Submitted URL: http://canvaschamp.com/
Effective URL: https://www.canvaschamp.com/
Submission: On January 16 via manual from US — Scanned from US

Summary

This website contacted 84 IPs in 4 countries across 63 domains to perform 202 HTTP transactions. The main IP is 192.124.249.117, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is www.canvaschamp.com. The Cisco Umbrella rank of the primary domain is 786562.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on August 17th 2023. Valid for: a year.
This is the only time www.canvaschamp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 192.124.249.117 30148 (SUCURI-SEC)
3 13.224.214.19 16509 (AMAZON-02)
31 2600:9000:20a... 16509 (AMAZON-02)
1 2600:9000:20e... 16509 (AMAZON-02)
9 151.101.66.133 54113 (FASTLY)
2 151.101.130.133 54113 (FASTLY)
1 104.22.25.135 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 54.231.198.24 16509 (AMAZON-02)
1 151.139.128.10 20446 (STACKPATH...)
1 7 2620:1ec:c11:... 8068 (MICROSOFT...)
1 5 35.227.244.1 396982 (GOOGLE-CL...)
3 2600:9000:201... 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f00... 32934 (FACEBOOK)
3 35.201.67.47 396982 (GOOGLE-CL...)
2 35.190.91.160 15169 (GOOGLE)
1 35.190.59.101 15169 (GOOGLE)
5 23.48.104.137 20940 (AKAMAI-ASN1)
1 2620:100:a001::f 19750 (AS-CRITEO)
2 2a04:4e42:79::84 54113 (FASTLY)
2 2620:1ec:bdf::40 8075 (MICROSOFT...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 3 52.201.6.220 14618 (AMAZON-AES)
9 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 34.120.127.138 396982 (GOOGLE-CL...)
4 5 2620:100:a001::c 19750 (AS-CRITEO)
5 151.101.192.84 54113 (FASTLY)
3 2607:f8b0:400... 15169 (GOOGLE)
1 74.119.119.139 19750 (AS-CRITEO)
4 52.152.143.207 8075 (MICROSOFT...)
1 2 20.125.209.212 8075 (MICROSOFT...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:24f... 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
4 2600:9000:21d... 16509 (AMAZON-02)
2 2a02:6ea0:e20... 60068 (CDN77 ^_^)
3 6 68.67.160.132 29990 (ASN-APPNEX)
1 23.221.240.246 16625 (AKAMAI-AS)
1 23.54.179.91 16625 (AKAMAI-AS)
1 4 74.119.119.150 19750 (AS-CRITEO)
1 52.216.219.33 16509 (AMAZON-02)
1 35.190.54.17 15169 (GOOGLE)
2 54.148.179.115 16509 (AMAZON-02)
1 2600:9000:20e... 16509 (AMAZON-02)
1 1 172.253.63.155 15169 (GOOGLE)
1 2 35.211.178.172 19527 (GOOGLE-2)
6 7 3.224.246.109 14618 (AMAZON-AES)
2 2 52.223.40.198 16509 (AMAZON-02)
1 1 51.222.241.145 16276 (OVH)
1 1 52.203.206.206 14618 (AMAZON-AES)
1 23.55.204.22 16625 (AKAMAI-AS)
1 69.173.151.100 26667 (RUBICONPR...)
1 216.22.16.73 30633 (LEASEWEB-...)
1 141.226.124.48 200478 (TABOOLA-AS)
1 23.62.161.51 16625 (AKAMAI-AS)
1 2 35.71.139.29 16509 (AMAZON-02)
3 4 34.200.65.202 14618 (AMAZON-AES)
2 23.40.207.40 20940 (AKAMAI-ASN1)
1 54.245.116.245 16509 (AMAZON-02)
1 23.55.200.222 16625 (AKAMAI-AS)
1 2 172.64.151.101 13335 (CLOUDFLAR...)
1 63.251.28.233 26558 (FREEWHEEL)
1 3.213.69.52 14618 (AMAZON-AES)
3 3 54.243.132.7 14618 (AMAZON-AES)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
1 52.54.197.47 14618 (AMAZON-AES)
1 3.209.115.69 14618 (AMAZON-AES)
1 70.42.32.159 22075 (AS-OUTBRAIN)
1 104.36.113.107 62713 (AS-PUBMATIC)
1 44.218.163.194 14618 (AMAZON-AES)
1 34.224.134.119 14618 (AMAZON-AES)
1 2600:9000:230... 16509 (AMAZON-02)
1 4 99.83.128.14 16509 (AMAZON-02)
2 172.64.144.121 13335 (CLOUDFLAR...)
1 104.18.39.221 13335 (CLOUDFLAR...)
1 34.246.164.213 16509 (AMAZON-02)
6 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 34.192.12.9 14618 (AMAZON-AES)
1 18.164.116.3 16509 (AMAZON-02)
1 13.224.214.26 16509 (AMAZON-02)
1 13.224.214.41 16509 (AMAZON-02)
1 18.239.183.85 16509 (AMAZON-02)
4 2a05:d018:94a... 16509 (AMAZON-02)
2 99.80.34.250 16509 (AMAZON-02)
202 84
Apex Domain
Subdomains
Transfer
36 cloudfront.net
d18p7bpxfjy0wm.cloudfront.net
dgl44h5fp4fxe.cloudfront.net
d2mjzob2nc713b.cloudfront.net
d2d7do8qaecbru.cloudfront.net
1 MB
13 google.com
apis.google.com — Cisco Umbrella Rank: 106
www.google.com — Cisco Umbrella Rank: 2
analytics.google.com — Cisco Umbrella Rank: 154
220 KB
11 criteo.com
dynamic.criteo.com — Cisco Umbrella Rank: 4057
gum.criteo.com — Cisco Umbrella Rank: 423
mug.criteo.com — Cisco Umbrella Rank: 3123
sslwidget.criteo.com — Cisco Umbrella Rank: 2254
dis.criteo.com — Cisco Umbrella Rank: 608
34 KB
11 klaviyo.com
static.klaviyo.com — Cisco Umbrella Rank: 3303
static-tracking.klaviyo.com — Cisco Umbrella Rank: 4014
fast.a.klaviyo.com — Cisco Umbrella Rank: 4284
static-forms.klaviyo.com — Cisco Umbrella Rank: 3961
70 KB
11 canvaschamp.com
canvaschamp.com — Cisco Umbrella Rank: 729521
www.canvaschamp.com — Cisco Umbrella Rank: 786562
208 KB
8 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 747
o.clarity.ms — Cisco Umbrella Rank: 7121
c.clarity.ms — Cisco Umbrella Rank: 1351
28 KB
8 skimresources.com
s.skimresources.com — Cisco Umbrella Rank: 4213
t.skimresources.com — Cisco Umbrella Rank: 4334
p.skimresources.com — Cisco Umbrella Rank: 5271
r.skimresources.com — Cisco Umbrella Rank: 4122
x.skimresources.com — Cisco Umbrella Rank: 23463
24 KB
8 amazonaws.com
s3.amazonaws.com
addshoppers.s3.amazonaws.com — Cisco Umbrella Rank: 18565
cognito-identity.eu-west-1.amazonaws.com — Cisco Umbrella Rank: 8643
firehose.eu-west-1.amazonaws.com — Cisco Umbrella Rank: 13465
7 KB
7 mediawallahscript.com
partner.mediawallahscript.com — Cisco Umbrella Rank: 3161
5 KB
7 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 490
acdn.adnxs.com — Cisco Umbrella Rank: 598
ib.adnxs.com — Cisco Umbrella Rank: 253
8 KB
7 bing.com
bat.bing.com — Cisco Umbrella Rank: 376
c.bing.com — Cisco Umbrella Rank: 247
16 KB
6 smct.io
js.smct.io — Cisco Umbrella Rank: 30974
ipb.smct.io — Cisco Umbrella Rank: 412030
86 KB
6 attn.tv
cdn.attn.tv — Cisco Umbrella Rank: 4169
canvaschamp.attn.tv
48 KB
5 nytrng.com
nytrng.com — Cisco Umbrella Rank: 9079
cdn.nytrng.com — Cisco Umbrella Rank: 26110
9 KB
5 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 871
2 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 752
144 KB
5 shop.pe
shop.pe — Cisco Umbrella Rank: 12426
shopper.shop.pe — Cisco Umbrella Rank: 14564
app.shop.pe — Cisco Umbrella Rank: 14198
11 KB
4 liadm.com
i.liadm.com — Cisco Umbrella Rank: 550
i6.liadm.com — Cisco Umbrella Rank: 2884
2 KB
4 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 358
875 B
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
3 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
387 KB
3 smct.co
smct.co — Cisco Umbrella Rank: 22935
ls.smct.co — Cisco Umbrella Rank: 226295
20 KB
3 gstatic.com
www.gstatic.com
4 KB
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 853
625 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
3 cartstack.com
api.cartstack.com — Cisco Umbrella Rank: 52739
24 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 239
1 KB
2 casalemedia.com
r.casalemedia.com — Cisco Umbrella Rank: 1743
1 KB
2 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 773
1 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 412
738 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 357
696 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
1 KB
2 smartlook.com
web-sdk.smartlook.com — Cisco Umbrella Rank: 21628
20 KB
2 acsbapp.com
acsbapp.com — Cisco Umbrella Rank: 4005
cdn.acsbapp.com — Cisco Umbrella Rank: 4189
91 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 869
21 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
93 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
2 KB
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 544
655 B
1 roeye.com
lantern.roeye.com — Cisco Umbrella Rank: 8916
153 B
1 attentivemobile.com
events.attentivemobile.com — Cisco Umbrella Rank: 3960
238 B
1 safeopt.com
manage.safeopt.com — Cisco Umbrella Rank: 20633
832 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 662
307 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 508
280 B
1 revcontent.com
trends.revcontent.com — Cisco Umbrella Rank: 2565
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 870
582 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 829
287 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1144
534 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1421
968 B
1 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 698
199 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 562
661 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 727
547 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 731
385 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 2620
278 B
1 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1704
374 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 669
688 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 381
940 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 709
814 B
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 4870
306 B
1 rqtrk.eu
ws.rqtrk.eu — Cisco Umbrella Rank: 3537
414 B
1 roeyecdn.com
lantern.roeyecdn.com — Cisco Umbrella Rank: 8890
2 KB
1 awin1.com
www.awin1.com — Cisco Umbrella Rank: 16092
592 B
1 dwin1.com
www.dwin1.com — Cisco Umbrella Rank: 4433
14 KB
1 shopperapproved.com
www.shopperapproved.com — Cisco Umbrella Rank: 23990
31 KB
202 63
Domain Requested by
31 d18p7bpxfjy0wm.cloudfront.net www.canvaschamp.com
d18p7bpxfjy0wm.cloudfront.net
10 www.canvaschamp.com www.canvaschamp.com
d18p7bpxfjy0wm.cloudfront.net
9 www.google.com apis.google.com
www.canvaschamp.com
www.google.com
7 partner.mediawallahscript.com 6 redirects
7 static.klaviyo.com www.canvaschamp.com
static.klaviyo.com
5 js.smct.io smct.co
js.smct.io
5 ct.pinterest.com s.pinimg.com
www.canvaschamp.com
5 gum.criteo.com 4 redirects dynamic.criteo.com
5 analytics.tiktok.com www.canvaschamp.com
analytics.tiktok.com
5 bat.bing.com www.canvaschamp.com
bat.bing.com
4 cognito-identity.eu-west-1.amazonaws.com js.smct.io
4 nytrng.com 1 redirects d2mjzob2nc713b.cloudfront.net
cdn.nytrng.com
4 ups.analytics.yahoo.com 3 redirects
4 cdn.attn.tv www.googletagmanager.com
cdn.attn.tv
4 o.clarity.ms www.clarity.ms
4 www.googletagmanager.com www.canvaschamp.com
www.googletagmanager.com
www.google-analytics.com
3 i.liadm.com 3 redirects
3 dis.criteo.com 1 redirects
3 ib.adnxs.com 1 redirects
3 secure.adnxs.com 2 redirects
3 www.gstatic.com www.google.com
3 sync.crwdcntrl.net 2 redirects www.canvaschamp.com
3 t.skimresources.com www.canvaschamp.com
s.skimresources.com
3 apis.google.com www.canvaschamp.com
www.google.com
apis.google.com
3 d2mjzob2nc713b.cloudfront.net www.canvaschamp.com
shop.pe
3 shop.pe 1 redirects d2mjzob2nc713b.cloudfront.net
3 www.google-analytics.com www.canvaschamp.com
www.google-analytics.com
www.googletagmanager.com
3 api.cartstack.com www.canvaschamp.com
api.cartstack.com
2 firehose.eu-west-1.amazonaws.com js.smct.io
2 dpm.demdex.net 1 redirects
2 canvaschamp.attn.tv cdn.attn.tv
2 r.casalemedia.com 1 redirects
2 hb.yahoo.net
2 eb2.3lift.com 1 redirects
2 match.adsrvr.org 2 redirects
2 x.bidswitch.net 1 redirects
2 smct.co www.dwin1.com
js.smct.io
2 web-sdk.smartlook.com www.canvaschamp.com
web-sdk.smartlook.com
2 c.bing.com 1 redirects
2 c.clarity.ms 1 redirects
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 s.pinimg.com www.canvaschamp.com
s.pinimg.com
2 p.skimresources.com www.canvaschamp.com
2 connect.facebook.net d18p7bpxfjy0wm.cloudfront.net
connect.facebook.net
2 fonts.googleapis.com www.canvaschamp.com
client
2 static-tracking.klaviyo.com static.klaviyo.com
1 d2d7do8qaecbru.cloudfront.net js.smct.io
1 ls.smct.co js.smct.io
1 aa.agkn.com
1 ipb.smct.io js.smct.io
1 cdn.nytrng.com nytrng.com
1 lantern.roeye.com
1 events.attentivemobile.com cdn.attn.tv
1 manage.safeopt.com shopper.shop.pe
1 s.ad.smaato.net
1 match.sharethrough.com
1 trends.revcontent.com
1 simage2.pubmatic.com
1 sync.outbrain.com
1 jadserve.postrelease.com
1 exchange.mediavine.com
1 i6.liadm.com
1 ad.360yield.com
1 ads.stickyadstv.com
1 tags.bluekai.com
1 visitor.omnitagjs.com
1 criteo-sync.teads.tv
1 sync-t1.taboola.com
1 rtb-csync.smartadserver.com
1 pixel.rubiconproject.com
1 contextual.media.net
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 1 redirects
1 ws.rqtrk.eu 1 redirects
1 cm.g.doubleclick.net 1 redirects
1 lantern.roeyecdn.com www.dwin1.com
1 app.shop.pe d2mjzob2nc713b.cloudfront.net
1 shopper.shop.pe shop.pe
1 addshoppers.s3.amazonaws.com d2mjzob2nc713b.cloudfront.net
1 cdn.acsbapp.com acsbapp.com
1 sslwidget.criteo.com dynamic.criteo.com
1 www.awin1.com
1 acdn.adnxs.com www.canvaschamp.com
1 acsbapp.com www.canvaschamp.com
1 www.dwin1.com www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 mug.criteo.com www.canvaschamp.com
1 x.skimresources.com www.canvaschamp.com
1 analytics.google.com www.googletagmanager.com
1 dynamic.criteo.com www.googletagmanager.com
1 r.skimresources.com s.skimresources.com
1 s.skimresources.com d18p7bpxfjy0wm.cloudfront.net
1 s3.amazonaws.com www.canvaschamp.com
1 www.shopperapproved.com www.canvaschamp.com
1 static-forms.klaviyo.com static.klaviyo.com
1 fast.a.klaviyo.com static.klaviyo.com
1 dgl44h5fp4fxe.cloudfront.net www.canvaschamp.com
1 canvaschamp.com 1 redirects
202 98
Subject Issuer Validity Valid
canvaschamp.com
Starfield Secure Certificate Authority - G2
2023-08-17 -
2024-08-17
a year crt.sh
cartstack.com
Amazon RSA 2048 M02
2023-04-19 -
2024-05-18
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2023-10-10 -
2024-09-19
a year crt.sh
static.klaviyo.com
R3
2024-01-13 -
2024-04-12
3 months crt.sh
static-tracking.klaviyo.com
R3
2023-11-22 -
2024-02-20
3 months crt.sh
fast.a.klaviyo.com
R3
2024-01-13 -
2024-04-12
3 months crt.sh
static-forms.klaviyo.com
R3
2023-12-22 -
2024-03-21
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-06 -
2024-05-05
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01
2023-10-10 -
2024-07-10
9 months crt.sh
*.skimresources.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-11-02 -
2024-11-07
a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01
2023-10-24 -
2024-04-21
6 months crt.sh
*.apis.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-10-26 -
2024-01-24
3 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018
2023-07-14 -
2024-08-13
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-01 -
2024-03-01
3 months crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-31 -
2024-08-07
a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2023-12-07 -
2024-12-07
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
www.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.google.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-12-11 -
2024-03-04
3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02
2024-01-09 -
2024-06-27
6 months crt.sh
*.shop.pe
RapidSSL TLS RSA CA G1
2023-07-13 -
2024-07-12
a year crt.sh
*.dwin1.com
Amazon RSA 2048 M03
2023-10-18 -
2024-11-15
a year crt.sh
acsbapp.com
GTS CA 1P5
2023-12-26 -
2024-03-25
3 months crt.sh
*.attn.tv
Amazon RSA 2048 M01
2023-05-02 -
2024-05-29
a year crt.sh
1688964705.rsc.cdn77.org
R3
2023-12-14 -
2024-03-13
3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2023-08-24 -
2024-08-24
a year crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1
2024-01-10 -
2025-01-10
a year crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01
2023-10-10 -
2024-07-03
9 months crt.sh
smct.co
Amazon RSA 2048 M01
2023-07-22 -
2024-08-18
a year crt.sh
*.roeyecdn.com
Amazon RSA 2048 M01
2023-10-04 -
2024-10-30
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1
2023-02-10 -
2024-02-18
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-03
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-01-21 -
2024-01-23
a year crt.sh
*.taboola.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2023-10-23 -
2024-11-22
a year crt.sh
teads.tv
R3
2023-11-03 -
2024-02-01
3 months crt.sh
hb.yahoo.net
R3
2023-12-18 -
2024-03-17
3 months crt.sh
*.omnitagjs.com
Amazon RSA 2048 M01
2023-04-17 -
2024-05-16
a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-04-19 -
2024-05-19
a year crt.sh
*.360yield.com
Amazon RSA 2048 M01
2023-07-17 -
2024-08-13
a year crt.sh
exchange.mediavine.com
Amazon RSA 2048 M01
2023-04-05 -
2024-05-03
a year crt.sh
*.postrelease.com
Amazon RSA 2048 M02
2023-10-27 -
2024-11-23
a year crt.sh
*.outbrain.com
Thawte TLS RSA CA G1
2023-11-20 -
2024-11-27
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2023-04-20 -
2024-05-20
a year crt.sh
revcontent.com
Amazon RSA 2048 M02
2023-05-18 -
2024-06-16
a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01
2023-06-14 -
2024-07-12
a year crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03
2023-09-04 -
2024-10-02
a year crt.sh
nytrng.com
Amazon RSA 2048 M02
2023-03-25 -
2024-04-22
a year crt.sh
*.safeopt.com
GlobeSSL DV CA
2023-05-23 -
2024-06-14
a year crt.sh
attn.tv
Cloudflare Inc ECC CA-3
2023-11-04 -
2024-11-03
a year crt.sh
attentivemobile.com
Cloudflare Inc ECC CA-3
2023-11-04 -
2024-11-02
a year crt.sh
*.roeye.com
Amazon RSA 2048 M03
2023-11-26 -
2024-12-24
a year crt.sh
*.nytrng.com
Amazon RSA 2048 M03
2023-08-15 -
2024-09-10
a year crt.sh
*.intent.ly
Amazon RSA 2048 M02
2023-07-11 -
2024-08-07
a year crt.sh
cognito-identity.eu-west-1.amazonaws.com
Amazon RSA 2048 M02
2023-05-08 -
2024-06-05
a year crt.sh
firehose.eu-west-1.amazonaws.com
Amazon RSA 2048 M01
2023-12-13 -
2024-12-08
a year crt.sh

This page contains 9 frames:

Primary Page: https://www.canvaschamp.com/
Frame ID: C2F6C16C038B8743BCA099398624D27A
Requests: 176 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.9261110638679637
Frame ID: 333DEF1F0640CDD52CE07B7015477E5D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=7695246&origin=https%3A%2F%2Fwww.canvaschamp.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.JKCQ2Hvuo0E.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOl3FsgYnTqVeIFUJJD2j4-pO09lQ%2Fm%3D__features__
Frame ID: D99539CB98F3999FFEB928C9709D7D66
Requests: 12 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.canvaschamp.com&origin=onetag
Frame ID: 9F64D2F1E1453E29C508162B9B9A4C4D
Requests: 2 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 00439B063B5F4BAB4F039B8C45C4319F
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-dvPg2sz3W1wUkEPZhjJ8SOmG5DWAuBmeRsjJqg&google_gid=CAESEMOu4yX7AxeHNt4abBBV7-c&google_cver=1&google_ula=913071,0
Frame ID: D6B5B58C138FE436DF019294D5990AC5
Requests: 30 HTTP requests in this frame

Frame: https://nytrng.com/iframe?vcp=4dd5h0np&as_id=e0bf0e9d402d416b91ea33ca4e0bfff9
Frame ID: DC16DE7F40E31B9967471D5B5BFD8955
Requests: 4 HTTP requests in this frame

Frame: https://ls.smct.co/lse1.3.html
Frame ID: 24C4C504EA3A7F590B31C6CA24D8B97C
Requests: 1 HTTP requests in this frame

Frame: https://d2d7do8qaecbru.cloudfront.net/live/lse1.1.html
Frame ID: 3A92A47401907EF6326C554B2D8D80F4
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Cheap Canvas Prints - Starting @ $3.89 Only | Upto 93% Off

Page URL History Show full URLs

  1. http://canvaschamp.com/ HTTP 301
    https://www.canvaschamp.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • api\.cartstack\.\w+

Overall confidence: 100%
Detected patterns
  • dwin1\.com

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • klaviyo\.com

Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

202
Requests

91 %
HTTPS

31 %
IPv6

63
Domains

98
Subdomains

84
IPs

4
Countries

3077 kB
Transfer

8280 kB
Size

113
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://canvaschamp.com/ HTTP 301
    https://www.canvaschamp.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 83
  • https://shop.pe/widget/widget_async.js HTTP 301
  • https://d2mjzob2nc713b.cloudfront.net/widget/widget_async.js
Request Chain 115
  • https://sync.crwdcntrl.net/map/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D
Request Chain 137
  • https://gum.criteo.com/sid/json?origin=onetag&domain=canvaschamp.com&sn=ChromeSyncframe&so=0&topUrl=www.canvaschamp.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=3hOE3XxsLytEV1hBQzVNV1JkSnVMZi9kQzFGQmJTL3BpRktoa0JGWUFvQi9LWGZsaUtwY1BJL3dZNmEvSTRCYm9md0l2bTQzb25kSkZRdm5FZ1NGNkl3aU1CMGJGRHpQWXdrRDlaNGJLeVVneG9qN3JXNW1CRG5rK2pUU3NDWUhZZzkzM2JJSkZ2UTBkMFdRY2pUR2hFYzdrSDB3QjNCdmozeU5aTWl3V2k3RFpueFRmR042OEp2d3RDdzhRZWkxZnBtcTFFbFdTQ05aMUpKdlV0OUV0Z0xLTWF3RDZMSzlDYUZKWUY3VzQ1bDFjTUZPcTEwcGJFTmNvdUVKWUJOOUVTanpHVW5NUXc2Q1luaTE3UVlXNWZqU1hyandhTEprYzFxZXVlL0htc2ZrOENEUT18&cppv=2
Request Chain 146
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=C4D3317A50994EE993052A0C38E3EF46&RedC=c.clarity.ms&MXFR=27E3A47763736AAF26B3B07F6773643C HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C4D3317A50994EE993052A0C38E3EF46&MUID=12F1B420D453659206B5A028D5C36469
Request Chain 153
  • https://secure.adnxs.com/px?id=1706689&seg=34366682,1364407&order_id=Visitor&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1706689%26seg%3D34366682%2C1364407%26order_id%3DVisitor%26t%3D1
Request Chain 173
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-dvPg2sz3W1wUkEPZhjJ8SOmG5DWAuBmeRsjJqg&google_cm&google_hm=ay1kdlBnMnN6M1cxd1VrRVBaaGpKOFNPbUc1RFdBdUJtZVJzakpxZw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-dvPg2sz3W1wUkEPZhjJ8SOmG5DWAuBmeRsjJqg&google_gid=CAESEMOu4yX7AxeHNt4abBBV7-c&google_cver=1&google_ula=913071,0
Request Chain 174
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-qsA9tcz3W1wUkEPZhjJ8SOmG5DXpos23Wvi9pg&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-qsA9tcz3W1wUkEPZhjJ8SOmG5DXpos23Wvi9pg&expires=30
Request Chain 175
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5330343121510112321
Request Chain 176
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-dvPg2sz3W1wUkEPZhjJ8SOmG5DWAuBmeRsjJqg&custom=&tag_format=img&tag_action=sync&custom=&cb=4856c493-4230-4db0-ad2c-6c88e227b2ba HTTP 302
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-dvPg2sz3W1wUkEPZhjJ8SOmG5DWAuBmeRsjJqg&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=4856c493-4230-4db0-ad2c-6c88e227b2ba&final=true&reqid=030f88d0-b4a4-11ee-b5a5-bd1251e4c1df&timestamp=2024-01-16T19%3A18%3A21.405Z HTTP 302
  • https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=5330343121510112321&tag_format=img&tag_action=sync HTTP 302
  • https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=0319e910-b4a4-11ee-a6cf-1dfa302daa36?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=fe2c6b755250baee47736ac1636dfba8&tag_format=img&tag_action=sync&cb=489363823 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=48046b2f-ecb9-4b28-9dc0-2d74a10a7e00&tag_format=img&tag_action=sync&cb= HTTP 302
  • https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=0319e910-b4a4-11ee-a6cf-1dfa302daa36&cb=1705432701993&rmn=y&redirect=https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2041%26partner_id%3D2130%26uid%3D%24BROWSER_ID%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync%26rmt%3Dtrue%26cb%3D1705432701993 HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2041&partner_id=2130&uid=ddff1490-7039-477d-8b80-7754041d33d8&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1705432701993 HTTP 302
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/mwal?url=https://partner.mediawallahscript.com/?account_id%3D2006%26partner_id%3D2131%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync HTTP 302
  • https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=03a9a5f0-b4a4-11ee-b576-8d024877c818
Request Chain 182
  • https://eb2.3lift.com/xuid?mid=2711&xuid=k-HTO6asz3W1wUkEPZhjJ8SOmG5DW3eOpb59-XIA&dongle=013b HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-HTO6asz3W1wUkEPZhjJ8SOmG5DW3eOpb59-XIA&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
Request Chain 183
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-82udQ8z3W1wUkEPZhjJ8SOmG5DVgxnT-VHyATQ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-82udQ8z3W1wUkEPZhjJ8SOmG5DVgxnT-VHyATQ&verify=true
Request Chain 186
  • https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40 HTTP 302
  • https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=2XUwuV0QqnvSaPkxwyAoVhFl1aMoTgWw
Request Chain 187
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-H8YOGcz3W1wUkEPZhjJ8SOmG5DVGOJokoWLESA HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-H8YOGcz3W1wUkEPZhjJ8SOmG5DVGOJokoWLESA&C=1
Request Chain 190
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-nj2eoMz3W1wUkEPZhjJ8SOmG5DV39MYOFzLiog HTTP 303
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-nj2eoMz3W1wUkEPZhjJ8SOmG5DV39MYOFzLiog&_li_chk=true&previous_uuid=2e59260681e84043813bbcfcbababf3e HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@ HTTP 302
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-nj2eoMz3W1wUkEPZhjJ8SOmG5DV39MYOFzLiog HTTP 303
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-nj2eoMz3W1wUkEPZhjJ8SOmG5DV39MYOFzLiog
Request Chain 210
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=cPllbaD4ZgwyvEy9Kb7QflZV6xbnVOh5 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=cPllbaD4ZgwyvEy9Kb7QflZV6xbnVOh5
Request Chain 213
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-82udQ8z3W1wUkEPZhjJ8SOmG5DVgxnT-VHyATQ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58301&ovsid=k-82udQ8z3W1wUkEPZhjJ8SOmG5DVgxnT-VHyATQ&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1rc0FIZTNsRTJ1RXMzSWNIYzZvOE03ZTFtOWIycUEwaH5B&ovsid=k-82udQ8z3W1wUkEPZhjJ8SOmG5DVgxnT-VHyATQ&dpid=58301
Request Chain 215
  • https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=KQKduO4HNjGP3p7Hj06rSyMLO7a3kJ5V
Request Chain 216
  • https://nytrng.com/mper HTTP 301
  • https://nytrng.com/mper/14515739e82f93f43a7dc2eefdd8e595

202 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.canvaschamp.com/
Redirect Chain
  • http://canvaschamp.com/
  • https://www.canvaschamp.com/
176 KB
41 KB
Document
General
Full URL
https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10117.sucuri.net
Software
nginx /
Resource Hash
85d1fa37b68372a1e8d8411b64dd37f8527306fdd2369b3bc3831e07b16a2847
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=utf-8
date
Tue, 16 Jan 2024 19:18:18 GMT
etag
"3u7wqx9ulj3ux3"
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-sucuri-cache
MISS
x-sucuri-id
17017
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Tue, 16 Jan 2024 19:18:18 GMT
Location
https://www.canvaschamp.com/
Server
Sucuri/Cloudproxy
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Sucuri-Cache
EXPIRED
X-Sucuri-ID
17017
X-XSS-Protection
1; mode=block
www.canvaschamp.com_66888cc5f2aeb2575c6f35c7814a7b57.js
api.cartstack.com/js/customer-tracking/
6 KB
2 KB
Script
General
Full URL
https://api.cartstack.com/js/customer-tracking/www.canvaschamp.com_66888cc5f2aeb2575c6f35c7814a7b57.js
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-19.phl50.r.cloudfront.net
Software
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.1e-fips mod_auth_gssapi/1.3.1 mod_auth_kerb/5.4 PHP/5.4.16 /
Resource Hash
6aa08340dab30c93b866e74435d01fec16afcdcead67f24ffa45315e08587a84

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.canvaschamp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:19 GMT
content-encoding
gzip
via
1.1 4ec5361277f6487ae5a8f880297d598c.cloudfront.net (CloudFront)
last-modified
Wed, 12 Oct 2022 17:35:15 GMT
server
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.1e-fips mod_auth_gssapi/1.3.1 mod_auth_kerb/5.4 PHP/5.4.16
x-amz-cf-pop
PHL50-C1
etag
"19bf-5ead9d0c9dccf-gzip"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1627
x-amz-cf-id
Jn5ut3DCeSSlh89xDIdZq4i0dVnrmDEwLes41u77_P5AytFp8tniBA==
expires
Thu, 15 Feb 2024 19:18:19 GMT
personalized-valentines-photo-gifts-sale-usa-1.jpg
d18p7bpxfjy0wm.cloudfront.net/media/weltpixel/owlcarouselslider/images/p/e/
198 KB
199 KB
Image
General
Full URL
https://d18p7bpxfjy0wm.cloudfront.net/media/weltpixel/owlcarouselslider/images/p/e/personalized-valentines-photo-gifts-sale-usa-1.jpg
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a4:2e00:17:aec6:580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
0ec7abc6000834d821690afa2e351832731866f575cf583ddbde61b4d472df8d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 05:49:05 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
via
1.1 2feed206ccd80c991a2378002008d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-C1
age
48554
x-cache
Hit from cloudfront
x-sucuri-cache
MISS
content-length
202959
x-xss-protection
1; mode=block
pragma
public
last-modified
Tue, 16 Jan 2024 05:44:03 GMT
server
Sucuri/Cloudproxy
etag
W/"318cf-18d10cc55fc"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14017
accept-ranges
bytes
x-amz-cf-id
Sive8lirZpYM36A-tg1HXV2a3Ui3R6zfy-vwEwLTgju4UB3cDqB3xQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
9207.js
www.canvaschamp.com/shopperapproved-script/widgets/testimonial/3.0/
53 KB
10 KB
Script
General
Full URL
https://www.canvaschamp.com/shopperapproved-script/widgets/testimonial/3.0/9207.js
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10117.sucuri.net
Software
nginx /
Resource Hash
4c4120a710d583677ee63482bd48443c5d0787aafc96aa9fcdb29065a76f4f95
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;, frame-ancestors 'self' www.wix.com www.facebook.com *.myshopify.com t.hs-growth-metrics.com;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:18 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;, frame-ancestors 'self' www.wix.com www.facebook.com *.myshopify.com t.hs-growth-metrics.com;
cf-cache-status
HIT
age
27260
cf-polished
origSize=63044
content-encoding
br
p3p
CP="DSP ALL CUR ADM DEV IVD IVA HIS OTP PSA PSD TAI TELi CONo OUR SAM OTR PUBi IND NAV COM CNT PUR UNI INT DEM"
x-sucuri-cache
HIT
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
public
cf-bgj
minify
server
nginx
last-modified
Tue, 16 Jan 2024 05:28:30 GMT
x-frame-options
SAMEORIGIN, sameorigin
vary
Accept-Encoding,Origin
content-type
application/javascript
cache-control
max-age=315360000
x-sucuri-id
17017
cf-ray
84668e1b4dc22d21-IAD
expires
Thu, 31 Dec 2037 23:55:55 GMT
ratingbadge.js
www.canvaschamp.com/static/js/
48 KB
19 KB
Script
General
Full URL
https://www.canvaschamp.com/static/js/ratingbadge.js?onload=renderBadge
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10117.sucuri.net
Software
nginx /
Resource Hash
0dabdee361eed1fd80c916f488cfd7ff0bfa0457881fda5da63004059a1d0185
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:18 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
content-encoding
gzip
x-sucuri-cache
HIT
x-xss-protection
1; mode=block
last-modified
Fri, 12 Jan 2024 11:47:58 GMT
server
nginx
etag
W/"bf0c-18cfd8011b0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
17017
expires
Thu, 31 Dec 2037 23:55:55 GMT
CircularStd-Black.woff
www.canvaschamp.com/static/fonts/
41 KB
42 KB
Font
General
Full URL
https://www.canvaschamp.com/static/fonts/CircularStd-Black.woff
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10117.sucuri.net
Software
nginx /
Resource Hash
93515ad06a11c53631410c0dda777bcae32b71b464fb59743ff474fdbdbdc7d0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.canvaschamp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:18 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
x-sucuri-cache
HIT
content-length
42284
x-xss-protection
1; mode=block
pragma
public
last-modified
Fri, 12 Jan 2024 11:47:52 GMT
server
nginx
etag
W/"a52c-18cfd7ffa40"
x-frame-options
SAMEORIGIN
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
17017
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
CircularStd-Bold.woff
www.canvaschamp.com/static/fonts/
41 KB
42 KB
Font
General
Full URL
https://www.canvaschamp.com/static/fonts/CircularStd-Bold.woff
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10117.sucuri.net
Software
nginx /
Resource Hash
8c5ad68e3f7b8e03f786831956c442002e87015ec38103ec855981c23e6d685c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.canvaschamp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:18 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
x-sucuri-cache
HIT
content-length
42396
x-xss-protection
1; mode=block
pragma
public
last-modified
Fri, 12 Jan 2024 11:47:52 GMT
server
nginx
etag
W/"a59c-18cfd7ffa40"
x-frame-options
SAMEORIGIN
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
17017
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
roboto-regular_0-webfont.woff
www.canvaschamp.com/static/fonts/
25 KB
25 KB
Font
General
Full URL
https://www.canvaschamp.com/static/fonts/roboto-regular_0-webfont.woff
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10117.sucuri.net
Software
nginx /
Resource Hash
ec36a355b129a3ca8f22c69de2ce564618f0d5490e6cb700689b5a34258c9311
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.canvaschamp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:18 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
x-sucuri-cache
HIT
content-length
25128
x-xss-protection
1; mode=block
pragma
public
last-modified
Fri, 12 Jan 2024 11:47:52 GMT
server
nginx
etag
W/"6228-18cfd7ffa40"
x-frame-options
SAMEORIGIN
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
17017
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
roboto-medium-webfont.woff
www.canvaschamp.com/static/fonts/
24 KB
25 KB
Font
General
Full URL
https://www.canvaschamp.com/static/fonts/roboto-medium-webfont.woff
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10117.sucuri.net
Software
nginx /
Resource Hash
0979f55b26a6fe81387e54fc1c398b6a9b54b6986e7e62bcae74534176701809
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.canvaschamp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:18 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
x-sucuri-cache
HIT
content-length
24788
x-xss-protection
1; mode=block
pragma
public
last-modified
Fri, 12 Jan 2024 11:47:52 GMT
server
nginx
etag
W/"60d4-18cfd7ffa40"
x-frame-options
SAMEORIGIN
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
17017
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
fontsLive.css
www.canvaschamp.com/static/fonts/
8 KB
1 KB
Stylesheet
General
Full URL
https://www.canvaschamp.com/static/fonts/fontsLive.css
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10117.sucuri.net
Software
nginx /
Resource Hash
bc74eb5b6546dae09386dfc2b906d40863e301c9d72588c150a2863bbd0eb980
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:18 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
content-encoding
gzip
x-sucuri-cache
HIT
x-xss-protection
1; mode=block
pragma
public
last-modified
Fri, 12 Jan 2024 11:47:52 GMT
server
nginx
etag
W/"21a8-18cfd7ffa40"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
17017
expires
Thu, 31 Dec 2037 23:55:55 GMT
_app.89e357d3a75ed6f6.css
d18p7bpxfjy0wm.cloudfront.net/_next/static/css/pages/
398 KB
86 KB
Stylesheet
General
Full URL
https://d18p7bpxfjy0wm.cloudfront.net/_next/static/css/pages/_app.89e357d3a75ed6f6.css
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a4:2e00:17:aec6:580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
5e49a45f90e8821080743641c374dc81f504ce69202f27c6afab1d65c0d2d084
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.canvaschamp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:18:22 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
content-encoding
gzip
via
1.1 ee5a1fbfd85d9d25aef83ca16d91afca.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-C1
age
370797
x-cache
Hit from cloudfront
x-sucuri-cache
MISS
x-xss-protection
1; mode=block
pragma
public
last-modified
Wed, 10 Jan 2024 09:15:49 GMT
server
Sucuri/Cloudproxy
etag
W/"6367a-18cf2a80d88"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14017
accept-ranges
bytes
x-amz-cf-id
LV0s98KQvTDPo4QH_YNKobrpkV2h4-SPji0-THUBhIYewwgTWQz9Yw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
index.a025251bdd5b1123.css
d18p7bpxfjy0wm.cloudfront.net/_next/static/css/pages/
50 KB
6 KB
Stylesheet
General
Full URL
https://d18p7bpxfjy0wm.cloudfront.net/_next/static/css/pages/index.a025251bdd5b1123.css
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a4:2e00:17:aec6:580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
b9121a2426f4239fe5618597385ebb18e65498752324166a227a69c5cc6358fc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.canvaschamp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:23:47 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
content-encoding
gzip
via
1.1 ee5a1fbfd85d9d25aef83ca16d91afca.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-C1
age
370472
x-cache
Hit from cloudfront
x-sucuri-cache
MISS
x-xss-protection
1; mode=block
pragma
public
last-modified
Fri, 12 Jan 2024 12:11:33 GMT
server
Sucuri/Cloudproxy
etag
W/"c926-18cfd95a908"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14017
x-amz-cf-id
u6_xbqS-HUktPSU6nSPWwYN-tKRGpRh_b7098sIETlmZFZ-JPO-Kyg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
532.a3404803d8186a4e.css
d18p7bpxfjy0wm.cloudfront.net/_next/static/css/
76 KB
11 KB
Stylesheet
General
Full URL
https://d18p7bpxfjy0wm.cloudfront.net/_next/static/css/532.a3404803d8186a4e.css
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a4:2e00:17:aec6:580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
c99b5f1b588137bfeb7aab95709c0f98e696dc6891705f4216bd726ed5fdf901
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.canvaschamp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:18:22 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
content-encoding
gzip
via
1.1 ee5a1fbfd85d9d25aef83ca16d91afca.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-C1
age
370797
x-cache
Hit from cloudfront
x-sucuri-cache
MISS
x-xss-protection
1; mode=block
pragma
public
last-modified
Wed, 10 Jan 2024 09:15:50 GMT
server
Sucuri/Cloudproxy
etag
W/"12fcd-18cf2a81170"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14017
accept-ranges
bytes
x-amz-cf-id
UZmP7ZiSqHbPfrSy_eMC9mH3SIgwmCR5nC-rtgHmIshnkol3dr3l8w==
expires
Thu, 31 Dec 2037 23:55:55 GMT
styles.5a799ba2307d9564.js
d18p7bpxfjy0wm.cloudfront.net/_next/static/chunks/
3 KB
2 KB
Script
General
Full URL
https://d18p7bpxfjy0wm.cloudfront.net/_next/static/chunks/styles.5a799ba2307d9564.js
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a4:2e00:17:aec6:580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
1cf2434408ef2092339a0cfc24df3d18e4c48652213ecaf51d0e7ebfddf0d0bb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.canvaschamp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:18:22 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
content-encoding
gzip
via
1.1 ee5a1fbfd85d9d25aef83ca16d91afca.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-C1
age
370797
x-cache
Hit from cloudfront
x-sucuri-cache
MISS
x-xss-protection
1; mode=block
pragma
public
last-modified
Wed, 10 Jan 2024 09:15:50 GMT
server
Sucuri/Cloudproxy
etag
W/"b75-18cf2a81170"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14017
accept-ranges
bytes
x-amz-cf-id
I8uU6FtX9h6WXY5QnPh7QsJgR0OvpuzfchxpLQXF_FuHH97Pzhr6Gw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
479.26ee9b542a3cd19b.js
d18p7bpxfjy0wm.cloudfront.net/_next/static/chunks/
1 KB
1 KB
Script
General
Full URL
https://d18p7bpxfjy0wm.cloudfront.net/_next/static/chunks/479.26ee9b542a3cd19b.js
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a4:2e00:17:aec6:580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
27c7530b50a752f1d8c851b5deb64aa10ce457640bb2346ce521101a68ab3efe
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.canvaschamp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:18:22 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
content-encoding
gzip
via
1.1 ee5a1fbfd85d9d25aef83ca16d91afca.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-C1
age
370797
x-cache
Hit from cloudfront
x-sucuri-cache
MISS
x-xss-protection
1; mode=block
pragma
public
last-modified
Wed, 10 Jan 2024 09:15:50 GMT
server
Sucuri/Cloudproxy
etag
W/"447-18cf2a81170"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14017
accept-ranges
bytes
x-amz-cf-id
1kS8YQzDojSq6sZzZiYEQzd0fo4DTrfn_wqcmPhzboc675IcVZamQQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
900.86f57a6e8910dd75.js
d18p7bpxfjy0wm.cloudfront.net/_next/static/chunks/
23 KB
6 KB
Script
General
Full URL
https://d18p7bpxfjy0wm.cloudfront.net/_next/static/chunks/900.86f57a6e8910dd75.js
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a4:2e00:17:aec6:580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
216610b6e7a2945bb264e3a924c39bb03e12996a0e207c36507104c579fa7b79
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.canvaschamp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:18:22 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
content-encoding
gzip
via
1.1 ee5a1fbfd85d9d25aef83ca16d91afca.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-C1
age
370796
x-cache
Hit from cloudfront
x-sucuri-cache
MISS
x-xss-protection
1; mode=block
pragma
public
last-modified
Wed, 10 Jan 2024 09:15:50 GMT
server
Sucuri/Cloudproxy
etag
W/"5cad-18cf2a81170"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14017
accept-ranges
bytes
x-amz-cf-id
Nk4USyCenIpAy8h7gyOav-_NGLL6GWsMNeoVocPtyjp3Q7dd1gzqoA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
webpack-9c9619fcb7d2fb23.js
d18p7bpxfjy0wm.cloudfront.net/_next/static/chunks/
6 KB
3 KB
Script
General
Full URL
https://d18p7bpxfjy0wm.cloudfront.net/_next/static/chunks/webpack-9c9619fcb7d2fb23.js
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a4:2e00:17:aec6:580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
e0bea46e22c963ca919800bad1b2c53f78e1a759dca71478fd99415a4f64201a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.canvaschamp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:18:22 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
content-encoding
gzip
via
1.1 ee5a1fbfd85d9d25aef83ca16d91afca.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-C1
age
370797
x-cache
Hit from cloudfront
x-sucuri-cache
MISS
x-xss-protection
1; mode=block
pragma
public
last-modified
Fri, 12 Jan 2024 12:11:33 GMT
server
Sucuri/Cloudproxy
etag
W/"16d3-18cfd95a908"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14017
accept-ranges
bytes
x-amz-cf-id
9Bn2Y9DxZsZKRdraAXOWk591CEdUHqCcWfJCWZcif3ta9sT3TPWmgw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
main-a1940e62c38e43dd.js
d18p7bpxfjy0wm.cloudfront.net/_next/static/chunks/
245 KB
77 KB
Script
General
Full URL
https://d18p7bpxfjy0wm.cloudfront.net/_next/static/chunks/main-a1940e62c38e43dd.js
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a4:2e00:17:aec6:580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
21ce7d37cf2af961fc2f3c7d187f01c343e3ae5c1cd35d6b93b51f2fa440848b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.canvaschamp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:18:22 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
content-encoding
gzip
via
1.1 ee5a1fbfd85d9d25aef83ca16d91afca.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-C1
age
370796
x-cache
Hit from cloudfront
x-sucuri-cache
MISS
x-xss-protection
1; mode=block
pragma
public
last-modified
Wed, 10 Jan 2024 09:15:49 GMT
server
Sucuri/Cloudproxy
etag
W/"3d28a-18cf2a80d88"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14017
accept-ranges
bytes
x-amz-cf-id
VQsCioBoqia3pqstyFAkpzyU_93ljCyVgP3RetCt-Edj4tTcCX4DEA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
_app-648e04fa733fd3a3.js
d18p7bpxfjy0wm.cloudfront.net/_next/static/chunks/pages/
1 MB
293 KB
Script
General
Full URL
https://d18p7bpxfjy0wm.cloudfront.net/_next/static/chunks/pages/_app-648e04fa733fd3a3.js
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a4:2e00:17:aec6:580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
00c17da35a1649a90308e55dd4b32b93be62581d72a5d58703e0347ceab1733c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.canvaschamp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:18:22 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
content-encoding
gzip
via
1.1 ee5a1fbfd85d9d25aef83ca16d91afca.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-C1
age
370797
x-cache
Hit from cloudfront
x-sucuri-cache
MISS
x-xss-protection
1; mode=block
pragma
public
last-modified
Fri, 12 Jan 2024 12:11:33 GMT
server
Sucuri/Cloudproxy
etag
W/"117722-18cfd95a908"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14017
accept-ranges
bytes
x-amz-cf-id
evpiE85G9uvgTvxKA282IWIfnYpeaNHQpeMzMBxaUY92JSB_jEDysA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
index-6ac3b3b93f82206c.js
d18p7bpxfjy0wm.cloudfront.net/_next/static/chunks/pages/
160 KB
42 KB
Script
General
Full URL
https://d18p7bpxfjy0wm.cloudfront.net/_next/static/chunks/pages/index-6ac3b3b93f82206c.js
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a4:2e00:17:aec6:580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
b4e7fe9c73a815e7ca7a4bcef8a7454bfd27e48ebbc9ae3772a713dc60164a65
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.canvaschamp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:20:53 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
content-encoding
gzip
via
1.1 ee5a1fbfd85d9d25aef83ca16d91afca.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-C1
age
370646
x-cache
Hit from cloudfront
x-sucuri-cache
MISS
x-xss-protection
1; mode=block
pragma
public
last-modified
Fri, 12 Jan 2024 12:11:33 GMT
server
Sucuri/Cloudproxy
etag
W/"27f72-18cfd95a908"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14017
x-amz-cf-id
CRrHHfrx6lgrgvIwoJAOUzgRsyNlQqXuUfU41ll_c8uyKR2puBFXEA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
_buildManifest.js
d18p7bpxfjy0wm.cloudfront.net/_next/static/ivxn7n3gg/
68 KB
14 KB
Script
General
Full URL
https://d18p7bpxfjy0wm.cloudfront.net/_next/static/ivxn7n3gg/_buildManifest.js
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a4:2e00:17:aec6:580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
5e7f57e02e68cc36b93a0d352a6ad5cea507086269b4c893b5c8b388456f876f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.canvaschamp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:18:22 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
content-encoding
gzip
via
1.1 ee5a1fbfd85d9d25aef83ca16d91afca.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-C1
age
370797
x-cache
Hit from cloudfront
x-sucuri-cache
HIT
x-xss-protection
1; mode=block
pragma
public
last-modified
Fri, 12 Jan 2024 12:11:33 GMT
server
Sucuri/Cloudproxy
etag
W/"10ed7-18cfd95a908"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14017
x-amz-cf-id
5t0W06xDulOnduaar1RGtaVSe9P0nOWlhmHS_jgyzWRdk06M4Rj7zA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
_ssgManifest.js
d18p7bpxfjy0wm.cloudfront.net/_next/static/ivxn7n3gg/
77 B
710 B
Script
General
Full URL
https://d18p7bpxfjy0wm.cloudfront.net/_next/static/ivxn7n3gg/_ssgManifest.js
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a4:2e00:17:aec6:580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.canvaschamp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:23:09 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
via
1.1 ee5a1fbfd85d9d25aef83ca16d91afca.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-C1
age
370510
x-cache
Hit from cloudfront
x-sucuri-cache
HIT
content-length
77
x-xss-protection
1; mode=block
pragma
public
last-modified
Fri, 12 Jan 2024 12:11:33 GMT
server
Sucuri/Cloudproxy
etag
W/"4d-18cfd95a908"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14017
accept-ranges
bytes
x-amz-cf-id
pqx_6a8uo3CElPfio8PPXoCxtSadFB_WQahtZk3BzNO9fUf12R6o4g==
expires
Thu, 31 Dec 2037 23:55:55 GMT
2e387178.js
dgl44h5fp4fxe.cloudfront.net/
0
426 B
Script
General
Full URL
https://dgl44h5fp4fxe.cloudfront.net/2e387178.js
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:6000:1c:7d43:a880:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
igdVxdeUbYHXXINV67gQJi9he16K4ZBe
date
Mon, 15 Jan 2024 13:21:45 GMT
via
1.1 e1d636b234c38932eb25194cb146dbcc.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
107878
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
0
last-modified
Thu, 04 May 2023 09:56:35 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=259200
accept-ranges
bytes
x-amz-cf-id
CA0mthEwDl58SDgHGG1m63Mtfyi-CinXxjEtAZM7jECqyA3ujBSqlQ==
klaviyo.js
static.klaviyo.com/onsite/js/
3 KB
2 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=WkKCR4
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
435eb5248b6bfcceb22173f2ec936e0ded0b48a9e826c946e39c7b555504b3c3
Security Headers
Name Value
Content-Security-Policy object-src 'none'; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; report-uri /csp/

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
object-src 'none'; base-uri 'none'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; report-uri /csp/
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 16 Jan 2024 19:18:19 GMT
age
1396
x-cache
HIT, HIT
content-length
1146
x-served-by
cache-lga21946-LGA, cache-mia-kmia1760048-MIA
server
nginx
x-timer
S1705432699.180070,VS0,VE0
etag
W/"961677dada08c3f1c61e74a246a45c8a"
allow
GET, OPTIONS
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=1, stale-while-revalidate=10800
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
x-cache-hits
1, 3
new_pop_up.jpg
d18p7bpxfjy0wm.cloudfront.net/static/images/home/popup/
31 KB
31 KB
Image
General
Full URL
https://d18p7bpxfjy0wm.cloudfront.net/static/images/home/popup/new_pop_up.jpg
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a4:2e00:17:aec6:580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
443a845b229142909b322095fc2b4cdb72ca427a1bc86b0a65be6519a9355e64
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:18:22 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
via
1.1 2feed206ccd80c991a2378002008d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-C1
age
370797
x-cache
Hit from cloudfront
x-sucuri-cache
HIT
content-length
31508
x-xss-protection
1; mode=block
pragma
public
last-modified
Wed, 10 Jan 2024 08:53:38 GMT
server
Sucuri/Cloudproxy
etag
W/"7b14-18cf293be50"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14017
accept-ranges
bytes
x-amz-cf-id
ZBhsq4n8kd2ZgX7K9P7kQd4zrt5VjyR1eBSGBCKUGoTE9xxyK0an3A==
expires
Thu, 31 Dec 2037 23:55:55 GMT
popup-mobile.jpg
d18p7bpxfjy0wm.cloudfront.net/static/images/home/popup/
34 KB
34 KB
Image
General
Full URL
https://d18p7bpxfjy0wm.cloudfront.net/static/images/home/popup/popup-mobile.jpg
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a4:2e00:17:aec6:580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
fde0299cc9f632a7feb975110ecdd308614c8ce9d7a346f9585369ef79b9afc0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:18:22 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
via
1.1 2feed206ccd80c991a2378002008d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-C1
age
370796
x-cache
Hit from cloudfront
x-sucuri-cache
MISS
content-length
34606
x-xss-protection
1; mode=block
pragma
public
last-modified
Fri, 12 Jan 2024 11:47:52 GMT
server
Sucuri/Cloudproxy
etag
W/"872e-18cfd7ffa40"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14017
accept-ranges
bytes
x-amz-cf-id
wwDssmVFNekHyDE1IQVO6fYuZ14KZOsYClb37Vvuae9mdmGwkGed5A==
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.svg
d18p7bpxfjy0wm.cloudfront.net/static/images/
11 KB
5 KB
Image
General
Full URL
https://d18p7bpxfjy0wm.cloudfront.net/static/images/logo.svg
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a4:2e00:17:aec6:580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
b105c69b26894e8172025d4cb4653d877fdead8c689dd7f626692855643dcf4c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:18:22 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
content-encoding
gzip
via
1.1 2feed206ccd80c991a2378002008d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-C1
age
370797
x-cache
Hit from cloudfront
x-sucuri-cache
MISS
x-xss-protection
1; mode=block
pragma
public
last-modified
Wed, 10 Jan 2024 08:53:42 GMT
server
Sucuri/Cloudproxy
etag
W/"2a0c-18cf293cdf0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14017
accept-ranges
bytes
x-amz-cf-id
SKXXhJNtoZCqEwE0_d8WzQ_xFCnHfn9cBQd6Vp2ZT7_6AUSFVGG-2w==
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo_mobile.svg
d18p7bpxfjy0wm.cloudfront.net/static/images/
6 KB
3 KB
Image
General
Full URL
https://d18p7bpxfjy0wm.cloudfront.net/static/images/logo_mobile.svg
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a4:2e00:17:aec6:580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
19dd14a49c645ab82e566f1f7a3784f88a3520353e6a992af8469e9b2e0106c2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:18:22 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
content-encoding
gzip
via
1.1 2feed206ccd80c991a2378002008d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-C1
age
370797
x-cache
Hit from cloudfront
x-sucuri-cache
MISS
x-xss-protection
1; mode=block
pragma
public
last-modified
Fri, 12 Jan 2024 11:47:58 GMT
server
Sucuri/Cloudproxy
etag
W/"164f-18cfd8011b0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14017
accept-ranges
bytes
x-amz-cf-id
Kdxi6LMODQO7efztBrSGwhQP0_RctMLUgQDMK-GaYGMBN8-QmkGzZg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo-sticky-1.svg
www.canvaschamp.com/static/images/
8 KB
3 KB
Image
General
Full URL
https://www.canvaschamp.com/static/images/logo-sticky-1.svg
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10117.sucuri.net
Software
nginx /
Resource Hash
d9fe1880ef53f69894360ec0ba49b3052435dc1223afeced8560df2a874f6051
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:18 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
content-encoding
gzip
x-sucuri-cache
HIT
x-xss-protection
1; mode=block
pragma
public
last-modified
Fri, 12 Jan 2024 11:47:58 GMT
server
nginx
etag
W/"1f4c-18cfd8011b0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
17017
expires
Thu, 31 Dec 2037 23:55:55 GMT
public_chat.png
d18p7bpxfjy0wm.cloudfront.net/static/images/
2 KB
3 KB
Image
General
Full URL
https://d18p7bpxfjy0wm.cloudfront.net/static/images/public_chat.png
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a4:2e00:17:aec6:580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
d51b3e6cbcc9d1967816a114045938cfce9dc956aa3f0fb872791a3066cb301d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:18:22 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
via
1.1 2feed206ccd80c991a2378002008d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-C1
age
370797
x-cache
Hit from cloudfront
x-sucuri-cache
MISS
content-length
2027
x-xss-protection
1; mode=block
pragma
public
last-modified
Wed, 10 Jan 2024 08:53:42 GMT
server
Sucuri/Cloudproxy
etag
W/"7eb-18cf293cdf0"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14017
accept-ranges
bytes
x-amz-cf-id
JY0LhDiBsEWVGl-Xgd04rv_OpLevVg7Mj10VTZ-nE3bNl5ax3tCdqw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
placeholder-vertical-rectangle.svg
d18p7bpxfjy0wm.cloudfront.net/static/images/
746 B
1 KB
Image
General
Full URL
https://d18p7bpxfjy0wm.cloudfront.net/static/images/placeholder-vertical-rectangle.svg
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a4:2e00:17:aec6:580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
92a3e7e4b4c31bb22691abb55a3d7edfc454366a6f2158b424a9215603f9fc03
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:20:53 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
via
1.1 2feed206ccd80c991a2378002008d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-C1
age
370646
x-cache
Hit from cloudfront
x-sucuri-cache
MISS
content-length
746
x-xss-protection
1; mode=block
pragma
public
last-modified
Fri, 12 Jan 2024 11:47:58 GMT
server
Sucuri/Cloudproxy
etag
W/"2ea-18cfd8011b0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14017
accept-ranges
bytes
x-amz-cf-id
YeXeYuZeaKg-05Xn5t_x3XJzraXoU9f0MBA8jPXjw972FYi3sBbrHA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
placeholder-square.svg
d18p7bpxfjy0wm.cloudfront.net/static/images/
643 B
1 KB
Image
General
Full URL
https://d18p7bpxfjy0wm.cloudfront.net/static/images/placeholder-square.svg
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a4:2e00:17:aec6:580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
1dcfba4bfac7397166592cb43233e77dbbec274e0c624b5d929d4b34aea0ce32
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:18:23 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
via
1.1 2feed206ccd80c991a2378002008d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-C1
age
370796
x-cache
Hit from cloudfront
x-sucuri-cache
HIT
content-length
643
x-xss-protection
1; mode=block
pragma
public
last-modified
Wed, 10 Jan 2024 08:53:42 GMT
server
Sucuri/Cloudproxy
etag
W/"283-18cf293cdf0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14017
accept-ranges
bytes
x-amz-cf-id
wsYzto-JTdIyJYAnzbR5k16L4zFIhGr_kdiU-tWQPyQG_GCjqQNDRw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/
15 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b63e59dc106e1e44ea07395e0bb30cde0b90cda97d53f378b4a8f247dd2a393d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
11 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c6870375cc3df97a7f605a87389b185811323137f99740948f1780479f53fa5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml
fender_analytics.33e7747a91c6d52a9f2d.js
static-tracking.klaviyo.com/onsite/js/
31 KB
12 KB
Script
General
Full URL
https://static-tracking.klaviyo.com/onsite/js/fender_analytics.33e7747a91c6d52a9f2d.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=WkKCR4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c77b8fd8b8781b1f2b9766384402c12959ad34af4b2d273ae116306cb406435f

Request headers

Referer
Origin
https://www.canvaschamp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
bl0K4tnmVg0dDCt8copjPS1gu9g_yYix
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 16 Jan 2024 19:18:19 GMT
x-amz-request-id
R2V0D6EMDSY2XKPX
age
1400
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
12003
x-amz-id-2
JqKeHAcbXK4nWJIRbzVRszmRjWoQlZga5+XkOpudetyuCiPNNfNPIXmX6DiLtuXpZYlPheTIFsc=
x-served-by
cache-lga21946-LGA, cache-mia-kmia1760036-MIA
last-modified
Thu, 04 Jan 2024 15:44:39 GMT
server
AmazonS3
etag
"fc1b287b521ef4879922db1574d338b3"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
460d940aa04171f1de774e129790e756e5e40be9
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
23, 1297
static.500134348b1f0969ffe3.js
static-tracking.klaviyo.com/onsite/js/
2 KB
2 KB
Script
General
Full URL
https://static-tracking.klaviyo.com/onsite/js/static.500134348b1f0969ffe3.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=WkKCR4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8

Request headers

Referer
Origin
https://www.canvaschamp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
a.8vL6w09uHoOx__c8l8Rss._YtP0zbq
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 16 Jan 2024 19:18:19 GMT
x-amz-request-id
AS5HKYSNDWHFWQPJ
age
1399
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
985
x-amz-id-2
lb2mEKN6as878KkhLA8/+6rSwe2GSwSFSq6iDg+a3Gf6YOkZB1bMgWyDkQdIjlUEPhfTP4+Fl00=
x-served-by
cache-lga21976-LGA, cache-mia-kmia1760036-MIA
last-modified
Mon, 06 Nov 2023 18:18:30 GMT
server
AmazonS3
etag
"64de10774c3382fe4adddab07ea17f0d"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
a957c60a472df3e447f40628303353bdd959aba8
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
26, 1359
runtime.4f7694accbb789d62615.js
static.klaviyo.com/onsite/js/
20 KB
8 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/runtime.4f7694accbb789d62615.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=WkKCR4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
647e2a2c3b051519a3bd30796cb0b53f4a247051b358f08cd76e1b73efd7ce61

Request headers

Referer
Origin
https://www.canvaschamp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
S1jbA3vWKyrhXqwJEVuyd4ZpsvKJIMDP
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 16 Jan 2024 19:18:19 GMT
x-amz-request-id
H6CSM846A5PG37KH
age
1398
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
8358
x-amz-id-2
KAMkGjChFtI1H/kuXJkdmWxKzYdJziJ8VDIEf0HYuPUB1/OMO10prOe/BVMwGffCJjO2p5WbOwkliLcqhVCblQ==
x-served-by
cache-lga21929-LGA, cache-mia-kmia1760043-MIA
last-modified
Tue, 16 Jan 2024 18:54:51 GMT
server
AmazonS3
etag
"e14466ff33e9bb077353a549b9726781"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
cf90a630c00d1381016728fb92772f2647ac529f
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
8, 1526
sharedUtils.8da1d1992c09fe24ec3e.js
static.klaviyo.com/onsite/js/
43 KB
17 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/sharedUtils.8da1d1992c09fe24ec3e.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=WkKCR4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f969eefe7e8afbed8fcc7d9105f161427e78f24abc5d1697ef7543ef73cbcb90

Request headers

Referer
Origin
https://www.canvaschamp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
M9nB56jrE038YXxwCO_Wm_ZnBlyKDmxv
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 16 Jan 2024 19:18:19 GMT
x-amz-request-id
8B1MDHF2RY7WQPC1
age
1399
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
16833
x-amz-id-2
jIAGLH3W614pH19hDCoXlpkeripzc4aAmYhH7unzjlTSpEqJKtcQQDCxOOboLcxVieVc9kSPXw+lSMoL6cryS6c6wShLcChb
x-served-by
cache-lga21933-LGA, cache-mia-kmia1760043-MIA
last-modified
Mon, 08 Jan 2024 19:28:35 GMT
server
AmazonS3
etag
"a55c3b0569311b637b1612e6ad08063a"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
4d60e04cd9b74537d1484e8b01818148ab839774
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
1, 1294
vendors~signup_forms~atlas~apiReviews.21ff2b12ce3904ef5c48.js
static.klaviyo.com/onsite/js/
5 KB
2 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/vendors~signup_forms~atlas~apiReviews.21ff2b12ce3904ef5c48.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=WkKCR4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
703029dc1c274a796c85888ecbdfcf8de58c8b51f6acdfe75076a1f4aeb5a6a8

Request headers

Referer
Origin
https://www.canvaschamp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
4mGEsMOaEUdD9zOegcuftpAknTOqufMU
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 16 Jan 2024 19:18:19 GMT
x-amz-request-id
M79RT20K2SSWG4G1
age
1399
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
1779
x-amz-id-2
twvvoxp6wTmiLMp0M7aPAB3Cy4xafLQmzfLViMZHFkTCl2QeWyy7jDlgfMrGFiqpZSB4kjc+VtE=
x-served-by
cache-lga21980-LGA, cache-mia-kmia1760043-MIA
last-modified
Fri, 05 Jan 2024 18:07:49 GMT
server
AmazonS3
etag
"5d15e55b3eb703cfddc5b8e04dda8665"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
6a7111fa1ecaa8ec83b4f321e1057fd204538434
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
107, 949
vendors~signup_forms~atlas.04294b47e0ff827d4db0.js
static.klaviyo.com/onsite/js/
5 KB
2 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/vendors~signup_forms~atlas.04294b47e0ff827d4db0.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=WkKCR4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f412da5c91ad91ecdc63910bdfe08cc968ceae5e1d946bf4a1b493dc2508de98

Request headers

Referer
Origin
https://www.canvaschamp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
qOCUCapL41eE0k7OluUI5iChXJpAUzq6
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 16 Jan 2024 19:18:19 GMT
x-amz-request-id
Y7NQRABADMFFJC8A
age
1399
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
1994
x-amz-id-2
ySi1kbNwekXxQc0l0SBaVlDSzjpBmyUFDH2oOpHgmtr2u6ByhALyf28UwbU+G3vDCUDbJqIAN+w=
x-served-by
cache-lga21935-LGA, cache-mia-kmia1760043-MIA
last-modified
Fri, 05 Jan 2024 18:07:45 GMT
server
AmazonS3
etag
"48a6935a1ccec664b0b23f6469504989"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
6a7111fa1ecaa8ec83b4f321e1057fd204538434
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
11, 956
vendors~signup_forms.8d1bfd5eb9b15cf50941.js
static.klaviyo.com/onsite/js/
23 KB
8 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/vendors~signup_forms.8d1bfd5eb9b15cf50941.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=WkKCR4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
301351195462c1307b8d3a0c76e539fd96c34d3568dacdc35f2e15f8dc4f00f8

Request headers

Referer
Origin
https://www.canvaschamp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
azlruYV8Sak2gq8YYXGflv.sllCLv_jJ
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 16 Jan 2024 19:18:19 GMT
x-amz-request-id
BSRPS1ZK997PGNKQ
age
1399
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
8415
x-amz-id-2
XB81QjBi5/wdg+U71EeteAv6LF04M3C7GvtygmxsYO+SKyq8lj6mANYqagT/8u2A8/bZtFvQZa8=
x-served-by
cache-lga21941-LGA, cache-mia-kmia1760043-MIA
last-modified
Fri, 05 Jan 2024 18:07:45 GMT
server
AmazonS3
etag
"965a7a04f11c2588fb64e43cf8ace9ae"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
6a7111fa1ecaa8ec83b4f321e1057fd204538434
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
11, 930
signup_forms.915984df82f50e050e16.js
static.klaviyo.com/onsite/js/
39 KB
13 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/signup_forms.915984df82f50e050e16.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=WkKCR4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1cfca4d1dfdb790e7450a87995fe01ef2cdd0249adb43ef3623401b03022af38

Request headers

Referer
Origin
https://www.canvaschamp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
ZSgveruBCl6fktM5F44Pztqiqh5L4l.Q
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 16 Jan 2024 19:18:19 GMT
x-amz-request-id
G9EH7DH6GM15HR82
age
1399
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
13020
x-amz-id-2
OuUecLs9ksEvsUNvqaQQnq4IBWrKoGaxqWBMZPFp563B1+R7sYpOrjQ0NOwXELUKikrP8JrHf7w=
x-served-by
cache-lga13628-LGA, cache-mia-kmia1760043-MIA
last-modified
Mon, 08 Jan 2024 19:28:35 GMT
server
AmazonS3
etag
"5ba1f33738f0769041999b7991efaa1a"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
4d60e04cd9b74537d1484e8b01818148ab839774
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
47, 931
truncated
/
587 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
710a82cd45b82c760104103024c70f6384dd41dd1b8b69c560164f188bbeedb5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
15665becd3e9280f9645a5ec98c26e3ffa279f8fc6154310e97dd6719695dad4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
896 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13b4d153a787f1e20ce78e206faface4d05ce533b9e9297dfd82a95d6ea620dc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
456a5058f78f1191f4ba4569ab1584ad82e6a1e9b8e5463c2f16922c74be25a4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
10 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
97837628bd5295291f074f2f4d0da8e08b7590e676d723b25d64adc910652989

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
45aae865379eabf26c2df4fe7edda320a406334c4b9e943d2fb504e29068a406

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d0538830674d0939a87e249ff7476facc49205dc40feb2204bb9d13aa8a2d37c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1bbc3f59609e874a9e177aaf9d99811265a7f8b6ead8e0f40a1820fdfa227a9b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
39bf72f0bc652ff808ade96be4c3693d7068a96ac316008e2cfd9416b44187ef

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02b8998e47765dff2c99942882cec5ab46e97b454d690e852a8e5260c014c53c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
966 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f4795148474bf3c30747547cb9c1a282d4ced0add0a722f20551a46027681aa8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
471 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
12a82f6979dace0f20697e63fadc5975df6c61a919033b90ef22a402c59d66dd

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
706 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f0278c780ecd952fdba01f040dd7b8f2afa1c7a8176d91868e37b17a13d47f4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0152c96e15f48aff7938d7462b6f7b695585ddad67d72f0a4d8256c9133bb76a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42c930981b23739b4214c292df3ff31bebd3608bbf772f7cc276073a2270a6b9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
991 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b87cd8569bef011e9701b8b5e63f1f00f3450d633e70fe6f98d2263bfad6320e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
922 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
042101d77002345c1d377b5d2bdfaac9cfb58cbf5f74e5af18dd89aec3745bd8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
584 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84a5cab88d88ba732a3eaae59697dd45c4c00fce3f21de4a5112dc994732b0be

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
925 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d32884df8fc7a432dc251af7f232e0aa60ad124a92dde195389f149b376cdcd

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f55e6e9c390687953bc7573509f4e4afff56b6f3f35894d27e6acec30818d1f9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd8a378c4f1eda06f1e11b5c02ca9a727f7b3f5fec0d2f435c7ae219fac3bb77

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f95c93450e1858d9089d00032cb3d806f9ae7cab09e6aca3d6d2612138a6dd70

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d875e26d8a30cab9961bf93c771dd7ce4324ea79f827e4ee4108470a83ccddc3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
327 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
edd3af04f0a23153b304ae5d93d3d3ff7ab82aaeb63c775a87300bb651c02788

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
590 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8c77ec33e858d53a558d97883faac057332e38693f9be775e4bffb7b0648869c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
922 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e05e37dd13d8eb05216a9ef9cd8a2502f1593d8e615276e3a5595aaff3e0fa24

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
794 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f024f5a1e601f69b80d09adc8d29315a5d20d5398fc5709e7f2445d465273bc7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
693 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
11017081391179e22116c2192a4ffe0a4366c6033a2cc301e93025c2c87e841c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e6b50b90615e71adcc6dbb98eee3ecfa1e15d2b4d2d8f07857edbc1102509ee9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
onsite
fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/
1 KB
888 B
XHR
General
Full URL
https://fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=WkKCR4
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.8d1bfd5eb9b15cf50941.js?cb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6c04c712ac314630173ff9fe39a52a5008d89b82c81aa464cfcba9e14b1c061f
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
Strict-Transport-Security max-age=900

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
base-uri 'none'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; report-uri /csp/
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Tue, 16 Jan 2024 19:18:19 GMT
strict-transport-security
max-age=900
age
3502018
x-cache
HIT, HIT
content-length
315
x-served-by
cache-bos4637-BOS, cache-mia-kmia1760097-MIA
server
nginx
allow
GET, HEAD, OPTIONS
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/json; charset=utf-8
cache-control
max-age=10
access-control-allow-credentials
true
vary
Accept-Encoding, Cookie
accept-ranges
bytes
access-control-allow-headers
x-cache-hits
10936, 1
full-forms
static-forms.klaviyo.com/forms/api/v7/WkKCR4/
7 KB
2 KB
XHR
General
Full URL
https://static-forms.klaviyo.com/forms/api/v7/WkKCR4/full-forms
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.8d1bfd5eb9b15cf50941.js?cb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21e86e74a82fd556df1ea4dd8c93b3a7419b19bd9c97d02f54c0ff6bc07e7051

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
FUTgE9YAnFuNTTlKQajfFf17mOSQMfXa
content-encoding
gzip
via
1.1 varnish
date
Tue, 16 Jan 2024 19:18:19 GMT
x-amz-request-id
R7H24T5VX8DCJWXZ
age
1081365
x-amz-server-side-encryption
AES256
x-cache
HIT
client-geo-continent
NA
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
full-forms/shared full-forms/WkKCR4 custom-fonts/WkKCR4
content-length
1758
x-amz-id-2
yBSMOsWUGbbUZrTOQ1tElZnvzqqoPVgdXTQlZgJgoaFbHOKIRbld41WhKxKQvqVwr3eBjWki4do=
x-served-by
cache-mia-kmia1760032-MIA
client-geo-country
US
last-modified
Wed, 11 Oct 2023 15:50:50 GMT
server
AmazonS3
x-timer
S1705432700.525540,VS0,VE0
etag
"3a00a80c8b91513ac6e5f20c13237014"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
client-geo-continent, client-geo-country
cache-control
max-age=5
accept-ranges
bytes
x-cache-hits
7583
cartstack_utility.js
api.cartstack.com/js/
72 KB
15 KB
Script
General
Full URL
https://api.cartstack.com/js/cartstack_utility.js
Requested by
Host: api.cartstack.com
URL: https://api.cartstack.com/js/customer-tracking/www.canvaschamp.com_66888cc5f2aeb2575c6f35c7814a7b57.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-19.phl50.r.cloudfront.net
Software
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.1e-fips mod_auth_gssapi/1.3.1 mod_auth_kerb/5.4 PHP/5.4.16 /
Resource Hash
841d8c284bc937a18903145088403ac68a3132991d4fc91de58203db01606703

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 09:11:18 GMT
content-encoding
gzip
via
1.1 4ec5361277f6487ae5a8f880297d598c.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
1505221
x-cache
Hit from cloudfront
content-length
15151
last-modified
Mon, 14 Nov 2022 17:14:06 GMT
server
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.1e-fips mod_auth_gssapi/1.3.1 mod_auth_kerb/5.4 PHP/5.4.16
etag
"1205e-5ed715de6b4d9-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
6hjWC7i5IVJHi50FbnNuTgTKXhB_h2pZirjonRwzQaqWXEnqgl4dMQ==
expires
Mon, 29 Jan 2024 09:11:18 GMT
jquery.noconflict.js
www.shopperapproved.com/page/js/
85 KB
31 KB
Script
General
Full URL
https://www.shopperapproved.com/page/js/jquery.noconflict.js
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/shopperapproved-script/widgets/testimonial/3.0/9207.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.25.135 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bceb23317096a04d3eaf9876333827ac26cffc50defa077e68570487e9734da8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' www.wix.com www.facebook.com *.myshopify.com t.hs-growth-metrics.com;
X-Frame-Options sameorigin

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:19 GMT
content-security-policy
frame-ancestors 'self' www.wix.com www.facebook.com *.myshopify.com t.hs-growth-metrics.com;
content-encoding
br
cf-cache-status
HIT
age
3958
cf-polished
origSize=86959
p3p
CP="DSP ALL CUR ADM DEV IVD IVA HIS OTP PSA PSD TAI TELi CONo OUR SAM OTR PUBi IND NAV COM CNT PUR UNI INT DEM"
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 09 Jan 2024 07:24:57 GMT
server
cloudflare
etag
W/"153af-60e7e36228a9b-gzip"
vary
Accept-Encoding,Origin
x-frame-options
sameorigin
content-type
text/javascript
cache-control
max-age=14400
cf-ray
8468b4241d66743d-MIA
css
fonts.googleapis.com/
2 KB
979 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/shopperapproved-script/widgets/testimonial/3.0/9207.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 16 Jan 2024 19:18:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 16 Jan 2024 18:38:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 Jan 2024 19:18:19 GMT
4635.b6075eacb8894dbb.js
d18p7bpxfjy0wm.cloudfront.net/_next/static/chunks/
684 B
1 KB
Script
General
Full URL
https://d18p7bpxfjy0wm.cloudfront.net/_next/static/chunks/4635.b6075eacb8894dbb.js
Requested by
Host: d18p7bpxfjy0wm.cloudfront.net
URL: https://d18p7bpxfjy0wm.cloudfront.net/_next/static/chunks/webpack-9c9619fcb7d2fb23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a4:2e00:17:aec6:580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
312412c04c835e3404a0a930547743863b598163dcbfaeeeccda61f0026993cc
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.canvaschamp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:18:23 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
via
1.1 ee5a1fbfd85d9d25aef83ca16d91afca.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-C1
age
370796
x-cache
Hit from cloudfront
x-sucuri-cache
MISS
content-length
684
x-xss-protection
1; mode=block
pragma
public
last-modified
Fri, 12 Jan 2024 12:11:33 GMT
server
Sucuri/Cloudproxy
etag
W/"2ac-18cfd95a908"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14017
accept-ranges
bytes
x-amz-cf-id
5iUZ4MXMzLzzj4CYysOJeMgvz56unYw359eHa_S1zW1cag0OMW_g7w==
expires
Thu, 31 Dec 2037 23:55:55 GMT
7128.560bab75a0853fbe.js
d18p7bpxfjy0wm.cloudfront.net/_next/static/chunks/
2 KB
2 KB
Script
General
Full URL
https://d18p7bpxfjy0wm.cloudfront.net/_next/static/chunks/7128.560bab75a0853fbe.js
Requested by
Host: d18p7bpxfjy0wm.cloudfront.net
URL: https://d18p7bpxfjy0wm.cloudfront.net/_next/static/chunks/webpack-9c9619fcb7d2fb23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a4:2e00:17:aec6:580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
3d64e5ed7c794de4453d8963aa2f3551ec83c74761e256ef2287db0235f67c78
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.canvaschamp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:18:23 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
content-encoding
gzip
via
1.1 ee5a1fbfd85d9d25aef83ca16d91afca.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-C1
age
370796
x-cache
Hit from cloudfront
x-sucuri-cache
MISS
x-xss-protection
1; mode=block
pragma
public
last-modified
Fri, 12 Jan 2024 12:11:33 GMT
server
Sucuri/Cloudproxy
etag
W/"887-18cfd95a908"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14017
accept-ranges
bytes
x-amz-cf-id
_8wmY3NzB7jkOD0dGHoHiT5Ogr28IkzBF4JLAWU0fe3FpeqrDybbKA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
gtm.js
www.googletagmanager.com/
302 KB
100 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NPFGV7W
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4bca9b7a29470f89cf4df79707c9d1d41966bcbdc803ec222212df4ab56bc6c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
101552
x-xss-protection
0
last-modified
Tue, 16 Jan 2024 18:58:32 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 16 Jan 2024 19:18:19 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 16 Jan 2024 17:37:38 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6041
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 16 Jan 2024 19:37:38 GMT
goal.min.js
s3.amazonaws.com/downloads.mailchimp.com/js/
3 KB
3 KB
Script
General
Full URL
https://s3.amazonaws.com/downloads.mailchimp.com/js/goal.min.js
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.198.24 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
95988cd724c335017a45083d6113304f8ff09502a3aa961b804f8ae03f4c3ada

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Tue, 16 Jan 2024 19:18:20 GMT
Last-Modified
Mon, 20 Aug 2018 17:42:37 GMT
Server
AmazonS3
x-amz-request-id
5S7ZCYSNAWHWAHHJ
ETag
"db78cc3fefd4dc191250a00cf7b530a3"
Content-Type
application/javascript
Cache-Control
public,max-age=2592000
Accept-Ranges
bytes
Content-Length
2699
x-amz-id-2
Mr9nM6YIFSEWnAuchN55D13hntdI5kR02vccmlLgJtsn8ewc3YeziUkqoQKHuG90+yOwbQ/L5zg=
163034X1630216.skimlinks.js
s.skimresources.com/js/
60 KB
23 KB
Script
General
Full URL
https://s.skimresources.com/js/163034X1630216.skimlinks.js
Requested by
Host: d18p7bpxfjy0wm.cloudfront.net
URL: https://d18p7bpxfjy0wm.cloudfront.net/_next/static/chunks/pages/_app-648e04fa733fd3a3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
0329bc653fd08f47fbd756ea30ec200ebd96931c5bd16df7a4aa617ed806cd97

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Tue, 16 Jan 2024 19:18:19 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Jul 2020 10:26:09 GMT
Server
AmazonS3
x-amz-request-id
TM5EQYPXDF66K6RT
ETag
"0f22198b097ba326efc8fd91d6d36864"
X-HW
1705432699.cds236.mi1.hn,1705432699.cds231.mi1.c
Content-Type
application/octet-stream
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22586
x-amz-id-2
PzDfuIkhOZVNjpW18GqmfQvpcvuC8gUWi4Q7yiAduIKy87H1M6OXuamjyeLD8Ae3nOrFBm7/ZFs=
4816.dc5d2bd7e1ae1eed.js
d18p7bpxfjy0wm.cloudfront.net/_next/static/chunks/
226 KB
51 KB
Script
General
Full URL
https://d18p7bpxfjy0wm.cloudfront.net/_next/static/chunks/4816.dc5d2bd7e1ae1eed.js
Requested by
Host: d18p7bpxfjy0wm.cloudfront.net
URL: https://d18p7bpxfjy0wm.cloudfront.net/_next/static/chunks/webpack-9c9619fcb7d2fb23.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a4:2e00:17:aec6:580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
194a450291f8f932e69fbe4492c138d6f722de5867af338254dc0be5d3d5f444
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://www.canvaschamp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:18:23 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
content-encoding
gzip
via
1.1 ee5a1fbfd85d9d25aef83ca16d91afca.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-C1
age
370796
x-cache
Hit from cloudfront
x-sucuri-cache
MISS
x-xss-protection
1; mode=block
pragma
public
last-modified
Wed, 10 Jan 2024 09:15:50 GMT
server
Sucuri/Cloudproxy
etag
W/"3877a-18cf2a81170"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14017
accept-ranges
bytes
x-amz-cf-id
0rGaX3IBbYftnSs-3X-sxKJEkKweCabBKREudSSf4mca4pmFEjLK5w==
expires
Thu, 31 Dec 2037 23:55:55 GMT
bat.js
bat.bing.com/
45 KB
13 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 16 Jan 2024 19:18:18 GMT
last-modified
Fri, 10 Nov 2023 20:09:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: EE3096D790D24691815A9C3CA0D0E33E Ref B: MIAEDGE1510 Ref C: 2024-01-16T19:18:19Z
etag
"80abcdf1114da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13175
widget_async.js
d2mjzob2nc713b.cloudfront.net/widget/
Redirect Chain
  • https://shop.pe/widget/widget_async.js
  • https://d2mjzob2nc713b.cloudfront.net/widget/widget_async.js
3 KB
2 KB
Script
General
Full URL
https://d2mjzob2nc713b.cloudfront.net/widget/widget_async.js
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Server
2600:9000:201e:9400:d:370a:51c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ade0dbdce84cde000b24c7dc8a508bc2e77ab3a603d6faaa4268e109347c256f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 18:43:56 GMT
content-encoding
gzip
via
1.1 7eefe38d76087dfad8e2f0b7702246ee.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
age
2065
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1194
last-modified
Mon, 15 Jan 2024 17:43:37 GMT
server
AmazonS3
etag
"267ec20eaecbab13ccf5aa7aebf70c6d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=3600, public
accept-ranges
bytes
x-amz-cf-id
hDglTw8r6PTTfI48g-b7jT5eczbEJbPgRsH3uu0UZgHe6mmly0bm6Q==
x-amz-meta-mtime
1705340616.19

Redirect headers

date
Tue, 16 Jan 2024 19:18:19 GMT
content-security-policy
frame-ancestors none;
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
server
nginx
x-frame-options
deny
content-type
text/html
location
https://d2mjzob2nc713b.cloudfront.net/widget/widget_async.js
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
178
flags.png
d18p7bpxfjy0wm.cloudfront.net/static/images/
21 KB
21 KB
Image
General
Full URL
https://d18p7bpxfjy0wm.cloudfront.net/static/images/flags.png
Requested by
Host: d18p7bpxfjy0wm.cloudfront.net
URL: https://d18p7bpxfjy0wm.cloudfront.net/_next/static/css/pages/_app.89e357d3a75ed6f6.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a4:2e00:17:aec6:580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
4117c646005fe015ec6ec8417594931d59286e9c6a95669b649b09167506e453
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d18p7bpxfjy0wm.cloudfront.net/_next/static/css/pages/_app.89e357d3a75ed6f6.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:18:23 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
via
1.1 2feed206ccd80c991a2378002008d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-C1
age
370796
x-cache
Hit from cloudfront
x-sucuri-cache
MISS
content-length
21293
x-xss-protection
1; mode=block
pragma
public
last-modified
Wed, 10 Jan 2024 08:53:36 GMT
server
Sucuri/Cloudproxy
etag
W/"532d-18cf293b680"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14017
accept-ranges
bytes
x-amz-cf-id
CI2pwr6Ta19dnXHvqM74M-Qqj3JZkFXRP9aAAIuSG6cDgHjMzhmhPg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
placeholder-banner.svg
d18p7bpxfjy0wm.cloudfront.net/static/images/
610 B
1 KB
Image
General
Full URL
https://d18p7bpxfjy0wm.cloudfront.net/static/images/placeholder-banner.svg
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a4:2e00:17:aec6:580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
327abef088efb2c6ee83f70c34994907fcf11bb4ee509a99023350c41714e68c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:23:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
via
1.1 2feed206ccd80c991a2378002008d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-C1
age
370470
x-cache
Hit from cloudfront
x-sucuri-cache
HIT
content-length
610
x-xss-protection
1; mode=block
pragma
public
last-modified
Wed, 10 Jan 2024 08:53:42 GMT
server
Sucuri/Cloudproxy
etag
W/"262-18cf293cdf0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14017
accept-ranges
bytes
x-amz-cf-id
N57bgDaIO9-OR9NRFU57FyKDUsx7ET-NlIylm5Sp45GpepfE9352gw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
graphql
www.canvaschamp.com/
63 B
686 B
XHR
General
Full URL
https://www.canvaschamp.com/graphql
Requested by
Host: d18p7bpxfjy0wm.cloudfront.net
URL: https://d18p7bpxfjy0wm.cloudfront.net/_next/static/chunks/pages/_app-648e04fa733fd3a3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.117 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10117.sucuri.net
Software
nginx /
Resource Hash
2108bde75195e38bb9b3ab3a739c26fa3c331f04de8e4f5d141a4f9355fc488e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, *
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept
application/json
Referer
Store
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Tue, 16 Jan 2024 19:18:19 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff, nosniff
content-security-policy
upgrade-insecure-requests;
content-encoding
gzip
x-magento-cache-id
e93fe07ca6f43235730e612abd3990a6fe8220e8de3575e8b48019921381a2e2
x-magento-tags
FPC
x-xss-protection
1; mode=block, 1; mode=block
pragma
no-cache
server
nginx
x-frame-options
SAMEORIGIN, *
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=31557600
x-sucuri-id
17017
expires
Mon, 16 Jan 2023 19:18:19 GMT
css2
fonts.googleapis.com/
22 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Kanit:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dcd13245bf13c4c4fcba0ed88394d95d082312424296a7c3f0fe8286e8acc01e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 16 Jan 2024 19:18:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 16 Jan 2024 17:59:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 16 Jan 2024 19:18:19 GMT
new_pop_up.jpg
d18p7bpxfjy0wm.cloudfront.net/static/images/home/popup/
31 KB
31 KB
Image
General
Full URL
https://d18p7bpxfjy0wm.cloudfront.net/static/images/home/popup/new_pop_up.jpg
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a4:2e00:17:aec6:580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
443a845b229142909b322095fc2b4cdb72ca427a1bc86b0a65be6519a9355e64
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:18:22 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
via
1.1 2feed206ccd80c991a2378002008d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-C1
age
370797
x-cache
Hit from cloudfront
x-sucuri-cache
HIT
content-length
31508
x-xss-protection
1; mode=block
pragma
public
last-modified
Wed, 10 Jan 2024 08:53:38 GMT
server
Sucuri/Cloudproxy
etag
W/"7b14-18cf293be50"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14017
accept-ranges
bytes
x-amz-cf-id
v-nI0_vw50M8-eL_dZf_b3CgzF4tjfUsRBVZr7yaigIWuG-IxTxAHA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.svg
d18p7bpxfjy0wm.cloudfront.net/static/images/
11 KB
5 KB
Image
General
Full URL
https://d18p7bpxfjy0wm.cloudfront.net/static/images/logo.svg
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a4:2e00:17:aec6:580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
b105c69b26894e8172025d4cb4653d877fdead8c689dd7f626692855643dcf4c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:18:22 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
content-encoding
gzip
via
1.1 2feed206ccd80c991a2378002008d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-C1
age
370797
x-cache
Hit from cloudfront
x-sucuri-cache
MISS
x-xss-protection
1; mode=block
pragma
public
last-modified
Wed, 10 Jan 2024 08:53:42 GMT
server
Sucuri/Cloudproxy
etag
W/"2a0c-18cf293cdf0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14017
accept-ranges
bytes
x-amz-cf-id
YusUB9bizClAu284BjNnBE0kj46wychC4WgBldSIMG0VfN_hfStSKw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
public_chat.png
d18p7bpxfjy0wm.cloudfront.net/static/images/
2 KB
3 KB
Image
General
Full URL
https://d18p7bpxfjy0wm.cloudfront.net/static/images/public_chat.png
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a4:2e00:17:aec6:580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
d51b3e6cbcc9d1967816a114045938cfce9dc956aa3f0fb872791a3066cb301d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:18:22 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
via
1.1 2feed206ccd80c991a2378002008d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-C1
age
370797
x-cache
Hit from cloudfront
x-sucuri-cache
MISS
content-length
2027
x-xss-protection
1; mode=block
pragma
public
last-modified
Wed, 10 Jan 2024 08:53:42 GMT
server
Sucuri/Cloudproxy
etag
W/"7eb-18cf293cdf0"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14017
accept-ranges
bytes
x-amz-cf-id
EOQEbC0ToX_AumM9CYw-JMN0mZwmFMO2TGum_yX_MBijV1zEw4F7ZQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
personalised-blankets-winter-sale_1.jpg
d18p7bpxfjy0wm.cloudfront.net/media/weltpixel/owlcarouselslider/images/p/e/
77 KB
77 KB
Image
General
Full URL
https://d18p7bpxfjy0wm.cloudfront.net/media/weltpixel/owlcarouselslider/images/p/e/personalised-blankets-winter-sale_1.jpg
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a4:2e00:17:aec6:580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
15830328cf58ff45351d84a28ccdb79f68d9c88344a7578e32d4425837672a36
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:20:54 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
via
1.1 2feed206ccd80c991a2378002008d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-C1
age
370645
x-cache
Hit from cloudfront
x-sucuri-cache
MISS
content-length
78391
x-xss-protection
1; mode=block
pragma
public
last-modified
Fri, 27 Oct 2023 10:39:06 GMT
server
Sucuri/Cloudproxy
etag
W/"13237-18b70b75932"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14017
accept-ranges
bytes
x-amz-cf-id
kyYPdWw7SAWGNj2qWjJXTula6mDJSxmS29mxPKbGlugCdRkOnWRVCQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
personalized-valentines-photo-gifts-sale-usa-1.jpg
d18p7bpxfjy0wm.cloudfront.net/media/weltpixel/owlcarouselslider/images/p/e/
198 KB
199 KB
Image
General
Full URL
https://d18p7bpxfjy0wm.cloudfront.net/media/weltpixel/owlcarouselslider/images/p/e/personalized-valentines-photo-gifts-sale-usa-1.jpg
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a4:2e00:17:aec6:580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
0ec7abc6000834d821690afa2e351832731866f575cf583ddbde61b4d472df8d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 05:49:05 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
via
1.1 2feed206ccd80c991a2378002008d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-C1
age
48554
x-cache
Hit from cloudfront
x-sucuri-cache
MISS
content-length
202959
x-xss-protection
1; mode=block
pragma
public
last-modified
Tue, 16 Jan 2024 05:44:03 GMT
server
Sucuri/Cloudproxy
etag
W/"318cf-18d10cc55fc"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14017
accept-ranges
bytes
x-amz-cf-id
geqHqlZEac4UdTwhV9ZhO8bk1m9Ajs7H46cs8v12sJmn3t2niBha2A==
expires
Thu, 31 Dec 2037 23:55:55 GMT
personalized-valentines-photo-gifts-sale-usa-2.jpg
d18p7bpxfjy0wm.cloudfront.net/media/weltpixel/owlcarouselslider/images/p/e/
151 KB
152 KB
Image
General
Full URL
https://d18p7bpxfjy0wm.cloudfront.net/media/weltpixel/owlcarouselslider/images/p/e/personalized-valentines-photo-gifts-sale-usa-2.jpg
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a4:2e00:17:aec6:580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Sucuri/Cloudproxy /
Resource Hash
fca6bf8977f14f1441d7287652f66d11caa8c565b17ea69bb7e41b2da234e62c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 05:49:05 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
via
1.1 2feed206ccd80c991a2378002008d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-C1
age
48553
x-cache
Hit from cloudfront
x-sucuri-cache
MISS
content-length
154691
x-xss-protection
1; mode=block
pragma
public
last-modified
Tue, 16 Jan 2024 05:47:46 GMT
server
Sucuri/Cloudproxy
etag
W/"25c43-18d10cfbd10"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
x-sucuri-id
14017
accept-ranges
bytes
x-amz-cf-id
QQCHVd2wneE5IJaprfxDVZMCFveOPR04ikNduCHSm88eVDPvv0CfKg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.JKCQ2Hvuo0E.O/m=ratingbadge/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOl3FsgYnTqVeIFUJJD2j4-pO09lQ/
149 KB
53 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.JKCQ2Hvuo0E.O/m=ratingbadge/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOl3FsgYnTqVeIFUJJD2j4-pO09lQ/cb=gapi.loaded_0
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/static/js/ratingbadge.js?onload=renderBadge
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::64 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a56c2095cdaf685b97ca391516bcc2a772aa9a6ef0a7abff24a67402937d24a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 03:14:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
144206
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53302
x-xss-protection
0
last-modified
Wed, 15 Jan 2020 20:40:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Jan 2025 03:14:54 GMT
fbevents.js
connect.facebook.net/en_US/
212 KB
57 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: d18p7bpxfjy0wm.cloudfront.net
URL: https://d18p7bpxfjy0wm.cloudfront.net/_next/static/chunks/4635.b6075eacb8894dbb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 16 Jan 2024 19:18:20 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
56915
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
zs7VwGbMpUDzu3CTZz9h7x8OuG356ZkxFbAfYhMzV2lba/aYJaIaL//vmJK7uBIRzxKIYksnq7S8VtuxjvM+Qg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
4011451.js
bat.bing.com/p/action/
4 KB
2 KB
Script
General
Full URL
https://bat.bing.com/p/action/4011451.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
11330a03a47c68cc43108b7de2dc3edddb4b50320e19cc213d611d565d9f662d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Tue, 16 Jan 2024 19:18:19 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CD8E39551C7F41CB9E2DC7E7FA413C14 Ref B: MIAEDGE1510 Ref C: 2024-01-16T19:18:19Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
0
bat.bing.com/actionp/
0
360 B
Ping
General
Full URL
https://bat.bing.com/actionp/0?ti=4011451&Ver=2&mid=06186b92-368b-4197-9808-566c4a34bf5d&sid=02346e80b4a411ee8ac6012ee8b0eeb1&vid=023475e0b4a411eeb2c16155280465cd&vids=1&msclkid=N&evt=pageHide
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 16 Jan 2024 19:18:19 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5B6175801C6B43CAB2D69BB8B5B77058 Ref B: MIAEDGE1510 Ref C: 2024-01-16T19:18:19Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/
0
230 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=4011451&Ver=2&mid=06186b92-368b-4197-9808-566c4a34bf5d&sid=02346e80b4a411ee8ac6012ee8b0eeb1&vid=023475e0b4a411eeb2c16155280465cd&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Cheap%20Canvas%20Prints%20-%20Starting%20%40%20%243.89%20Only%20%7C%20Upto%2093%25%20Off&kw=cheap%20canvas%20prints,%20canvas%20prints%20cheap,%20discount%20canvas%20prints,%20affordable%20canvas%20prints&p=https%3A%2F%2Fwww.canvaschamp.com%2F&r=&lt=1292&evt=pageLoad&sv=1&rn=59285
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 16 Jan 2024 19:18:19 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 68A6928F36D54FE080DD1D4F1E4A346B Ref B: MIAEDGE1510 Ref C: 2024-01-16T19:18:19Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/
0
229 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=4011451&Ver=2&mid=c7efb8cb-7199-4a6f-af43-6f873b0c34db&sid=02346e80b4a411ee8ac6012ee8b0eeb1&vid=023475e0b4a411eeb2c16155280465cd&vids=0&msclkid=N&page_path=%2F&spa=Y&p=https%3A%2F%2Fwww.canvaschamp.com%2F&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Cheap%20Canvas%20Prints%20-%20Starting%20%40%20%243.89%20Only%20%7C%20Upto%2093%25%20Off&kw=cheap%20canvas%20prints,%20canvas%20prints%20cheap,%20discount%20canvas%20prints,%20affordable%20canvas%20prints&r=https%3A%2F%2Fwww.canvaschamp.com%2F&evt=pageLoad&sv=1&rn=467118
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 16 Jan 2024 19:18:19 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D69E334689A14EF98BDDD2C3235C30B6 Ref B: MIAEDGE1510 Ref C: 2024-01-16T19:18:19Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
robots.txt
t.skimresources.com/api/v2/ Frame 333D
0
123 B
Image
General
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.9261110638679637
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:20 GMT
via
1.1 google
cache-control
private, no-store
server
nginx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain
px.gif
p.skimresources.com/
43 B
267 B
Image
General
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=9.785062232769347
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Tue, 16 Jan 2024 19:18:20 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/
43 B
93 B
Image
General
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=9.785062232769347
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Tue, 16 Jan 2024 19:18:20 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
collect
www.google-analytics.com/j/
16 B
225 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2042827619&t=pageview&_s=1&dl=https%3A%2F%2Fwww.canvaschamp.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Cheap%20Canvas%20Prints%20-%20Starting%20%40%20%243.89%20Only%20%7C%20Upto%2093%25%20Off&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=74064691&gjid=1961563666&cid=664086014.1705432700&tid=UA-29056073-1&_gid=1816936150.1705432700&_r=1&_slc=1&z=1739570221
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
4d7d47bea1b9eeaf1fcc29ee97af71c77f0926525b7933e540d259a9fccfe5ff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 16 Jan 2024 19:18:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.canvaschamp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
r.skimresources.com/api/
165 B
379 B
XHR
General
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/163034X1630216.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
d43fc72050ffba0b65a79f7b3e5e1e7c695c0647fcb21b71070babc71f2f79b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 16 Jan 2024 19:18:20 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
server
openresty/1.19.9.1
via
1.1 google
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.canvaschamp.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
js
www.googletagmanager.com/gtag/
305 KB
96 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VNEGCWMNWY&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPFGV7W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
222023b1495853aceb8bcf93f722ee42042c938f257b6cc1d0cc8e76bb326f3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
98231
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 16 Jan 2024 19:18:20 GMT
js
www.googletagmanager.com/gtag/
287 KB
94 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-23CY5R98D0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPFGV7W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fff48059d6a4ac5e22a8f7ea60aca133e495493a135ee2aa3e556fccdca07f10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95985
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 16 Jan 2024 19:18:20 GMT
events.js
analytics.tiktok.com/i18n/pixel/
5 KB
2 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CG8MASRC77UFNRPAMS10&lib=ttq
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.104.137 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-104-137.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
379269a4b396596a8b78e3d7104461b3d0fc1d030be1d7d244cd84587ee4d957

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id
88defb9b
date
Tue, 16 Jan 2024 19:18:20 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240116191820ED3ADB3BEF8FA2B63B1E-4C16BAADD13C9193-00
x-cache
TCP_MISS from a23-48-100-137.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=10
content-length
1734
pragma
no-cache
server
nginx
x-tt-logid
20240116191820ED3ADB3BEF8FA2B63B1E
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
10,23.48.100.137
x-tt-trace-host
01ba74338425f636b53c4524cf4f46fd19f175c4953bdd1897fe2fd04de9a8d1dadc00c5c293487650633bc4aff1acced912c86c47b8dc641f8554bb381c6c219343c1ea2808337708786ca77d773fbc2eee969fba41f1509ab84c9df1035b9475
expires
Tue, 16 Jan 2024 19:18:20 GMT
ld.js
dynamic.criteo.com/js/ld/
46 KB
20 KB
Script
General
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=104588
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPFGV7W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::f , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
68f41e71da74a922d0c4e6bdbad3dbcd07e774d7c1780f346d39be5426ba08a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
core.js
s.pinimg.com/ct/
5 KB
2 KB
Script
General
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:79::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c6bba8ad5ad5ec6a4fef018600b107f518172053fdf5cb10200cac55ee23f2d1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:20 GMT
content-encoding
br
x-cdn
fastly
etag
"261eea34e740f104987183dec4bb78b6"
x-amz-server-side-encryption
AES256
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=7200
alt-svc
h3=":443";ma=600
content-length
1836
4011451
www.clarity.ms/tag/uet/
827 B
1 KB
Script
General
Full URL
https://www.clarity.ms/tag/uet/4011451
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/4011451.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
31a0c0574d36d6b37be82cdfee59fba0f3c9ddcbac84997946f024a6d24a6813

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
-1
date
Tue, 16 Jan 2024 19:18:20 GMT
x-azure-ref
20240116T191820Z-ca19yx2m394fm2zg9bksr3ha64000000057g000000017bbq
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
827
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
collect
stats.g.doubleclick.net/j/
2 B
350 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-29056073-1&cid=664086014.1705432700&jid=74064691&gjid=1961563666&_gid=1816936150.1705432700&_u=YEBAAEAAAAAAACAAI~&z=328931782
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 16 Jan 2024 19:18:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.canvaschamp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
309 KB
98 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VNEGCWMNWY&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
de68ca8f17a08fffe56e3389edf13710905952b9e12d52050d8e6ac85bbb0fc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100072
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 16 Jan 2024 19:18:20 GMT
triggerRunner.js
d2mjzob2nc713b.cloudfront.net/widget/
11 KB
4 KB
Script
General
Full URL
https://d2mjzob2nc713b.cloudfront.net/widget/triggerRunner.js?v=887112e
Requested by
Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:201e:9400:d:370a:51c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4b4c8cab5b08674a09cb0719abd984198123d97831844808b90ec48756571422

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:43:56 GMT
content-encoding
gzip
via
1.1 7eefe38d76087dfad8e2f0b7702246ee.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
age
92065
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
3869
last-modified
Mon, 15 Jan 2024 17:43:37 GMT
server
AmazonS3
etag
"c6440049afaab6546ce5d3e1a14dff3a"
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000, public
accept-ranges
bytes
x-amz-cf-id
lFTJ0FcF4I_BpP-0cIoIb9-k8m9F9IZI7USljHc9FKBGbOolKcG4NA==
x-amz-meta-mtime
1705340616.18
widget.js
d2mjzob2nc713b.cloudfront.net/widget/
190 KB
48 KB
Script
General
Full URL
https://d2mjzob2nc713b.cloudfront.net/widget/widget.js?v=5eb4426
Requested by
Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:201e:9400:d:370a:51c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c3c13406e5537d4fd3529e90c51e2b752ccf6b6b38aa44c0533f109beb6d0bc7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 17:43:56 GMT
content-encoding
gzip
via
1.1 7eefe38d76087dfad8e2f0b7702246ee.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-C3
age
92065
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
49017
last-modified
Mon, 15 Jan 2024 17:43:38 GMT
server
AmazonS3
etag
"b75f711ecc3711f94c77191d985ac708"
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000, public
accept-ranges
bytes
x-amz-cf-id
w8Ts_NekCEssHnVBDLta19r6WlUSBPo0yYoRHSb-webbj8_esCiKiQ==
x-amz-meta-mtime
1705340614.63
/
sync.crwdcntrl.net/map/ct=y/c=7505/tp=SKIM/ Frame 333D
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D
0
0
Image
General
Full URL
https://sync.crwdcntrl.net/map/ct=y/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Server
52.201.6.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-6-220.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Tue, 16 Jan 2024 19:18:20 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/map/ct=y/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D
cache-control
no-cache
x-server
10.40.12.121
content-length
0
expires
0
link
t.skimresources.com/api/v2/
22 B
379 B
XHR
General
Full URL
https://t.skimresources.com/api/v2/link
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/163034X1630216.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.11 aiohttp/3.8.6 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 16 Jan 2024 19:18:20 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.11 aiohttp/3.8.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.canvaschamp.com
warning
299 - "Deprecated API"
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length
22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
page
t.skimresources.com/api/v2/
22 B
43 B
XHR
General
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/163034X1630216.skimlinks.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.11 aiohttp/3.8.6 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 16 Jan 2024 19:18:20 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.11 aiohttp/3.8.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.canvaschamp.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length
22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
badge
www.google.com/shopping/customerreviews/ Frame D995
43 KB
13 KB
Document
General
Full URL
https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=7695246&origin=https%3A%2F%2Fwww.canvaschamp.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.JKCQ2Hvuo0E.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOl3FsgYnTqVeIFUJJD2j4-pO09lQ%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.JKCQ2Hvuo0E.O/m=ratingbadge/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOl3FsgYnTqVeIFUJJD2j4-pO09lQ/cb=gapi.loaded_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::67 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3830ced5394971f868e5f9f8376aa76702b9323f3ac1dc38cc811750d260cc35
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/VerifiedReviewsBadgeUi/cspreport script-src 'report-sample' 'nonce-jXMbhUmKmz481S647GI-gw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport/allowlist
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=900
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/VerifiedReviewsBadgeUi/cspreport script-src 'report-sample' 'nonce-jXMbhUmKmz481S647GI-gw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Tue, 16 Jan 2024 19:18:20 GMT
expires
Tue, 16 Jan 2024 19:18:20 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-23CY5R98D0&gtm=45je41a0v9169599598z878129542&_p=1705432699657&gcd=11l1l1l1l1&dma=0&cid=664086014.1705432700&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705432700&sct=1&seg=0&dl=https%3A%2F%2Fwww.canvaschamp.com%2F&dt=Cheap%20Canvas%20Prints%20-%20Starting%20%40%20%243.89%20Only%20%7C%20Upto%2093%25%20Off&en=page_view&_fv=1&_ss=1&tfd=1890
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-23CY5R98D0&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jan 2024 19:18:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.canvaschamp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
408 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-29056073-1&cid=664086014.1705432700&jid=74064691&_u=YEBAAEAAAAAAACAAI~&z=1396353384
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::67 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jan 2024 19:18:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/
0
248 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-VNEGCWMNWY&gtm=45je41a0v879093228z878129542&_p=1705432699657&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=664086014.1705432700&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1705432700&sct=1&seg=0&dl=https%3A%2F%2Fwww.canvaschamp.com%2F&dt=Cheap%20Canvas%20Prints%20-%20Starting%20%40%20%243.89%20Only%20%7C%20Upto%2093%25%20Off&en=page_view&_fv=1&_ss=1&tfd=1979
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VNEGCWMNWY&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jan 2024 19:18:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.canvaschamp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
56 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VNEGCWMNWY&cid=664086014.1705432700&gtm=45je41a0v879093228z878129542&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VNEGCWMNWY&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jan 2024 19:18:20 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.canvaschamp.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
111192766138146
connect.facebook.net/signals/config/
144 KB
37 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/111192766138146?v=2.9.140&r=stable&domain=www.canvaschamp.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b50ae3679f26b6ac658daf91996708f4d7bf7f0fca1a3a494e588f51e98a026a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 16 Jan 2024 19:18:20 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
37291
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
QIgL/UFGIN+i2C/a9ZghF8W5kR6PCfVRaU0VpiTa0XL72afs8BMWFGV+3HO0lHM0GryJz8qm9nRw6Oehrl7lKg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
x.skimresources.com/ Frame 333D
0
0
Image
General
Full URL
https://x.skimresources.com/?provider=exelate&gdpr=0&gdpr_consent=
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.127.138 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
138.127.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

clarity.js
www.clarity.ms/s/0.7.20/
60 KB
25 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.20/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/4011451
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:20 GMT
content-encoding
br
last-modified
Mon, 15 Jan 2024 09:28:11 GMT
etag
W/"0x8DC15AC4AC3CD45"
vary
Accept-Encoding
x-azure-ref
20240116T191820Z-ca19yx2m394fm2zg9bksr3ha64000000057g000000017bdn
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
f2ab824b-501e-0039-4806-48d5c7000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
main.43c0095c.js
s.pinimg.com/ct/lib/
66 KB
19 KB
Script
General
Full URL
https://s.pinimg.com/ct/lib/main.43c0095c.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:79::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2eed3688f56478253ff9082b0c34cc0e7fc12371988309e5c80edf3789bde5ae

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:20 GMT
content-encoding
br
x-cdn
fastly
etag
"1f52f76b492e69ca67bc930049f713de"
x-amz-server-side-encryption
AES256
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=1209600
alt-svc
h3=":443";ma=600
content-length
19076
main.MTc3MGUxMzJiMQ.js
analytics.tiktok.com/i18n/pixel/static/
396 KB
103 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CG8MASRC77UFNRPAMS10&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.104.137 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-104-137.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
08986577afb5ec60577a1ce35175147bede79ff0c4462d9a1d84eb42aeccce7b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id
88df0d41
date
Tue, 16 Jan 2024 19:18:20 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202401121632184FBC173DD6F4825E394E
x-tt-trace-id
00-2401121632184FBC173DD6F4825E394E-266C0C2F9FD990D2-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-48-100-137.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
015bad4489aea8a60995b4bbc5d431f8f52a332d75f096e66519d054ff8425fe74860903f87811e21311e8f3e774e4cb2646238dfe121bf7c7f1b4ad3e7a44d6e8d40c7f3d0d7c5fd5e5b24b310e53f791585f78cbda1dd9a2e5cf70d1f145c583
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length
105257
syncframe
gum.criteo.com/ Frame 9F64
14 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?topUrl=www.canvaschamp.com&origin=onetag
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=104588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c9a726fb5e408c905af5fa916e23740a283b9ab6f8adfa955a0b3b40e7c6cdf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 16 Jan 2024 19:18:20 GMT
server
Kestrel
server-processing-duration-in-ticks
710154
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
/
ct.pinterest.com/user/
303 B
410 B
XHR
General
Full URL
https://ct.pinterest.com/user/?tid=2614581644281&pd=%7B%22em%22%3A%22%22%7D&cb=1705432700573&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.43c0095c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
decfb6b65c936cb4e06e0d666c00db86f3c7a967686d2754c900cd86dca5e1c7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:20 GMT
content-encoding
gzip
x-cdn
fastly
x-envoy-upstream-service-time
0
alt-svc
h3=":443";ma=600
x-pinterest-rid
8243519591049833
content-length
175
pin-unauth
dWlkPVlqTTJNRGMwWW1JdFlUUXlNeTAwWWpOaExXRTBabUV0TmpKbE1UazRPR1kyWXpKaw
pragma
no-cache
referrer-policy
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.canvaschamp.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
9386892386b62585d2cc0c45f8ac8977ddee7bec
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/user/
303 B
292 B
XHR
General
Full URL
https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22product_id%22%3A%22CCPK530%22%2C%22product_price%22%3A3.89%2C%22currency%22%3A%22USD%22%7D&tid=2614581644281&cb=1705432700575&dep=5%2CEVENT_TAGS_ABSENT
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.43c0095c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
decfb6b65c936cb4e06e0d666c00db86f3c7a967686d2754c900cd86dca5e1c7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:20 GMT
content-encoding
gzip
x-cdn
fastly
x-envoy-upstream-service-time
2
alt-svc
h3=":443";ma=600
x-pinterest-rid
4923560055428818
content-length
175
pin-unauth
dWlkPVl6QXlaalk1T0RVdFptWXpaQzAwTjJZMExUZ3hNemd0T0RJMk4yRXdZamszTURGbA
pragma
no-cache
referrer-policy
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.canvaschamp.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
9386892386b62585d2cc0c45f8ac8977ddee7bec
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/
35 B
399 B
Image
General
Full URL
https://ct.pinterest.com/v3/?tid=2614581644281&pd=%7B%22em%22%3A%22%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.canvaschamp.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2243c0095c%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1705432700612
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jan 2024 19:18:20 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
*
pinterest-version
9386892386b62585d2cc0c45f8ac8977ddee7bec
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
1
alt-svc
h3=":443";ma=600
x-pinterest-rid
9638606108969880
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
cspreport
www.google.com/_/VerifiedReviewsBadgeUi/ Frame D995
0
278 B
Other
General
Full URL
https://www.google.com/_/VerifiedReviewsBadgeUi/cspreport
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::67 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/VerifiedReviewsBadgeUi/cspreport, script-src 'report-sample' 'nonce-P8JDBTWD0roTttiqvmbGtw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=7695246&origin=https%3A%2F%2Fwww.canvaschamp.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.JKCQ2Hvuo0E.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOl3FsgYnTqVeIFUJJD2j4-pO09lQ%2Fm%3D__features__
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 16 Jan 2024 19:18:20 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/VerifiedReviewsBadgeUi/cspreport, script-src 'report-sample' 'nonce-P8JDBTWD0roTttiqvmbGtw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=_b,_tp
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.r4hRuC_3RLY.es5.O/am=gEEa/d=1/excm=_b,_tp,badgeview/ed=1/dg=0/wt=2/ujg=1/rs=A... Frame D995
159 KB
57 KB
Script
General
Full URL
https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.r4hRuC_3RLY.es5.O/am=gEEa/d=1/excm=_b,_tp,badgeview/ed=1/dg=0/wt=2/ujg=1/rs=AC8lLkS-V7ePr9pYOafhVXBDyN92FzuRug/m=_b,_tp
Requested by
Host: www.google.com
URL: https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=7695246&origin=https%3A%2F%2Fwww.canvaschamp.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.JKCQ2Hvuo0E.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOl3FsgYnTqVeIFUJJD2j4-pO09lQ%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::67 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d77b5c56d82ba31640d1f126d337d527593c1f10fc3a469244601906fce82f8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 21:30:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78449
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57550
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 13:59:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
vary
Accept-Encoding
report-to
{"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Jan 2025 21:30:51 GMT
gray_stars_large.png
www.gstatic.com/verifiedreviews/ Frame D995
943 B
1 KB
Image
General
Full URL
https://www.gstatic.com/verifiedreviews/gray_stars_large.png
Requested by
Host: www.google.com
URL: https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=7695246&origin=https%3A%2F%2Fwww.canvaschamp.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.JKCQ2Hvuo0E.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOl3FsgYnTqVeIFUJJD2j4-pO09lQ%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd4188121a6c9b28d029ebc07cd1db2f35e0657b4a2e825f901ed8b2b37bb327
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 19:19:56 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
86304
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
943
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 14 Jan 2025 19:19:56 GMT
orange_stars_large.png
www.gstatic.com/verifiedreviews/ Frame D995
945 B
1007 B
Image
General
Full URL
https://www.gstatic.com/verifiedreviews/orange_stars_large.png
Requested by
Host: www.google.com
URL: https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=7695246&origin=https%3A%2F%2Fwww.canvaschamp.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.JKCQ2Hvuo0E.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOl3FsgYnTqVeIFUJJD2j4-pO09lQ%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8703732fc112fb61adbc3715a19ebc0944a5544c64ee314ade6140ec57ec644
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 19:19:56 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
86304
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
945
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 14 Jan 2025 19:19:56 GMT
gcr_logo_stacked.png
www.gstatic.com/verifiedreviews/en/ Frame D995
1 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/verifiedreviews/en/gcr_logo_stacked.png
Requested by
Host: www.google.com
URL: https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=7695246&origin=https%3A%2F%2Fwww.canvaschamp.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.JKCQ2Hvuo0E.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCOl3FsgYnTqVeIFUJJD2j4-pO09lQ%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab8debe19f138dd26978779dceefc172902368b4cb943bc09d14fa6c01a6e322
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 19:45:22 GMT
x-content-type-options
nosniff
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
age
84778
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1499
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 14 Jan 2025 19:45:22 GMT
sid
mug.criteo.com/ Frame 9F64
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=canvaschamp.com&sn=ChromeSyncframe&so=0&topUrl=www.canvaschamp.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=3hOE3XxsLytEV1hBQzVNV1JkSnVMZi9kQzFGQmJTL3BpRktoa0JGWUFvQi9LWGZsaUtwY1BJL3dZNmEvSTRCYm9md0l2bTQzb25kSkZRdm5FZ1NGNkl3aU1CMGJGRHpQWXdrRDlaNGJLeVVneG9qN3JXNW1CRG5rK2pUU3...
439 B
1 KB
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=3hOE3XxsLytEV1hBQzVNV1JkSnVMZi9kQzFGQmJTL3BpRktoa0JGWUFvQi9LWGZsaUtwY1BJL3dZNmEvSTRCYm9md0l2bTQzb25kSkZRdm5FZ1NGNkl3aU1CMGJGRHpQWXdrRDlaNGJLeVVneG9qN3JXNW1CRG5rK2pUU3NDWUhZZzkzM2JJSkZ2UTBkMFdRY2pUR2hFYzdrSDB3QjNCdmozeU5aTWl3V2k3RFpueFRmR042OEp2d3RDdzhRZWkxZnBtcTFFbFdTQ05aMUpKdlV0OUV0Z0xLTWF3RDZMSzlDYUZKWUY3VzQ1bDFjTUZPcTEwcGJFTmNvdUVKWUJOOUVTanpHVW5NUXc2Q1luaTE3UVlXNWZqU1hyandhTEprYzFxZXVlL0htc2ZrOENEUT18&cppv=2
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f4c667e76a2e544238833c2786a1482af55dc91a866de66e4c9aa0aabf287c84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jan 2024 19:18:20 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2396323
expires
0

Redirect headers

pragma
no-cache
date
Tue, 16 Jan 2024 19:18:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=3hOE3XxsLytEV1hBQzVNV1JkSnVMZi9kQzFGQmJTL3BpRktoa0JGWUFvQi9LWGZsaUtwY1BJL3dZNmEvSTRCYm9md0l2bTQzb25kSkZRdm5FZ1NGNkl3aU1CMGJGRHpQWXdrRDlaNGJLeVVneG9qN3JXNW1CRG5rK2pUU3NDWUhZZzkzM2JJSkZ2UTBkMFdRY2pUR2hFYzdrSDB3QjNCdmozeU5aTWl3V2k3RFpueFRmR042OEp2d3RDdzhRZWkxZnBtcTFFbFdTQ05aMUpKdlV0OUV0Z0xLTWF3RDZMSzlDYUZKWUY3VzQ1bDFjTUZPcTEwcGJFTmNvdUVKWUJOOUVTanpHVW5NUXc2Q1luaTE3UVlXNWZqU1hyandhTEprYzFxZXVlL0htc2ZrOENEUT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
341280
content-length
0
expires
0
collect
o.clarity.ms/
0
299 B
XHR
General
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.canvaschamp.com
Date
Tue, 16 Jan 2024 19:18:20 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
identify_55404.js
analytics.tiktok.com/i18n/pixel/static/
137 KB
37 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_55404.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.104.137 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-104-137.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-akamai-request-id
88df1ae1
date
Tue, 16 Jan 2024 19:18:20 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240104151447445E17944FA13B1ACEF9
x-tt-trace-id
00-240104151447445E17944FA13B1ACEF9-1DEC6AEA11E44F39-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-48-100-137.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01929a42eca6b44ac1a84619acdcea7cffc565b0171323be5924ddeb0696290654142e17294e9e534eb0d00a57be5eda186e7abb34bd49343b6cec720b88c7c1b89c38cecd03c621b9396d91882a097219c0ad822a99541d2bbcbf9b7991741e9d
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length
37060
pixel
analytics.tiktok.com/api/v2/
0
702 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.104.137 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-104-137.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
88df1d18
date
Tue, 16 Jan 2024 19:18:20 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24011619182019F61C84AA351CD8EB18-329857EDD7D435D8-00
x-cache
TCP_MISS from a23-48-100-137.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
server-timing
inner; dur=37, cdn-cache; desc=MISS, edge; dur=5, origin; dur=46
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2024011619182019F61C84AA351CD8EB18
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
46,23.48.100.137
x-tt-trace-host
01ba74338425f636b53c4524cf4f46fd19f175c4953bdd1897fe2fd04de9a8d1da39948056f19fa1f5902c69ea0382f2ccaeb1d8c6798a0f8bef9042dd82da1efc2f2221307fd0d4a1f12d865b3f6dcf2d5e00dc1129e97f33db20843f8f1e8fea
access-control-allow-headers
Authorization,*
expires
Tue, 16 Jan 2024 19:18:20 GMT
/
ct.pinterest.com/v3/
35 B
334 B
Image
General
Full URL
https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22product_id%22%3A%22CCPK530%22%2C%22product_price%22%3A3.89%2C%22currency%22%3A%22USD%22%7D&tid=2614581644281&cb=1705432700795&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22em%22%3A%22%22%2C%22pin_unauth%22%3A%22dWlkPVlqTTJNRGMwWW1JdFlUUXlNeTAwWWpOaExXRTBabUV0TmpKbE1UazRPR1kyWXpKaw%22%2C%22aem_eligible_list%22%3A%5B%22fn%22%5D%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.canvaschamp.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2243c0095c%22%2C%22is_eu%22%3Afalse%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jan 2024 19:18:20 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
*
pinterest-version
9386892386b62585d2cc0c45f8ac8977ddee7bec
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
4
alt-svc
h3=":443";ma=600
x-pinterest-rid
1488882537437604
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
m=vhDjqd
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.r4hRuC_3RLY.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.JMS... Frame D995
95 KB
33 KB
Script
General
Full URL
https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.r4hRuC_3RLY.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.JMS2X-CBheI.L.B1.O/am=gEEa/d=1/exm=_b,_tp/excm=_b,_tp,badgeview/ed=1/wt=2/ujg=1/rs=AC8lLkQ4LQ2yAU3qshSGRTLIbWR_hUq0Ww/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yxTchf:KUM7Z/m=vhDjqd
Requested by
Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.r4hRuC_3RLY.es5.O/am=gEEa/d=1/excm=_b,_tp,badgeview/ed=1/dg=0/wt=2/ujg=1/rs=AC8lLkS-V7ePr9pYOafhVXBDyN92FzuRug/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::67 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba477d3b45d7e12ad03e9e0e9748539770ac4b65a75bfc44fcd5e789b7d74814
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 20:21:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82585
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33920
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 02:06:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
vary
Accept-Encoding
report-to
{"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Jan 2025 20:21:55 GMT
m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.r4hRuC_3RLY.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.JMS... Frame D995
5 KB
3 KB
Script
General
Full URL
https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.r4hRuC_3RLY.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.JMS2X-CBheI.L.B1.O/am=gEEa/d=1/exm=_b,_tp,vhDjqd/excm=_b,_tp,badgeview/ed=1/wt=2/ujg=1/rs=AC8lLkQ4LQ2yAU3qshSGRTLIbWR_hUq0Ww/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk
Requested by
Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.r4hRuC_3RLY.es5.O/am=gEEa/d=1/excm=_b,_tp,badgeview/ed=1/dg=0/wt=2/ujg=1/rs=AC8lLkS-V7ePr9pYOafhVXBDyN92FzuRug/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::67 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63a2afbdc5a491c33df36263749fdf9a834c337f5eaac2355ffa3d3a2fd0521f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:17:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64836
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2549
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 02:06:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
vary
Accept-Encoding
report-to
{"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Jan 2025 01:17:44 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.r4hRuC_3RLY.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.JMS... Frame D995
6 KB
2 KB
Script
General
Full URL
https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.r4hRuC_3RLY.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.JMS2X-CBheI.L.B1.O/am=gEEa/d=1/exm=FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8,vhDjqd,ws9Tlc/excm=_b,_tp,badgeview/ed=1/wt=2/ujg=1/rs=AC8lLkQ4LQ2yAU3qshSGRTLIbWR_hUq0Ww/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.r4hRuC_3RLY.es5.O/am=gEEa/d=1/excm=_b,_tp,badgeview/ed=1/dg=0/wt=2/ujg=1/rs=AC8lLkS-V7ePr9pYOafhVXBDyN92FzuRug/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::67 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52af5854378a9a83cd4cb592372afd1f79515adc507c86f592e83b426bbfb558
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 01:17:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64828
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2510
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 02:06:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
vary
Accept-Encoding
report-to
{"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Jan 2025 01:17:52 GMT
params
shop.pe/widget/main/init/
260 B
751 B
Script
General
Full URL
https://shop.pe/widget/main/init/params?siteid=5f0c7145d559306b865b534b&product=Cheap%20Canvas%20Prints%20-%20Starting%20%40%20%243.89%20Only%20%7C%20Upto%2093%25%20Off&product_url=https%3A%2F%2Fwww.canvaschamp.com%2F&image=https%3A%2F%2Fwww.canvaschamp.com%2Fstatic%2Fimages%2Fcvp_logo.svg&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=https%3A%2F%2Fwww.canvaschamp.com%2F&callback=AddShoppersWidget.load_widget&no_cookie_callback=AddShoppersWidget.load_no_cookie&sos=false&rand=18638&cookie=&referer=
Requested by
Host: d2mjzob2nc713b.cloudfront.net
URL: https://d2mjzob2nc713b.cloudfront.net/widget/widget.js?v=5eb4426
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.244.1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
1.244.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
46476d6f4acb31010faae359a0eb101e622ff5b43304b35399c74640a785b4e1
Security Headers
Name Value
Content-Security-Policy frame-ancestors none;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:20 GMT
content-security-policy
frame-ancestors none;
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
backend-version
47
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
data-regulation-gdpr-enforced
false
referrer-policy
no-referrer-when-downgrade
server
nginx
etag
W/"83cb076b82afa8a4ebe1f5350f87bcb7ca706db1"
x-frame-options
deny
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PATCH
content-type
text/javascript
access-control-allow-origin
https://my.addshoppers.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type, X-XSRFToken
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=C4D3317A50994EE993052A0C38E3EF46&RedC=c.clarity.ms&MXFR=27E3A47763736AAF26B3B07F6773643C
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C4D3317A50994EE993052A0C38E3EF46&MUID=12F1B420D453659206B5A028D5C36469
42 B
464 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C4D3317A50994EE993052A0C38E3EF46&MUID=12F1B420D453659206B5A028D5C36469
Protocol
H2
Server
20.125.209.212 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jan 2024 19:18:21 GMT
last-modified
Wed, 10 Jan 2024 21:11:28 GMT
server
Microsoft-IIS/10.0
etag
"7eefd993944da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 16 Jan 2024 19:18:20 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B2D7BF579F3840808E264C227A74519D Ref B: MIAEDGE1510 Ref C: 2024-01-16T19:18:21Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C4D3317A50994EE993052A0C38E3EF46&MUID=12F1B420D453659206B5A028D5C36469
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
ct.html
ct.pinterest.com/ Frame 0043
565 B
517 B
Document
General
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.43c0095c.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.192.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443";ma=600
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Tue, 16 Jan 2024 19:18:20 GMT
pinterest-version
9386892386b62585d2cc0c45f8ac8977ddee7bec
referrer-policy
origin
x-cdn
fastly
x-envoy-upstream-service-time
0
x-pinterest-rid
7339700027155482
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/997652390/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/997652390/?random=1705432700881&cv=11&fst=1705432700881&bg=ffffff&guid=ON&async=1&gtm=45He41a0v78129542&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.canvaschamp.com%2F&hn=www.googleadservices.com&frm=0&tiba=Cheap%20Canvas%20Prints%20-%20Starting%20%40%20%243.89%20Only%20%7C%20Upto%2093%25%20Off&auid=1619970509.1705432701&uamb=0&uaw=0&data=ecomm_prodid%3DCCPK530%3Becomm_pagetype%3Dhome%3Becomm_totalvalue%3D3.89%3Becomm_category%3DCanvas%20Prints&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPFGV7W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd14275718b687a6fba55fb72875334cfb992774b1760d0246a73f30c950f253
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jan 2024 19:18:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
20758.js
www.dwin1.com/
48 KB
14 KB
Script
General
Full URL
https://www.dwin1.com/20758.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPFGV7W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f3:8000:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
305df5b50bd3cee053aac2a4aadb40d3b3309f3e6c597f18062fb2e8bed18e77

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
NduNl4N_x5xB9WLuRCpyrPj55jExD2r_
content-encoding
gzip
via
1.1 9c13d38452f2017c92d65c8904408686.cloudfront.net (CloudFront)
date
Tue, 16 Jan 2024 19:11:38 GMT
x-amz-cf-pop
IAD55-P2
age
407
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 05 Jan 2024 12:45:31 GMT
server
AmazonS3
etag
W/"5927fc81ba96d2952542e1bea4f68de5"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600, s-maxage=600
x-amz-cf-id
MbpKlBBTD9hKxeqFjlakaaCdBtlBMGJVJZtQdAK1s2cVupVh-ippAw==
app.js
acsbapp.com/apps/app/dist/js/
295 KB
90 KB
Script
General
Full URL
https://acsbapp.com/apps/app/dist/js/app.js
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1967a7769d89d3514ae8f61e7bfb07f10f12f3b795dbfd118abf630d4f42454

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:21 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-guploader-uploadid
ABPtcPqCMzDXbyG_6SDpqQWxUSjhmAmKgFPcRX8A9sjJBUt-7IpLpQQCcEjvEuwBuoy8nky6yco
x-goog-storage-class
STANDARD
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
last-modified
Thu, 11 Jan 2024 11:48:38 GMT
server
cloudflare
etag
W/"008be5eab40808ebe601626f961603b9"
vary
Accept-Encoding
x-goog-hash
crc32c=36U2AA==, md5=AIvl6rQICOvmAWJvlhYDuQ==
x-goog-generation
1704973718529000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=300, must-revalidate
x-goog-stored-content-length
302254
cf-ray
8468b42d1aaf749e-MIA
expires
Wed, 15 Jan 2025 19:18:20 GMT
dtag.js
cdn.attn.tv/canvaschamp/
7 KB
3 KB
Script
General
Full URL
https://cdn.attn.tv/canvaschamp/dtag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPFGV7W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:600:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1fd003db7e687dd0e8ab4b129b7b7f003a601dc32802ee40bde129c9a5b73e10

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
pMSF1njB9p0dqPuPqkgtRjyxjoLDbq8A
content-encoding
gzip
via
1.1 dff867205390cf91b170b9bf1251e39a.cloudfront.net (CloudFront)
date
Tue, 16 Jan 2024 19:16:41 GMT
last-modified
Wed, 12 Oct 2022 19:21:26 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
109
etag
W/"755f59d5eced526aeb900f7f66da5574"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=120
x-amz-replication-status
COMPLETED
x-amz-cf-id
oqQzvFIjARxHnC91-LSzHJorv1PyN3J2RVkT4_TN4TVuHnssbCQcFw==
recorder.js
web-sdk.smartlook.com/
6 KB
2 KB
Script
General
Full URL
https://web-sdk.smartlook.com/recorder.js
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:e200::2 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
237ef034a49469c3d07e0cd067aee20e538e14a3a3ea7d2d826127c740c31df5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-77-pop
ashburnUSVA
date
Tue, 16 Jan 2024 19:18:21 GMT
strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-age-lb
533
x-77-cache
HIT
cross-origin-resource-policy
cross-origin
x-accel-date
1705432168
x-77-nzt
EgwBJRPOBAH3FQIAAAwBuTvfFAH3AAAAAA
x-accel-expires
@1705432768
x-77-age
533
x-cache-lb
HIT
last-modified
Wed, 10 Jan 2024 08:37:20 GMT
server
CDN77-Turbo
etag
W/"659e5740-17d1"
x-77-nzt-ray
8e305f1caf9ec7777dd6a66515a9b903
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=600
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/px?id=1706689&seg=34366682,1364407&order_id=Visitor&t=1
  • https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1706689%26seg%3D34366682%2C1364407%26order_id%3DVisitor%26t%3D1
0
972 B
Script
General
Full URL
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1706689%26seg%3D34366682%2C1364407%26order_id%3DVisitor%26t%3D1
Protocol
H2
Server
68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jan 2024 19:18:21 GMT
an-x-request-uuid
7e207f86-fb96-4002-91e4-a17970dea822
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.76; 38.132.118.76; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 16 Jan 2024 19:18:21 GMT
an-x-request-uuid
47dc2105-78e3-491e-9d5a-30e8b9418ac7
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1706689%26seg%3D34366682%2C1364407%26order_id%3DVisitor%26t%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.76; 38.132.118.76; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixie.js
acdn.adnxs.com/dmp/up/
9 KB
4 KB
Script
General
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: www.canvaschamp.com
URL: https://www.canvaschamp.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.240.246 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-240-246.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Unused62
8096267
Date
Tue, 16 Jan 2024 19:18:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Jun 2021 15:04:00 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"60b79de0-23b3"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Length
3340
Expires
Wed, 17 Jan 2024 19:18:23 GMT
sread.img
www.awin1.com/
43 B
592 B
Image
General
Full URL
https://www.awin1.com/sread.img?tt=ns&tv=2&merchant=20758&amount=&ch=&parts=&ref=&vc=&cr=&testmode=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.54.179.91 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-179-91.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 Jan 2024 19:18:21 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
api.js
apis.google.com/js/ Frame D995
18 KB
7 KB
Script
General
Full URL
https://apis.google.com/js/api.js
Requested by
Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.r4hRuC_3RLY.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.JMS2X-CBheI.L.B1.O/am=gEEa/d=1/exm=_b,_tp/excm=_b,_tp,badgeview/ed=1/wt=2/ujg=1/rs=AC8lLkQ4LQ2yAU3qshSGRTLIbWR_hUq0Ww/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yxTchf:KUM7Z/m=vhDjqd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::64 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f66953bca1497e67aaa741bd84a9f1be8908319f6f07bcfd62de6c1e653c6cbd
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 16 Jan 2024 19:18:20 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7114
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"9ea1abeb2de872ea"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Jan 2024 19:18:20 GMT
m=RqjULd
www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.r4hRuC_3RLY.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.JMS... Frame D995
31 KB
12 KB
Script
General
Full URL
https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.r4hRuC_3RLY.es5.O/ck=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.JMS2X-CBheI.L.B1.O/am=gEEa/d=1/exm=EFQ78c,FCpbqb,LEikZe,WhJNk,Wt6vjf,_b,_tp,byfTOb,hhhU8,lsjVmc,lwddkf,vhDjqd,ws9Tlc/excm=_b,_tp,badgeview/ed=1/wt=2/ujg=1/rs=AC8lLkQ4LQ2yAU3qshSGRTLIbWR_hUq0Ww/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yxTchf:KUM7Z/m=RqjULd
Requested by
Host: www.google.com
URL: https://www.google.com/_/scs/shopping-verified-reviews-static/_/js/k=boq-shopping-verified-reviews.VerifiedReviewsBadgeUi.en_US.r4hRuC_3RLY.es5.O/am=gEEa/d=1/excm=_b,_tp,badgeview/ed=1/dg=0/wt=2/ujg=1/rs=AC8lLkS-V7ePr9pYOafhVXBDyN92FzuRug/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::67 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4bda41146585a35f67c0df795ae2c1d75911dad8a4a9a792edfde683bb3dfb90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 22:00:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76659
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/shopping-verified-reviews-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11799
x-xss-protection
0
last-modified
Tue, 12 Dec 2023 02:06:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/shopping-verified-reviews-boq-js-css-signers"
vary
Accept-Encoding
report-to
{"group":"boq-infra/shopping-verified-reviews-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/shopping-verified-reviews-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Jan 2025 22:00:41 GMT
act
analytics.tiktok.com/api/v2/pixel/
0
704 B
Ping
General
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.104.137 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-104-137.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
88df2a12
date
Tue, 16 Jan 2024 19:18:21 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2401161918211519A5D1E2471BD92F96-53BBB0DA84D34F66-00
x-cache
TCP_MISS from a23-48-100-137.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
server-timing
inner; dur=61, cdn-cache; desc=MISS, edge; dur=14, origin; dur=76
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202401161918211519A5D1E2471BD92F96
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
76,23.48.100.137
x-tt-trace-host
01ba74338425f636b53c4524cf4f46fd19f175c4953bdd1897fe2fd04de9a8d1da366f5e4e8243df994a51b4c1aacb1badbb7c65c3c38c1181cb37797792a8c17fee17ef5474ff6b606507277493eec48c65801ee6a1396dad31c6b058ebd3754b
access-control-allow-headers
Authorization,*
expires
Tue, 16 Jan 2024 19:18:21 GMT
params
shop.pe/widget/main/init/
1 KB
637 B
Script
General
Full URL
https://shop.pe/widget/main/init/params?siteid=5f0c7145d559306b865b534b&product=Cheap%20Canvas%20Prints%20-%20Starting%20%40%20%243.89%20Only%20%7C%20Upto%2093%25%20Off&product_url=https%3A%2F%2Fwww.canvaschamp.com%2F&image=https%3A%2F%2Fwww.canvaschamp.com%2Fstatic%2Fimages%2Fcvp_logo.svg&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=https%3A%2F%2Fwww.canvaschamp.com%2F&callback=AddShoppersWidget.load_widget&rand=97888&cookie=2%7C1%3A0%7C10%3A1705432700%7C15%3Aaddshoppers.com%7C44%3AZTBiZjBlOWQ0MDJkNDE2YjkxZWEzM2NhNGUwYmZmZjk%3D%7Cdfbca4e73a054a7ec4c723509af85a545b1347359fe3714367a87f48d94070c6&referer=
Requested by
Host: d2mjzob2nc713b.cloudfront.net
URL: https://d2mjzob2nc713b.cloudfront.net/widget/widget.js?v=5eb4426
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.244.1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
1.244.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1086c02d64aa4218940bfc07fe88bcfaf384c4bb0eff4ec371d55f7ad6ebdcc6
Security Headers
Name Value
Content-Security-Policy frame-ancestors none;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:21 GMT
content-security-policy
frame-ancestors none;
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
backend-version
47
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
data-regulation-gdpr-enforced
false
referrer-policy
no-referrer-when-downgrade
server
nginx
etag
W/"9eebb6e1d77a222041a03e1fcad1866ef7187582"
x-frame-options
deny
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PATCH
content-type
text/javascript
access-control-allow-origin
https://my.addshoppers.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type, X-XSRFToken
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.JKCQ2Hvuo0E.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOl3FsgYnTqVeIFUJJD2j4-pO09lQ/ Frame D995
119 KB
40 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.JKCQ2Hvuo0E.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOl3FsgYnTqVeIFUJJD2j4-pO09lQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::64 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
012d33a3241bc9a3758a7efc97794d11b9805d40956f628bf98ebae478606591
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 13:08:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22176
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41260
x-xss-protection
0
last-modified
Wed, 15 Jan 2020 20:40:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Jan 2025 13:08:45 GMT
event
sslwidget.criteo.com/
10 KB
5 KB
Script
General
Full URL
https://sslwidget.criteo.com/event?a=104588&v=5.20.0&p0=e%3Dce%26m%3D%255B%255D%26h%3Dnone&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-ee-1.2.0&p3=e%3Ddis&adce=1&bundle=he81ol9QeTk4WHp3T3NFeWdLV3NqajElMkZLOTElMkZkQ2RXTzU4Rm5sTHloZExRT3NVSzg1cEIlMkYzNHh6YnAydjhqNUloMXM2ME5LTDNBc1dVc0NtVng4SDZlTHB6ZEpWRzhvMzNMQkR6R0dEOXhFa2p3T2xYcUY3UFN1V0VQUzVsREVMY3hRcGp1JTJCdyUyRnM4b2hEdyUyQnVTU1AlMkJFWFZVUSUzRCUzRA&tld=canvaschamp.com&dy=1&fu=https%253A%252F%252Fwww.canvaschamp.com%252F&ceid=2a11a84d-b7f8-4962-aa99-57bd5fde9f76&dtycbr=23096
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=104588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
638217cec2ef52ff6757ff126c16de4947b4f50df5dc34dcdfb7d72021649b26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jan 2024 19:18:21 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
22820891
timing-allow-origin
*
expires
0
/
www.google.com/pagead/1p-user-list/997652390/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/997652390/?random=1705432700881&cv=11&fst=1705431600000&bg=ffffff&guid=ON&async=1&gtm=45He41a0v78129542&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.canvaschamp.com%2F&frm=0&tiba=Cheap%20Canvas%20Prints%20-%20Starting%20%40%20%243.89%20Only%20%7C%20Upto%2093%25%20Off&data=ecomm_prodid%3DCCPK530%3Becomm_pagetype%3Dhome%3Becomm_totalvalue%3D3.89%3Becomm_category%3DCanvas%20Prints&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_HF_-uz_E2Vdv-IGZ5xPn0DTGEx_3Dw&random=1197141529&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::67 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jan 2024 19:18:21 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
config.json
cdn.acsbapp.com/config/canvaschamp.com/
163 B
714 B
Fetch
General
Full URL
https://cdn.acsbapp.com/config/canvaschamp.com/config.json
Requested by
Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e0d8d514ee7ca6ecc068bb10bdefd4f470924ccdbef48df76f090f2a086bed1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:21 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-guploader-uploadid
ABPtcPo1iK_tHNjMv3ToDF8iVVyNB2g17WaJXZegzf0scpskXfyGSqaQvdPCedvrA9hUNZpYPRCqfYbWTQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Thu, 16 Nov 2023 20:30:47 GMT
server
cloudflare
etag
W/"9cae48b06bc14383a159b54f4a92fcbc"
vary
Accept-Encoding
x-goog-hash
crc32c=f4fmUw==, md5=nK5IsGvBQ4OhWbVPSpL8vA==
x-goog-generation
1700166647727804
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=300, must-revalidate
x-goog-stored-content-length
163
cf-ray
8468b42e7a855f20-MIA
expires
Wed, 15 Jan 2025 19:18:21 GMT
8decb1c5cc5848738a0501c970ade36e.js
addshoppers.s3.amazonaws.com/customize/5f0c7145d559306b865b534b/
219 B
644 B
Script
General
Full URL
https://addshoppers.s3.amazonaws.com/customize/5f0c7145d559306b865b534b/8decb1c5cc5848738a0501c970ade36e.js?_t=1626371113
Requested by
Host: d2mjzob2nc713b.cloudfront.net
URL: https://d2mjzob2nc713b.cloudfront.net/widget/widget.js?v=5eb4426
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.219.33 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
2f2d00fb3486746ecf347c6ab17b0cb347c59b11c2f81f4389e0972902986b68

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Tue, 16 Jan 2024 19:18:22 GMT
Content-Encoding
gzip
x-amz-version-id
0JsvqQu5.cEul3cjhbE0_Hc1TgkYjBpu
Last-Modified
Thu, 15 Jul 2021 17:45:14 GMT
Server
AmazonS3
x-amz-request-id
112F9Z1P1NQQ46JB
ETag
"d60aa9cbc64b8ae62af0991f8131911f"
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000, public
Accept-Ranges
bytes
Content-Length
144
x-amz-id-2
jfqcaa10/Z5vMBaDtZEU4cYr/95bVBTkPuzwipufwQrh/27HBKEUrGTQk8RNui4HJ05DmmYXudY=
input.js
shopper.shop.pe/
26 KB
9 KB
Script
General
Full URL
https://shopper.shop.pe/input.js
Requested by
Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.54.17 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
17.54.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
eaef61a693bec2483439247f48dd8def6558804ed706f02ae6a346f32b80a92c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 18:38:35 GMT
content-encoding
gzip
age
2386
x-guploader-uploadid
ABPtcPqu--xUY6AdD6VwzFFm2d_LoV7d8_PUD_axYDwGs6Dw04Ylt9mwe7Bw3GrOL2VGegL8CT0
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8792
last-modified
Fri, 20 Oct 2023 20:23:22 GMT
server
UploadServer
etag
"c2fb6547f7ca4184ed1f192012cca195"
vary
Accept-Encoding
x-goog-generation
1697833401935127
x-goog-hash
crc32c=pxoFVg==, md5=wvtlR/fKQYTtHxkgEsyhlQ==
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public, max-age=14400
x-goog-stored-content-length
8792
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
expires
Tue, 16 Jan 2024 22:38:35 GMT
status
app.shop.pe/app/datapartners/
34 B
501 B
XHR
General
Full URL
https://app.shop.pe/app/datapartners/status?usersite_id=5f0c7145d559306b865b534b
Requested by
Host: d2mjzob2nc713b.cloudfront.net
URL: https://d2mjzob2nc713b.cloudfront.net/widget/widget.js?v=5eb4426
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.244.1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
1.244.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b4435b5ac2f1916ed1135fb1738a1cef87cb666f4356a6678fb1c77e1273f9e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 google
server
nginx
etag
W/"0467ba22658b680d6de72dc567071b5bc495547f"
x-frame-options
deny
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PATCH
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
access-control-allow-origin
*
content-type
application/json; charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type, X-XSRFToken
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
init.a40149584974a699867a.js
web-sdk.smartlook.com/es6/
62 KB
18 KB
Script
General
Full URL
https://web-sdk.smartlook.com/es6/init.a40149584974a699867a.js
Requested by
Host: web-sdk.smartlook.com
URL: https://web-sdk.smartlook.com/recorder.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:e200::2 Ashburn, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9ab7d9748bdfba5d61ea83f56d3f0db0fc4a4f822c624fa4bfa26e2e6deb4512
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000

Request headers

Referer
Origin
https://www.canvaschamp.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-77-pop
ashburnUSVA
date
Tue, 16 Jan 2024 19:18:21 GMT
strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
gzip
x-age-lb
554662
x-77-cache
HIT
cross-origin-resource-policy
cross-origin
x-accel-date
1704878039
x-77-nzt
EgwBJRPOBAH3pnYIAAwBnJI76AH3AQAAAA
x-accel-expires
@1736414038
x-77-age
554663
x-cache-lb
HIT
last-modified
Wed, 10 Jan 2024 08:37:20 GMT
server
CDN77-Turbo
etag
W/"659e5740-f605"
x-77-nzt-ray
8e305f1ce1a3fd807dd6a6653b677312
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
tm
smct.co/
15 KB
6 KB
Script
General
Full URL
https://smct.co/tm?t=canvaschamp.com
Requested by
Host: www.dwin1.com
URL: https://www.dwin1.com/20758.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.148.179.115 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-179-115.us-west-2.compute.amazonaws.com
Software
Apache/2.4.57 (Ubuntu) /
Resource Hash
5a863301039aca344ed3388ac4c5bb5521fa811eaf643fa9726cdffa11b603df

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
cache
date
Tue, 16 Jan 2024 19:18:21 GMT
content-encoding
gzip
server
Apache/2.4.57 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=900
content-length
5474
expires
Tue, 16 Jan 2024 19:33:21 GMT
lantern_global_20758.min.js
lantern.roeyecdn.com/
2 KB
2 KB
Script
General
Full URL
https://lantern.roeyecdn.com/lantern_global_20758.min.js
Requested by
Host: www.dwin1.com
URL: https://www.dwin1.com/20758.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:a200:1f:af3f:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cab5a4dfac9f44b07371dd6b41e8809c4eeac85754fad86c71e91cf20135de61

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 09:42:51 GMT
x-amz-version-id
S9Apxs15I1erMbxmeN7n.h7LXTuyv5yA
via
1.1 4e2a7874b5959279490dd3b94b18a312.cloudfront.net (CloudFront)
last-modified
Tue, 10 Oct 2023 12:16:02 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
age
34531
etag
"026a9e2ff112466b809e38ab578128d7"
x-cache
Hit from cloudfront
content-type
application/octet-stream
content-length
1815
x-amz-cf-id
CHGb8LsICGjeDoAW7RVj-Jfjlbi24gU_Tg1myK3ok8eIaxqEI51H4w==
pixie
ib.adnxs.com/
42 B
224 B
Image
General
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=2d324e7f-3baa-4529-8008-3e82d8aef2bd&it=1705432701209&v=0.0.20&u=https%3A%2F%2Fwww.canvaschamp.com%2F&st=1705432701208&et=1705432701209&if=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:21 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx/1.23.4
x-proxy-origin
38.132.118.76; 38.132.118.76; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
42
content-type
image/gif
unified-tag.js
cdn.attn.tv/tag/4-latest/
130 KB
44 KB
Script
General
Full URL
https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_263507365a
Requested by
Host: cdn.attn.tv
URL: https://cdn.attn.tv/canvaschamp/dtag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:600:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
981b992b927564bbf47765a83872007b99e2c36612171c21ff29f9be62e11586

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
qxGh5o..PLZ3vcWnVYIpOnMtlLolXIEC
content-encoding
gzip
via
1.1 dff867205390cf91b170b9bf1251e39a.cloudfront.net (CloudFront)
date
Tue, 16 Jan 2024 19:17:17 GMT
x-amz-cf-pop
EWR53-C1
age
65
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 08 Jan 2024 22:37:19 GMT
server
AmazonS3
etag
W/"69c7dd60d958314e6e95ae1cb671cfb1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300
x-amz-cf-id
75zsyIhBfvMShSIh-a22CbhcHQxwqI-wjljHzrarILfmR0_4vk3bGg==
collect
o.clarity.ms/
0
299 B
XHR
General
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.canvaschamp.com
Date
Tue, 16 Jan 2024 19:18:21 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame D6B5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-dvPg2sz3W1wUkEPZhjJ8SOmG5DWAuBmeRsjJqg&google_cm&google_hm=ay1kdlBnMnN6M1cxd1VrRVBaaGpKOFNPbUc1RFdBdUJtZ...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-dvPg2sz3W1wUkEPZhjJ8SOmG5DWAuBmeRsjJqg&google_gid=CAESEMOu4yX7AxeHNt4abBBV7-c&google_cver=1&google_ula=913071,0
43 B
370 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-dvPg2sz3W1wUkEPZhjJ8SOmG5DWAuBmeRsjJqg&google_gid=CAESEMOu4yX7AxeHNt4abBBV7-c&google_cver=1&google_ula=913071,0
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jan 2024 19:18:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1028736
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 16 Jan 2024 19:18:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-dvPg2sz3W1wUkEPZhjJ8SOmG5DWAuBmeRsjJqg&google_gid=CAESEMOu4yX7AxeHNt4abBBV7-c&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ul_cb/ Frame D6B5
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-qsA9tcz3W1wUkEPZhjJ8SOmG5DXpos23Wvi9pg&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-qsA9tcz3W1wUkEPZhjJ8SOmG5DXpos23Wvi9pg&expires=30
43 B
510 B
Image
General
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-qsA9tcz3W1wUkEPZhjJ8SOmG5DXpos23Wvi9pg&expires=30
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Tue, 16 Jan 2024 19:18:21 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-qsA9tcz3W1wUkEPZhjJ8SOmG5DXpos23Wvi9pg&expires=30
Date
Tue, 16 Jan 2024 19:18:21 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame D6B5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5330343121510112321
43 B
370 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5330343121510112321
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jan 2024 19:18:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1336458
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 16 Jan 2024 19:18:21 GMT
an-x-request-uuid
06919a6a-9d13-4554-af39-4398e586d277
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5330343121510112321
x-proxy-origin
38.132.118.76; 38.132.118.76; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
partner.mediawallahscript.com/ Frame D6B5
Redirect Chain
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-dvPg2sz3W1wUkEPZhjJ8SOmG5DWAuBmeRsjJqg&custom=&tag_format=img&tag_action=sync&custom=&cb=4856c493-4230-4db0-ad2c-6c88e22...
  • https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-dvPg2sz3W1wUkEPZhjJ8SOmG5DWAuBmeRsjJqg&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=4856c493-4230-4db...
  • https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync
  • https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=5330343121510112321&tag_format=img&tag_action=sync
  • https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=0319e910-b4a4-11ee-a6cf-1dfa302daa36?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile...
  • https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=fe2c6b755250baee47736ac1636dfba8&tag_format=img&tag_action=sync&cb=489363823
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=vxsrv3i&ttd_tpi=1
  • https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=48046b2f-ecb9-4b28-9dc0-2d74a10a7e00&tag_format=img&tag_action=sync&cb=
  • https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=0319e910-b4a4-11ee-a6cf-1dfa302daa36&cb=1705432701993&rmn=y&redirect=https%3A%2F%2Fpartner.me...
  • https://partner.mediawallahscript.com/?account_id=2041&partner_id=2130&uid=ddff1490-7039-477d-8b80-7754041d33d8&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1705432701993
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/mwal?url=https://partner.mediawallahscript.com/?account_id%3D2006%26partner_id%3D2131%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync
  • https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=03a9a5f0-b4a4-11ee-b576-8d024877c818
0
405 B
Image
General
Full URL
https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=03a9a5f0-b4a4-11ee-b576-8d024877c818
Protocol
H2
Server
3.224.246.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-246-109.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Tue, 16 Jan 2024 19:18:22 GMT
cache-control
private, no-cache, must-revalidate, no-store, max-age=0
server
nginx
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=03a9a5f0-b4a4-11ee-b576-8d024877c818
date
Tue, 16 Jan 2024 19:18:22 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cksync.php
contextual.media.net/ Frame D6B5
57 B
814 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-_Yb8m8z3W1wUkEPZhjJ8SOmG5DVB4KPMB8Hg3Q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.204.22 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-204-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 16 Jan 2024 19:18:21 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
57
x-mnet-hl2
E
expires
Tue, 16 Jan 2024 19:18:21 GMT
tap.php
pixel.rubiconproject.com/ Frame D6B5
42 B
940 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-gAvIE8z3W1wUkEPZhjJ8SOmG5DWUeCfSJg99IQ&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
cdd55fb02049ca8b9389527f6c1a1194
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
rtb-csync.smartadserver.com/redir/ Frame D6B5
43 B
688 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-Ne03Hsz3W1wUkEPZhjJ8SOmG5DVuwkha_NIuYQ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.73 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 16 Jan 2024 19:18:20 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame D6B5
0
374 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-pfx4Bcz3W1wUkEPZhjJ8SOmG5DWabNDJ1giiKA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:21 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
61515
um
criteo-sync.teads.tv/ Frame D6B5
23 B
278 B
Image
General
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-GDnLkcz3W1wUkEPZhjJ8SOmG5DXVCBjd9Yr97A
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.161.51 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-161-51.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Tue, 16 Jan 2024 19:18:21 GMT
pragma
no-cache
date
Tue, 16 Jan 2024 19:18:21 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame D6B5
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=2711&xuid=k-HTO6asz3W1wUkEPZhjJ8SOmG5DW3eOpb59-XIA&dongle=013b
  • https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-HTO6asz3W1wUkEPZhjJ8SOmG5DW3eOpb59-XIA&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-HTO6asz3W1wUkEPZhjJ8SOmG5DW3eOpb59-XIA&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 16 Jan 2024 19:18:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=2711&xuid=k-HTO6asz3W1wUkEPZhjJ8SOmG5DW3eOpb59-XIA&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
date
Tue, 16 Jan 2024 19:18:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ups.analytics.yahoo.com/ups/58301/ Frame D6B5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-82udQ8z3W1wUkEPZhjJ8SOmG5DVgxnT-VHyATQ
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-82udQ8z3W1wUkEPZhjJ8SOmG5DVgxnT-VHyATQ&verify=true
0
121 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-82udQ8z3W1wUkEPZhjJ8SOmG5DVgxnT-VHyATQ&verify=true
Protocol
H2
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.94 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:21 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-82udQ8z3W1wUkEPZhjJ8SOmG5DVgxnT-VHyATQ&verify=true
date
Tue, 16 Jan 2024 19:18:21 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cksync.php
hb.yahoo.net/ Frame D6B5
57 B
669 B
Image
General
Full URL
https://hb.yahoo.net/cksync.php?cs=1&type=58301&ovsid=k-82udQ8z3W1wUkEPZhjJ8SOmG5DVgxnT-VHyATQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.40.207.40 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-40-207-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 16 Jan 2024 19:18:21 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 16 Jan 2024 19:18:21 GMT
sync
visitor.omnitagjs.com/visitor/ Frame D6B5
49 B
385 B
Image
General
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-OD1kk8z3W1wUkEPZhjJ8SOmG5DV4RH_0BE_WbA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.245.116.245 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-245-116-245.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jan 2024 19:18:21 GMT
via
kong/2.8.3
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
x-kong-upstream-latency
13
cache-control
no-cache, no-store, must-revalidate
content-length
49
expires
0
sync
tags.bluekai.com/site/29001/ Frame D6B5
Redirect Chain
  • https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40
  • https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=2XUwuV0QqnvSaPkxwyAoVhFl1aMoTgWw
62 B
547 B
Image
General
Full URL
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=2XUwuV0QqnvSaPkxwyAoVhFl1aMoTgWw
Protocol
H2
Server
23.55.200.222 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-55-200-222.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 16 Jan 2024 19:18:21 GMT
content-length
62
bk-server
41e
content-type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=2XUwuV0QqnvSaPkxwyAoVhFl1aMoTgWw
date
Tue, 16 Jan 2024 19:18:21 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
1063981
content-length
0
rum
r.casalemedia.com/ Frame D6B5
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-H8YOGcz3W1wUkEPZhjJ8SOmG5DVGOJokoWLESA
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-H8YOGcz3W1wUkEPZhjJ8SOmG5DVGOJokoWLESA&C=1
43 B
328 B
Image
General
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-H8YOGcz3W1wUkEPZhjJ8SOmG5DVGOJokoWLESA&C=1
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jan 2024 19:18:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lsOWnTDEsws8OMZS%2BuAkUDI9EEuMd%2BqHaQ%2FG9xeUmu0CcLZ5LiA%2Foxmuhuz%2Fva45j%2BbdUDBzq69hrX9OUDgYpdb1VYqwSMa1sy7fEHABbGacBRMLgtfI701bYAJuA4TgkFkx"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8468b4316c469ac0-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 16 Jan 2024 19:18:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pBmj54YiF%2BMXTneD8phAbJ0TCIThOxKNAGdoP9b1Rb3k%2FvtowqzaE7%2Bm0OQjvC1mOzakY30locF5lAt9fYL6249HngiHT9mwQcEjUUItJg%2BWYjw2ck%2F%2F5o204h%2BMBGaNd%2BIl"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=20&external_user_id=k-H8YOGcz3W1wUkEPZhjJ8SOmG5DVGOJokoWLESA&C=1
cache-control
no-cache
cf-ray
8468b430eb649ac0-MIA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
user-registering
ads.stickyadstv.com/ Frame D6B5
43 B
661 B
Image
General
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-jQugZcz3W1wUkEPZhjJ8SOmG5DVpkKNWq8kmBQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 Jan 2024 19:18:21 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1705432701668051-299
match
ad.360yield.com/ Frame D6B5
43 B
199 B
Image
General
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-r29Lccz3W1wUkEPZhjJ8SOmG5DV79IrhRW41sQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.213.69.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-69-52.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 16 Jan 2024 19:18:21 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
28292
i6.liadm.com/s/ Frame D6B5
Redirect Chain
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-nj2eoMz3W1wUkEPZhjJ8SOmG5DV39MYOFzLiog
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-nj2eoMz3W1wUkEPZhjJ8SOmG5DV39MYOFzLiog&_li_chk=true&previous_uuid=2e59260681e84043813bbcfcbababf3e
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
  • https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-nj2eoMz3W1wUkEPZhjJ8SOmG5DV39MYOFzLiog
  • https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-nj2eoMz3W1wUkEPZhjJ8SOmG5DV39MYOFzLiog
43 B
548 B
Image
General
Full URL
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-nj2eoMz3W1wUkEPZhjJ8SOmG5DV39MYOFzLiog
Protocol
HTTP/1.1
Server
2600:1f18:ed:550f:27fd:18e1:959d:33af Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Tue, 16 Jan 2024 19:18:22 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-nj2eoMz3W1wUkEPZhjJ8SOmG5DV39MYOFzLiog
Date
Tue, 16 Jan 2024 19:18:21 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
push
exchange.mediavine.com/usersync/ Frame D6B5
0
968 B
Image
General
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-xi0Lt8z3W1wUkEPZhjJ8SOmG5DUP1uxEetcNRw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.197.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-197-47.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:21 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
c.gif
c.bing.com/ Frame D6B5
42 B
225 B
Image
General
Full URL
https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-6bnGScz3W1wUkEPZhjJ8SOmG5DUDvhlu0uCh1A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jan 2024 19:18:20 GMT
last-modified
Wed, 10 Jan 2024 01:59:15 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 88592B8BF2584E009CD024F0244BF65E Ref B: MIAEDGE1510 Ref C: 2024-01-16T19:18:21Z
etag
"c5fcfc9c6843da1:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
1017
jadserve.postrelease.com/suid/ Frame D6B5
43 B
534 B
Image
General
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-VOlSXcz3W1wUkEPZhjJ8SOmG5DXAMWK948IkYQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.115.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-115-69.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jan 2024 19:18:21 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame D6B5
0
287 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-5Am_Msz3W1wUkEPZhjJ8SOmG5DX2WOl2jP480Q&initiator=partner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Tue, 16 Jan 2024 19:18:21 GMT
Cache-Control
no-cache
X-TraceId
b1106d1e89fcb5862ac82c66f054bc0d
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame D6B5
42 B
582 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-xgChLcz3W1wUkEPZhjJ8SOmG5DVVl-3ecRaZyQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 16 Jan 2024 19:18:21 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel_sync
trends.revcontent.com/cm/ Frame D6B5
0
0
Image
General
Full URL
https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-lD8Jdsz3W1wUkEPZhjJ8SOmG5DXjbAtSz7oKIw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.218.163.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-218-163-194.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

v1
match.sharethrough.com/sync/ Frame D6B5
68 B
280 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-dqEt8sz3W1wUkEPZhjJ8SOmG5DW23Gj_nnaymQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.134.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-134-119.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:21 GMT
cache-control
no-cache
content-length
68
content-type
image/png
/
s.ad.smaato.net/c/ Frame D6B5
0
307 B
Image
General
Full URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-ZpWshMz3W1wUkEPZhjJ8SOmG5DWqwKDS_DikDg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2305:e200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:21 GMT
cache-control
no-cache, must-revalidate
via
1.1 e453cfec7ab7b0f50057381607edb486.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
IAD89-P2
x-amz-cf-id
TT0IiB84iAMSnyHp9l9s08cSII8-icDotvrygicKBJEq3CT5nnfR9w==
x-cache
Miss from cloudfront
iframe
nytrng.com/ Frame DC16
375 B
467 B
Document
General
Full URL
https://nytrng.com/iframe?vcp=4dd5h0np&as_id=e0bf0e9d402d416b91ea33ca4e0bfff9
Requested by
Host: d2mjzob2nc713b.cloudfront.net
URL: https://d2mjzob2nc713b.cloudfront.net/widget/widget.js?v=5eb4426
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.128.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a954c1fc80b8251dc.awsglobalaccelerator.com
Software
gunicorn /
Resource Hash
ef6a045e1a32643dec5f532c951b0dc445707936dcb67d1457aecdd8125beb26

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
375
content-type
text/html; charset=utf-8
date
Tue, 16 Jan 2024 19:18:21 GMT
server
gunicorn
consent
manage.safeopt.com/
0
832 B
XHR
General
Full URL
https://manage.safeopt.com/consent
Requested by
Host: shopper.shop.pe
URL: https://shopper.shop.pe/input.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.244.1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
1.244.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
data-regulation-gdpr-enforced
false
server
nginx
etag
"da39a3ee5e6b4b0d3255bfef95601890afd80709"
x-frame-options
deny
access-control-allow-methods
HEAD, GET, POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Data-Regulation-Gdpr-Enforced
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type, Data-Regulation-Gdpr-Enforced
/
canvaschamp.attn.tv/d/
5 B
257 B
Fetch
General
Full URL
https://canvaschamp.attn.tv/d/?attn_vid=7bf45203393c4709a85e9917eb857e51
Requested by
Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_263507365a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:21 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
application/json
access-control-allow-origin
*
x-envoy-upstream-service-time
5
cf-ray
8468b4300f1374b6-MIA
alt-svc
h3=":443"; ma=86400
e
events.attentivemobile.com/
0
238 B
Ping
General
Full URL
https://events.attentivemobile.com/e?v=4.25.53_3257e99722&pd=https%3A%2F%2Fwww.canvaschamp.com%2F&u=7bf45203393c4709a85e9917eb857e51&c=canvaschamp&ceid=3rJ&lt=1705432701345&tag=modern&cs=278141188&t=v&r=&m=%7B%22source%22%3A%22a%22%7D&cb=1705432701350
Requested by
Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_263507365a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.221 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:21 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-expose-headers
Set-Cookie, X-Count, X-Token
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
cf-ray
8468b4333c6d8d97-MIA
alt-svc
h3=":443"; ma=86400
3rJ.js
cdn.attn.tv/growth-tag-assets/client-configs/
0
384 B
Script
General
Full URL
https://cdn.attn.tv/growth-tag-assets/client-configs/3rJ.js
Requested by
Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_263507365a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:600:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
kGJjc2HxNgGNuk_7UqP1h9o.liqWLb8I
content-encoding
via
1.1 dff867205390cf91b170b9bf1251e39a.cloudfront.net (CloudFront)
date
Tue, 16 Jan 2024 13:38:13 GMT
last-modified
Mon, 17 Dec 2018 20:59:49 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
20408
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
0
x-amz-cf-id
y3tW4TnEBvQEeDQCLEriVenu3GSXNAVnKqiuZl2QeTenkgjK_A44pQ==
setuid
ib.adnxs.com/ Frame D6B5
43 B
1019 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-s_uHncz3W1wUkEPZhjJ8SOmG5DWwXcCZurdWkg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jan 2024 19:18:21 GMT
an-x-request-uuid
a6e8ef55-a321-4b86-bef7-4e6aeff18de0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.76; 38.132.118.76; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
track.php
lantern.roeye.com/
0
153 B
Image
General
Full URL
https://lantern.roeye.com/track.php?fingerprint=179be251-ddbe-46e0-b2d9-2228a82eecef&referrer=&landingpage=https%3A%2F%2Fwww.canvaschamp.com%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.216%20Safari%2F537.36&site=20758
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.164.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-164-213.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:22 GMT
server
nginx
content-length
0
content-type
image/gif
cartstack.js
api.cartstack.com/js/
44 KB
7 KB
Script
General
Full URL
https://api.cartstack.com/js/cartstack.js
Requested by
Host: api.cartstack.com
URL: https://api.cartstack.com/js/customer-tracking/www.canvaschamp.com_66888cc5f2aeb2575c6f35c7814a7b57.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-19.phl50.r.cloudfront.net
Software
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.1e-fips mod_auth_gssapi/1.3.1 mod_auth_kerb/5.4 PHP/5.4.16 /
Resource Hash
c194be4715dc215318fbda18092f16436ae79e971a167aa157296cb191deec9f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 19 Dec 2023 05:03:11 GMT
content-encoding
gzip
via
1.1 4ec5361277f6487ae5a8f880297d598c.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
age
2470510
x-cache
Hit from cloudfront
content-length
6621
last-modified
Thu, 09 Nov 2023 19:08:19 GMT
server
Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.1e-fips mod_auth_gssapi/1.3.1 mod_auth_kerb/5.4 PHP/5.4.16
etag
"ae82-609bced3dc628-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
OjT1APA_M4BYg-HNm-EX1UKxApEIqBe-mmJvLu0w29-mRowK98Lu8Q==
expires
Thu, 18 Jan 2024 05:03:11 GMT
canvaschamp.attn.tv.js
cdn.attn.tv/growth-tag-assets/client-configs/
0
384 B
Script
General
Full URL
https://cdn.attn.tv/growth-tag-assets/client-configs/canvaschamp.attn.tv.js
Requested by
Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_263507365a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:600:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
kGJjc2HxNgGNuk_7UqP1h9o.liqWLb8I
content-encoding
via
1.1 dff867205390cf91b170b9bf1251e39a.cloudfront.net (CloudFront)
date
Tue, 16 Jan 2024 13:38:13 GMT
last-modified
Mon, 17 Dec 2018 20:59:49 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
20408
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
0
x-amz-cf-id
MQuh6fu5vuwhDiGXjmdtBKOy1GdujDiQpF-vvhtFF_uI8tOuKmoRJA==
csp.js
js.smct.io/csp/
0
456 B
XHR
General
Full URL
https://js.smct.io/csp/csp.js
Requested by
Host: smct.co
URL: https://smct.co/tm?t=canvaschamp.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3aad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:21 GMT
x-amz-version-id
null
via
1.1 cb0edd87c0785dfd332928914ca3d91c.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-amz-cf-pop
MIA3-C5
age
4269648
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 23 Oct 2019 09:31:23 GMT
server
cloudflare
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
cache-control
public, max-age=2592000
cf-ray
8468b4310810dab1-MIA
x-amz-cf-id
hAF8aoRkbKQpoCW-GjRFE_dBOOeqvaB0dTi7eaYrHw32T3oKQtBWtg==
expires
Thu, 15 Feb 2024 19:18:21 GMT
unrenderedCreative
canvaschamp.attn.tv/
0
0
Fetch
General
Full URL
https://canvaschamp.attn.tv/unrenderedCreative?v=4.25.53&r=&id=7bf45203393c4709a85e9917eb857e51&pv=1&l=https%3A%2F%2Fwww.canvaschamp.com%2F&w=1600&h=1200&ss_ref=ORGANIC&f=2
Requested by
Host: cdn.attn.tv
URL: https://cdn.attn.tv/tag/4-latest/unified-tag.js?v=4-latest_263507365a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.144.121 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 16 Jan 2024 19:18:21 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
cf-ray
8468b430b8b474b6-MIA
alt-svc
h3=":443"; ma=86400
demconf.jpg
dpm.demdex.net/ Frame D6B5
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=cPllbaD4ZgwyvEy9Kb7QflZV6xbnVOh5
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=cPllbaD4ZgwyvEy9Kb7QflZV6xbnVOh5
42 B
716 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=cPllbaD4ZgwyvEy9Kb7QflZV6xbnVOh5
Protocol
H2
Server
34.192.12.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-12-9.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

dcs
dcs-prod-va6-2-v053-0aa437ff1.edge-va6.demdex.com 3 ms
pragma
no-cache
date
Tue, 16 Jan 2024 19:18:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
YbavQ6MAQm4=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-va6-2-v053-0a32b36d6.edge-va6.demdex.com 0 ms
pragma
no-cache
date
Tue, 16 Jan 2024 19:18:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
8wQTdouvReY=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=cPllbaD4ZgwyvEy9Kb7QflZV6xbnVOh5
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
tag-v5.74.js
js.smct.io/t/
60 KB
22 KB
Script
General
Full URL
https://js.smct.io/t/tag-v5.74.js
Requested by
Host: smct.co
URL: https://smct.co/tm?t=canvaschamp.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3aad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1654ccc72de266eda994ad0a344530833f796806afdcd5705bbe0656a44da52

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:21 GMT
x-amz-version-id
hqPNbZienO6lneoGMm5BrXFhzD_jLDSz
via
1.1 10e6a95eb96be9ca11d97eb30c0123f4.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-amz-cf-pop
MIA3-C5
age
2283788
x-cache
RefreshHit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 26 Feb 2021 15:06:39 GMT
server
cloudflare
etag
W/"dc1a20b20c299c086aeec5d39b7e53f4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
8468b4319ccb3364-MIA
x-amz-cf-id
0f06b4ny3bG8A19ZyIpne5G4jWCrMfY2BIQk_xExlHaZwnlQo7SMGw==
pl.2.2.min.js
cdn.nytrng.com/ Frame DC16
7 KB
8 KB
Script
General
Full URL
https://cdn.nytrng.com/pl.2.2.min.js
Requested by
Host: nytrng.com
URL: https://nytrng.com/iframe?vcp=4dd5h0np&as_id=e0bf0e9d402d416b91ea33ca4e0bfff9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-3.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d49d2a6dc89c60b16d37b5c050c401a95e54b48865c33518d11aa49f4aef01aa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nytrng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 01:17:38 GMT
x-amz-version-id
8orrD9zEZlFOFms3PR7pDugsAN7irKg0
via
1.1 83fa5376b39b1a76db557ab22fa73856.cloudfront.net (CloudFront)
last-modified
Thu, 01 Jul 2021 10:09:45 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
669643
etag
"1ba5d1971ac96b0ca46300a7cb63b363"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
7518
x-amz-cf-id
nZo6B52wIcYp8KWjuUww2uvXWQU6JpYNuJdkiTvv4cZB3uWLHm_yuA==
cksync
hb.yahoo.net/ Frame D6B5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-82udQ8z3W1wUkEPZhjJ8SOmG5DVgxnT-VHyATQ
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58301&ovsid=k-82udQ8z3W1wUkEPZhjJ8SOmG5DVgxnT-VHyATQ&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1rc0FIZTNsRTJ1RXMzSWNIYzZvOE03ZTFtOWIycUEwaH5B&ovsid=k-82udQ8z3W1wUkEPZhjJ8SOmG5DVgxnT-VHyATQ&dpid=58301
57 B
504 B
Image
General
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1rc0FIZTNsRTJ1RXMzSWNIYzZvOE03ZTFtOWIycUEwaH5B&ovsid=k-82udQ8z3W1wUkEPZhjJ8SOmG5DVgxnT-VHyATQ&dpid=58301
Protocol
H2
Server
23.40.207.40 Atlanta, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-40-207-40.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 16 Jan 2024 19:18:21 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
57
x-mnet-hl2
E
expires
Tue, 16 Jan 2024 19:18:21 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1rc0FIZTNsRTJ1RXMzSWNIYzZvOE03ZTFtOWIycUEwaH5B&ovsid=k-82udQ8z3W1wUkEPZhjJ8SOmG5DVgxnT-VHyATQ&dpid=58301
date
Tue, 16 Jan 2024 19:18:21 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.94
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
MzguMTMyLjExOC43Ng==
ipb.smct.io/check/3443/
1 B
376 B
XHR
General
Full URL
https://ipb.smct.io/check/3443/MzguMTMyLjExOC43Ng==
Requested by
Host: js.smct.io
URL: https://js.smct.io/t/tag-v5.74.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3aad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:22 GMT
via
1.1 eb61efdee152c475afaeb939c428df9e.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
MIA3-C5
x-cache
Error from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1
last-modified
Wed, 13 Nov 2019 12:29:00 GMT
server
cloudflare
etag
"cfcd208495d565ef66e7dff9f98764da"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
cf-ray
8468b4321a0cdab1-MIA
x-amz-cf-id
30SvQbKZpVGLEBdvLUtnFTS9rJLH9co1wuOkgPtg3jdBEgOVnssNjg==
expires
Tue, 16 Jan 2024 19:48:22 GMT
g.pixel
aa.agkn.com/adscores/ Frame D6B5
Redirect Chain
  • https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40
  • https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=KQKduO4HNjGP3p7Hj06rSyMLO7a3kJ5V
43 B
655 B
Image
General
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=KQKduO4HNjGP3p7Hj06rSyMLO7a3kJ5V
Protocol
H2
Server
13.224.214.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-26.phl50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Jan 2024 19:18:22 GMT
via
1.1 2f0b2738cc23726bda17eb28418ee9c2.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
PHL50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
y06Y1putI2vC_LtF-obyecAgUzdg0wOgSgCXxLu-aymuCnrXrm41nA==
expires
0

Redirect headers

location
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=KQKduO4HNjGP3p7Hj06rSyMLO7a3kJ5V
date
Tue, 16 Jan 2024 19:18:21 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
754668
content-length
0
14515739e82f93f43a7dc2eefdd8e595
nytrng.com/mper/ Frame DC16
Redirect Chain
  • https://nytrng.com/mper
  • https://nytrng.com/mper/14515739e82f93f43a7dc2eefdd8e595
58 B
141 B
XHR
General
Full URL
https://nytrng.com/mper/14515739e82f93f43a7dc2eefdd8e595
Protocol
H2
Server
99.83.128.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a954c1fc80b8251dc.awsglobalaccelerator.com
Software
gunicorn /
Resource Hash
71d51e9cc53c5b04277b819dc7e7946061be6812f10bcfd451300aefca59574c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://nytrng.com/iframe?vcp=4dd5h0np&as_id=e0bf0e9d402d416b91ea33ca4e0bfff9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:22 GMT
server
gunicorn
content-length
58
content-type
application/json

Redirect headers

location
https://nytrng.com/mper/14515739e82f93f43a7dc2eefdd8e595
date
Tue, 16 Jan 2024 19:18:21 GMT
server
gunicorn
content-length
318
content-type
text/html; charset=utf-8
lst
nytrng.com/ Frame DC16
207 B
702 B
XHR
General
Full URL
https://nytrng.com/lst
Requested by
Host: cdn.nytrng.com
URL: https://cdn.nytrng.com/pl.2.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.128.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a954c1fc80b8251dc.awsglobalaccelerator.com
Software
gunicorn /
Resource Hash
15bf664b8a5a413c34d945820ced2f206ef3a4ac71b1f9759e8578578b2defda

Request headers

Referer
https://nytrng.com/iframe?vcp=4dd5h0np&as_id=e0bf0e9d402d416b91ea33ca4e0bfff9
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 16 Jan 2024 19:18:22 GMT
server
gunicorn
vary
Origin
p3p
CP="NOI OUR BUS UNI COM NAV"
access-control-allow-origin
https://nytrng.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
content-length
207
expires
Tue, 16 Jan 2024 19:18:23 GMT
lse1.3.html
ls.smct.co/ Frame 24C4
2 KB
835 B
Document
General
Full URL
https://ls.smct.co/lse1.3.html
Requested by
Host: js.smct.io
URL: https://js.smct.io/t/tag-v5.74.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-41.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
017217e952a763a6a3ac2688bb3c1c17db0a42721148434b9060158bd08716d6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
20019
content-encoding
gzip
content-type
text/html
date
Tue, 16 Jan 2024 13:44:44 GMT
etag
W/"209c7964d2f1416735fde2c6d1a50b77"
last-modified
Thu, 13 Aug 2020 15:19:56 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 4ec5361277f6487ae5a8f880297d598c.cloudfront.net (CloudFront)
x-amz-cf-id
I5gVxRph88v8KjB0NzLzSFg1hS1zs5WBHr2VXurgLKe47obcCimIpQ==
x-amz-cf-pop
PHL50-C1
x-amz-version-id
null
x-cache
Hit from cloudfront
events-1.6.0.min.js
js.smct.io/e/
28 KB
10 KB
Script
General
Full URL
https://js.smct.io/e/events-1.6.0.min.js
Requested by
Host: js.smct.io
URL: https://js.smct.io/t/tag-v5.74.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3aad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cef05fac44885210172633f42c2fe0bee2958cb5118485e07f77e36735c1a29e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:22 GMT
x-amz-version-id
86Alo3RvPHIXLLAe0m5WQhsYLYOyKnIX
via
1.1 880eb84cefca849ee159a7c4d89c31ea.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-amz-cf-pop
MIA3-C2
age
646645
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 22 Mar 2021 13:16:37 GMT
server
cloudflare
etag
W/"a1075fa3d276bd62722dbc87d77a8e62"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
8468b4388b9a3364-MIA
x-amz-cf-id
i0uWSIonEJ5IrWRgRvGcHcPIpxPGoz1ElXlKLzyG0qUvQFpgakNasg==
lse1.1.html
d2d7do8qaecbru.cloudfront.net/live/ Frame 3A92
2 KB
811 B
Document
General
Full URL
https://d2d7do8qaecbru.cloudfront.net/live/lse1.1.html
Requested by
Host: js.smct.io
URL: https://js.smct.io/e/events-1.6.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.183.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-183-85.bos50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d913a3ce24c14263a5e1ce227c5d62d30eb4a5ba50b5ccf9a9c0bb555c9ffd0f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 16 Jan 2024 19:18:24 GMT
etag
W/"1de5ff62ceb05bb85f2813d8103b063a"
last-modified
Wed, 06 Nov 2019 12:06:42 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 223d5097477b94db6872afd07890faba.cloudfront.net (CloudFront)
x-amz-cf-id
iYbfG0sHjsJTMxt3HB8ocq_ApLBP3DWPIFBRFa7bAIX999H6q-vHzA==
x-amz-cf-pop
BOS50-P4
x-amz-version-id
3RRTSIWom4dpK6VxcP0BNx5_6oQ0Pvyu
x-cache
RefreshHit from cloudfront
collect
o.clarity.ms/
0
299 B
XHR
General
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.canvaschamp.com
Date
Tue, 16 Jan 2024 19:18:23 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
/
cognito-identity.eu-west-1.amazonaws.com/
63 B
317 B
XHR
General
Full URL
https://cognito-identity.eu-west-1.amazonaws.com/
Requested by
Host: js.smct.io
URL: https://js.smct.io/e/events-1.6.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:94a:8a00:c9d0:eef8:fbcc:78ca Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7392ac917df0b425d6681741f4f5a9bef90c26525c3c9b51e975b18e38b16cc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
X-AMZ-TARGET
AWSCognitoIdentityService.GetId
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/x-amz-json-1.1

Response headers

access-control-allow-origin
*
date
Tue, 16 Jan 2024 19:18:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid
12b05232-9377-48cf-83db-308953f19d26
content-length
63
content-type
application/x-amz-json-1.1
/
cognito-identity.eu-west-1.amazonaws.com/ Frame
0
0
Preflight
General
Full URL
https://cognito-identity.eu-west-1.amazonaws.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:94a:8a00:c9d0:eef8:fbcc:78ca Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-amz-target
Access-Control-Request-Method
POST
Origin
https://www.canvaschamp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-amz-target
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age
172800
content-length
0
date
Tue, 16 Jan 2024 19:18:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-amzn-requestid
36f349b1-e90d-47bb-999e-3586b14c0107
smcJQ-v3.4.1.js
js.smct.io/jq/
87 KB
32 KB
Script
General
Full URL
https://js.smct.io/jq/smcJQ-v3.4.1.js
Requested by
Host: js.smct.io
URL: https://js.smct.io/t/tag-v5.74.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3aad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4263a8611b0ef723e5bab1fef193f37c3fc4395cfa367d3eb9e8e250cdd458b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:23 GMT
x-amz-version-id
null
via
1.1 62223de0c21500c1b860f7e075e09f40.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-amz-cf-pop
MIA3-C5
age
215445
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 25 Mar 2020 10:00:55 GMT
server
cloudflare
etag
W/"151a5fe9437f4aad77efbc017cce9218"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=2678400
cf-ray
8468b43c5ba93364-MIA
x-amz-cf-id
SFmngaQ6yLLdBKk8C5N4qty8tuC93VPcXgws_IdLOxyc5sNdNiTpZw==
overlays-v5.74.js
js.smct.io/o/
74 KB
22 KB
Script
General
Full URL
https://js.smct.io/o/overlays-v5.74.js
Requested by
Host: js.smct.io
URL: https://js.smct.io/t/tag-v5.74.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3aad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13eb771bca251db4365a850c77275f3c659a36b2bd3e6f329c33b79c04e8cddf

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:18:23 GMT
x-amz-version-id
TBV7tmj51A5UBXfEWqEfZSNLJCsANmP_
via
1.1 4de3cdbf8046367453bc168e829b445e.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-amz-cf-pop
MIA3-C5
age
453206
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 26 Feb 2021 15:06:21 GMT
server
cloudflare
etag
W/"cbf24ac1622f0df29dfec38330f84738"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
8468b43cdc9a3364-MIA
x-amz-cf-id
YrWp7fxXP2K5A1wnAhui8AlUCEnJX4zLvgI9lYraghIJkKctlnty7w==
1
smct.co/ov5/load/3443/89067/
54 KB
14 KB
XHR
General
Full URL
https://smct.co/ov5/load/3443/89067/1
Requested by
Host: js.smct.io
URL: https://js.smct.io/o/overlays-v5.74.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.148.179.115 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-179-115.us-west-2.compute.amazonaws.com
Software
Apache/2.4.57 (Ubuntu) /
Resource Hash
5c25cb60d5e99cf97dc9da127e6c80d22878bb7c095ca95ca209ae8a73ac739e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
cache
date
Tue, 16 Jan 2024 19:18:23 GMT
content-encoding
gzip
server
Apache/2.4.57 (Ubuntu)
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
smc-lt
cache-control
max-age=900
smc-lt
0.00025606,C:1
expires
Tue, 16 Jan 2024 19:33:23 GMT
/
cognito-identity.eu-west-1.amazonaws.com/ Frame
0
0
Preflight
General
Full URL
https://cognito-identity.eu-west-1.amazonaws.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:94a:8a00:c9d0:eef8:fbcc:78ca Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-amz-target
Access-Control-Request-Method
POST
Origin
https://www.canvaschamp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-amz-target
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age
172800
content-length
0
date
Tue, 16 Jan 2024 19:18:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-amzn-requestid
208f5bc9-43bf-4966-9814-bd78b23aa4fc
/
cognito-identity.eu-west-1.amazonaws.com/
2 KB
2 KB
XHR
General
Full URL
https://cognito-identity.eu-west-1.amazonaws.com/
Requested by
Host: js.smct.io
URL: https://js.smct.io/e/events-1.6.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:94a:8a00:c9d0:eef8:fbcc:78ca Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
18c27a631d1fe0191f80951616cdedb17762383be07ca5268cddd0bc161484f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
X-AMZ-TARGET
AWSCognitoIdentityService.GetCredentialsForIdentity
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/x-amz-json-1.1

Response headers

access-control-allow-origin
*
date
Tue, 16 Jan 2024 19:18:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid
fc6aa5d9-179a-42be-8ff3-0d0d942781bb
content-length
1792
content-type
application/x-amz-json-1.1
/
firehose.eu-west-1.amazonaws.com/ Frame
0
0
Preflight
General
Full URL
https://firehose.eu-west-1.amazonaws.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.80.34.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-34-250.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-amz-date,x-amz-security-token,x-amz-target
Access-Control-Request-Method
POST
Origin
https://www.canvaschamp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Headers
authorization,content-type,x-amz-date,x-amz-security-token,x-amz-target
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age
172800
Content-Encoding
gzip
Content-Length
20
Date
Tue, 16 Jan 2024 19:18:24 GMT
x-amzn-RequestId
cebdd57e-fa69-e888-909d-0dbea5f9c89d
/
firehose.eu-west-1.amazonaws.com/
299 B
740 B
XHR
General
Full URL
https://firehose.eu-west-1.amazonaws.com/
Requested by
Host: js.smct.io
URL: https://js.smct.io/e/events-1.6.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.80.34.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-34-250.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5cdc4fb6cdaabf982050ff00f43105673def969b72a3bffae48da977c0db3767

Request headers

accept-language
en-US,en;q=0.9
Authorization
AWS4-HMAC-SHA256 Credential=ASIAX2DUJRE4WK37PQHL/20240116/eu-west-1/firehose/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token;x-amz-target, Signature=2f2aad4d45f942eb093426459a3a6aa60fb3d3ae67f1b1310faff9c6a1d3b549
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type
application/x-amz-json-1.1
x-amz-security-token
IQoJb3JpZ2luX2VjEAQaCWV1LXdlc3QtMSJHMEUCIGNbY2JyKi8xe873khLRw9MDrdeCFDjOqOABdLCJ1l9YAiEA8VUC7S9bZdTS2pGZV+jRukzCBzIScGRFGF4u5dLNdY8q0QUIrP//////////ARAEGgw1MzcxMTQ4MDY1ODUiDD+4nMSZ4wXlbO2cNiqlBayUIJiuMGFe1iQAInDVK4JGE6UJzx5DAMhMH9gfduc+NNQfCzmEKdi2DviaVgMPohYwJ/5Xb19KFUj9Zsh/dk44EFM0XfVw9Zl/WdxMw0jblYQs7NyM6sQUP9clw2FfWTVUIJSJlkC0tpRiB3Pjq4dqHpziOaIB4s8f/YCE0D/LkCutK8xrBcqD+jEHDeMNUMHr5N4B0+WrcYavTnW0DDQlwFBj7HP6+eNw3OwwW9L5VblmlUx4xkAEHCsNxJJxKAU5gfiGiDpD6QLQIT6NCpkODtmKhAjtfisGqx0b9TBgpABPK1g2y6DmsI52K8kS7I48Nt+5XBObpbb3OFCCR7nO5kGTwr8dgVWVH3u0Z0Ake++bOg7W7GidTYJPB7MbRIa+VTP5OvnAkzwzIR+87U6XMuu4hUYJ3rixqaRohQc3MZRgrS2WtwdGyVq2odHkxxxgulri8rGKM9wzFTW4R98hS7v47GcG1GzD2zL8Xp8mEoOm2n+chNKCZufZdqyq72dRKClAArFOiXJPM6zW8tNmIYREgkHmxkdimQPrIFcYHdJhWuApI5QJUF79hMJtDQJMH2Il50A0w5WLr+1spln9gbRnu1firhqXYwDCY0YPgF5J2Bb8+sCwdyaWQzMpZLezEzZ2J8aFKb0K6TL+lGzU3uXLwwJWNfXfCzQ0PnR2gKVYzD06hZTWtq/d6d+ReO78NFR4BpUivrXyfg124m329tRY0qvIxIReLTSWO1AsEeyCsJM+d5haKQsbWqv6xPxfGErC6irBCYi0M4jtLu/mgiE67wOX9PvMZNcPo9uethbhj5JAM+eRyVP/kwP9jwiuWfnxIaJhEA3mmSQyCD4DYJ15cd/sJznTI0DDNUuruNvVr+itIeK8GPpYjDElPt6Ir5Z7MICtm60GOt4CWf9Et09c6dJr7qwtifcBNYcS8T9PX3B/S5mAzkAoexak9SyQhH2fKp9CJg7OZuPErgP73lw+JHdqFx8yU11wp5ChtpHlt5sXGjsiUtLPXxt0tdlITGB9Yor2BjOugrc+0+IzeTj0hTcEjW/UKMPkLUaABvRx0jcDWUVjJbzsz+E7E90GDJPWRfDeJsAo2O58HYiQcrZagGGlV7IYlKiy3YitkAAycr+IOOeVN1yEgYfcZa/NMralsyLXHSAlVyLHl/Ai4w0gYJoX/Jki5p80WdADSAAurgkwLG3ZL13lAMW2EP/V7GwWFEmXCR+usJcwUbgTkKG/EhS5yUmJ3sBc3q2M8x8zDP4Z8T51hqvnqatPwa/aVWOayA234g1qDK6J5qYRlxlS4AMz0JyneZlWdbwPxVoscTHoOkT0bOoXIEx4EEC8QLt2EbEoAG/MUdIWFH3hEYNNYEhMDj3wOLY=
Referer
x-amz-target
Firehose_20150804.PutRecordBatch
x-amz-date
20240116T191824Z

Response headers

Date
Tue, 16 Jan 2024 19:18:24 GMT
Content-Encoding
gzip
x-amzn-RequestId
ca9216f7-0a67-b250-94b2-ce3755f79245
Content-Type
application/x-amz-json-1.1
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Content-Length
280
x-amz-id-2
qqNu9Weo2a8HENhAtD4IwB+q8MkWF9qBucUjtirHDYcgbr3msJmwRvyqfLGmMO7ZXS+OaurDYsErdRBLv7pHNBtsVpMpmsIy
collect
o.clarity.ms/
0
299 B
XHR
General
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.canvaschamp.com
Date
Tue, 16 Jan 2024 19:18:26 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

Verdicts & Comments Add Verdict or Comment

338 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| _learnq string| __klKey object| webpackChunk_klaviyo_onsite_modules object| __core-js_shared__ object| core object| _klOnsite object| klaviyo object| _cartstack string| cartstack_cartPageURL object| cartstack_checkoutPageURLs string| cartstack_successPageURL number| cartstack_isconfirmation number| cartstack_debug number| cartstack_trackVisitor number| cartstack_loaded string| cartstack_pageurl string| cartstack_cartitems_cartRow string| cartstack_cartitems_quantity string| cartstack_cartitems_productID string| cartstack_cartitems_productName string| cartstack_cartitems_productDesc string| cartstack_cartitems_productURL string| cartstack_cartitems_productURLPrefix number| cartstack_allowEmptyURL string| cartstack_cartitems_productImageURL string| cartstack_cartitems_productImageURLPrefix number| cartstack_allowEmptyImageURL string| cartstack_cartitems_productPrice string| cartstack_cartitems_productImageWidth number| cartstack_debugCartItems number| cartstack_cartItems number| cartstack_captureBrowse string| cartstack_browseURL string| cartstack_browseElement string| cartstack_browse_productID string| cartstack_browse_productName string| cartstack_browse_productDesc string| cartstack_browse_productURL string| cartstack_browse_productURL_Value string| cartstack_browse_productImageURL string| cartstack_browse_productImageURLPrefix string| cartstack_browse_productPrice string| cartstack_browse_productImageWidth number| cartstack_debugBrowseItems number| cartstack_delayLoad string| cartstack_cartTotal object| cartstack_dataItems number| cartstack_tracking function| cartstack_getTracking string| sa_widget_overall string| sa_widget_overallcount string| dark_logo string| darknarrow_logo string| white_logo string| whitenarrow_logo string| colorized_logo number| sa_index number| sa_product_index function| loadStyle function| formatDate function| sa_pad object| sa_loop function| sa_loop_go boolean| jQueryScriptOutputted function| initsaJQWidget3 function| is_sa_product boolean| sa_html_cache object| sa_widget_group number| sa_reviewcount function| saLoop string| sa_id object| sa_widget_contents string| sa_css boolean| sa_static function| sa_setCookie function| sa_getCookie string| sa_jq_host object| gapi object| ___jsl object| webpackChunk_N_E object| regeneratorRuntime function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E object| Base64 function| sprintf function| vsprintf function| __NEXT_PRELOADREADY function| _ object| __MIDDLEWARE_MATCHERS object| __NEXT_REDUX_STORE__ string| cartstack_page_type string| cartstack_product_name string| cartstack_product_url string| cartstack_product_image_url object| dataLayer string| GoogleAnalyticsObject function| ga object| $mcGoal object| uetq object| AddShoppersWidgetOptions function| renderBadge object| __BUILD_MANIFEST object| __SSG_MANIFEST function| fbq function| _fbq object| cartstack_num object| cartstack_alpha function| cartstackutility_getCookie function| cartstack_encode function| cartstack_decode function| cartstack_TabAbandonment function| cartstack_SMS function| cartstack_WebPush function| cartstack_Popup function| cartstack_sendMyCart undefined| cartstack_utility_update number| cartstack_cartitems_realtime function| cartstack_getCartItems_RealTime function| cartstack_getCartItems function| cartstack_getCartTotal function| cartstack_getCartTotal_RealTime function| cartstack_getDataItem function| cartstack_getAttributeItem function| cartstack_browseData function| cartstack_setBrowseID function| cartstack_setCookie function| cartstack_getAttribute function| cartstack_getElement string| cartstack_recordingSiteID number| cartstack_startRecording function| cartstack_endRecordingSession function| cartstack_setRecordingCartID function| cartstack_livecallback number| cartstack_autoFormFillProcessingOn function| cartstack_autoFormFillProcessing function| cartstack_autoFormFill function| cartstack_WebPushInit function| cartstack_SMSInit function| cartstack_ISNInit function| UET function| UET_init function| UET_push object| ueto_9b09cd5742 undefined| $ undefined| jQuery function| saJQ object| intlTelInputUtils function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| postscribe object| google_tag_manager_external string| TiktokAnalyticsObject object| ttq string| userEmail object| userAction undefined| totalQuantity undefined| products function| pintrk object| AddShoppersLoader object| AddShoppersLoaderErrorHandlers function| AddShoppersTriggerRunner object| gadgets object| osapi object| shindig object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| __gapi_jstiming__ function| onYouTubeIframeAPIReady function| as_cleanse_field function| as_detect_cc function| as_gaPageView function| as_gaSocial function| as_gaEvent function| as_gaSet function| as_logMessage function| DataPartnerStatusGeo function| as_logError function| as_resolveEnvironmentURL object| _mag object| AddShoppersWidget function| AddShoppersWidget_plus_one object| SchemaParser object| _add number| ieVer object| obj number| AddShoppersWidgetLoaded object| AddShoppersWidgetLang function| clarity object| clarityuetq object| Criteo object| criteo_q object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| tagConfig object| result boolean| _iml object| GooglebQhCsO function| changeHtml object| awPixel function| smartlook function| pixie object| webpackChunkaccess_widget object| pure_JSON object| pure_CSS function| pure_URL function| pure_fetch function| pure_Set function| pure_Map object| AJS object| acsbJS object| AccessiBe object| acsb boolean| is_mocked object| AWIN object| Sha256 object| Utf8 function| AwinCustomEvent boolean| __attnLoaded object| attn_d0x0b_evt object| attentive string| __attentive_domain object| __attentive object| __attentive_cfg boolean| __poll_for_path_change string| attn_d0x0b_cfg object| lanternTracker object| lantern object| webpackChunk_smartlook_recorder function| cartstack_getCookie function| cartstack_traverseDOM function| cartstack_checkProcess object| cartstack_regex number| cartstack_APICount number| cartstack_confirmation number| cartstack_browseTracking number| cartstack_executeBrowse number| cartstack_displayPopup string| cartstack_popupID number| cartstack_trackVisitorPageViewOff number| cartstack_SMCEnable number| cartstack_delayUpdate number| cartstack_ignorePayPal number| cartstack_webPushEnable number| cartstack_SMSEnable number| cartstack_tabAbandonmentEnabled number| cartstack_SameSiteNone number| cartstack_confirmNoCache number| cartstack_ignoreAutofill number| cartstack_SMSOnDemand number| cartstack_PushOnDemand string| cartstack_domain number| cartstack_updatecount number| cartstack_validUser number| cartstack_emailMarketable number| cartstack_processRequest string| cartstack_cartid string| cartstack_browseid number| cartstack_showalert string| cartstack_url string| cartstack_popupAPI number| cartstack_captureonly number| cartstack_tracking_cart string| cartstack_email string| cartstack_platform string| cartstack_siteid string| cartstack_emailinput string| cartstack_appendcartid string| cartstack_viewproductlinktext string| cartstack_productImageWidth number| cartstack_noapiset undefined| ci string| cartstack_setItem number| cartstack_setItemValue undefined| cartstack_hostname undefined| cartstack_hostname_parts undefined| j string| cartstack_sendMyCartAPI object| _cartstack_pushAPI object| _cartstack_smsAPI undefined| cartstack_url_endindex undefined| cartstack_url_csid number| cartstack_url_index string| cartstack_visitorid undefined| setEmailNotFound undefined| csvn_trItems undefined| csvn_qtyIndex undefined| csvn_productfound undefined| csvn_trItem undefined| csvn_carttotal undefined| csvn_carttotalset undefined| cartstack_inputs undefined| cartstack_inputValue undefined| cartstack_inputType undefined| cartstack_input function| cartstack_updatecart object| $smctResources object| $smctData object| $smcT5 function| $smcCallCustomScripts function| setImmediate function| clearImmediate function| $smcJQ object| $jscomp object| $smcO5 function| pure_addEventListener function| pure_removeEventListener

113 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: ChMKBgjdARD-FgoJCP____8HEIgX
i6.liadm.com/s Name: _li_ss
Value: CgA
www.canvaschamp.com/ Name: __kla_id
Value: eyJjaWQiOiJaamRrWWpBNE1UY3RNV1JpWlMwME5EWXlMV0k0TWpZdE0yTTROemt5T0RKaU0ySTEiLCIkcmVmZXJyZXIiOnsidHMiOjE3MDU0MzI2OTksInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vd3d3LmNhbnZhc2NoYW1wLmNvbS8ifSwiJGxhc3RfcmVmZXJyZXIiOnsidHMiOjE3MDU0MzI2OTksInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vd3d3LmNhbnZhc2NoYW1wLmNvbS8ifX0=
.www.canvaschamp.com/ Name: REDIRECT_PATH
Value: %2F
.canvaschamp.com/ Name: _uetsid
Value: 02346e80b4a411ee8ac6012ee8b0eeb1
.canvaschamp.com/ Name: _uetvid
Value: 023475e0b4a411eeb2c16155280465cd
www.canvaschamp.com/ Name: private_content_version
Value: c386a20d134ea9a2623ccb891b8e6a6c
.canvaschamp.com/ Name: _gid
Value: GA1.2.1816936150.1705432700
.canvaschamp.com/ Name: _gat
Value: 1
.www.canvaschamp.com/ Name: CCUSA_CARTID
Value: 5bHpLhv8VyjYkKmRWQjt6jBcel8hWWZa
.bat.bing.com/ Name: MR
Value: 0
.bing.com/ Name: MUID
Value: 12F1B420D453659206B5A028D5C36469
www.clarity.ms/ Name: CLID
Value: bc815fe660af4ef09caab0c068c4392a.20240116.20250115
.tiktok.com/ Name: _ttp
Value: 2b3943y4XOXsvat3ljsn8M3MxhE
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.canvaschamp.com/ Name: _ga_23CY5R98D0
Value: GS1.1.1705432700.1.0.1705432700.0.0.0
.canvaschamp.com/ Name: _ga
Value: GA1.1.664086014.1705432700
.canvaschamp.com/ Name: _ga_VNEGCWMNWY
Value: GS1.1.1705432700.1.0.1705432700.60.0.0
.canvaschamp.com/ Name: _clck
Value: 17kd2i5%7C2%7Cfig%7C0%7C1476
.google.com/ Name: NID
Value: 511=bYnp10heEBAMNwtCCXKq4TymfXRdFG62QBFPX5UsY8guCC5w8j3GHT-FFH1SC8teoyKaqtIxJFv5ce5pkl2sCNaKCOEku5moQUHYS1phLtBbazRVk4zc157AoJRyXVSmZdZMJMsICbXJrErGbUHW0DXBIVpHYd4QWzSxbMgdfo8
.criteo.com/ Name: uid
Value: f6c239b5-7579-468b-b8d1-555a945bb8c0
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.pinterest.com/ Name: ar_debug
Value: 1
.canvaschamp.com/ Name: _tt_enable_cookie
Value: 1
.canvaschamp.com/ Name: _ttp
Value: nv5qnb6p5nQYBRjHGzDlvhZ-rMI
.canvaschamp.com/ Name: _pin_unauth
Value: dWlkPVlqTTJNRGMwWW1JdFlUUXlNeTAwWWpOaExXRTBabUV0TmpKbE1UazRPR1kyWXpKaw
.ct.pinterest.com/ Name: _pinterest_ct_ua
Value: "TWc9PSZzN29OUVh0TjVxTHFqVlFKUlNsVHEwd1pVcFVQbnEzZktDZXhvU21UL2RNV2xpM1BEQ0NpWGVRTHl6aWhsUG1DZVEzUDhIRzY0L25tU0lZNXRhLzFNb0NLTU5wRmhOdVMwUkFsMlZNZFYzTT0mVngwalNGWXdCUnZaZG9sWW9EMGd4T1R5QXp3PQ=="
.canvaschamp.com/ Name: _gcl_au
Value: 1.1.1619970509.1705432701
.criteo.com/ Name: partitioned_bundle
Value: _P42919QeTk4WHp3T3NFeWdLV3NqajElMkZLOTElMkZkQ2RXTzU4Rm5sTHloZExRT3NVSzg1cEIlMkYzNHh6YnAydjhqNUloMXM2ME5LTDNBc1dVc0NtVng4SDZlTHB6ZEpWRzhvMzNMQkR6R0dEOXhFa2p3T2xYcUY3UFN1V0VQUzVsREVMY3hRcGJRQ2NPZ0JZc05JTmt3NXV1JTJGUWxRTWRqMWpGb0ZBeFhHeCUyRmRJS3pWcnducmlQYU1nUFNNNWsyVHJWdCUyQiUyRnFKUA
.canvaschamp.com/ Name: _clsk
Value: 15pll9o%7C1705432700979%7C1%7C1%7Co.clarity.ms%2Fcollect
www.canvaschamp.com/ Name: addshoppers.com
Value: 2%7C1%3A0%7C10%3A1705432700%7C15%3Aaddshoppers.com%7C44%3AZTBiZjBlOWQ0MDJkNDE2YjkxZWEzM2NhNGUwYmZmZjk%3D%7Cdfbca4e73a054a7ec4c723509af85a545b1347359fe3714367a87f48d94070c6
.canvaschamp.com/ Name: cto_bundle
Value: he81ol9QeTk4WHp3T3NFeWdLV3NqajElMkZLOTElMkZkQ2RXTzU4Rm5sTHloZExRT3NVSzg1cEIlMkYzNHh6YnAydjhqNUloMXM2ME5LTDNBc1dVc0NtVng4SDZlTHB6ZEpWRzhvMzNMQkR6R0dEOXhFa2p3T2xYcUY3UFN1V0VQUzVsREVMY3hRcGp1JTJCdyUyRnM4b2hEdyUyQnVTU1AlMkJFWFZVUSUzRCUzRA
shop.pe/ Name: addshoppers
Value: "2|1:0|10:1705432701|11:addshoppers|44:ZTBiZjBlOWQ0MDJkNDE2YjkxZWEzM2NhNGUwYmZmZjk=|f9c1d13a341c31fea5f1f914d28c4aad09f916d93bf022aa22bf3a089a9ed530"
.adnxs.com/ Name: uuid2
Value: 5330343121510112321
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 12F1B420D453659206B5A028D5C36469
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 12F1B420D453659206B5A028D5C36469
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
www.canvaschamp.com/ Name: __attentive_id
Value: 7bf45203393c4709a85e9917eb857e51
www.canvaschamp.com/ Name: _attn_
Value: eyJ1Ijoie1wiY29cIjoxNzA1NDMyNzAxMzQ3LFwidW9cIjoxNzA1NDMyNzAxMzQ3LFwibWFcIjoyMTkwMCxcImluXCI6ZmFsc2UsXCJ2YWxcIjpcIjdiZjQ1MjAzMzkzYzQ3MDlhODVlOTkxN2ViODU3ZTUxXCJ9In0=
www.canvaschamp.com/ Name: __attentive_cco
Value: 1705432701348
.awin1.com/ Name: bId
Value: HLEX_65a6d67d5655d6.73998850
.canvaschamp.com/ Name: lantern
Value: 179be251-ddbe-46e0-b2d9-2228a82eecef
.doubleclick.net/ Name: IDE
Value: AHWqTUmqxiXRMvWo8xJeKpdoTORMET2_L4JYY6HH3Tce3D1zHthKdlHRmVNqjcEbjpQ
.bidswitch.net/ Name: tuuid
Value: 7cb60840-c1bb-482a-a19e-b2dbfc097eb2
.bidswitch.net/ Name: c
Value: 1705432701
.bidswitch.net/ Name: tuuid_lu
Value: 1705432701
.rubiconproject.com/ Name: khaos
Value: LRGQLICD-1K-JR2F
.rubiconproject.com/ Name: audit
Value: 1|PONLGa4LdT4hQL06BaZtRXWF2we5TVzDg/aQDAc9mLibz16xSA9sXemJqpY5OxAakDOPkcb2si+M1KxoLazIt+aleybw1oy9Ba0etFFpiE3VuZkYoG69nwn5R2Z4ElBuuzVVYhGlOxLucHk6t3ojRYx1S8lV/eyo0Oq/vYxfp/HmQdVc7iIhNLYPAdWGRZ6V8p4Q5rMwDzg=
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.media.net/ Name: visitor-id
Value: 3484343011524451000V10
.media.net/ Name: data-c-ts
Value: 1705432701
.media.net/ Name: data-c
Value: k-_Yb8m8z3W1wUkEPZhjJ8SOmG5DVB4KPMB8Hg3Q~~3
.mediawallahscript.com/ Name: mCookie
Value: 0319e910-b4a4-11ee-a6cf-1dfa302daa36
.mediawallahscript.com/ Name: mUserCookie
Value: %7B%7D
www.canvaschamp.com/ Name: __attentive_pv
Value: 1
www.canvaschamp.com/ Name: __attentive_ss_referrer
Value: ORGANIC
.3lift.com/ Name: tluid
Value: 2813230569934408670450
.bluekai.com/ Name: bkdc
Value: phx
.bluekai.com/ Name: bkpa
Value: KJpEnXTLu5DlLMxy1BxFgLhn+Mzruik/nY3onYNmnzo1LEVvYY6FeE1/n1ygY6T10vTGglE1eX+y0pa1216wuxXFOyeD0HzY
.bluekai.com/ Name: bku
Value: uUW99clVoZVAcjWy
www.canvaschamp.com/ Name: __attentive_dv
Value: 1
.smartadserver.com/ Name: pid
Value: 6512076268537841247
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 79:k-Ne03Hsz3W1wUkEPZhjJ8SOmG5DVuwkha_NIuYQ
.teads.tv/ Name: tt_viewer
Value: b697cd76-9cb7-49f5-8250-eaf84202a3f7
.casalemedia.com/ Name: CMID
Value: ZabWfeC445b0GftV39TAXgAA
.casalemedia.com/ Name: CMPS
Value: 576
.casalemedia.com/ Name: CMPRO
Value: 576
.taboola.com/ Name: t_gid
Value: 9ba2bef1-fad9-4335-8551-88daae2b4f90-tuctca05bfd
.taboola.com/ Name: t_pt_gid
Value: 9ba2bef1-fad9-4335-8551-88daae2b4f90-tuctca05bfd
.yahoo.com/ Name: A3
Value: d=AQABBH3WpmUCEAX33HXuFxg4Io2ad_DhoFsFEgEBAQEnqGWwZdxH0iMA_eMAAA&S=AQAAAqGZqJwiK-XitxqJ9dyrUXQ
.hb.yahoo.net/ Name: visitor-id
Value: 3484343011524459000V10
.ads.stickyadstv.com/ Name: UID
Value: 9613ea59ad29ec24415c5990e83b5d
.ads.stickyadstv.com/ Name: uid-bp-11554
Value: k-jQugZcz3W1wUkEPZhjJ8SOmG5DVpkKNWq8kmBQ
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%220342f4e0-b4a4-11ee-98b5-e54a05fffddf%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/ Name: mv_tokens_invalidate-verizon-pushes
Value: %7B%22mv_uuid%22%3A%220342f4e0-b4a4-11ee-98b5-e54a05fffddf%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%220342f4e0-b4a4-11ee-98b5-e54a05fffddf%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/ Name: am_tokens_invalidate-verizon-pushes
Value: %7B%22mv_uuid%22%3A%220342f4e0-b4a4-11ee-98b5-e54a05fffddf%22%2C%22version%22%3A%22invalidate-verizon-pushes%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-xi0Lt8z3W1wUkEPZhjJ8SOmG5DUP1uxEetcNRw%22%2C%22version%22%3A%22criteo%22%7D
.demdex.net/ Name: demdex
Value: 34996658072788852464391241347308125238
.liadm.com/ Name: lidid
Value: 2e592606-81e8-4043-813b-bcfcbababf3e
.dpm.demdex.net/ Name: dpm
Value: 34996658072788852464391241347308125238
.omnitagjs.com/ Name: ayl_visitor
Value: 4dee06add0137c910e4dec0bf4d4c479
.analytics.yahoo.com/ Name: IDSYNC
Value: "18zh~2g7v:19e0~2g7v"
.adnxs.com/ Name: XANDR_PANID
Value: B2WjwxT3ZgLAGhs7VbO72NfqsQ4ZCZZqDHSEPWh9CHVm6H9NBJByeCn196PUeuYldrv8v8QuzVqJOYGD7KvvPGNPGwSipi0xSX03_3Wqc1k.
.adnxs.com/ Name: anj
Value: dTM7k!M4/rCxrEQF']wIg2In=p0jNZ!]tbPl@/D!9hy6]/Cv[>cA7EaabUsj^[Sgx5)ADsgOH-c8Q.eD0.qBfkkC*B0rcz?C2^4Ckpb:i*bpRz*qF1`*beDo-+hm?
.adsrvr.org/ Name: TDID
Value: 48046b2f-ecb9-4b28-9dc0-2d74a10a7e00
.sharethrough.com/ Name: stx_user_id
Value: 2bda2939-2bac-439f-b175-6046bea63d2a
.hb.yahoo.net/ Name: data-crt
Value: k-82udQ8z3W1wUkEPZhjJ8SOmG5DVgxnT-VHyATQ~~63
.smaato.net/ Name: SCM
Value: 269a5431d6
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwiMs7-q1LTLPBAFOAE.
.postrelease.com/ Name: visitor
Value: bb23ab7a-4cfe-4182-a799-96a2b261207c
.postrelease.com/ Name: status
Value: 0
.pubmatic.com/ Name: KRTBCOOKIE_97
Value: 3385-uid:k-xgChLcz3W1wUkEPZhjJ8SOmG5DVVl-3ecRaZyQ&KRTB&23144-uid:k-xgChLcz3W1wUkEPZhjJ8SOmG5DVVl-3ecRaZyQ&KRTB&23286-uid:k-xgChLcz3W1wUkEPZhjJ8SOmG5DVVl-3ecRaZyQ&KRTB&23287-uid:k-xgChLcz3W1wUkEPZhjJ8SOmG5DVVl-3ecRaZyQ
.pubmatic.com/ Name: PugT
Value: 1705432701
.agkn.com/ Name: ab
Value: 0001%3AMDthUa0ngTVAq1yHd%2FHkmdpt2Au%2BchBO
.rqtrk.eu/ Name: browser_id
Value: 1:ddff1490-7039-477d-8b80-7754041d33d8
.mediawallahscript.com/ Name: mRemnantVisitedCookie_d41d8cd98f00b204e9800998ecf8427e_01_2024
Value: %7B%221pVtae%22%3A1%7D
nytrng.com/ Name: vcnpxid
Value: 14515739e82f93f43a7dc2eefdd8e595
nytrng.com/ Name: vcnpxst
Value: w5p4w5XDlcOmw4HDk8Kfw5LCu8OUw5rClsKIf3HClsKGwqTCoMKnwoDClnDCkcKCwo_CjsOiw4PDjMKiw4TDiMOOw5vDmsKtw5LCpcOEw4TCkcKmwpR_w5w
.canvaschamp.com/ Name: smc_uid
Value: 1705432702771504
.canvaschamp.com/ Name: smc_tag
Value: eyJpZCI6MzQ0MywibmFtZSI6ImNhbnZhc2NoYW1wLmNvbSJ9
.canvaschamp.com/ Name: smc_session_id
Value: 5xea9Yjk0FUdYrtuQnYWIytD5I8NUjks
.canvaschamp.com/ Name: smc_refresh
Value: 32043
.canvaschamp.com/ Name: smc_spv
Value: 1
.canvaschamp.com/ Name: smc_tpv
Value: 1
.canvaschamp.com/ Name: smc_sesn
Value: 1
.canvaschamp.com/ Name: smc_not
Value: default
.canvaschamp.com/ Name: smct_last_ov
Value: %5B%7B%22id%22%3A89067%2C%22loaded%22%3A1705432703526%2C%22open%22%3Anull%2C%22eng%22%3Anull%2C%22closed%22%3Anull%7D%5D
.canvaschamp.com/ Name: smct_session
Value: %7B%22s%22%3A1705432703788%2C%22l%22%3A1705432704788%2C%22lt%22%3A1705432704788%2C%22t%22%3A2%2C%22p%22%3A2%7D

4 Console Messages

Source Level URL
Text
network error URL: https://sync.crwdcntrl.net/map/ct=y/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D
Message:
Failed to load resource: the server responded with a status of 400 ()
other warning URL: https://connect.facebook.net/signals/config/111192766138146?v=2.9.140&r=stable&domain=www.canvaschamp.com(Line 137)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://x.skimresources.com/?provider=exelate&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 410 ()
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
acdn.adnxs.com
acsbapp.com
ad.360yield.com
addshoppers.s3.amazonaws.com
ads.stickyadstv.com
analytics.google.com
analytics.tiktok.com
api.cartstack.com
apis.google.com
app.shop.pe
bat.bing.com
c.bing.com
c.clarity.ms
canvaschamp.attn.tv
canvaschamp.com
cdn.acsbapp.com
cdn.attn.tv
cdn.nytrng.com
cm.g.doubleclick.net
cognito-identity.eu-west-1.amazonaws.com
connect.facebook.net
contextual.media.net
criteo-sync.teads.tv
ct.pinterest.com
d18p7bpxfjy0wm.cloudfront.net
d2d7do8qaecbru.cloudfront.net
d2mjzob2nc713b.cloudfront.net
dgl44h5fp4fxe.cloudfront.net
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
eb2.3lift.com
events.attentivemobile.com
exchange.mediavine.com
fast.a.klaviyo.com
firehose.eu-west-1.amazonaws.com
fonts.googleapis.com
googleads.g.doubleclick.net
gum.criteo.com
hb.yahoo.net
i.liadm.com
i6.liadm.com
ib.adnxs.com
ipb.smct.io
jadserve.postrelease.com
js.smct.io
lantern.roeye.com
lantern.roeyecdn.com
ls.smct.co
manage.safeopt.com
match.adsrvr.org
match.sharethrough.com
mug.criteo.com
nytrng.com
o.clarity.ms
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
p.skimresources.com
partner.mediawallahscript.com
pixel.rubiconproject.com
r.casalemedia.com
r.skimresources.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s.pinimg.com
s.skimresources.com
s3.amazonaws.com
secure.adnxs.com
shop.pe
shopper.shop.pe
simage2.pubmatic.com
smct.co
sslwidget.criteo.com
static-forms.klaviyo.com
static-tracking.klaviyo.com
static.klaviyo.com
stats.g.doubleclick.net
sync-t1.taboola.com
sync.crwdcntrl.net
sync.outbrain.com
t.skimresources.com
tags.bluekai.com
trends.revcontent.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
web-sdk.smartlook.com
ws.rqtrk.eu
www.awin1.com
www.canvaschamp.com
www.clarity.ms
www.dwin1.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.shopperapproved.com
x.bidswitch.net
x.skimresources.com
104.18.39.221
104.22.25.135
104.36.113.107
13.224.214.19
13.224.214.26
13.224.214.41
141.226.124.48
151.101.130.133
151.101.192.84
151.101.66.133
151.139.128.10
172.253.63.155
172.64.144.121
172.64.151.101
18.164.116.3
18.239.183.85
192.124.249.117
20.125.209.212
216.22.16.73
23.221.240.246
23.40.207.40
23.48.104.137
23.54.179.91
23.55.200.222
23.55.204.22
23.62.161.51
2600:1f18:ed:550f:27fd:18e1:959d:33af
2600:9000:201e:9400:d:370a:51c0:93a1
2600:9000:20a4:2e00:17:aec6:580:21
2600:9000:20ed:6000:1c:7d43:a880:21
2600:9000:20ed:a200:1f:af3f:8a40:93a1
2600:9000:21da:600:1c:9484:cec0:93a1
2600:9000:2305:e200:1b:5138:8a40:93a1
2600:9000:24f3:8000:f:8ce2:fb80:93a1
2606:4700:10::6816:1cc
2606:4700:10::6816:3aad
2607:f8b0:4004:c06::9d
2607:f8b0:4004:c07::61
2607:f8b0:4004:c09::64
2607:f8b0:4004:c0b::5e
2607:f8b0:4004:c17::64
2607:f8b0:4004:c1b::5f
2607:f8b0:4004:c1b::67
2607:f8b0:4004:c1b::8a
2607:f8b0:4004:c1d::9c
2620:100:a001::c
2620:100:a001::f
2620:1ec:bdf::40
2620:1ec:c11::200
2a02:6ea0:e200::2
2a03:2880:f003:100:face:b00c:0:3
2a04:4e42:79::84
2a05:d018:94a:8a00:c9d0:eef8:fbcc:78ca
3.209.115.69
3.213.69.52
3.224.246.109
34.120.127.138
34.192.12.9
34.200.65.202
34.224.134.119
34.246.164.213
35.190.54.17
35.190.59.101
35.190.91.160
35.201.67.47
35.211.178.172
35.227.244.1
35.71.139.29
44.218.163.194
51.222.241.145
52.152.143.207
52.201.6.220
52.203.206.206
52.216.219.33
52.223.40.198
52.54.197.47
54.148.179.115
54.231.198.24
54.243.132.7
54.245.116.245
63.251.28.233
68.67.160.132
69.173.151.100
70.42.32.159
74.119.119.139
74.119.119.150
99.80.34.250
99.83.128.14
00c17da35a1649a90308e55dd4b32b93be62581d72a5d58703e0347ceab1733c
012d33a3241bc9a3758a7efc97794d11b9805d40956f628bf98ebae478606591
0152c96e15f48aff7938d7462b6f7b695585ddad67d72f0a4d8256c9133bb76a
017217e952a763a6a3ac2688bb3c1c17db0a42721148434b9060158bd08716d6
02b8998e47765dff2c99942882cec5ab46e97b454d690e852a8e5260c014c53c
0329bc653fd08f47fbd756ea30ec200ebd96931c5bd16df7a4aa617ed806cd97
042101d77002345c1d377b5d2bdfaac9cfb58cbf5f74e5af18dd89aec3745bd8
08986577afb5ec60577a1ce35175147bede79ff0c4462d9a1d84eb42aeccce7b
0979f55b26a6fe81387e54fc1c398b6a9b54b6986e7e62bcae74534176701809
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0c6870375cc3df97a7f605a87389b185811323137f99740948f1780479f53fa5
0c9cc88c27618b01e95063377382195b9062bdbef5eb1687e5881d3f318dbe63
0dabdee361eed1fd80c916f488cfd7ff0bfa0457881fda5da63004059a1d0185
0ec7abc6000834d821690afa2e351832731866f575cf583ddbde61b4d472df8d
1086c02d64aa4218940bfc07fe88bcfaf384c4bb0eff4ec371d55f7ad6ebdcc6
11017081391179e22116c2192a4ffe0a4366c6033a2cc301e93025c2c87e841c
11330a03a47c68cc43108b7de2dc3edddb4b50320e19cc213d611d565d9f662d
12a82f6979dace0f20697e63fadc5975df6c61a919033b90ef22a402c59d66dd
13b4d153a787f1e20ce78e206faface4d05ce533b9e9297dfd82a95d6ea620dc
13eb771bca251db4365a850c77275f3c659a36b2bd3e6f329c33b79c04e8cddf
15665becd3e9280f9645a5ec98c26e3ffa279f8fc6154310e97dd6719695dad4
15830328cf58ff45351d84a28ccdb79f68d9c88344a7578e32d4425837672a36
15bf664b8a5a413c34d945820ced2f206ef3a4ac71b1f9759e8578578b2defda
18c27a631d1fe0191f80951616cdedb17762383be07ca5268cddd0bc161484f7
194a450291f8f932e69fbe4492c138d6f722de5867af338254dc0be5d3d5f444
19dd14a49c645ab82e566f1f7a3784f88a3520353e6a992af8469e9b2e0106c2
1ba49e8383e2329fe4f6e2a33172420fefd5bee26ce915cef9315f5b09c54cf8
1bbc3f59609e874a9e177aaf9d99811265a7f8b6ead8e0f40a1820fdfa227a9b
1cf2434408ef2092339a0cfc24df3d18e4c48652213ecaf51d0e7ebfddf0d0bb
1cfca4d1dfdb790e7450a87995fe01ef2cdd0249adb43ef3623401b03022af38
1dcfba4bfac7397166592cb43233e77dbbec274e0c624b5d929d4b34aea0ce32
1fd003db7e687dd0e8ab4b129b7b7f003a601dc32802ee40bde129c9a5b73e10
2108bde75195e38bb9b3ab3a739c26fa3c331f04de8e4f5d141a4f9355fc488e
216610b6e7a2945bb264e3a924c39bb03e12996a0e207c36507104c579fa7b79
21ce7d37cf2af961fc2f3c7d187f01c343e3ae5c1cd35d6b93b51f2fa440848b
21e86e74a82fd556df1ea4dd8c93b3a7419b19bd9c97d02f54c0ff6bc07e7051
222023b1495853aceb8bcf93f722ee42042c938f257b6cc1d0cc8e76bb326f3f
237ef034a49469c3d07e0cd067aee20e538e14a3a3ea7d2d826127c740c31df5
27c7530b50a752f1d8c851b5deb64aa10ce457640bb2346ce521101a68ab3efe
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eed3688f56478253ff9082b0c34cc0e7fc12371988309e5c80edf3789bde5ae
2f0278c780ecd952fdba01f040dd7b8f2afa1c7a8176d91868e37b17a13d47f4
2f2d00fb3486746ecf347c6ab17b0cb347c59b11c2f81f4389e0972902986b68
301351195462c1307b8d3a0c76e539fd96c34d3568dacdc35f2e15f8dc4f00f8
305df5b50bd3cee053aac2a4aadb40d3b3309f3e6c597f18062fb2e8bed18e77
312412c04c835e3404a0a930547743863b598163dcbfaeeeccda61f0026993cc
31a0c0574d36d6b37be82cdfee59fba0f3c9ddcbac84997946f024a6d24a6813
327abef088efb2c6ee83f70c34994907fcf11bb4ee509a99023350c41714e68c
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
379269a4b396596a8b78e3d7104461b3d0fc1d030be1d7d244cd84587ee4d957
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3830ced5394971f868e5f9f8376aa76702b9323f3ac1dc38cc811750d260cc35
39bf72f0bc652ff808ade96be4c3693d7068a96ac316008e2cfd9416b44187ef
3d32884df8fc7a432dc251af7f232e0aa60ad124a92dde195389f149b376cdcd
3d64e5ed7c794de4453d8963aa2f3551ec83c74761e256ef2287db0235f67c78
3e0d8d514ee7ca6ecc068bb10bdefd4f470924ccdbef48df76f090f2a086bed1
4117c646005fe015ec6ec8417594931d59286e9c6a95669b649b09167506e453
42c930981b23739b4214c292df3ff31bebd3608bbf772f7cc276073a2270a6b9
435eb5248b6bfcceb22173f2ec936e0ded0b48a9e826c946e39c7b555504b3c3
443a845b229142909b322095fc2b4cdb72ca427a1bc86b0a65be6519a9355e64
456a5058f78f1191f4ba4569ab1584ad82e6a1e9b8e5463c2f16922c74be25a4
45aae865379eabf26c2df4fe7edda320a406334c4b9e943d2fb504e29068a406
46476d6f4acb31010faae359a0eb101e622ff5b43304b35399c74640a785b4e1
4b4c8cab5b08674a09cb0719abd984198123d97831844808b90ec48756571422
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bca9b7a29470f89cf4df79707c9d1d41966bcbdc803ec222212df4ab56bc6c2
4bda41146585a35f67c0df795ae2c1d75911dad8a4a9a792edfde683bb3dfb90
4c4120a710d583677ee63482bd48443c5d0787aafc96aa9fcdb29065a76f4f95
4d7d47bea1b9eeaf1fcc29ee97af71c77f0926525b7933e540d259a9fccfe5ff
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52af5854378a9a83cd4cb592372afd1f79515adc507c86f592e83b426bbfb558
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a863301039aca344ed3388ac4c5bb5521fa811eaf643fa9726cdffa11b603df
5c25cb60d5e99cf97dc9da127e6c80d22878bb7c095ca95ca209ae8a73ac739e
5cdc4fb6cdaabf982050ff00f43105673def969b72a3bffae48da977c0db3767
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5e49a45f90e8821080743641c374dc81f504ce69202f27c6afab1d65c0d2d084
5e7f57e02e68cc36b93a0d352a6ad5cea507086269b4c893b5c8b388456f876f
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
638217cec2ef52ff6757ff126c16de4947b4f50df5dc34dcdfb7d72021649b26
63a2afbdc5a491c33df36263749fdf9a834c337f5eaac2355ffa3d3a2fd0521f
647e2a2c3b051519a3bd30796cb0b53f4a247051b358f08cd76e1b73efd7ce61
68f41e71da74a922d0c4e6bdbad3dbcd07e774d7c1780f346d39be5426ba08a3
6aa08340dab30c93b866e74435d01fec16afcdcead67f24ffa45315e08587a84
6c04c712ac314630173ff9fe39a52a5008d89b82c81aa464cfcba9e14b1c061f
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
703029dc1c274a796c85888ecbdfcf8de58c8b51f6acdfe75076a1f4aeb5a6a8
710a82cd45b82c760104103024c70f6384dd41dd1b8b69c560164f188bbeedb5
71d51e9cc53c5b04277b819dc7e7946061be6812f10bcfd451300aefca59574c
7392ac917df0b425d6681741f4f5a9bef90c26525c3c9b51e975b18e38b16cc6
841d8c284bc937a18903145088403ac68a3132991d4fc91de58203db01606703
84a5cab88d88ba732a3eaae59697dd45c4c00fce3f21de4a5112dc994732b0be
85d1fa37b68372a1e8d8411b64dd37f8527306fdd2369b3bc3831e07b16a2847
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c5ad68e3f7b8e03f786831956c442002e87015ec38103ec855981c23e6d685c
8c77ec33e858d53a558d97883faac057332e38693f9be775e4bffb7b0648869c
92a3e7e4b4c31bb22691abb55a3d7edfc454366a6f2158b424a9215603f9fc03
93515ad06a11c53631410c0dda777bcae32b71b464fb59743ff474fdbdbdc7d0
95988cd724c335017a45083d6113304f8ff09502a3aa961b804f8ae03f4c3ada
97837628bd5295291f074f2f4d0da8e08b7590e676d723b25d64adc910652989
981b992b927564bbf47765a83872007b99e2c36612171c21ff29f9be62e11586
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ab7d9748bdfba5d61ea83f56d3f0db0fc4a4f822c624fa4bfa26e2e6deb4512
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a56c2095cdaf685b97ca391516bcc2a772aa9a6ef0a7abff24a67402937d24a5
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df
a8703732fc112fb61adbc3715a19ebc0944a5544c64ee314ade6140ec57ec644
ab8debe19f138dd26978779dceefc172902368b4cb943bc09d14fa6c01a6e322
ade0dbdce84cde000b24c7dc8a508bc2e77ab3a603d6faaa4268e109347c256f
b105c69b26894e8172025d4cb4653d877fdead8c689dd7f626692855643dcf4c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1967a7769d89d3514ae8f61e7bfb07f10f12f3b795dbfd118abf630d4f42454
b4435b5ac2f1916ed1135fb1738a1cef87cb666f4356a6678fb1c77e1273f9e1
b4e7fe9c73a815e7ca7a4bcef8a7454bfd27e48ebbc9ae3772a713dc60164a65
b50ae3679f26b6ac658daf91996708f4d7bf7f0fca1a3a494e588f51e98a026a
b63e59dc106e1e44ea07395e0bb30cde0b90cda97d53f378b4a8f247dd2a393d
b87cd8569bef011e9701b8b5e63f1f00f3450d633e70fe6f98d2263bfad6320e
b9121a2426f4239fe5618597385ebb18e65498752324166a227a69c5cc6358fc
ba477d3b45d7e12ad03e9e0e9748539770ac4b65a75bfc44fcd5e789b7d74814
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc74eb5b6546dae09386dfc2b906d40863e301c9d72588c150a2863bbd0eb980
bceb23317096a04d3eaf9876333827ac26cffc50defa077e68570487e9734da8
c194be4715dc215318fbda18092f16436ae79e971a167aa157296cb191deec9f
c3c13406e5537d4fd3529e90c51e2b752ccf6b6b38aa44c0533f109beb6d0bc7
c6bba8ad5ad5ec6a4fef018600b107f518172053fdf5cb10200cac55ee23f2d1
c77b8fd8b8781b1f2b9766384402c12959ad34af4b2d273ae116306cb406435f
c99b5f1b588137bfeb7aab95709c0f98e696dc6891705f4216bd726ed5fdf901
c9a726fb5e408c905af5fa916e23740a283b9ab6f8adfa955a0b3b40e7c6cdf9
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cab5a4dfac9f44b07371dd6b41e8809c4eeac85754fad86c71e91cf20135de61
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cd8a378c4f1eda06f1e11b5c02ca9a727f7b3f5fec0d2f435c7ae219fac3bb77
cef05fac44885210172633f42c2fe0bee2958cb5118485e07f77e36735c1a29e
d0538830674d0939a87e249ff7476facc49205dc40feb2204bb9d13aa8a2d37c
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d43fc72050ffba0b65a79f7b3e5e1e7c695c0647fcb21b71070babc71f2f79b4
d49d2a6dc89c60b16d37b5c050c401a95e54b48865c33518d11aa49f4aef01aa
d51b3e6cbcc9d1967816a114045938cfce9dc956aa3f0fb872791a3066cb301d
d77b5c56d82ba31640d1f126d337d527593c1f10fc3a469244601906fce82f8c
d875e26d8a30cab9961bf93c771dd7ce4324ea79f827e4ee4108470a83ccddc3
d913a3ce24c14263a5e1ce227c5d62d30eb4a5ba50b5ccf9a9c0bb555c9ffd0f
d9fe1880ef53f69894360ec0ba49b3052435dc1223afeced8560df2a874f6051
dcd13245bf13c4c4fcba0ed88394d95d082312424296a7c3f0fe8286e8acc01e
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de68ca8f17a08fffe56e3389edf13710905952b9e12d52050d8e6ac85bbb0fc9
decfb6b65c936cb4e06e0d666c00db86f3c7a967686d2754c900cd86dca5e1c7
e05e37dd13d8eb05216a9ef9cd8a2502f1593d8e615276e3a5595aaff3e0fa24
e0bea46e22c963ca919800bad1b2c53f78e1a759dca71478fd99415a4f64201a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b50b90615e71adcc6dbb98eee3ecfa1e15d2b4d2d8f07857edbc1102509ee9
eaef61a693bec2483439247f48dd8def6558804ed706f02ae6a346f32b80a92c
ec36a355b129a3ca8f22c69de2ce564618f0d5490e6cb700689b5a34258c9311
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
edd3af04f0a23153b304ae5d93d3d3ff7ab82aaeb63c775a87300bb651c02788
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6a045e1a32643dec5f532c951b0dc445707936dcb67d1457aecdd8125beb26
f024f5a1e601f69b80d09adc8d29315a5d20d5398fc5709e7f2445d465273bc7
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f1654ccc72de266eda994ad0a344530833f796806afdcd5705bbe0656a44da52
f412da5c91ad91ecdc63910bdfe08cc968ceae5e1d946bf4a1b493dc2508de98
f4263a8611b0ef723e5bab1fef193f37c3fc4395cfa367d3eb9e8e250cdd458b
f4795148474bf3c30747547cb9c1a282d4ced0add0a722f20551a46027681aa8
f4c667e76a2e544238833c2786a1482af55dc91a866de66e4c9aa0aabf287c84
f55e6e9c390687953bc7573509f4e4afff56b6f3f35894d27e6acec30818d1f9
f66953bca1497e67aaa741bd84a9f1be8908319f6f07bcfd62de6c1e653c6cbd
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f95c93450e1858d9089d00032cb3d806f9ae7cab09e6aca3d6d2612138a6dd70
f969eefe7e8afbed8fcc7d9105f161427e78f24abc5d1697ef7543ef73cbcb90
fca6bf8977f14f1441d7287652f66d11caa8c565b17ea69bb7e41b2da234e62c
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fd14275718b687a6fba55fb72875334cfb992774b1760d0246a73f30c950f253
fd4188121a6c9b28d029ebc07cd1db2f35e0657b4a2e825f901ed8b2b37bb327
fde0299cc9f632a7feb975110ecdd308614c8ce9d7a346f9585369ef79b9afc0
fff48059d6a4ac5e22a8f7ea60aca133e495493a135ee2aa3e556fccdca07f10