urlscan.io logo urlscan.io
SecurityTrails logo

handfordfitness.com Open in urlscan Pro
23.227.38.65  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.tigertechgaming.com.handfordfitness.com/
Effective URL: https://handfordfitness.com/password
Submission: On May 25 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 5 countries across 7 domains to perform 22 HTTP transactions. The main IP is 23.227.38.65, located in Canada and belongs to CLOUDFLARENET, US. The main domain is handfordfitness.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 19th 2020. Valid for: 3 months.
This is the only time handfordfitness.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 23.227.38.64 13335 (CLOUDFLAR...)
1 2 23.227.38.65 13335 (CLOUDFLAR...)
10 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
4 2606:4700:303... 13335 (CLOUDFLAR...)
4 104.196.190.76 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.77.161.229 16509 (AMAZON-02)
1 2a04:4e42:1b:... 54113 (FASTLY)
22 8
1    23.227.38.64 (Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: shops.myshopify.com
www.tigertechgaming.com.handfordfitness.com
2    23.227.38.65 (Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: myshopify.com
handfordfitness.com
10    2a02:26f0:6c00:2a2::39b (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
cdn.shopify.com
4    2606:4700:3032::681f:437d (United States)

ASN13335 (CLOUDFLARENET, US)
alireviews-cdn.fireapps.vn
4    104.196.190.76 (United States)

ASN15169 (GOOGLE, US)
PTR: 76.190.196.104.bc.googleusercontent.com
monorail-edge.shopifysvc.com
pay.shopify.com
1    2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    52.77.161.229 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-161-229.ap-southeast-1.compute.amazonaws.com
alireviews.fireapps.io
1    2a04:4e42:1b::104 (Ascension Island)

ASN54113 (FASTLY, US)
fonts.shopifycdn.com
Domain Requested by
10 cdn.shopify.com handfordfitness.com
4 alireviews-cdn.fireapps.vn handfordfitness.com
3 monorail-edge.shopifysvc.com cdn.shopify.com
2 handfordfitness.com 1 redirects
1 fonts.shopifycdn.com handfordfitness.com
1 alireviews.fireapps.io cdn.shopify.com
1 pay.shopify.com cdn.shopify.com
1 fonts.googleapis.com handfordfitness.com
1 www.tigertechgaming.com.handfordfitness.com 1 redirects
22 9

This site contains links to these domains. Also see Links.

Domain
www.shopify.com
Subject Issuer Validity Valid
handfordfitness.com
Let's Encrypt Authority X3		 2020-05-19 -
2020-08-17		 3 months crt.sh
cdn.shopify.com
GeoTrust RSA CA 2018		 2020-05-22 -
2021-02-16		 9 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-10-09 -
2020-10-08		 a year crt.sh
monorail-edge.shopifysvc.com
Let's Encrypt Authority X3		 2020-04-21 -
2020-07-20		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
pay.shopify.com
Let's Encrypt Authority X3		 2020-05-09 -
2020-08-07		 3 months crt.sh
fireapps.io
Amazon		 2020-05-03 -
2021-06-03		 a year crt.sh
shopify.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-05-19 -
2021-04-18		 a year crt.sh

This page contains 1 frames:

Primary Page: https://handfordfitness.com/password
Frame ID: A10D3AB7D08A936725BA3BA6A783B42B
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.tigertechgaming.com.handfordfitness.com/ HTTP 301
    https://handfordfitness.com/ HTTP 302
    https://handfordfitness.com/password Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

22
Requests

100 %
HTTPS

50 %
IPv6

7
Domains

9
Subdomains

8
IPs

5
Countries

524 kB
Transfer

1585 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.tigertechgaming.com.handfordfitness.com/ HTTP 301
    https://handfordfitness.com/ HTTP 302
    https://handfordfitness.com/password Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request password
handfordfitness.com/
Redirect Chain
  • https://www.tigertechgaming.com.handfordfitness.com/
  • https://handfordfitness.com/
  • https://handfordfitness.com/password
63 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://handfordfitness.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.65 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
myshopify.com
Software
cloudflare /
Resource Hash
8ce378cc912cc025f1022ddf3a4d73d3ad7b73148709fcc6bd5c2afa9a878ac8
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=password&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fstorefront&source%5Bsection%5D=storefront&source%5Buuid%5D=112119f7-848e-4545-8354-7e04ac37b3fc
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block; report=/xss-report?source%5Baction%5D=password&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fstorefront&source%5Bsection%5D=storefront&source%5Buuid%5D=112119f7-848e-4545-8354-7e04ac37b3fc

Request headers

:method
GET
:authority
handfordfitness.com
:scheme
https
:path
/password
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d27c11887906e19147c88d49b7c645a9f1590372446
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 25 May 2020 02:07:27 GMT
content-type
text/html; charset=utf-8
x-sorting-hat-podid
92
x-sorting-hat-shopid
30233526365
x-frame-options
DENY
x-shopid
30233526365
x-shardid
92
content-language
en
x-shopify-generated-cart-token
be9d5875cce202069cc48470216e6f15
content-encoding
gzip
x-robots-tag
nofollow
strict-transport-security
max-age=7889238
etag
cacheable:e1e6d9ebc140ca8d03290345a02f0be6
x-alternate-cache-key
cacheable:e7b0e0a1e34291bb8cecd9f66df31361
x-cache
hit, server
set-cookie
_y=1c7c10fe-7588-4459-ab12-262427953fab; Expires=Tue, 25-May-21 02:07:27 GMT; Path=/ cart_currency=USD; path=/; expires=Mon, 08 Jun 2020 02:07:27 GMT _orig_referrer=; Expires=Mon, 08-Jun-20 02:07:27 GMT; Path=/; HttpOnly secure_customer_sig=; path=/; expires=Fri, 25 May 2040 02:07:27 GMT; secure; HttpOnly _shopify_y=1c7c10fe-7588-4459-ab12-262427953fab; Expires=Tue, 25-May-21 02:07:27 GMT; Path=/ _landing_page=%2Fpassword; Expires=Mon, 08-Jun-20 02:07:27 GMT; Path=/; HttpOnly cart_sig=; path=/; expires=Mon, 08 Jun 2020 02:07:27 GMT; HttpOnly
x-shopify-stage
production
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=password&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fstorefront&source%5Bsection%5D=storefront&source%5Buuid%5D=112119f7-848e-4545-8354-7e04ac37b3fc
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block; report=/xss-report?source%5Baction%5D=password&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fstorefront&source%5Bsection%5D=storefront&source%5Buuid%5D=112119f7-848e-4545-8354-7e04ac37b3fc
x-dc
gcp-us-central1,gcp-us-east1,gcp-us-east1
nel
{"report_to":"network-errors","max_age":2592000,"failure_fraction":0.01,"success_fraction":0.0001} {"report_to":"network-errors","max_age":2592000,"failure_fraction":0.01,"success_fraction":0.0001}
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify"}]} {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify"}]}
x-request-id
112119f7-848e-4545-8354-7e04ac37b3fc
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
598bb3f10fa4d92d-AMS
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
02eb2ecaa30000d92d6b91b200000001

Redirect headers

status
302
date
Mon, 25 May 2020 02:07:26 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d27c11887906e19147c88d49b7c645a9f1590372446; expires=Wed, 24-Jun-20 02:07:26 GMT; path=/; domain=.handfordfitness.com; HttpOnly; SameSite=Lax
x-sorting-hat-podid
92
x-sorting-hat-shopid
30233526365
x-frame-options
DENY
x-shopid
30233526365
x-shardid
92
content-language
en
x-cache
allow
location
https://handfordfitness.com/password
strict-transport-security
max-age=7889238
x-shopify-stage
production
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=index&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=bc787c89-cf29-4e38-a509-380788af8bff
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block; report=/xss-report?source%5Baction%5D=index&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=bc787c89-cf29-4e38-a509-380788af8bff
x-dc
gcp-us-central1,gcp-us-east1,gcp-us-east1
nel
{"report_to":"network-errors","max_age":2592000,"failure_fraction":0.01,"success_fraction":0.0001} {"report_to":"network-errors","max_age":2592000,"failure_fraction":0.01,"success_fraction":0.0001}
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify"}]} {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify"}]}
x-request-id
bc787c89-cf29-4e38-a509-380788af8bff
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
598bb3efbe93d92d-AMS
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
02eb2ec9d30000d92d6b913200000001
load_feature-589ff3342d639ed23c94f5fc11e03d64e0788e2a4a687391ebeeeef20eaf2f50.js
cdn.shopify.com/s/assets/storefront/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/assets/storefront/load_feature-589ff3342d639ed23c94f5fc11e03d64e0788e2a4a687391ebeeeef20eaf2f50.js
Requested by
Host: handfordfitness.com
URL: https://handfordfitness.com/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a2::39b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
589ff3342d639ed23c94f5fc11e03d64e0788e2a4a687391ebeeeef20eaf2f50
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://handfordfitness.com/password
Origin
https://handfordfitness.com

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-dc
gke
status
200
content-length
3015
x-xss-protection
1; mode=block
x-request-id
51df4639
surrogate-key
mime-application/javascript source-ShopAssetsBackend segment2-43 segment4-11237 revision-33ce2ffc7ccb1eb33a695ba3fa0c9b8116d8060c cdn-shopify-com-s-assets-storefront-load_feature-589ff3342d639ed23c94f5fc11e03d64e0788e2a4a687391ebeeeef20eaf2f50-js
last-modified
Tue, 28 Apr 2020 18:35:46 GMT
date
Mon, 25 May 2020 02:07:27 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/s/assets/storefront/load_feature-589ff3342d639ed23c94f5fc11e03d64e0788e2a4a687391ebeeeef20eaf2f50.js>; rel="canonical"
storefront-f95c62afca18778ed8677facd32818c864b5e4938cba1769e8d8ba0b541d41dc.js
cdn.shopify.com/s/assets/shopify_pay/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/assets/shopify_pay/storefront-f95c62afca18778ed8677facd32818c864b5e4938cba1769e8d8ba0b541d41dc.js?v=20190107
Requested by
Host: handfordfitness.com
URL: https://handfordfitness.com/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a2::39b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
f95c62afca18778ed8677facd32818c864b5e4938cba1769e8d8ba0b541d41dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://handfordfitness.com/password
Origin
https://handfordfitness.com

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-dc
gke
status
200
content-length
11061
x-xss-protection
1; mode=block
x-request-id
47de9b06
surrogate-key
mime-application/javascript source-ShopAssetsBackend segment2-225 segment4-57726 revision-8043c5fd7ed6fbfe18a379cc53c8998c1fb9980a cdn-shopify-com-s-assets-shopify_pay-storefront-f95c62afca18778ed8677facd32818c864b5e4938cba1769e8d8ba0b541d41dc-js
last-modified
Mon, 09 Sep 2019 20:33:20 GMT
date
Mon, 25 May 2020 02:07:27 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/s/assets/shopify_pay/storefront-f95c62afca18778ed8677facd32818c864b5e4938cba1769e8d8ba0b541d41dc.js>; rel="canonical"
theme.css
cdn.shopify.com/s/files/1/0302/3352/6365/t/3/assets/ 		223 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0302/3352/6365/t/3/assets/theme.css?v=1396752794673331077
Requested by
Host: handfordfitness.com
URL: https://handfordfitness.com/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a2::39b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
dd8ba4aa34ca20e011ab19ee43b18717508ebd389b662f39bfecd132fdeec0a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://handfordfitness.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-dc
gke
status
200
content-length
29629
x-xss-protection
1; mode=block
x-request-id
ec1d13d
surrogate-key
mime-text/css source-GcsShopAssetsBackend segment2-190 segment4-48710 revision-9f15b2afccdf0137c7fa00051e0b09d5b22b5634 cdn-shopify-com-s-files-1-0302-3352-6365-t-3-assets-theme-css shop-30233526365
last-modified
Sat, 23 May 2020 03:02:33 GMT
date
Mon, 25 May 2020 02:07:27 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31557600
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0302/3352/6365/t/3/assets/theme.css>; rel="canonical"
expires
Sun, 23 May 2021 03:49:04 GMT
theme--customizations.css
cdn.shopify.com/s/files/1/0302/3352/6365/t/3/assets/ 		45 B
606 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0302/3352/6365/t/3/assets/theme--customizations.css?v=6531214964848364594
Requested by
Host: handfordfitness.com
URL: https://handfordfitness.com/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a2::39b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
b75819156b173630a6d147237587617403d29e03910710c44c0711fde46b862a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://handfordfitness.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-dc
gke
status
200
content-length
65
x-xss-protection
1; mode=block
x-request-id
ec1d138
surrogate-key
mime-text/css source-GcsShopAssetsBackend segment2-100 segment4-25722 revision-9f15b2afccdf0137c7fa00051e0b09d5b22b5634 cdn-shopify-com-s-files-1-0302-3352-6365-t-3-assets-theme-customizations-css shop-30233526365
last-modified
Sat, 23 May 2020 03:02:33 GMT
date
Mon, 25 May 2020 02:07:27 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0302/3352/6365/t/3/assets/theme--customizations.css>; rel="canonical"
expires
Sun, 23 May 2021 03:49:04 GMT
lazysizes.min.js
cdn.shopify.com/s/files/1/0302/3352/6365/t/3/assets/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0302/3352/6365/t/3/assets/lazysizes.min.js?v=8921128536341891619
Requested by
Host: handfordfitness.com
URL: https://handfordfitness.com/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a2::39b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
adc0a6e58221de7f8455d730e61de127a51917ca3ca7cc46d34eabbbc2cb2a23
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://handfordfitness.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-dc
gke
status
200
content-length
7265
x-xss-protection
1; mode=block
x-request-id
6c2b3b
surrogate-key
mime-application/javascript source-GcsShopAssetsBackend segment2-60 segment4-15505 revision-9f15b2afccdf0137c7fa00051e0b09d5b22b5634 cdn-shopify-com-s-files-1-0302-3352-6365-t-3-assets-lazysizes-min-js shop-30233526365
last-modified
Sat, 23 May 2020 03:02:19 GMT
date
Mon, 25 May 2020 02:07:27 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0302/3352/6365/t/3/assets/lazysizes.min.js>; rel="canonical"
expires
Tue, 25 May 2021 02:07:27 GMT
theme.min.js
cdn.shopify.com/s/files/1/0302/3352/6365/t/3/assets/ 		310 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0302/3352/6365/t/3/assets/theme.min.js?v=7766421320977791113
Requested by
Host: handfordfitness.com
URL: https://handfordfitness.com/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a2::39b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
8b6ea8c592ad896d009bcaaae315d419ef9ad4d87882cdf99e0e158507282c0f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://handfordfitness.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-dc
gke
status
200
content-length
95446
x-xss-protection
1; mode=block
x-request-id
ec1d141
surrogate-key
mime-application/javascript source-GcsShopAssetsBackend segment2-95 segment4-24347 revision-9f15b2afccdf0137c7fa00051e0b09d5b22b5634 cdn-shopify-com-s-files-1-0302-3352-6365-t-3-assets-theme-min-js shop-30233526365
last-modified
Sat, 23 May 2020 03:02:23 GMT
date
Mon, 25 May 2020 02:07:27 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0302/3352/6365/t/3/assets/theme.min.js>; rel="canonical"
expires
Sun, 23 May 2021 03:49:04 GMT
grid.css
alireviews-cdn.fireapps.vn/css/frontend/45/ 		512 KB
201 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://alireviews-cdn.fireapps.vn/css/frontend/45/grid.css?version=5.2.2
Requested by
Host: handfordfitness.com
URL: https://handfordfitness.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681f:437d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c7e5a5e2ad7d9b474f739b14208b4f59eaa96fb19b75a0edb761908c6188de5

Request headers

Referer
https://handfordfitness.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 02:07:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 20 May 2020 11:45:22 GMT
server
cloudflare
age
6448
status
200
etag
W/"5ec51852-7fe40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=432000
cf-ray
598bb3f29970dfb7-FRA
cf-request-id
02eb2ecba20000dfb7b38e1200000001
popup-reviews.css
alireviews-cdn.fireapps.vn/css/frontend/45/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://alireviews-cdn.fireapps.vn/css/frontend/45/popup-reviews.css?version=5.2.2
Requested by
Host: handfordfitness.com
URL: https://handfordfitness.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681f:437d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6222e41a94445b8c08548ba42fa378ad34d27efbbcaa4677142291b82f1fc95b

Request headers

Referer
https://handfordfitness.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 02:07:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 20 May 2020 11:45:22 GMT
server
cloudflare
age
6608
status
200
etag
W/"5ec51852-3d76"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=432000
cf-ray
598bb3f29972dfb7-FRA
cf-request-id
02eb2ecba20000dfb7b38e2200000001
comment.js
alireviews-cdn.fireapps.vn/js/frontend/45/ 		191 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://alireviews-cdn.fireapps.vn/js/frontend/45/comment.js?version=5.2.2
Requested by
Host: handfordfitness.com
URL: https://handfordfitness.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681f:437d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96d7a42b6fbb57a86ffa1de939f033b88e8d34f5e7d7edc419ee1508f2ae2416

Request headers

Referer
https://handfordfitness.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 02:07:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 20 May 2020 11:45:22 GMT
server
cloudflare
age
6449
status
200
etag
W/"5ec51852-2fb27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=432000
cf-ray
598bb3f43b3edfb7-FRA
cf-request-id
02eb2ecca50000dfb7b38ef200000001
popup-reviews.min.js
alireviews-cdn.fireapps.vn/js/frontend/45/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://alireviews-cdn.fireapps.vn/js/frontend/45/popup-reviews.min.js
Requested by
Host: handfordfitness.com
URL: https://handfordfitness.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681f:437d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fff34d3971bbbaee2296e3c3cf9e95c61419217cba42965d7f59492e107b632d

Request headers

Referer
https://handfordfitness.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 02:07:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 20 May 2020 11:45:22 GMT
server
cloudflare
age
6520
status
200
etag
W/"5ec51852-2818"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=432000
cf-ray
598bb3f47b98dfb7-FRA
cf-request-id
02eb2eccca0000dfb7b38f0200000001
trekkie.storefront.min.js
cdn.shopify.com/s/javascripts/tricorder/ 		44 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/javascripts/tricorder/trekkie.storefront.min.js?v=2020.04.13.1
Requested by
Host: handfordfitness.com
URL: https://handfordfitness.com/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a2::39b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
fb10d669f19c662bd30a58717f082488940471675cba27f047db04650bde2fd2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://handfordfitness.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-dc
gke
status
200
content-length
11121
x-xss-protection
1; mode=block
x-request-id
a4930c
surrogate-key
mime-application/javascript source-ShopAssetsBackend segment2-123 segment4-31719 revision-9f15b2afccdf0137c7fa00051e0b09d5b22b5634 cdn-shopify-com-s-javascripts-tricorder-trekkie-storefront-min-js
last-modified
Fri, 22 May 2020 16:21:49 GMT
date
Mon, 25 May 2020 02:07:27 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800, must-revalidate
timing-allow-origin
*
link
<https://cdn.shopify.com/s/javascripts/tricorder/trekkie.storefront.min.js>; rel="canonical"
shop_events_listener-8f039efb3db214178211e71c0e1150d41d3fc113947596b89da1890c1950c60c.js
cdn.shopify.com/s/assets/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/assets/shop_events_listener-8f039efb3db214178211e71c0e1150d41d3fc113947596b89da1890c1950c60c.js
Requested by
Host: handfordfitness.com
URL: https://handfordfitness.com/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a2::39b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
8f039efb3db214178211e71c0e1150d41d3fc113947596b89da1890c1950c60c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://handfordfitness.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-dc
gke
status
200
content-length
2158
x-xss-protection
1; mode=block
x-request-id
dc811ef
surrogate-key
mime-application/javascript source-ShopAssetsBackend segment2-182 segment4-46842 revision-173e64b74d211a4f44952d769be8496e80082259 cdn-shopify-com-s-assets-shop_events_listener-8f039efb3db214178211e71c0e1150d41d3fc113947596b89da1890c1950c60c-js
last-modified
Wed, 13 May 2020 20:53:09 GMT
date
Mon, 25 May 2020 02:07:27 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/s/assets/shop_events_listener-8f039efb3db214178211e71c0e1150d41d3fc113947596b89da1890c1950c60c.js>; rel="canonical"
shopify-boomerang-1.0.0.min.js
cdn.shopify.com/shopifycloud/boomerang/ 		97 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js
Requested by
Host: handfordfitness.com
URL: https://handfordfitness.com/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a2::39b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
c0d4656c50726efe046151a1faa9af3e2f4b5d002bb4d6c41d385a6603029532
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://handfordfitness.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-dc
gke
status
200
content-length
29927
x-xss-protection
1; mode=block
x-request-id
39d5fcbb
surrogate-key
mime-application/javascript source-GcsBackend segment2-96 segment4-24675 revision-9f15b2afccdf0137c7fa00051e0b09d5b22b5634 cdn-shopify-com-shopifycloud-boomerang-shopify-boomerang-1-0-0-min-js
last-modified
Fri, 22 May 2020 17:38:39 GMT
date
Mon, 25 May 2020 02:07:27 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js>; rel="canonical"
expires
Sat, 22 May 2021 17:40:08 GMT
produce
monorail-edge.shopifysvc.com/v1/ 		0
470 B 		Other
General
Check archive.org
Download Go to
Full URL
https://monorail-edge.shopifysvc.com/v1/produce
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/javascripts/tricorder/trekkie.storefront.min.js?v=2020.04.13.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.190.76 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.190.196.104.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://handfordfitness.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 25 May 2020 02:07:27 GMT
x-dc
gke
status
200
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://handfordfitness.com
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length
0
x-request-id
57136c6a-e710-4399-8f9f-c15dde813127
produce
monorail-edge.shopifysvc.com/v1/ 		0
469 B 		Other
General
Check archive.org
Download Go to
Full URL
https://monorail-edge.shopifysvc.com/v1/produce
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/javascripts/tricorder/trekkie.storefront.min.js?v=2020.04.13.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.190.76 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.190.196.104.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://handfordfitness.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 25 May 2020 02:07:27 GMT
x-dc
gke
status
200
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://handfordfitness.com
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length
0
x-request-id
ff354c0a-6212-4d39-997d-bfd91311e891
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
Requested by
Host: handfordfitness.com
URL: https://handfordfitness.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d3cb95143898270af97b0bd71fbe21eb4b8ed11b3ba039fbd3bffd1f1537f65a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://handfordfitness.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 25 May 2020 02:07:27 GMT
server
ESF
date
Mon, 25 May 2020 02:07:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 May 2020 02:07:27 GMT
session
pay.shopify.com/ 		18 B
830 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pay.shopify.com/session?v=1
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/assets/shop_events_listener-8f039efb3db214178211e71c0e1150d41d3fc113947596b89da1890c1950c60c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.190.76 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.190.196.104.bc.googleusercontent.com
Software
/
Resource Hash
9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

Referer
https://handfordfitness.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 25 May 2020 02:07:27 GMT
content-encoding
gzip
vary
Accept-Encoding, Origin
x-dc
gke
p3p
CP="Not used"
status
200
access-control-allow-methods
GET, OPTIONS
server-timing
processing;dur=5, socket_queue;dur=1.838, edge;dur=3.05, util;dur=0.125
x-request-id
479b0266bcac2da0b02be3bcc9de6e60
x-runtime
0.004628
x-frame-options
DENY
etag
W/"9b5179ea2a77fe69b294fbd2ed504eac"
access-control-max-age
7200
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
access-control-allow-origin
https://handfordfitness.com
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
list
alireviews.fireapps.io/reviews_popup/ 		53 B
1006 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://alireviews.fireapps.io/reviews_popup/list
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/assets/shop_events_listener-8f039efb3db214178211e71c0e1150d41d3fc113947596b89da1890c1950c60c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.161.229 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-161-229.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
f9ba5c71ce24051efe1061f0d1f8679cda82744e5f1d0fbc288f225cd4605f4a

Request headers

Accept
*/*
Referer
https://handfordfitness.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 25 May 2020 02:07:28 GMT
content-encoding
gzip
samesite
None
server
nginx/1.10.3 (Ubuntu)
status
200
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://handfordfitness.com
cache-control
no-cache, private
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, X-Auth-Token, Origin
truncated
/ 		2 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
37e1f1baa13b39e6edc3390e1fef6e0f76be3e9b72edc1e0d680b12e1c9fdf75

Request headers

Origin
https://handfordfitness.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		2 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f9f02ed4bae1f6abf1422ebf7304eea8cea1e6eb4ed8b14ca5970faddb14a02

Request headers

Origin
https://handfordfitness.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		2 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
494f716a8ddd9ecf32fa1aca6e827776d3739460921ac9e05503cea3a1c68d6f

Request headers

Origin
https://handfordfitness.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		2 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
06db77fcd18468279b66b1d15a8218a0d20825872140b1d2fe3967715d7c6b92

Request headers

Origin
https://handfordfitness.com
Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpeg
helvetica_n4.fe093fe9ca22a15354813c912484945a36b79146.woff2
fonts.shopifycdn.com/helvetica/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.shopifycdn.com/helvetica/helvetica_n4.fe093fe9ca22a15354813c912484945a36b79146.woff2?h1=aGFuZGZvcmRmaXRuZXNzLmNvbQ&h2=aG90dGVzdHJlbmRzLmNvbS5jbw&h3=d3d3LmhvdHRlc3RyZW5kcy5jb20uaG90dGVzdHJlbmRzLmNvbS5jbw&h4=d3d3LnRpZ2VydGVjaGdhbWluZy5jb20uaGFuZGZvcmRmaXRuZXNzLmNvbQ&hmac=0e7bcd452473a23baf5fa973654adc38339a6c1aa0ce7af5e01cffdc58210606
Requested by
Host: handfordfitness.com
URL: https://handfordfitness.com/password
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::104 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de60693f31597c2ec2c1bd972d15900b6bb7be2bcc19db7b71bd171469b7dbe0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://handfordfitness.com/password
Origin
https://handfordfitness.com

Response headers

x-amz-version-id
4AdVwUM1RcK6IjFPXS0IVdOvOSLg0L4d
via
1.1 varnish
etag
"3081ae959e35d7dfa394138443e9095e"
age
2405
x-cache
HIT
status
200
content-length
19252
x-amz-id-2
Bciw/yE2+45wYeJkYtgjtRDZuAHutFWTS5v27fh2qNW1OimOK6GRQoVkiz/g3wUDJN67L8hbg8s=
x-served-by
cache-hhn4069-HHN
last-modified
Mon, 14 May 2018 14:32:27 GMT
server
AmazonS3
x-timer
S1590372448.720015,VS0,VE0
date
Mon, 25 May 2020 02:07:27 GMT
x-amz-request-id
BC0F63685E8D176A
access-control-allow-origin
*
cache-control
max-age=2629800, immutable
accept-ranges
bytes
content-type
application/octet-stream
x-cache-hits
94
produce
monorail-edge.shopifysvc.com/v1/ 		0
469 B 		Other
General
Check archive.org
Download Go to
Full URL
https://monorail-edge.shopifysvc.com/v1/produce
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.190.76 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.190.196.104.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://handfordfitness.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 25 May 2020 02:07:27 GMT
x-dc
gke
status
200
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://handfordfitness.com
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length
0
x-request-id
d83a69ad-cbfb-4694-9c1b-5fd0fb4f0528
password-page-background.jpg
cdn.shopify.com/s/files/1/0302/3352/6365/t/3/assets/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.shopify.com/s/files/1/0302/3352/6365/t/3/assets/password-page-background.jpg?v=12987344696580752000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a2::39b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
19d37556d2fcb17eea3af4f5552fc609161ba59c828457f34aa8824f8cec380c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://handfordfitness.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-image
generated
x-dc
gke
status
200
content-length
24300
x-xss-protection
1; mode=block
x-request-id
3607078b
surrogate-key
mime-image/webp source-GcsShopAssetsBackend segment2-41 segment4-10538 revision-9f15b2afccdf0137c7fa00051e0b09d5b22b5634 cdn-shopify-com-s-files-1-0302-3352-6365-t-3-assets-password-page-background-jpg shop-30233526365
last-modified
Sat, 23 May 2020 04:26:05 GMT
date
Mon, 25 May 2020 02:07:28 GMT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0302/3352/6365/t/3/assets/password-page-background.jpg>; rel="canonical"
expires
Sun, 23 May 2021 04:26:04 GMT

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| Shopify object| ShopifyPay object| __st boolean| ShopifyPaypalV4VisibilityTracking object| meta string| attr object| ShopifyAnalytics object| trekkie object| _visit object| BOOMR object| theme object| lazySizesConfig object| lazySizes function| FastClick function| floatToString boolean| deviceIsAndroid boolean| deviceIsIOS boolean| deviceIsIOS4 boolean| deviceIsIOSWithBadTarget boolean| deviceIsBlackBerry10 function| $ function| jQuery function| Spinner function| cssVars function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| Modernizr string| alireviews_page_type string| alireviews_collection_id object| __core-js_shared__ object| core object| regeneratorRuntime number| BOOMR_onload

17 Cookies

Domain/Path Name / Value
handfordfitness.com/ Name: review_id
Value: null
handfordfitness.com/ Name: time_limit_track
Value: 1590372447692
handfordfitness.com/ Name: visitor_id
Value: null
handfordfitness.com/ Name: _shopify_sa_p
Value:
.handfordfitness.com/ Name: _shopify_sa_t
Value: 2020-05-25T02%3A07%3A27.475Z
.handfordfitness.com/ Name: _s
Value: 4995b96e-6C4C-4AC9-AD45-4839A87A7511
handfordfitness.com/ Name: _shopify_y
Value: 1c7c10fe-7588-4459-ab12-262427953fab
handfordfitness.com/ Name: secure_customer_sig
Value:
.handfordfitness.com/ Name: _shopify_fs
Value: 2020-05-25T02%3A07%3A27.470Z
.handfordfitness.com/ Name: _shopify_s
Value: 4995b96e-6C4C-4AC9-AD45-4839A87A7511
handfordfitness.com/ Name: cart_sig
Value:
handfordfitness.com/ Name: _orig_referrer
Value:
handfordfitness.com/ Name: cart_currency
Value: USD
.handfordfitness.com/ Name: _shopify_sa_p
Value:
handfordfitness.com/ Name: _y
Value: 1c7c10fe-7588-4459-ab12-262427953fab
handfordfitness.com/ Name: _landing_page
Value: %2Fpassword
.handfordfitness.com/ Name: __cfduid
Value: d27c11887906e19147c88d49b7c645a9f1590372446

1 Console Messages

Source Level URL
Text
console-api warning URL: https://cdn.shopify.com/s/files/1/0302/3352/6365/t/3/assets/theme.min.js?v=7766421320977791113(Line 11)
Message:
jQuery.Deferred exception: e(...).size is not a function TypeError: e(...).size is not a function at HTMLDocument.<anonymous> (https://cdn.shopify.com/s/files/1/0302/3352/6365/t/3/assets/theme.min.js?v=7766421320977791113:94:31766) at d (https://cdn.shopify.com/s/files/1/0302/3352/6365/t/3/assets/theme.min.js?v=7766421320977791113:11:8584) at p (https://cdn.shopify.com/s/files/1/0302/3352/6365/t/3/assets/theme.min.js?v=7766421320977791113:11:8887) undefined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=password&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fstorefront&source%5Bsection%5D=storefront&source%5Buuid%5D=112119f7-848e-4545-8354-7e04ac37b3fc
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block; report=/xss-report?source%5Baction%5D=password&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fstorefront&source%5Bsection%5D=storefront&source%5Buuid%5D=112119f7-848e-4545-8354-7e04ac37b3fc

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alireviews-cdn.fireapps.vn
alireviews.fireapps.io
cdn.shopify.com
fonts.googleapis.com
fonts.shopifycdn.com
handfordfitness.com
monorail-edge.shopifysvc.com
pay.shopify.com
www.tigertechgaming.com.handfordfitness.com
104.196.190.76
23.227.38.64
23.227.38.65
2606:4700:3032::681f:437d
2a00:1450:4001:814::200a
2a02:26f0:6c00:2a2::39b
2a04:4e42:1b::104
52.77.161.229
06db77fcd18468279b66b1d15a8218a0d20825872140b1d2fe3967715d7c6b92
19d37556d2fcb17eea3af4f5552fc609161ba59c828457f34aa8824f8cec380c
37e1f1baa13b39e6edc3390e1fef6e0f76be3e9b72edc1e0d680b12e1c9fdf75
494f716a8ddd9ecf32fa1aca6e827776d3739460921ac9e05503cea3a1c68d6f
589ff3342d639ed23c94f5fc11e03d64e0788e2a4a687391ebeeeef20eaf2f50
5c7e5a5e2ad7d9b474f739b14208b4f59eaa96fb19b75a0edb761908c6188de5
6222e41a94445b8c08548ba42fa378ad34d27efbbcaa4677142291b82f1fc95b
6f9f02ed4bae1f6abf1422ebf7304eea8cea1e6eb4ed8b14ca5970faddb14a02
8b6ea8c592ad896d009bcaaae315d419ef9ad4d87882cdf99e0e158507282c0f
8ce378cc912cc025f1022ddf3a4d73d3ad7b73148709fcc6bd5c2afa9a878ac8
8f039efb3db214178211e71c0e1150d41d3fc113947596b89da1890c1950c60c
96d7a42b6fbb57a86ffa1de939f033b88e8d34f5e7d7edc419ee1508f2ae2416
9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f
adc0a6e58221de7f8455d730e61de127a51917ca3ca7cc46d34eabbbc2cb2a23
b75819156b173630a6d147237587617403d29e03910710c44c0711fde46b862a
c0d4656c50726efe046151a1faa9af3e2f4b5d002bb4d6c41d385a6603029532
d3cb95143898270af97b0bd71fbe21eb4b8ed11b3ba039fbd3bffd1f1537f65a
dd8ba4aa34ca20e011ab19ee43b18717508ebd389b662f39bfecd132fdeec0a5
de60693f31597c2ec2c1bd972d15900b6bb7be2bcc19db7b71bd171469b7dbe0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f95c62afca18778ed8677facd32818c864b5e4938cba1769e8d8ba0b541d41dc
f9ba5c71ce24051efe1061f0d1f8679cda82744e5f1d0fbc288f225cd4605f4a
fb10d669f19c662bd30a58717f082488940471675cba27f047db04650bde2fd2
fff34d3971bbbaee2296e3c3cf9e95c61419217cba42965d7f59492e107b632d