vimeocdn.com *.heapanalytics.com *.segment.com *.segment.io *.mxpnl.com *.mixpanel.com *.mouseflow.com *.usefathom.com *.calendly.com *.razorpay.com wss://*.pusher.com *.criteo.com *.pingdom.net *.enegel.ai wss://*.enegel.ai *.peakdigital.cloud *.promolayer.io *.run.app *.stape.us *.shopifysvc.com *.googleapis.com *.simpli.fi *.clickcease.com *.thehotelsnetwork.com *.verygoodproxy.com *.mountain.com samsung.com *.samsung.com pay.google.com *.pinimg.com wss://*.webconnex.com; frame-src 'self' google.com *.google.com *.stripe.com *.adyen.com member.usatriathlon.org *.youtube.com *.youtube-nocookie.com *.vimeo.com *.braintreegateway.com *.paypal.com *.paypalobjects.com *.twitter.com *.x.com *.facebook.com *.facebook.net *.pinterest.com *.doubleclick.net challenges.cloudflare.com *.razorpay.com *.paybright.com *.webflow.com *.hsforms.net *.calendly.com *.spotify.com *.statuspage.io *.logwork.com; object-src 'none'; base-uri 'self'; form-action 'self'; report-to browser-intake-datadoghq
cf-ray
9cc15566cec49bbf-FRA
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
css
fonts.googleapis.com/ 		5 KB
1013 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans|Work+Sans:400,400i,700,700i
Requested by
Host: btoes.regfox.com
URL: https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.217.20.138 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
lcfraa-bo-in-f10.1e100.net
Software
ESF /
Resource Hash
79a1c77bc970b34238581069c76c56562a8deae9a34d533e49fe0662f3465a7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://btoes.regfox.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 11 Feb 2026 05:09:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Feb 2026 05:09:21 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 11 Feb 2026 05:09:21 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
scrollPaddingTop.js
btoes.regfox.com/lib/ 		1 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btoes.regfox.com/lib/scrollPaddingTop.js
Requested by
Host: btoes.regfox.com
URL: https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.85 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f684931b8d31cca6bd41f073a6ae49b0ee127c4b9dc9a2805cd3b0898128ef2a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Origin
https://btoes.regfox.com
Referer
https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm_source=hs_email

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"462-19c44bb5a58"
x-content-type-options
nosniff
expires
Thu, 11 Feb 2027 05:09:21 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 11 Feb 2026 05:09:21 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 09 Feb 2026 23:27:35 GMT
vary
Accept-Encoding
strict-transport-security
max-age=0; includeSubDomains
reporting-endpoints
browser-intake-datadoghq="https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub45cd674fc217697f6b7c7995f7225a7b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddenv=prod"
cache-control
public, max-age=31536000
speculation-rules
"/cdn-cgi/speculation"
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' google.com *.google.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.doubleclick.net applepay.cdn-apple.com *.stripe.com *.adyen.com *.wepay.com *.klarnacdn.net *.twitter.com *.x.com *.facebook.com *.facebook.net *.datadoghq.com *.cloudflareinsights.com *.clarity.ms *.tiktok.com *.tiktokw.us *.ttwstatic.com *.bing.com *.licdn.com *.linkedin.com *.sc-static.net *.snapchat.com *.pinterest.com *.pinimg.com *.braintreegateway.com *.braintree-api.com *.paypal.com *.paypalobjects.com unpkg.com *.jsdelivr.net *.cloudflare.com *.polyfill.io *.hsforms.net *.hs-scripts.com *.hs-analytics.net *.hubspot.com *.hscollectedforms.net *.webflow.com *.website-files.com *.plyr.io *.vimeo.com *.vimeocdn.com *.youtube.com *.ytimg.com *.twimg.com challenges.cloudflare.com *.fontawesome.com *.paybright.com *.sentry.io *.sentry-cdn.com *.razorpay.com *.mapbox.com *.amazonaws.com *.thetradedesk.com *.adsrvr.org *.rlcdn.com *.pippio.com *.agkn.com *.everesttech.net *.demdex.net *.heapanalytics.com *.segment.com *.segment.io *.pingdom.net *.mouseflow.com *.mxpnl.com *.mixpanel.com *.usefathom.com *.enegel.ai *.promolayer.io *.run.app *.statuspage.io *.simpli.fi code.jquery.com *.clickcease.com *.thehotelsnetwork.com *.verygoodproxy.com *.tambourine.com *.mountain.com *.logwork.com samsung.com *.samsung.com pay.google.com *.squarespace-cdn.com *.uploads.webconnex.com; style-src * 'unsafe-inline'; img-src * data: blob:; font-src * data:; media-src * data: blob:; connect-src 'self' google.com *.google.com *.google-analytics.com *.analytics.google.com *.facebook.com *.facebook.net *.stripe.com *.adyen.com *.webconnex.com *.webconnex.io *.uploads.webconnex.com api.purchaseprotection.com dev.triorewards.com member.usatriathlon.org *.amazonaws.com *.datadoghq.com *.clarity.ms *.cloudflareinsights.com *.tiktok.com *.tiktokw.us *.sc-static.net *.snapchat.com *.linkedin.com *.licdn.com *.twitter.com *.twimg.com *.x.com *.pinterest.com *.braintreegateway.com *.braintree-api.com *.paypal.com *.paypalobjects.com *.bing.com *.youtube.com *.ytimg.com *.hsforms.net *.hubspot.com *.hs-analytics.net *.hscollectedforms.net *.webflow.com *.sentry.io *.ingest.sentry.io *.mapbox.com *.thetradedesk.com *.adsrvr.org *.rlcdn.com *.pippio.com *.agkn.com *.doubleclick.net *.everesttech.net *.demdex.net *.vimeo.com *.vimeocdn.com *.heapanalytics.com *.segment.com *.segment.io *.mxpnl.com *.mixpanel.com *.mouseflow.com *.usefathom.com *.calendly.com *.razorpay.com wss://*.pusher.com *.criteo.com *.pingdom.net *.enegel.ai wss://*.enegel.ai *.peakdigital.cloud *.promolayer.io *.run.app *.stape.us *.shopifysvc.com *.googleapis.com *.simpli.fi *.clickcease.com *.thehotelsnetwork.com *.verygoodproxy.com *.mountain.com samsung.com *.samsung.com pay.google.com *.pinimg.com wss://*.webconnex.com; frame-src 'self' google.com *.google.com *.stripe.com *.adyen.com member.usatriathlon.org *.youtube.com *.youtube-nocookie.com *.vimeo.com *.braintreegateway.com *.paypal.com *.paypalobjects.com *.twitter.com *.x.com *.facebook.com *.facebook.net *.pinterest.com *.doubleclick.net challenges.cloudflare.com *.razorpay.com *.paybright.com *.webflow.com *.hsforms.net *.calendly.com *.spotify.com *.statuspage.io *.logwork.com; object-src 'none'; base-uri 'self'; form-action 'self'; report-to browser-intake-datadoghq
cf-ray
9cc15566cec69bbf-FRA
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
js
www.googletagmanager.com/gtag/ 		213 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=
Requested by
Host: btoes.regfox.com
URL: https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.127.97 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
lcfrai-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
544b5eab33c25bc44ce997db57cfae8cd25ed1309a9490810fb7998d24101580
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://btoes.regfox.com/

Response headers

content-encoding
zstd
expires
Wed, 11 Feb 2026 05:09:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Feb 2026 05:09:22 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 11 Feb 2026 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
81975
x-xss-protection
0
server
Google Tag Manager
apple-pay-sdk.js
applepay.cdn-apple.com/jsapi/1.latest/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://applepay.cdn-apple.com/jsapi/1.latest/apple-pay-sdk.js
Requested by
Host: btoes.regfox.com
URL: https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
17.253.15.142 Frankfurt am Main, Germany, ASN6185 (APPLE-AUSTIN - Apple Inc., US),
Reverse DNS
defra1-vip-fx-106.b.aaplimg.com
Software
Apple /
Resource Hash
77d95a82055bf6d4da225674987adad66457b2d0f9dbd00cc3f3dba83eddd5be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Origin
https://btoes.regfox.com
Referer
https://btoes.regfox.com/

Response headers

content-encoding
gzip
CDNUUID
956c7fe7-c155-479c-b8aa-94e0549f5a33-12282996509
Etag
"fb8421457e2e4a2455cf21f65e052577--gzip"
Age
17392
apple-originating-system
wp-content-server-prod1-use1
x-content-type-options
nosniff
X-Cache
hit-fresh, hit-fresh
Date
Wed, 11 Feb 2026 00:19:29 GMT
apple-tk
false
Content-Type
application/javascript
vary
Accept-Encoding
apple-seq
0
strict-transport-security
max-age=31536000; includeSubdomains
cache-control
max-age=1800, s-maxage=86400, stale-while-revalidate=3600
x-envoy-upstream-service-time
3
api-version
25.14.3
Connection
keep-alive
access-control-allow-credentials
false
x-conversation-id
29668bf3-e50e-25ac-4434-cc8cc66fc777
access-control-allow-origin
*
Content-Length
17264
x-xss-protection
1; mode=block
Server
Apple
btoes%20logo.png
cdn.uploads.webconnex.com/191524/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.uploads.webconnex.com/191524/btoes%20logo.png?1762530886167
Requested by
Host: btoes.regfox.com
URL: https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.23.85 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e153e532a5e4e7a19ac0b74aa66885d836519991510b3177d4f98a4270966bef
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://btoes.regfox.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"4dc7d9970d845c203b5950b9e5939ad7"
x-amz-version-id
i.DhDruyk_iEtd7nvdt6zT_wdCrZ3BMQ
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Wed, 11 Feb 2026 06:09:21 GMT
cf-polished
origFmt=png, origSize=17964
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 11 Feb 2026 05:09:21 GMT
last-modified
Fri, 07 Nov 2025 15:54:47 GMT
content-type
image/webp
vary
accept
content-disposition
inline; filename="btoes%20logo.webp"
x-amz-id-2
r10dyEzMXtSAwNMnz1ANMmpqZPszvrAE9gvdtWcoCrB4xaTyBGbuLbUDmjwsPi6QBiFHu/4Pf2U=
priority
u=2,i
strict-transport-security
max-age=0; includeSubDomains
cache-control
public, max-age=3600
speculation-rules
"/cdn-cgi/speculation"
x-amz-request-id
M8MMTEBZCNZSZHQ7
cf-ray
9cc155673b1b046a-FRA
accept-ranges
bytes
content-length
6240
server
cloudflare
x-amz-server-side-encryption
AES256
US.svg
purecatamphetamine.github.io/country-flag-icons/3x2/ 		1 KB
886 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://purecatamphetamine.github.io/country-flag-icons/3x2/US.svg
Requested by
Host: btoes.regfox.com
URL: https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY - Fastly, Inc., US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
0368f33db1cc70ef5eee2a5de99571b65d394d8964f4824ce3919d45998775c0
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://btoes.regfox.com/

Response headers

x-fastly-request-id
8971b2c44affb901cbfa409f46a815f6688607cf
content-encoding
gzip
etag
W/"698b0911-548"
age
215
x-github-request-id
4066:307ECA:7BE6763:7D0FD37:698C0E0B
expires
Wed, 11 Feb 2026 05:14:23 GMT
x-proxy-cache
HIT
x-cache
HIT
date
Wed, 11 Feb 2026 05:09:21 GMT
content-type
image/svg+xml
last-modified
Tue, 10 Feb 2026 10:31:45 GMT
x-served-by
cache-fra-eddf8230080-FRA
x-cache-hits
2
vary
Accept-Encoding
strict-transport-security
max-age=31556952
cache-control
max-age=600
x-timer
S1770786561.117500,VS0,VE0
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
480
x-origin-cache
HIT
server
GitHub.com
regfox-black.svg
images.webconnex.com/bacon/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.webconnex.com/bacon/regfox-black.svg
Requested by
Host: btoes.regfox.com
URL: https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.131.32 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-65-8-131-32.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee4449e61a8245c7983466776579f421f3807158efdb451037e3edf0e183e99c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://btoes.regfox.com/

Response headers

x-amz-cf-pop
FRA60-P13
content-encoding
gzip
x-amz-version-id
null
etag
W/"346029fcb29361f758dcfd17006b33aa"
age
7963
via
1.1 581599a51772a76c2489c9d094b70226.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
8mTe6saOf-Hu7fIeLgXS33vm0cOo01SmdFxYvxwqH9enrLRRafhd1A==
date
Wed, 11 Feb 2026 02:56:39 GMT
content-type
image/svg+xml
vary
accept-encoding
server
AmazonS3
last-modified
Tue, 03 Dec 2019 19:11:35 GMT
bundle.0259625d.js
btoes.regfox.com/js/ 		2 MB
622 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btoes.regfox.com/js/bundle.0259625d.js
Requested by
Host: btoes.regfox.com
URL: https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.23.85 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
917a8bd603e6805cb55f592dd446336b9a49041a2420b6e610f9a775be6b28a2
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Origin
https://btoes.regfox.com
Referer
https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm_source=hs_email

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"22c940-19c44bd8cd8"
x-content-type-options
nosniff
expires
Thu, 11 Feb 2027 05:09:22 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 11 Feb 2026 05:09:22 GMT
last-modified
Mon, 09 Feb 2026 23:29:59 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
priority
u=2,i=?0
strict-transport-security
max-age=0; includeSubDomains
reporting-endpoints
browser-intake-datadoghq="https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub45cd674fc217697f6b7c7995f7225a7b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddenv=prod"
cache-control
public, max-age=31536000
speculation-rules
"/cdn-cgi/speculation"
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' google.com *.google.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.doubleclick.net applepay.cdn-apple.com *.stripe.com *.adyen.com *.wepay.com *.klarnacdn.net *.twitter.com *.x.com *.facebook.com *.facebook.net *.datadoghq.com *.cloudflareinsights.com *.clarity.ms *.tiktok.com *.tiktokw.us *.ttwstatic.com *.bing.com *.licdn.com *.linkedin.com *.sc-static.net *.snapchat.com *.pinterest.com *.pinimg.com *.braintreegateway.com *.braintree-api.com *.paypal.com *.paypalobjects.com unpkg.com *.jsdelivr.net *.cloudflare.com *.polyfill.io *.hsforms.net *.hs-scripts.com *.hs-analytics.net *.hubspot.com *.hscollectedforms.net *.webflow.com *.website-files.com *.plyr.io *.vimeo.com *.vimeocdn.com *.youtube.com *.ytimg.com *.twimg.com challenges.cloudflare.com *.fontawesome.com *.paybright.com *.sentry.io *.sentry-cdn.com *.razorpay.com *.mapbox.com *.amazonaws.com *.thetradedesk.com *.adsrvr.org *.rlcdn.com *.pippio.com *.agkn.com *.everesttech.net *.demdex.net *.heapanalytics.com *.segment.com *.segment.io *.pingdom.net *.mouseflow.com *.mxpnl.com *.mixpanel.com *.usefathom.com *.enegel.ai *.promolayer.io *.run.app *.statuspage.io *.simpli.fi code.jquery.com *.clickcease.com *.thehotelsnetwork.com *.verygoodproxy.com *.tambourine.com *.mountain.com *.logwork.com samsung.com *.samsung.com pay.google.com *.squarespace-cdn.com *.uploads.webconnex.com; style-src * 'unsafe-inline'; img-src * data: blob:; font-src * data:; media-src * data: blob:; connect-src 'self' google.com *.google.com *.google-analytics.com *.analytics.google.com *.facebook.com *.facebook.net *.stripe.com *.adyen.com *.webconnex.com *.webconnex.io *.uploads.webconnex.com api.purchaseprotection.com dev.triorewards.com member.usatriathlon.org *.amazonaws.com *.datadoghq.com *.clarity.ms *.cloudflareinsights.com *.tiktok.com *.tiktokw.us *.sc-static.net *.snapchat.com *.linkedin.com *.licdn.com *.twitter.com *.twimg.com *.x.com *.pinterest.com *.braintreegateway.com *.braintree-api.com *.paypal.com *.paypalobjects.com *.bing.com *.youtube.com *.ytimg.com *.hsforms.net *.hubspot.com *.hs-analytics.net *.hscollectedforms.net *.webflow.com *.sentry.io *.ingest.sentry.io *.mapbox.com *.thetradedesk.com *.adsrvr.org *.rlcdn.com *.pippio.com *.agkn.com *.doubleclick.net *.everesttech.net *.demdex.net *.vimeo.com *.vimeocdn.com *.heapanalytics.com *.segment.com *.segment.io *.mxpnl.com *.mixpanel.com *.mouseflow.com *.usefathom.com *.calendly.com *.razorpay.com wss://*.pusher.com *.criteo.com *.pingdom.net *.enegel.ai wss://*.enegel.ai *.peakdigital.cloud *.promolayer.io *.run.app *.stape.us *.shopifysvc.com *.googleapis.com *.simpli.fi *.clickcease.com *.thehotelsnetwork.com *.verygoodproxy.com *.mountain.com samsung.com *.samsung.com pay.google.com *.pinimg.com wss://*.webconnex.com; frame-src 'self' google.com *.google.com *.stripe.com *.adyen.com member.usatriathlon.org *.youtube.com *.youtube-nocookie.com *.vimeo.com *.braintreegateway.com *.paypal.com *.paypalobjects.com *.twitter.com *.x.com *.facebook.com *.facebook.net *.pinterest.com *.doubleclick.net challenges.cloudflare.com *.razorpay.com *.paybright.com *.webflow.com *.hsforms.net *.calendly.com *.spotify.com *.statuspage.io *.logwork.com; object-src 'none'; base-uri 'self'; form-action 'self'; report-to browser-intake-datadoghq
cf-ray
9cc155683b0c5d8c-FRA
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
addthisevent.min.js
btoes.regfox.com/lib/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btoes.regfox.com/lib/addthisevent.min.js
Requested by
Host: btoes.regfox.com
URL: https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.23.85 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
bd4a08ee1b016c53e2a9221e418d7fa94478b650c58b757a6dde72748cd803f4
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Origin
https://btoes.regfox.com
Referer
https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm_source=hs_email

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"8879-19c44bb5a58"
x-content-type-options
nosniff
expires
Thu, 11 Feb 2027 05:09:21 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 11 Feb 2026 05:09:21 GMT
last-modified
Mon, 09 Feb 2026 23:27:35 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
priority
u=2,i=?0
strict-transport-security
max-age=0; includeSubDomains
reporting-endpoints
browser-intake-datadoghq="https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub45cd674fc217697f6b7c7995f7225a7b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddenv=prod"
cache-control
public, max-age=31536000
speculation-rules
"/cdn-cgi/speculation"
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' google.com *.google.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.doubleclick.net applepay.cdn-apple.com *.stripe.com *.adyen.com *.wepay.com *.klarnacdn.net *.twitter.com *.x.com *.facebook.com *.facebook.net *.datadoghq.com *.cloudflareinsights.com *.clarity.ms *.tiktok.com *.tiktokw.us *.ttwstatic.com *.bing.com *.licdn.com *.linkedin.com *.sc-static.net *.snapchat.com *.pinterest.com *.pinimg.com *.braintreegateway.com *.braintree-api.com *.paypal.com *.paypalobjects.com unpkg.com *.jsdelivr.net *.cloudflare.com *.polyfill.io *.hsforms.net *.hs-scripts.com *.hs-analytics.net *.hubspot.com *.hscollectedforms.net *.webflow.com *.website-files.com *.plyr.io *.vimeo.com *.vimeocdn.com *.youtube.com *.ytimg.com *.twimg.com challenges.cloudflare.com *.fontawesome.com *.paybright.com *.sentry.io *.sentry-cdn.com *.razorpay.com *.mapbox.com *.amazonaws.com *.thetradedesk.com *.adsrvr.org *.rlcdn.com *.pippio.com *.agkn.com *.everesttech.net *.demdex.net *.heapanalytics.com *.segment.com *.segment.io *.pingdom.net *.mouseflow.com *.mxpnl.com *.mixpanel.com *.usefathom.com *.enegel.ai *.promolayer.io *.run.app *.statuspage.io *.simpli.fi code.jquery.com *.clickcease.com *.thehotelsnetwork.com *.verygoodproxy.com *.tambourine.com *.mountain.com *.logwork.com samsung.com *.samsung.com pay.google.com *.squarespace-cdn.com *.uploads.webconnex.com; style-src * 'unsafe-inline'; img-src * data: blob:; font-src * data:; media-src * data: blob:; connect-src 'self' google.com *.google.com *.google-analytics.com *.analytics.google.com *.facebook.com *.facebook.net *.stripe.com *.adyen.com *.webconnex.com *.webconnex.io *.uploads.webconnex.com api.purchaseprotection.com dev.triorewards.com member.usatriathlon.org *.amazonaws.com *.datadoghq.com *.clarity.ms *.cloudflareinsights.com *.tiktok.com *.tiktokw.us *.sc-static.net *.snapchat.com *.linkedin.com *.licdn.com *.twitter.com *.twimg.com *.x.com *.pinterest.com *.braintreegateway.com *.braintree-api.com *.paypal.com *.paypalobjects.com *.bing.com *.youtube.com *.ytimg.com *.hsforms.net *.hubspot.com *.hs-analytics.net *.hscollectedforms.net *.webflow.com *.sentry.io *.ingest.sentry.io *.mapbox.com *.thetradedesk.com *.adsrvr.org *.rlcdn.com *.pippio.com *.agkn.com *.doubleclick.net *.everesttech.net *.demdex.net *.vimeo.com *.vimeocdn.com *.heapanalytics.com *.segment.com *.segment.io *.mxpnl.com *.mixpanel.com *.mouseflow.com *.usefathom.com *.calendly.com *.razorpay.com wss://*.pusher.com *.criteo.com *.pingdom.net *.enegel.ai wss://*.enegel.ai *.peakdigital.cloud *.promolayer.io *.run.app *.stape.us *.shopifysvc.com *.googleapis.com *.simpli.fi *.clickcease.com *.thehotelsnetwork.com *.verygoodproxy.com *.mountain.com samsung.com *.samsung.com pay.google.com *.pinimg.com wss://*.webconnex.com; frame-src 'self' google.com *.google.com *.stripe.com *.adyen.com member.usatriathlon.org *.youtube.com *.youtube-nocookie.com *.vimeo.com *.braintreegateway.com *.paypal.com *.paypalobjects.com *.twitter.com *.x.com *.facebook.com *.facebook.net *.pinterest.com *.doubleclick.net challenges.cloudflare.com *.razorpay.com *.paybright.com *.webflow.com *.hsforms.net *.calendly.com *.spotify.com *.statuspage.io *.logwork.com; object-src 'none'; base-uri 'self'; form-action 'self'; report-to browser-intake-datadoghq
cf-ray
9cc155686b325d8c-FRA
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
iframeResizer.contentWindow.min.js
btoes.regfox.com/lib/ 		9 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btoes.regfox.com/lib/iframeResizer.contentWindow.min.js
Requested by
Host: btoes.regfox.com
URL: https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.23.85 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e7f0c72a0ce17ca77f93669294b4ae10f8bb10b0bbcf3d06ffb122650eaa2570
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Origin
https://btoes.regfox.com
Referer
https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm_source=hs_email

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"2310-19c44bb5a58"
x-content-type-options
nosniff
expires
Thu, 11 Feb 2027 05:09:22 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 11 Feb 2026 05:09:22 GMT
last-modified
Mon, 09 Feb 2026 23:27:35 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
priority
u=2,i=?0
strict-transport-security
max-age=0; includeSubDomains
reporting-endpoints
browser-intake-datadoghq="https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub45cd674fc217697f6b7c7995f7225a7b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddenv=prod"
cache-control
public, max-age=31536000
speculation-rules
"/cdn-cgi/speculation"
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' google.com *.google.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.doubleclick.net applepay.cdn-apple.com *.stripe.com *.adyen.com *.wepay.com *.klarnacdn.net *.twitter.com *.x.com *.facebook.com *.facebook.net *.datadoghq.com *.cloudflareinsights.com *.clarity.ms *.tiktok.com *.tiktokw.us *.ttwstatic.com *.bing.com *.licdn.com *.linkedin.com *.sc-static.net *.snapchat.com *.pinterest.com *.pinimg.com *.braintreegateway.com *.braintree-api.com *.paypal.com *.paypalobjects.com unpkg.com *.jsdelivr.net *.cloudflare.com *.polyfill.io *.hsforms.net *.hs-scripts.com *.hs-analytics.net *.hubspot.com *.hscollectedforms.net *.webflow.com *.website-files.com *.plyr.io *.vimeo.com *.vimeocdn.com *.youtube.com *.ytimg.com *.twimg.com challenges.cloudflare.com *.fontawesome.com *.paybright.com *.sentry.io *.sentry-cdn.com *.razorpay.com *.mapbox.com *.amazonaws.com *.thetradedesk.com *.adsrvr.org *.rlcdn.com *.pippio.com *.agkn.com *.everesttech.net *.demdex.net *.heapanalytics.com *.segment.com *.segment.io *.pingdom.net *.mouseflow.com *.mxpnl.com *.mixpanel.com *.usefathom.com *.enegel.ai *.promolayer.io *.run.app *.statuspage.io *.simpli.fi code.jquery.com *.clickcease.com *.thehotelsnetwork.com *.verygoodproxy.com *.tambourine.com *.mountain.com *.logwork.com samsung.com *.samsung.com pay.google.com *.squarespace-cdn.com *.uploads.webconnex.com; style-src * 'unsafe-inline'; img-src * data: blob:; font-src * data:; media-src * data: blob:; connect-src 'self' google.com *.google.com *.google-analytics.com *.analytics.google.com *.facebook.com *.facebook.net *.stripe.com *.adyen.com *.webconnex.com *.webconnex.io *.uploads.webconnex.com api.purchaseprotection.com dev.triorewards.com member.usatriathlon.org *.amazonaws.com *.datadoghq.com *.clarity.ms *.cloudflareinsights.com *.tiktok.com *.tiktokw.us *.sc-static.net *.snapchat.com *.linkedin.com *.licdn.com *.twitter.com *.twimg.com *.x.com *.pinterest.com *.braintreegateway.com *.braintree-api.com *.paypal.com *.paypalobjects.com *.bing.com *.youtube.com *.ytimg.com *.hsforms.net *.hubspot.com *.hs-analytics.net *.hscollectedforms.net *.webflow.com *.sentry.io *.ingest.sentry.io *.mapbox.com *.thetradedesk.com *.adsrvr.org *.rlcdn.com *.pippio.com *.agkn.com *.doubleclick.net *.everesttech.net *.demdex.net *.vimeo.com *.vimeocdn.com *.heapanalytics.com *.segment.com *.segment.io *.mxpnl.com *.mixpanel.com *.mouseflow.com *.usefathom.com *.calendly.com *.razorpay.com wss://*.pusher.com *.criteo.com *.pingdom.net *.enegel.ai wss://*.enegel.ai *.peakdigital.cloud *.promolayer.io *.run.app *.stape.us *.shopifysvc.com *.googleapis.com *.simpli.fi *.clickcease.com *.thehotelsnetwork.com *.verygoodproxy.com *.mountain.com samsung.com *.samsung.com pay.google.com *.pinimg.com wss://*.webconnex.com; frame-src 'self' google.com *.google.com *.stripe.com *.adyen.com member.usatriathlon.org *.youtube.com *.youtube-nocookie.com *.vimeo.com *.braintreegateway.com *.paypal.com *.paypalobjects.com *.twitter.com *.x.com *.facebook.com *.facebook.net *.pinterest.com *.doubleclick.net challenges.cloudflare.com *.razorpay.com *.paybright.com *.webflow.com *.hsforms.net *.calendly.com *.spotify.com *.statuspage.io *.logwork.com; object-src 'none'; base-uri 'self'; form-action 'self'; report-to browser-intake-datadoghq
cf-ray
9cc15569ebd75d8c-FRA
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
/
js.stripe.com/v3/ 		911 KB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: btoes.regfox.com
URL: https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.136.107 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-136-107.fra50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
5819d0ab6f166f3dcc6c1d1470094be17a3ed1633d360fd09b826c97a099437f
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://btoes.regfox.com/

Response headers

content-encoding
br
etag
W/"164aeee3d7f9d7487b664aaa301f795b"
age
67
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
tFvUl6_w2MfkQ6H30fondIjeuk2JlCogtCTE_dhJVxuXaGUeCqSRpg==
date
Wed, 11 Feb 2026 05:08:17 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 11 Feb 2026 00:56:47 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
max-age=120
timing-allow-origin
*
via
1.1 8027798dc40af04392a940303e0fc516.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA50-P2
server
Cloudfront
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: btoes.regfox.com
URL: https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.79.73 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Origin
https://btoes.regfox.com
Referer
https://btoes.regfox.com/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
9cc1556e5cfb340d-FRA
access-control-allow-origin
*
date
Wed, 11 Feb 2026 05:09:22 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 22 Jan 2026 17:06:04 GMT
vary
Accept-Encoding
server
cloudflare
eix8uwn.css
use.typekit.net/ 		3 KB
930 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/eix8uwn.css
Requested by
Host: btoes.regfox.com
URL: https://btoes.regfox.com/css/app.adb0b4c9.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.156 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a184-24-77-156.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
cd47a71549ef31efe1e455c52609583c7349c22ffa1d0d8b9e7e26a6512495b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://btoes.regfox.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
cache-control
private, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
674
date
Wed, 11 Feb 2026 05:09:22 GMT
akamai-grn
0.9ccf3617.1770786562.3619042b
content-type
text/css;charset=utf-8
vary
Accept-Encoding
server
nginx
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=eix8uwn&ht=tk&f=9785.9787.9791&a=11897783&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/eix8uwn.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a184-24-77-154.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://use.typekit.net/

Response headers

cache-control
public, max-age=604800
etag
"674c5a5e-5"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
5
date
Wed, 11 Feb 2026 05:09:22 GMT
content-type
text/css
last-modified
Sun, 01 Dec 2024 12:45:18 GMT
server
nginx
US.svg
purecatamphetamine.github.io/country-flag-icons/3x2/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://purecatamphetamine.github.io/country-flag-icons/3x2/US.svg
Requested by
Host: btoes.regfox.com
URL: https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY - Fastly, Inc., US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
0368f33db1cc70ef5eee2a5de99571b65d394d8964f4824ce3919d45998775c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://btoes.regfox.com/

Response headers

x-fastly-request-id
8971b2c44affb901cbfa409f46a815f6688607cf
content-encoding
gzip
etag
W/"698b0911-548"
age
215
x-github-request-id
4066:307ECA:7BE6763:7D0FD37:698C0E0B
expires
Wed, 11 Feb 2026 05:14:23 GMT
x-proxy-cache
HIT
x-cache
HIT
date
Wed, 11 Feb 2026 05:09:21 GMT
content-type
image/svg+xml
last-modified
Tue, 10 Feb 2026 10:31:45 GMT
x-served-by
cache-fra-eddf8230080-FRA
x-cache-hits
2
vary
Accept-Encoding
cache-control
max-age=600
x-timer
S1770786561.117500,VS0,VE0
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
480
x-origin-cache
HIT
server
GitHub.com
apple-pay-sdk.js
applepay.cdn-apple.com/jsapi/1.latest/ 		58 KB
314 B 		Other
General
Check archive.org
Download Go to
Full URL
https://applepay.cdn-apple.com/jsapi/1.latest/apple-pay-sdk.js
Requested by
Host: btoes.regfox.com
URL: https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm_source=hs_email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
17.253.15.142 Frankfurt am Main, Germany, ASN6185 (APPLE-AUSTIN - Apple Inc., US),
Reverse DNS
defra1-vip-fx-106.b.aaplimg.com
Software
Apple /
Resource Hash
77d95a82055bf6d4da225674987adad66457b2d0f9dbd00cc3f3dba83eddd5be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Origin
https://btoes.regfox.com
Referer
https://btoes.regfox.com/

Response headers

content-encoding
gzip
CDNUUID
956c7fe7-c155-479c-b8aa-94e0549f5a33-12283006882
Etag
"fb8421457e2e4a2455cf21f65e052577--gzip"
Age
17392
apple-originating-system
wp-content-server-prod1-use1
x-content-type-options
nosniff
X-Cache
hit-fresh
Date
Wed, 11 Feb 2026 05:09:22 GMT
apple-tk
false
Content-Type
application/javascript
Vary
Accept-Encoding
apple-seq
0
Cache-Control
max-age=1800, s-maxage=86400, stale-while-revalidate=3600
x-envoy-upstream-service-time
3
api-version
25.14.3
access-control-allow-credentials
false
x-conversation-id
29668bf3-e50e-25ac-4434-cc8cc66fc777
access-control-allow-origin
*
Content-Length
17264
x-xss-protection
1; mode=block
Server
Apple
top%201%20-%20research%20led.jpg
cdn.uploads.webconnex.com/191524/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.uploads.webconnex.com/191524/top%201%20-%20research%20led.jpg?1762531307160
Requested by
Host: btoes.regfox.com
URL: https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.23.85 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
87a45bfcc7a4b23cc654235c0ed674ddc3351642513d06789d421fc4a20be127
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://btoes.regfox.com/

Response headers

cf-bgj
imgq:100,h2pri
etag
"08a990a18965d9283949ce696e25ec2d"
x-amz-version-id
_s1Tccx.kUTsqD_YNLFC3wHyF4BsgNRy
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Wed, 11 Feb 2026 06:09:22 GMT
cf-polished
origSize=1221892
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 11 Feb 2026 05:09:22 GMT
content-type
image/jpeg
last-modified
Fri, 07 Nov 2025 15:58:19 GMT
vary
accept-encoding
priority
u=3,i
x-amz-id-2
fw0gcvowKb745p2hyTqpkMaiK5Aszy//hWrjwMrbgsfKK4DuMOTXlO/5bl+kiunTxB5OtRMpFVyqBNU/LpDIf8jNivntj65V
strict-transport-security
max-age=0; includeSubDomains
cache-control
public, max-age=3600
speculation-rules
"/cdn-cgi/speculation"
x-amz-request-id
M8MYA3ARZ306FSRP
cf-ray
9cc1556e5f6e046a-FRA
accept-ranges
bytes
content-length
1071701
server
cloudflare
x-amz-server-side-encryption
AES256
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v24/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v24/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans|Work+Sans:400,400i,700,700i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.143.99 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
lcfraa-bu-in-f3.1e100.net
Software
sffe /
Resource Hash
1dd49afc07fb2231b2ff686cbf007725fb2742271bb1f28ebd98f22a0d817343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Origin
https://btoes.regfox.com
Referer
https://fonts.googleapis.com/

Response headers

age
243003
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Mon, 08 Feb 2027 09:39:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 08 Feb 2026 09:39:19 GMT
last-modified
Wed, 10 Sep 2025 16:23:20 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
50316
x-xss-protection
0
server
sffe
js
www.googletagmanager.com/gtag/ 		418 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-75ZWMV4Z4P&cx=c&gtm=4e6291
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.127.97 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
lcfrai-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
60cd41c42daf125c2007cc093b810c0e5f09145e3d6400721ac3d3cd6ad64acc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://btoes.regfox.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
zstd
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Wed, 11 Feb 2026 05:09:22 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147618
date
Wed, 11 Feb 2026 05:09:22 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-75ZWMV4Z4P&gtm=45je6291v871183469za200&_p=1770786562267&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&cid=1221633657.1770786562&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&tag_exp=103116026~103200004~104527907~104528500~104684208~104684211~115938465~115938468~116185181~116185182~116988316&sid=1770786562&sct=1&seg=0&dl=https%3A%2F%2Fbtoes.regfox.com%2Fbtoes%3Futm_medium%3Demail%26_hsenc%3Dp2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw%26_hsmi%3D402925281%26utm_content%3D402925607%26utm_source%3Dhs_email&dt=BTOES&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2034
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-75ZWMV4Z4P&cx=c&gtm=4e6291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://btoes.regfox.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:113:0
report-to
{"group":"ascnsrsggc:113:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:113:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://btoes.regfox.com
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:113:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Feb 2026 05:09:22 GMT
content-type
text/plain
server
Golfe2
metrics.gif
btoes.regfox.com/images/ 		42 B
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btoes.regfox.com/images/metrics.gif?{%22dt%22:1770786562823,%22fr%22:%22dc191d23760444aaba72d83ad438ea55%22,%22tk%22:%22ef53618a587a47fd99f91d5ab90430e2%22,%22chk%22:100,%22sw%22:1600,%22sh%22:1200,%22rf%22:%22%22,%22r%22:0,%22ptk%22:%22%22}
Requested by
Host: btoes.regfox.com
URL: https://btoes.regfox.com/js/bundle.0259625d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.23.85 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm_source=hs_email

Response headers

cf-cache-status
MISS
etag
W/"2a-19c44bb5a58"
x-content-type-options
nosniff
expires
Thu, 11 Feb 2027 05:09:23 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 11 Feb 2026 05:09:23 GMT
last-modified
Mon, 09 Feb 2026 23:27:35 GMT
content-type
image/gif
vary
accept-encoding
priority
u=1,i
strict-transport-security
max-age=0; includeSubDomains
reporting-endpoints
browser-intake-datadoghq="https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub45cd674fc217697f6b7c7995f7225a7b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddenv=prod"
cache-control
public, max-age=31536000
speculation-rules
"/cdn-cgi/speculation"
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' google.com *.google.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.doubleclick.net applepay.cdn-apple.com *.stripe.com *.adyen.com *.wepay.com *.klarnacdn.net *.twitter.com *.x.com *.facebook.com *.facebook.net *.datadoghq.com *.cloudflareinsights.com *.clarity.ms *.tiktok.com *.tiktokw.us *.ttwstatic.com *.bing.com *.licdn.com *.linkedin.com *.sc-static.net *.snapchat.com *.pinterest.com *.pinimg.com *.braintreegateway.com *.braintree-api.com *.paypal.com *.paypalobjects.com unpkg.com *.jsdelivr.net *.cloudflare.com *.polyfill.io *.hsforms.net *.hs-scripts.com *.hs-analytics.net *.hubspot.com *.hscollectedforms.net *.webflow.com *.website-files.com *.plyr.io *.vimeo.com *.vimeocdn.com *.youtube.com *.ytimg.com *.twimg.com challenges.cloudflare.com *.fontawesome.com *.paybright.com *.sentry.io *.sentry-cdn.com *.razorpay.com *.mapbox.com *.amazonaws.com *.thetradedesk.com *.adsrvr.org *.rlcdn.com *.pippio.com *.agkn.com *.everesttech.net *.demdex.net *.heapanalytics.com *.segment.com *.segment.io *.pingdom.net *.mouseflow.com *.mxpnl.com *.mixpanel.com *.usefathom.com *.enegel.ai *.promolayer.io *.run.app *.statuspage.io *.simpli.fi code.jquery.com *.clickcease.com *.thehotelsnetwork.com *.verygoodproxy.com *.tambourine.com *.mountain.com *.logwork.com samsung.com *.samsung.com pay.google.com *.squarespace-cdn.com *.uploads.webconnex.com; style-src * 'unsafe-inline'; img-src * data: blob:; font-src * data:; media-src * data: blob:; connect-src 'self' google.com *.google.com *.google-analytics.com *.analytics.google.com *.facebook.com *.facebook.net *.stripe.com *.adyen.com *.webconnex.com *.webconnex.io *.uploads.webconnex.com api.purchaseprotection.com dev.triorewards.com member.usatriathlon.org *.amazonaws.com *.datadoghq.com *.clarity.ms *.cloudflareinsights.com *.tiktok.com *.tiktokw.us *.sc-static.net *.snapchat.com *.linkedin.com *.licdn.com *.twitter.com *.twimg.com *.x.com *.pinterest.com *.braintreegateway.com *.braintree-api.com *.paypal.com *.paypalobjects.com *.bing.com *.youtube.com *.ytimg.com *.hsforms.net *.hubspot.com *.hs-analytics.net *.hscollectedforms.net *.webflow.com *.sentry.io *.ingest.sentry.io *.mapbox.com *.thetradedesk.com *.adsrvr.org *.rlcdn.com *.pippio.com *.agkn.com *.doubleclick.net *.everesttech.net *.demdex.net *.vimeo.com *.vimeocdn.com *.heapanalytics.com *.segment.com *.segment.io *.mxpnl.com *.mixpanel.com *.mouseflow.com *.usefathom.com *.calendly.com *.razorpay.com wss://*.pusher.com *.criteo.com *.pingdom.net *.enegel.ai wss://*.enegel.ai *.peakdigital.cloud *.promolayer.io *.run.app *.stape.us *.shopifysvc.com *.googleapis.com *.simpli.fi *.clickcease.com *.thehotelsnetwork.com *.verygoodproxy.com *.mountain.com samsung.com *.samsung.com pay.google.com *.pinimg.com wss://*.webconnex.com; frame-src 'self' google.com *.google.com *.stripe.com *.adyen.com member.usatriathlon.org *.youtube.com *.youtube-nocookie.com *.vimeo.com *.braintreegateway.com *.paypal.com *.paypalobjects.com *.twitter.com *.x.com *.facebook.com *.facebook.net *.pinterest.com *.doubleclick.net challenges.cloudflare.com *.razorpay.com *.paybright.com *.webflow.com *.hsforms.net *.calendly.com *.spotify.com *.statuspage.io *.logwork.com; object-src 'none'; base-uri 'self'; form-action 'self'; report-to browser-intake-datadoghq
cf-ray
9cc15571bf2a5d8c-FRA
accept-ranges
bytes
content-length
42
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: btoes.regfox.com
URL: https://btoes.regfox.com/js/bundle.0259625d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
f080398fb9171193697ffe025ae243784277ea1d779839739be6eb1712ccb86d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://btoes.regfox.com/

Response headers

content-md5
lxYrCs1ytOZIcjW6vblYXQ==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"9e8156772dbb528f108eeaa4deb3bde1"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Wed, 11 Feb 2026 05:25:58 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 11 Feb 2026 05:09:22 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
fde7abfd62bd128791fd8a3034fe1ffe
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4952, tp=9, tpl=0, uplat=2, ullat=-1
x-fb-debug
VhFMhluqCveOxF10m6L+abep+1CAnCHErPP5KgZbKTh8uMlgBSibdNVl6z3Bg8ROoAbiKwJ8Fat1yB46t20JKQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top, include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
1666
origin-agent-cluster
?1
1038.13ed5bd1.js
btoes.regfox.com/js/chunks/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btoes.regfox.com/js/chunks/1038.13ed5bd1.js
Requested by
Host: btoes.regfox.com
URL: https://btoes.regfox.com/js/bundle.0259625d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.23.85 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
244af7146225bf4cc381df63cce6355fa7112d835048fac332b43fdf88229604
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Origin
https://btoes.regfox.com
Referer
https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm_source=hs_email

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"14d9-19c44bd8cd8"
x-content-type-options
nosniff
expires
Thu, 11 Feb 2027 05:09:23 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 11 Feb 2026 05:09:23 GMT
last-modified
Mon, 09 Feb 2026 23:29:59 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
priority
u=3,i=?0
strict-transport-security
max-age=0; includeSubDomains
reporting-endpoints
browser-intake-datadoghq="https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub45cd674fc217697f6b7c7995f7225a7b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddenv=prod"
cache-control
public, max-age=31536000
speculation-rules
"/cdn-cgi/speculation"
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' google.com *.google.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.doubleclick.net applepay.cdn-apple.com *.stripe.com *.adyen.com *.wepay.com *.klarnacdn.net *.twitter.com *.x.com *.facebook.com *.facebook.net *.datadoghq.com *.cloudflareinsights.com *.clarity.ms *.tiktok.com *.tiktokw.us *.ttwstatic.com *.bing.com *.licdn.com *.linkedin.com *.sc-static.net *.snapchat.com *.pinterest.com *.pinimg.com *.braintreegateway.com *.braintree-api.com *.paypal.com *.paypalobjects.com unpkg.com *.jsdelivr.net *.cloudflare.com *.polyfill.io *.hsforms.net *.hs-scripts.com *.hs-analytics.net *.hubspot.com *.hscollectedforms.net *.webflow.com *.website-files.com *.plyr.io *.vimeo.com *.vimeocdn.com *.youtube.com *.ytimg.com *.twimg.com challenges.cloudflare.com *.fontawesome.com *.paybright.com *.sentry.io *.sentry-cdn.com *.razorpay.com *.mapbox.com *.amazonaws.com *.thetradedesk.com *.adsrvr.org *.rlcdn.com *.pippio.com *.agkn.com *.everesttech.net *.demdex.net *.heapanalytics.com *.segment.com *.segment.io *.pingdom.net *.mouseflow.com *.mxpnl.com *.mixpanel.com *.usefathom.com *.enegel.ai *.promolayer.io *.run.app *.statuspage.io *.simpli.fi code.jquery.com *.clickcease.com *.thehotelsnetwork.com *.verygoodproxy.com *.tambourine.com *.mountain.com *.logwork.com samsung.com *.samsung.com pay.google.com *.squarespace-cdn.com *.uploads.webconnex.com; style-src * 'unsafe-inline'; img-src * data: blob:; font-src * data:; media-src * data: blob:; connect-src 'self' google.com *.google.com *.google-analytics.com *.analytics.google.com *.facebook.com *.facebook.net *.stripe.com *.adyen.com *.webconnex.com *.webconnex.io *.uploads.webconnex.com api.purchaseprotection.com dev.triorewards.com member.usatriathlon.org *.amazonaws.com *.datadoghq.com *.clarity.ms *.cloudflareinsights.com *.tiktok.com *.tiktokw.us *.sc-static.net *.snapchat.com *.linkedin.com *.licdn.com *.twitter.com *.twimg.com *.x.com *.pinterest.com *.braintreegateway.com *.braintree-api.com *.paypal.com *.paypalobjects.com *.bing.com *.youtube.com *.ytimg.com *.hsforms.net *.hubspot.com *.hs-analytics.net *.hscollectedforms.net *.webflow.com *.sentry.io *.ingest.sentry.io *.mapbox.com *.thetradedesk.com *.adsrvr.org *.rlcdn.com *.pippio.com *.agkn.com *.doubleclick.net *.everesttech.net *.demdex.net *.vimeo.com *.vimeocdn.com *.heapanalytics.com *.segment.com *.segment.io *.mxpnl.com *.mixpanel.com *.mouseflow.com *.usefathom.com *.calendly.com *.razorpay.com wss://*.pusher.com *.criteo.com *.pingdom.net *.enegel.ai wss://*.enegel.ai *.peakdigital.cloud *.promolayer.io *.run.app *.stape.us *.shopifysvc.com *.googleapis.com *.simpli.fi *.clickcease.com *.thehotelsnetwork.com *.verygoodproxy.com *.mountain.com samsung.com *.samsung.com pay.google.com *.pinimg.com wss://*.webconnex.com; frame-src 'self' google.com *.google.com *.stripe.com *.adyen.com member.usatriathlon.org *.youtube.com *.youtube-nocookie.com *.vimeo.com *.braintreegateway.com *.paypal.com *.paypalobjects.com *.twitter.com *.x.com *.facebook.com *.facebook.net *.pinterest.com *.doubleclick.net challenges.cloudflare.com *.razorpay.com *.paybright.com *.webflow.com *.hsforms.net *.calendly.com *.spotify.com *.statuspage.io *.logwork.com; object-src 'none'; base-uri 'self'; form-action 'self'; report-to browser-intake-datadoghq
cf-ray
9cc15571df3b5d8c-FRA
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
take
bouncer.webconnex.com/queue/dc191d23760444aaba72d83ad438ea55/ 		13 B
157 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bouncer.webconnex.com/queue/dc191d23760444aaba72d83ad438ea55/take
Requested by
Host: btoes.regfox.com
URL: https://btoes.regfox.com/js/bundle.0259625d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.21.144.172 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-100-21-144-172.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d9d360e4a9ffa22a014272dd7f8fe5de387b69cefab7b3a75a39378fec8f7bd1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://btoes.regfox.com/

Response headers

access-control-allow-origin
https://btoes.regfox.com
content-length
13
date
Wed, 11 Feb 2026 05:09:23 GMT
content-type
text/plain; charset=utf-8
access-control-allow-credentials
true
fontawesome-webfont.woff2
netdna.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Origin
https://btoes.regfox.com
Referer
https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Response headers

cdn-status
200
cf-cache-status
HIT
etag
"af7ae505a9eed503f8b8e6982036873e"
age
340487
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 11 Feb 2026 05:09:22 GMT
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
content-type
font/woff2
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
08/01/2025 14:01:18
cdn-requestpullcode
200
priority
u=0,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-requestid
b0199b3acd12d97c1d7af884caa0f5bf
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.33
cf-ray
9cc155721d63dcb0-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
77160
cdn-edgestorageid
1333
server
cloudflare
cdn-requestcountrycode
DE
widgets.js
platform.twitter.com/ 		91 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: btoes.regfox.com
URL: https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, Inc., US),
Reverse DNS
Software
/
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://btoes.regfox.com/

Response headers

content-encoding
gzip
etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
access-control-allow-methods
GET
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
date
Wed, 11 Feb 2026 05:09:23 GMT
last-modified
Mon, 11 Dec 2023 17:20:28 GMT
vary
Accept-Encoding
x-served-by
cache-iad-kcgs7200137-IAD, cache-fra-eddf8230069-FRA
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=1800
tw-cdn
FT
accept-ranges
bytes
access-control-allow-origin
*
content-length
27597
x-amz-server-side-encryption
AES256
controller-with-preconnect-64233e3799cab7a991a4d07c0dba766d.html
js.stripe.com/v3/ Frame 2864 		745 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-with-preconnect-64233e3799cab7a991a4d07c0dba766d.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.136.90 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-136-90.fra50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
cbedc9f1c0cc2ad91c8fae7ef52cdd3f8096f203982d2d73c127d0434db07a6b
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://btoes.regfox.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2848
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-length
745
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 11 Feb 2026 04:21:56 GMT
etag
"64233e3799cab7a991a4d07c0dba766d"
last-modified
Wed, 11 Feb 2026 00:08:45 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 df11b13b779c62601ca4cd4d2bb0ce18.cloudfront.net (CloudFront)
x-amz-cf-id
qmK2IrF1xJL7z5IXvsNbWCMY-TUlTcFBD5jTYagA5vWvfSqTuafQ-Q==
x-amz-cf-pop
FRA50-P2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
main.js
btoes.regfox.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/d251aa49a8a3/ Frame DF3A
Redirect Chain
  • https://btoes.regfox.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://btoes.regfox.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/d251aa49a8a3/main.js?
21 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btoes.regfox.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/d251aa49a8a3/main.js?
Requested by
Host: btoes.regfox.com
URL: https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm_source=hs_email
Protocol
H3
Server
104.18.23.85 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7e6ae0eb9700063608af98e4cda4ba824190cf2824ac7eb7035a5f77441fcee
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding
br
x-content-type-options
nosniff
cf-ray
9cc155734fcf5d8c-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 11 Feb 2026 05:09:23 GMT
content-type
application/javascript; charset=UTF-8
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/d251aa49a8a3/main.js?
cf-ray
9cc155733fc95d8c-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfExtPri
date
Wed, 11 Feb 2026 05:09:23 GMT
server
cloudflare
priority
u=3,i=?0
sdk.js
connect.facebook.net/en_US/ 		273 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=e443a677afab0974e663bb7a57d67ee8
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
687272a18fcc468e03d7474733cf6415a2c6495eda8da7e47c5c28cc3142403d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Origin
https://btoes.regfox.com
Referer
https://btoes.regfox.com/

Response headers

content-md5
ntQRct6wEBxpxbyRMeef3Q==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"d58ab68ad9d1e0eda82edc65d2bdcfc6"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Thu, 11 Feb 2027 03:30:29 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 11 Feb 2026 05:09:23 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
435c8433857778293db7ef39a4edd6f1
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
UNKNOWN; q=-1, rtt=-1, rtx=0, c=20, mss=1232, tbw=2330, tp=5, tpl=0, uplat=0, ullat=-1
x-fb-debug
ULv/nfS+t6i1xSrkW4AGyj2FQFDs3lip0firjS8PUzdLhSiNEoNdoV/JawAqk2T/VkWZl69JjNdrFs+QbakSDA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top, include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
82922
origin-agent-cluster
?1
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 4ABA 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fbtoes.regfox.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, Inc., US),
Reverse DNS
Software
/
Resource Hash
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer
https://btoes.regfox.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
105429
content-type
text/html; charset=utf-8
date
Wed, 11 Feb 2026 05:09:23 GMT
etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
last-modified
Mon, 11 Dec 2023 17:19:49 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-served-by
cache-iad-kiad7000164-IAD, cache-fra-eddf8230049-FRA
9cc15564ed8d9bbf
btoes.regfox.com/cdn-cgi/challenge-platform/h/b/jsd/oneshot/d251aa49a8a3/0.01444062272775877:1770784387:STMy_JTljFBPJUuOnOO5wgCaBtorQX59IyLg7reIHiQ/ Frame DF3A 		0
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btoes.regfox.com/cdn-cgi/challenge-platform/h/b/jsd/oneshot/d251aa49a8a3/0.01444062272775877:1770784387:STMy_JTljFBPJUuOnOO5wgCaBtorQX59IyLg7reIHiQ/9cc15564ed8d9bbf
Requested by
Host: btoes.regfox.com
URL: https://btoes.regfox.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.23.85 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer

Response headers

timing-allow-origin
https://btoes.regfox.com
cf-ray
9cc15573aff65d8c-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
0
cf-chl-out-s
q6bayYMM7aTkk5DEIxCJWQ==$ap+og803h7laBPQrKMuvoA==
date
Wed, 11 Feb 2026 05:09:23 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
shared-6f5844ec9e935f7f01bd00869258cdd3.js
js.stripe.com/v3/fingerprinted/js/ Frame 2864 		819 KB
178 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-6f5844ec9e935f7f01bd00869258cdd3.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-with-preconnect-64233e3799cab7a991a4d07c0dba766d.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.136.90 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-136-90.fra50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
eda4fcc14c4749f3d07d50d30e1a2bec64d5b17ca8692a10d1c4884c850a96f5
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://js.stripe.com/v3/controller-with-preconnect-64233e3799cab7a991a4d07c0dba766d.html

Response headers

content-encoding
br
etag
W/"6d083875bb3489a0ce6c0d0381667be9"
age
3569
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
OwvYDaTN9vsUZpndTqI6i69W5nZUz8WBco0WyRSvmfQ-LbWiqvngcw==
date
Wed, 11 Feb 2026 04:10:00 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 11 Feb 2026 00:08:56 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
max-age=31536000
timing-allow-origin
*
via
1.1 df11b13b779c62601ca4cd4d2bb0ce18.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA50-P2
server
Cloudfront
controller-with-preconnect-c55ccbda4321e4ac0debecd29c9ed93b.js
js.stripe.com/v3/fingerprinted/js/ Frame 2864 		1 MB
251 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-with-preconnect-c55ccbda4321e4ac0debecd29c9ed93b.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-with-preconnect-64233e3799cab7a991a4d07c0dba766d.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.136.90 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-136-90.fra50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6342cd93142c4f243a69bf9f659dd6a8be8f69c5397786bf070c17020ae4c554
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://js.stripe.com/v3/controller-with-preconnect-64233e3799cab7a991a4d07c0dba766d.html

Response headers

content-encoding
br
etag
W/"5d3ca9cf8a02c6386a96321b89c11573"
age
3485
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
nBDNlRh6j6EzDNv3Xsiz0jKJ27PoJaGn9tFfdJtoj4R-CeVyRerM2Q==
date
Wed, 11 Feb 2026 04:11:19 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 11 Feb 2026 00:08:54 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
max-age=31536000
timing-allow-origin
*
via
1.1 df11b13b779c62601ca4cd4d2bb0ce18.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA50-P2
server
Cloudfront
settings
syndication.twitter.com/ Frame 4ABA 		869 B
952 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=70eb9e8a6bb3a8e961dbe2adda35383f9b8636c9
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fbtoes.regfox.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.229 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare envoy /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://platform.twitter.com/

Response headers

x-transaction-id
f4df627d0052fe30
content-encoding
gzip
cf-cache-status
DYNAMIC
x-response-time
6
date
Wed, 11 Feb 2026 05:09:23 GMT
last-modified
Wed, 11 Feb 2026 05:09:23 GMT
content-type
application/json; charset=utf-8
vary
Origin, accept-encoding
perf
7402827104
x-served-by
t4_a
strict-transport-security
max-age=631138519; includeSubdomains
cache-control
must-revalidate, max-age=600
origin-cf-ray
9cc155741f7c4d5a-FRA
access-control-allow-credentials
true
cf-ray
9cc155741f7c4d5a-FRA
access-control-allow-origin
https://platform.twitter.com
content-length
337
server
cloudflare envoy
like.php
www.facebook.com/v3.2/plugins/ Frame A4C5 		0
107 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=474623162669917&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd3ccc7381f85f812%26domain%3Dbtoes.regfox.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbtoes.regfox.com%252Fff564a10854192e7d%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fbtoes.com%2Fhome&layout=standard&locale=en_US&sdk=joey&size=small
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=e443a677afab0974e663bb7a57d67ee8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-vy4uoD4s' blob: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com *.instagram.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com *.accounts.meta.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://btoes.regfox.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-vy4uoD4s' blob: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com *.instagram.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com *.accounts.meta.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 11 Feb 2026 05:09:23 GMT
document-policy
include-js-call-stacks-in-crash-reports
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=0,i
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7605470376677660040&cpp=C3&cv=1033258346&st=1770786563292"}]}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7605470376677660040&cpp=C3&cv=1033258346&st=1770786563292"
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=24, mss=1232, tbw=5161, tp=9, tpl=0, uplat=39, ullat=0
x-fb-debug
cqPi/3Jz293bLsfnhyqjeR7lP1B1rgTPUmTKSmpbmMPOf1E5sZncGYgzFuHANud+9s5yw9kniUxZzJEX1ARUQw==
x-xss-protection
0
.deploy_status_henson.json
js.stripe.com/v3/ Frame 2864 		474 B
796 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-6f5844ec9e935f7f01bd00869258cdd3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
52.222.136.90 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-136-90.fra50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
112467a2715badf7d130641196849444c9d07ed7fad0c7775bcc0b80ebecd11e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://js.stripe.com/v3/controller-with-preconnect-64233e3799cab7a991a4d07c0dba766d.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/x-www-form-urlencoded

Response headers

etag
"3502a16a7bed9d65fc3854f41cbb6941"
age
10
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
76uWB3stA0e53S3rFR0QdX8wAt44r0sWqhHL_FjlpE0GsA2HTlBSaA==
date
Wed, 11 Feb 2026 05:09:16 GMT
content-type
application/json
last-modified
Wed, 11 Feb 2026 00:57:04 GMT
vary
accept-encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
max-age=60
via
1.1 b481f78ceb28e501da4d75bdd6321fa6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
474
x-amz-cf-pop
FRA50-P2
server
Cloudfront
stripe-cookies-28d0c3a5a6dfa738496e3527f2037989.js
js.stripe.com/v3/fingerprinted/js/ Frame 2864 		65 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/stripe-cookies-28d0c3a5a6dfa738496e3527f2037989.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/controller-with-preconnect-c55ccbda4321e4ac0debecd29c9ed93b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
52.222.136.90 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-136-90.fra50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
5dd1b51600de4f2f723a3ab5517562ab6fd55283e8ac465822a00a7d08550c28
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://js.stripe.com/v3/controller-with-preconnect-64233e3799cab7a991a4d07c0dba766d.html

Response headers

content-encoding
gzip
etag
W/"a7f92037d53dcd82afca416ced1ed849"
age
811
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
B4bE46TCYrg__Gf0NkNf9iYSQ4KTtidX_wCPP3JcgUPaz_MEOOEJVw==
date
Wed, 11 Feb 2026 04:55:59 GMT
last-modified
Wed, 04 Feb 2026 00:44:39 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
max-age=31536000
timing-allow-origin
*
via
1.1 eea44cfdd1770b9ba28f1b455f101b4c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA50-P2
server
Cloudfront
.deploy_status_henson.json
js.stripe.com/v3/ Frame 2864 		474 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-6f5844ec9e935f7f01bd00869258cdd3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
52.222.136.90 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-136-90.fra50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
112467a2715badf7d130641196849444c9d07ed7fad0c7775bcc0b80ebecd11e

Request headers

Referer
https://js.stripe.com/v3/controller-with-preconnect-64233e3799cab7a991a4d07c0dba766d.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/x-www-form-urlencoded

Response headers

etag
"3502a16a7bed9d65fc3854f41cbb6941"
age
10
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
76uWB3stA0e53S3rFR0QdX8wAt44r0sWqhHL_FjlpE0GsA2HTlBSaA==
date
Wed, 11 Feb 2026 05:09:16 GMT
content-type
application/json
last-modified
Wed, 11 Feb 2026 00:57:04 GMT
vary
accept-encoding
cache-control
max-age=60
via
1.1 b481f78ceb28e501da4d75bdd6321fa6.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
474
x-amz-cf-pop
FRA50-P2
server
Cloudfront
rum
btoes.regfox.com/cdn-cgi/ 		0
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://btoes.regfox.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.23.85 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
content-type
application/json
Referer
https://btoes.regfox.com/btoes?utm_medium=email&_hsenc=p2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw&_hsmi=402925281&utm_content=402925607&utm_source=hs_email

Response headers

access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Wed, 11 Feb 2026 05:09:23 GMT
content-type
text/plain
vary
Origin, accept-encoding
priority
u=1,i
strict-transport-security
max-age=0; includeSubDomains
reporting-endpoints
browser-intake-datadoghq="https://browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pub45cd674fc217697f6b7c7995f7225a7b&dd-evp-origin=content-security-policy&ddsource=csp-report&ddenv=prod"
access-control-allow-credentials
true
content-security-policy-report-only
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' google.com *.google.com *.gstatic.com *.googletagmanager.com *.google-analytics.com *.googleadservices.com *.doubleclick.net applepay.cdn-apple.com *.stripe.com *.adyen.com *.wepay.com *.klarnacdn.net *.twitter.com *.x.com *.facebook.com *.facebook.net *.datadoghq.com *.cloudflareinsights.com *.clarity.ms *.tiktok.com *.tiktokw.us *.ttwstatic.com *.bing.com *.licdn.com *.linkedin.com *.sc-static.net *.snapchat.com *.pinterest.com *.pinimg.com *.braintreegateway.com *.braintree-api.com *.paypal.com *.paypalobjects.com unpkg.com *.jsdelivr.net *.cloudflare.com *.polyfill.io *.hsforms.net *.hs-scripts.com *.hs-analytics.net *.hubspot.com *.hscollectedforms.net *.webflow.com *.website-files.com *.plyr.io *.vimeo.com *.vimeocdn.com *.youtube.com *.ytimg.com *.twimg.com challenges.cloudflare.com *.fontawesome.com *.paybright.com *.sentry.io *.sentry-cdn.com *.razorpay.com *.mapbox.com *.amazonaws.com *.thetradedesk.com *.adsrvr.org *.rlcdn.com *.pippio.com *.agkn.com *.everesttech.net *.demdex.net *.heapanalytics.com *.segment.com *.segment.io *.pingdom.net *.mouseflow.com *.mxpnl.com *.mixpanel.com *.usefathom.com *.enegel.ai *.promolayer.io *.run.app *.statuspage.io *.simpli.fi code.jquery.com *.clickcease.com *.thehotelsnetwork.com *.verygoodproxy.com *.tambourine.com *.mountain.com *.logwork.com samsung.com *.samsung.com pay.google.com *.squarespace-cdn.com *.uploads.webconnex.com; style-src * 'unsafe-inline'; img-src * data: blob:; font-src * data:; media-src * data: blob:; connect-src 'self' google.com *.google.com *.google-analytics.com *.analytics.google.com *.facebook.com *.facebook.net *.stripe.com *.adyen.com *.webconnex.com *.webconnex.io *.uploads.webconnex.com api.purchaseprotection.com dev.triorewards.com member.usatriathlon.org *.amazonaws.com *.datadoghq.com *.clarity.ms *.cloudflareinsights.com *.tiktok.com *.tiktokw.us *.sc-static.net *.snapchat.com *.linkedin.com *.licdn.com *.twitter.com *.twimg.com *.x.com *.pinterest.com *.braintreegateway.com *.braintree-api.com *.paypal.com *.paypalobjects.com *.bing.com *.youtube.com *.ytimg.com *.hsforms.net *.hubspot.com *.hs-analytics.net *.hscollectedforms.net *.webflow.com *.sentry.io *.ingest.sentry.io *.mapbox.com *.thetradedesk.com *.adsrvr.org *.rlcdn.com *.pippio.com *.agkn.com *.doubleclick.net *.everesttech.net *.demdex.net *.vimeo.com *.vimeocdn.com *.heapanalytics.com *.segment.com *.segment.io *.mxpnl.com *.mixpanel.com *.mouseflow.com *.usefathom.com *.calendly.com *.razorpay.com wss://*.pusher.com *.criteo.com *.pingdom.net *.enegel.ai wss://*.enegel.ai *.peakdigital.cloud *.promolayer.io *.run.app *.stape.us *.shopifysvc.com *.googleapis.com *.simpli.fi *.clickcease.com *.thehotelsnetwork.com *.verygoodproxy.com *.mountain.com samsung.com *.samsung.com pay.google.com *.pinimg.com wss://*.webconnex.com; frame-src 'self' google.com *.google.com *.stripe.com *.adyen.com member.usatriathlon.org *.youtube.com *.youtube-nocookie.com *.vimeo.com *.braintreegateway.com *.paypal.com *.paypalobjects.com *.twitter.com *.x.com *.facebook.com *.facebook.net *.pinterest.com *.doubleclick.net challenges.cloudflare.com *.razorpay.com *.paybright.com *.webflow.com *.hsforms.net *.calendly.com *.spotify.com *.statuspage.io *.logwork.com; object-src 'none'; base-uri 'self'; form-action 'self'; report-to browser-intake-datadoghq
cf-ray
9cc1557538bd5d8c-FRA
access-control-allow-origin
https://btoes.regfox.com
server
cloudflare
truncated
/ 		222 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb67b4706be6431c521aa99a746bd67e33c12c04886db02e164ce883d6b4867a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0763bceb2bdd448769df27ea9c714456c4f4d7255db587d3930cad595b4dca64

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf-8
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 492A 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
52.222.136.90 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-136-90.fra50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://btoes.regfox.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
370
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 11 Feb 2026 05:03:15 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Wed, 04 Feb 2026 00:44:39 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 eea44cfdd1770b9ba28f1b455f101b4c.cloudfront.net (CloudFront)
x-amz-cf-id
mCUIAg2Dmp1oyyspIEhvW7zZtwRI0fxgorl6BcpSI8TuWNebi-MXMQ==
x-amz-cf-pop
FRA50-P2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame 492A 		526 B
894 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
52.222.136.90 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-136-90.fra50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Response headers

etag
"d96c709017743c0759cf3853d1806ba5"
age
2774
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
8m2j-d8sstOUVUXu6ZlCXm9pM37xEqRPCXsSGS6b__t0lsHAyf1LFg==
date
Wed, 11 Feb 2026 04:23:10 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 04 Feb 2026 00:44:38 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
max-age=31536000
timing-allow-origin
*
via
1.1 eea44cfdd1770b9ba28f1b455f101b4c.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
526
x-amz-cf-pop
FRA50-P2
server
Cloudfront
inner.html
m.stripe.network/ Frame 30C8 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY - Fastly, Inc., US),
Reverse DNS
Software
Fastly /
Resource Hash
92844e6b1ad5890a9e5e4b9dfb7abdb37dca64e8ca7365052c9d2fc8103c349d
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e357n1PxCJ8d03/QCSKaHFmHF1JADyvSHdSfshxM494=' 'sha256-5DA+a07wxWmEka9IdoWjSPVHb17Cp5284/lJzfbl8KA=' 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
52
cache-control
max-age=300, public
content-encoding
br
content-length
438
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e357n1PxCJ8d03/QCSKaHFmHF1JADyvSHdSfshxM494=' 'sha256-5DA+a07wxWmEka9IdoWjSPVHb17Cp5284/lJzfbl8KA=' 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 11 Feb 2026 05:09:24 GMT
etag
"441070f07f0e89a26ecd81c9afcab8ed"
last-modified
Wed, 10 Sep 2025 21:05:01 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-cache-hits
636299, 27
x-content-type-options
nosniff
x-request-id
655d0ffa-1a85-44f4-a2a8-c570e485e326
x-served-by
cache-chi-klot8100092-CHI, cache-fra-eddf8230170-FRA
x-timer
S1770786564.165909,VS0,VE0
out-4.5.45.js
m.stripe.network/ Frame 30C8 		87 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.45.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY - Fastly, Inc., US),
Reverse DNS
Software
Fastly /
Resource Hash
f2a8a36c74c59cfbe7a73d441cfd180ca6e6a9942a74ef9b240191d1c6056a59
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://m.stripe.network/inner.html

Response headers

x-request-id
3ff0ea64-f094-4046-b05b-897cf00f0c6d
content-encoding
br
etag
"f4d61b273ea36d2e71ce1a601ab0caa2"
age
118
x-content-type-options
nosniff
x-cache
HIT, HIT
date
Wed, 11 Feb 2026 05:09:24 GMT
last-modified
Wed, 10 Sep 2025 21:05:01 GMT
content-type
text/javascript; charset=utf-8
x-cache-hits
473989, 45
x-served-by
cache-chi-klot8100134-CHI, cache-fra-eddf8230170-FRA
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
cache-control
max-age=300, public
x-timer
S1770786564.184472,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
14184
server
Fastly
6
m.stripe.com/ Frame 30C8 		156 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.45.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.213.185.99 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-213-185-99.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
1740ea6b465dbd8d5d4355ce2b8f630f9cc6fabdb1080ae616ffcdc6182ed7e9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://m.stripe.network/

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
x-stripe-proxy-response
upstream
access-control-allow-credentials
true
x-content-type-options
nosniff
x-stripe-server-rpc-duration-micros
2886
access-control-allow-origin
https://m.stripe.network
content-length
156
date
Wed, 11 Feb 2026 05:09:24 GMT
content-type
application/json;charset=utf-8
server
nginx
access-control-allow-headers
Content-Type
b
r.stripe.com/ Frame 2864 		0
212 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-6f5844ec9e935f7f01bd00869258cdd3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-proxy-response
upstream
access-control-allow-credentials
true
access-control-allow-methods
POST
access-control-allow-origin
https://js.stripe.com
x-stripe-server-rpc-duration-micros
2147
content-length
0
date
Wed, 11 Feb 2026 05:09:24 GMT
content-type
text/plain
server
nginx
b
r.stripe.com/ Frame 2864 		0
211 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-6f5844ec9e935f7f01bd00869258cdd3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-proxy-response
upstream
access-control-allow-credentials
true
access-control-allow-methods
POST
access-control-allow-origin
https://js.stripe.com
x-stripe-server-rpc-duration-micros
2652
content-length
0
date
Wed, 11 Feb 2026 05:09:24 GMT
content-type
text/plain
server
nginx
b
r.stripe.com/ Frame 2864 		0
211 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/b
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-6f5844ec9e935f7f01bd00869258cdd3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-proxy-response
upstream
access-control-allow-credentials
true
access-control-allow-methods
POST
access-control-allow-origin
https://js.stripe.com
x-stripe-server-rpc-duration-micros
1913
content-length
0
date
Wed, 11 Feb 2026 05:09:26 GMT
content-type
text/plain
server
nginx
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-75ZWMV4Z4P&gtm=45je6291v871183469za200&_p=1770786562267&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&cid=1221633657.1770786562&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEAAAAQ&_s=2&tag_exp=103116026~103200004~104527907~104528500~104684208~104684211~115938465~115938468~116185181~116185182~116988316&sid=1770786562&sct=1&seg=0&dl=https%3A%2F%2Fbtoes.regfox.com%2Fbtoes%3Futm_medium%3Demail%26_hsenc%3Dp2ANqtz-9A5O5gFixdqXcOMGsq1O6gSyYy2b9LUoHkc4IWDs6lqCQQwKyNB84X7AtwCrfIzgIzNCb8PXMvitdsoyA3FrI5dbtxpw%26_hsmi%3D402925281%26utm_content%3D402925607%26utm_source%3Dhs_email&dt=BTOES&en=scroll&epn.percent_scrolled=90&_et=3&tfd=7039
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-75ZWMV4Z4P&cx=c&gtm=4e6291
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://btoes.regfox.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:113:0
report-to
{"group":"ascnsrsggc:113:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:113:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://btoes.regfox.com
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:113:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 11 Feb 2026 05:09:27 GMT
content-type
text/plain
server
Golfe2
trusted-types-checker-a86dcafd042e60cf7585cbabd57b0cdb.js
js.stripe.com/v3/fingerprinted/js/ 		176 B
692 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-a86dcafd042e60cf7585cbabd57b0cdb.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.136.107 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-136-107.fra50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
8a9c451b49118574ac3771692a8c37579d54de4cd19ac90e3af53a8fba21113b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://btoes.regfox.com/

Response headers

etag
"4213ac3d1060cfc3fd6d3322eb21150b"
age
1519
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
mRL0vqkVb8D_0g2SGGiSaneQGwFJjwRkjdYIagTFT4vjyBf8ZG2QiA==
date
Wed, 11 Feb 2026 04:44:11 GMT
content-type
text/javascript; charset=utf-8
last-modified
Fri, 06 Feb 2026 21:17:19 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
max-age=31536000
timing-allow-origin
*
via
1.1 8027798dc40af04392a940303e0fc516.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
176
x-amz-cf-pop
FRA50-P2
server
Cloudfront

Verdicts & Comments Add Verdict or Comment

41 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| gtag object| dataLayer function| ApplePaySession object| ApplePayWebOptions function| ApplePayError object| __BOOTSTRAP__ object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| webpackChunk_webconnex_bacon string| __reactRouterVersion function| sprintf function| vsprintf object| DD_LOGS function| JSEncrypt function| $ function| jQuery function| fbAsyncInit function| $d object| addeventatc function| addeventReady object| hdx object| twttr object| webpackChunkStripeJSouter function| noop function| Stripe object| stripe object| __SJS_PERF_STATE__ object| __cfBeacon object| ApplePaySDK object| FB object| __twttrll object| __twttr object| __buffer

11 Cookies

Domain/Path Name / Value
.insights.btoes.com/ Name: __cf_bm
Value: UuSQk5116YMN6ndvEhwCdlHXif8YkJgHyEOcKUNCxbI-1770786560-1.0.1.1-ejKFjFAGUjls8VgNYB1T8X95iPNu6OKJeCudQx5wBIvxTFrnhTbV7Nkxijl6u6ZQpkGUw96nB1hNlGoCgADEIAfZC_Veo8YOzZyyCTo0nS8
.insights.btoes.com/ Name: _cfuvid
Value: 1cG0j4cyBUJ2CXQnGOvvuQQ36PNUIj_hIZ075pFFfmg-1770786560405-0.0.1.1-604800000
.regfox.com/ Name: _ga
Value: GA1.1.1221633657.1770786562
.regfox.com/ Name: _ga_75ZWMV4Z4P
Value: GS2.1.s1770786562$o1$g0$t1770786562$j60$l0$h0
btoes.regfox.com/ Name: _dd_s
Value: logs=1&id=90ede11b-96c7-4cfd-b91f-492804681e72&created=1770786562815&expire=1770787462815
btoes.regfox.com/ Name: dc191d23760444aaba72d83ad438ea55
Value: 1770786562823
btoes.regfox.com/ Name: token
Value: ef53618a587a47fd99f91d5ab90430e2
.regfox.com/ Name: cf_clearance
Value: j3ztNGULR1dYQvxqhH8ySsOrLnj5_h2Lr2DzrQ1q5FA-1770786563-1.2.1.1-hNKlIVAK4O8Krq2PbmxUr5soQZku6Ku.SgFfW89fhEiFwWxjreRaNXZLsaXvADemqwxZKn_VC0k2jqV45PrBWmfQNrJKMoxPYRP02jaPZhgFqvwcbtb4MziAA2cUzgC8Lr6PSPTR6VVX1jYUyLxTrxEXPIUlSQR7X_.Jdu06Dukt.iL4VmAYB9reFWmJ09cDlKeF4Nt2xeqNrL2fj_S4k_SYaf5yvnyQK4DEiGOaxIY
m.stripe.com/ Name: m
Value: ae52fd10-6c00-4502-a73b-ad2b5c97cc023fa154
.btoes.regfox.com/ Name: __stripe_mid
Value: 694d19dd-b101-4f28-b16d-d3c4ca584e80e72ac5
.btoes.regfox.com/ Name: __stripe_sid
Value: 537b6ad5-2b3c-4533-b64c-509ec6a4a12d60797c

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

applepay.cdn-apple.com
bouncer.webconnex.com
btoes.regfox.com
cdn.uploads.webconnex.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
images.webconnex.com
insights.btoes.com
js.stripe.com
m.stripe.com
m.stripe.network
netdna.bootstrapcdn.com
p.typekit.net
platform.twitter.com
purecatamphetamine.github.io
r.stripe.com
region1.google-analytics.com
static.cloudflareinsights.com
syndication.twitter.com
use.typekit.net
www.facebook.com
www.googletagmanager.com
100.21.144.172
104.16.79.73
104.18.10.207
104.18.23.85
142.251.127.97
142.251.143.99
146.75.116.157
151.101.192.176
157.240.0.35
157.240.0.6
162.159.140.229
17.253.15.142
172.217.20.138
184.24.77.154
184.24.77.156
185.199.110.153
199.60.103.2
216.239.32.36
52.222.136.107
52.222.136.90
54.186.23.98
54.213.185.99
65.8.131.32
0368f33db1cc70ef5eee2a5de99571b65d394d8964f4824ce3919d45998775c0
0763bceb2bdd448769df27ea9c714456c4f4d7255db587d3930cad595b4dca64
112467a2715badf7d130641196849444c9d07ed7fad0c7775bcc0b80ebecd11e
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
1740ea6b465dbd8d5d4355ce2b8f630f9cc6fabdb1080ae616ffcdc6182ed7e9
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1dd49afc07fb2231b2ff686cbf007725fb2742271bb1f28ebd98f22a0d817343
244af7146225bf4cc381df63cce6355fa7112d835048fac332b43fdf88229604
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
46a2de362f54e3c988cc8c9fbf68fe12018c8ae42fe11509a747f52f17834466
544b5eab33c25bc44ce997db57cfae8cd25ed1309a9490810fb7998d24101580
5819d0ab6f166f3dcc6c1d1470094be17a3ed1633d360fd09b826c97a099437f
5dd1b51600de4f2f723a3ab5517562ab6fd55283e8ac465822a00a7d08550c28
60cd41c42daf125c2007cc093b810c0e5f09145e3d6400721ac3d3cd6ad64acc
60e0b83016fa0a3c2a6fd849d6a71e7f8684202f6af15a9abfe9a9fbe045fbd8
6342cd93142c4f243a69bf9f659dd6a8be8f69c5397786bf070c17020ae4c554
687272a18fcc468e03d7474733cf6415a2c6495eda8da7e47c5c28cc3142403d
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
77d95a82055bf6d4da225674987adad66457b2d0f9dbd00cc3f3dba83eddd5be
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79a1c77bc970b34238581069c76c56562a8deae9a34d533e49fe0662f3465a7e
80ca2169a23204f45b4370b6329da41bd928a3be4705295c8f3c6652704e0d0b
87a45bfcc7a4b23cc654235c0ed674ddc3351642513d06789d421fc4a20be127
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8a9c451b49118574ac3771692a8c37579d54de4cd19ac90e3af53a8fba21113b
917a8bd603e6805cb55f592dd446336b9a49041a2420b6e610f9a775be6b28a2
92844e6b1ad5890a9e5e4b9dfb7abdb37dca64e8ca7365052c9d2fc8103c349d
b7e6ae0eb9700063608af98e4cda4ba824190cf2824ac7eb7035a5f77441fcee
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bd4a08ee1b016c53e2a9221e418d7fa94478b650c58b757a6dde72748cd803f4
cb67b4706be6431c521aa99a746bd67e33c12c04886db02e164ce883d6b4867a
cbedc9f1c0cc2ad91c8fae7ef52cdd3f8096f203982d2d73c127d0434db07a6b
cd47a71549ef31efe1e455c52609583c7349c22ffa1d0d8b9e7e26a6512495b9
d3ac0da4c8dbe42b096eb07e32a58d3a59e95934863762df260d36dfca36c6eb
d9d360e4a9ffa22a014272dd7f8fe5de387b69cefab7b3a75a39378fec8f7bd1
e153e532a5e4e7a19ac0b74aa66885d836519991510b3177d4f98a4270966bef
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f0c72a0ce17ca77f93669294b4ae10f8bb10b0bbcf3d06ffb122650eaa2570
eda4fcc14c4749f3d07d50d30e1a2bec64d5b17ca8692a10d1c4884c850a96f5
ee4449e61a8245c7983466776579f421f3807158efdb451037e3edf0e183e99c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f080398fb9171193697ffe025ae243784277ea1d779839739be6eb1712ccb86d
f2a8a36c74c59cfbe7a73d441cfd180ca6e6a9942a74ef9b240191d1c6056a59
f684931b8d31cca6bd41f073a6ae49b0ee127c4b9dc9a2805cd3b0898128ef2a