urlscan.io logo urlscan.io
SecurityTrails logo

covid19-maskoverstock.myshopify.com Open in urlscan Pro
23.227.38.64  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://covid19-maskoverstock.myshopify.com/
Effective URL: https://covid19-maskoverstock.myshopify.com/password
Submission Tags: phishing malicious Search All
Submission: On April 29 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 20 HTTP transactions. The main IP is 23.227.38.64, located in Canada and belongs to CLOUDFLARENET, US. The main domain is covid19-maskoverstock.myshopify.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on April 20th 2020. Valid for: 6 months.
This is the only time covid19-maskoverstock.myshopify.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 4 23.227.38.64 13335 (CLOUDFLAR...)
11 2a04:4e42:1b:... 54113 (FASTLY)
1 104.196.190.76 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.234.153.185 14618 (AMAZON-AES)
3 35.188.198.106 15169 (GOOGLE)
20 6
4    23.227.38.64 (Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: shops.myshopify.com
covid19-maskoverstock.myshopify.com
11    2a04:4e42:1b::104 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.shopify.com
fonts.shopifycdn.com
1    104.196.190.76 (United States)

ASN15169 (GOOGLE, US)
PTR: 76.190.196.104.bc.googleusercontent.com
pay.shopify.com
2    2606:4700::6810:6d12 (United States)

ASN13335 (CLOUDFLARENET, US)
upsells.boldapps.net
1    18.234.153.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-234-153-185.compute-1.amazonaws.com
www.glowloyalty.com
3    35.188.198.106 (United States)

ASN15169 (GOOGLE, US)
PTR: 106.198.188.35.bc.googleusercontent.com
monorail-edge.shopifysvc.com
Domain Requested by
9 cdn.shopify.com covid19-maskoverstock.myshopify.com
4 covid19-maskoverstock.myshopify.com 2 redirects cdn.shopify.com
3 monorail-edge.shopifysvc.com cdn.shopify.com
2 upsells.boldapps.net covid19-maskoverstock.myshopify.com
2 fonts.shopifycdn.com covid19-maskoverstock.myshopify.com
1 www.glowloyalty.com covid19-maskoverstock.myshopify.com
1 pay.shopify.com cdn.shopify.com
20 7

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
pinterest.com
www.shopify.com
Subject Issuer Validity Valid
*.myshopify.com
CloudFlare Inc ECC CA-2		 2020-04-20 -
2020-10-09		 6 months crt.sh
shopify.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-04-17 -
2021-04-18		 a year crt.sh
pay.shopify.com
Let's Encrypt Authority X3		 2020-03-11 -
2020-06-09		 3 months crt.sh
boldapps.net
CloudFlare Inc ECC CA-2		 2019-12-07 -
2020-10-09		 10 months crt.sh
www.glowloyalty.com
Let's Encrypt Authority X3		 2020-03-16 -
2020-06-14		 3 months crt.sh
monorail-edge.shopifysvc.com
Let's Encrypt Authority X3		 2020-04-26 -
2020-07-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://covid19-maskoverstock.myshopify.com/password
Frame ID: 86AD346BFC583B0EB7E3BE004B3B6D7B
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://covid19-maskoverstock.myshopify.com/ HTTP 301
    https://covid19-maskoverstock.myshopify.com/ HTTP 302
    https://covid19-maskoverstock.myshopify.com/password Page URL

Detected technologies

Overall confidence: 25%
Detected patterns
  • html /<link[^>]+=['"]\/\/cdn\.shopify\.com/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /tracker\.js/i

Page Statistics

20
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

7
Subdomains

6
IPs

3
Countries

342 kB
Transfer

1188 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://covid19-maskoverstock.myshopify.com/ HTTP 301
    https://covid19-maskoverstock.myshopify.com/ HTTP 302
    https://covid19-maskoverstock.myshopify.com/password Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request password
covid19-maskoverstock.myshopify.com/
Redirect Chain
  • http://covid19-maskoverstock.myshopify.com/
  • https://covid19-maskoverstock.myshopify.com/
  • https://covid19-maskoverstock.myshopify.com/password
22 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://covid19-maskoverstock.myshopify.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.64 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
shops.myshopify.com
Software
cloudflare /
Resource Hash
3f4e63ade0abfdec9607bc470a9a6cd18df80260c3a6ef709843f4b9033a7cb6
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=password&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fstorefront&source%5Bsection%5D=storefront&source%5Buuid%5D=e683d039-11cf-4082-9e7a-c8c2ecf7ceab
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block; report=/xss-report?source%5Baction%5D=password&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fstorefront&source%5Bsection%5D=storefront&source%5Buuid%5D=e683d039-11cf-4082-9e7a-c8c2ecf7ceab

Request headers

:method
GET
:authority
covid19-maskoverstock.myshopify.com
:scheme
https
:path
/password
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d130cac438433322079f392c6fd4a47181588182868; _shopify_y=6337fe45-fd16-4834-94d6-c0f0eb5d2250
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 29 Apr 2020 17:54:30 GMT
content-type
text/html; charset=utf-8
x-sorting-hat-podid
131
x-sorting-hat-shopid
38200901764
x-frame-options
DENY
x-shopid
38200901764
x-shardid
131
content-language
en
x-shopify-generated-cart-token
379afed7135c57aa95c49fd546a3b893
x-robots-tag
nofollow
etag
cacheable:18606fedf92bb3d0adbfb067caac8257
x-alternate-cache-key
cacheable:cb20ad506c8dc06f13a63cbf0697f8ec
content-encoding
gzip
x-cache
miss
set-cookie
_y=6337fe45-fd16-4834-94d6-c0f0eb5d2250; Expires=Thu, 29-Apr-21 17:54:30 GMT; Path=/; cart_currency=USD; path=/; expires=Wed, 13 May 2020 17:54:29 GMT _orig_referrer=; Expires=Wed, 13-May-20 17:54:30 GMT; Path=/; HttpOnly secure_customer_sig=; path=/; expires=Sun, 29 Apr 2040 17:54:30 GMT; secure; HttpOnly _shopify_y=6337fe45-fd16-4834-94d6-c0f0eb5d2250; Expires=Thu, 29-Apr-21 17:54:30 GMT; Path=/; _landing_page=%2Fpassword; Expires=Wed, 13-May-20 17:54:30 GMT; Path=/; HttpOnly cart_sig=; path=/; expires=Wed, 13 May 2020 17:54:29 GMT; HttpOnly
x-request-id
e683d039-11cf-4082-9e7a-c8c2ecf7ceab
x-shopify-stage
production
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=password&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fstorefront&source%5Bsection%5D=storefront&source%5Buuid%5D=e683d039-11cf-4082-9e7a-c8c2ecf7ceab
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block; report=/xss-report?source%5Baction%5D=password&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fstorefront&source%5Bsection%5D=storefront&source%5Buuid%5D=e683d039-11cf-4082-9e7a-c8c2ecf7ceab
x-dc
gcp-us-central1,gcp-us-central1
nel
{"report_to":"network-errors","max_age":2592000,"failure_fraction":0.01,"success_fraction":0.0001}
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify"}]}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
58bae37549ee9d72-AMS
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
0268ac7d4c00009d72970ed200000001

Redirect headers

status
302
date
Wed, 29 Apr 2020 17:54:29 GMT
content-type
text/html; charset=utf-8
x-sorting-hat-podid
131
x-sorting-hat-shopid
38200901764
x-frame-options
DENY
x-shopid
38200901764
x-shardid
131
content-language
en
x-cache
allow
location
https://covid19-maskoverstock.myshopify.com/password
set-cookie
_shopify_y=6337fe45-fd16-4834-94d6-c0f0eb5d2250; path=/; expires=Sat, 30 Apr 2022 05:32:53 GMT
x-request-id
6fee30bf-4779-4e34-91d7-6e762d9492c4
x-shopify-stage
production
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=index&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=6fee30bf-4779-4e34-91d7-6e762d9492c4
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block; report=/xss-report?source%5Baction%5D=index&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fshop&source%5Bsection%5D=storefront&source%5Buuid%5D=6fee30bf-4779-4e34-91d7-6e762d9492c4
x-dc
gcp-us-central1,gcp-us-central1
nel
{"report_to":"network-errors","max_age":2592000,"failure_fraction":0.01,"success_fraction":0.0001}
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify"}]}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
58bae3737f5d9d72-AMS
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
0268ac7c2f00009d72970cc200000001
theme.scss.css
cdn.shopify.com/s/files/1/0382/0090/1764/t/1/assets/ 		136 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0382/0090/1764/t/1/assets/theme.scss.css?v=17428624679682549415
Requested by
Host: covid19-maskoverstock.myshopify.com
URL: https://covid19-maskoverstock.myshopify.com/password
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::104 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-hhn4020-HHN /
Resource Hash
b172d5a1a85aa48204ea31db4ebb179e6cce3c1b4fea3e320e490d8683da30a1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://covid19-maskoverstock.myshopify.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-url
/s/files/1/0382/0090/1764/t/1/assets/theme.scss.css?v=17428624679682549415
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
Fastly, http2
x-dc
gke
edge-cache-tag
mime-text/css,source-GcsShopAssetsBackend,segment2-246,segment4-63161,revision-33ce2ffc7ccb1eb33a695ba3fa0c9b8116d8060c,cdn-shopify-com-s-files-1-0382-0090-1764-t-1-assets-theme-scss-css,shop-38200901764
status
200
x-cache
MISS, MISS
content-length
23716
x-xss-protection
1; mode=block
x-request-id
a5db49b9d6447a7c21886f860ecfdd130b586a28a75b3d595de834cf592b50c0
x-served-by
cache-lga21950-LGA, cache-hhn4020-HHN
last-modified
Wed, 29 Apr 2020 17:54:31 GMT
server
cache-hhn4020-HHN
x-timer
S1588182870.475169,VS0,VE1574
date
Wed, 29 Apr 2020 17:54:32 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Thu, 29 Apr 2021 17:54:30 GMT
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0382/0090/1764/t/1/assets/theme.scss.css>; rel="canonical"
x-cache-hits
0, 0
vendor.js
cdn.shopify.com/s/files/1/0382/0090/1764/t/1/assets/ 		143 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0382/0090/1764/t/1/assets/vendor.js?v=8583346420283214553
Requested by
Host: covid19-maskoverstock.myshopify.com
URL: https://covid19-maskoverstock.myshopify.com/password
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::104 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-hhn4020-HHN /
Resource Hash
2dbb75cdd921d7a33db005df9d809aba3448a85e6a44e0306e0ce76f4651904e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://covid19-maskoverstock.myshopify.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-url
/s/files/1/0382/0090/1764/t/1/assets/vendor.js?v=8583346420283214553
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
Fastly, http2
x-dc
gke
edge-cache-tag
mime-application/javascript,source-GcsShopAssetsBackend,segment2-100,segment4-25684,revision-33ce2ffc7ccb1eb33a695ba3fa0c9b8116d8060c,cdn-shopify-com-s-files-1-0382-0090-1764-t-1-assets-vendor-js,shop-38200901764
status
200
x-cache
HIT, MISS
content-length
49124
x-xss-protection
1; mode=block
x-request-id
3640e9b0065ef09f7fd0d4ab742959bc131f4475438f5671636449c8739f7a0d
x-served-by
cache-lga21929-LGA, cache-hhn4020-HHN
last-modified
Thu, 09 Apr 2020 15:13:34 GMT
server
cache-hhn4020-HHN
x-timer
S1588182870.475139,VS0,VE94
date
Wed, 29 Apr 2020 17:54:30 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
expires
Thu, 29 Apr 2021 06:34:24 GMT
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0382/0090/1764/t/1/assets/vendor.js>; rel="canonical"
x-cache-hits
1, 0
theme.js
cdn.shopify.com/s/files/1/0382/0090/1764/t/1/assets/ 		206 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0382/0090/1764/t/1/assets/theme.js?v=8903157658550589297
Requested by
Host: covid19-maskoverstock.myshopify.com
URL: https://covid19-maskoverstock.myshopify.com/password
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::104 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-hhn4020-HHN /
Resource Hash
d78a288913ae085450dd52c9075f060b4770b4feab0c966f2d81d3c677a39b91
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://covid19-maskoverstock.myshopify.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-url
/s/files/1/0382/0090/1764/t/1/assets/theme.js?v=8903157658550589297
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
Fastly, http2
x-dc
gke
edge-cache-tag
mime-application/javascript,source-GcsShopAssetsBackend,segment2-12,segment4-3121,revision-33ce2ffc7ccb1eb33a695ba3fa0c9b8116d8060c,cdn-shopify-com-s-files-1-0382-0090-1764-t-1-assets-theme-js,shop-38200901764
status
200
x-cache
HIT, MISS
content-length
45524
x-xss-protection
1; mode=block
x-request-id
8086995ee2ab7f176a8fda94d20a6c58c97be05e19b3bf0cf4f8f286a710eddf
x-served-by
cache-lga21977-LGA, cache-hhn4020-HHN
last-modified
Thu, 09 Apr 2020 15:13:33 GMT
server
cache-hhn4020-HHN
x-timer
S1588182871.595245,VS0,VE89
date
Wed, 29 Apr 2020 17:54:30 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
expires
Thu, 29 Apr 2021 06:34:24 GMT
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0382/0090/1764/t/1/assets/theme.js>; rel="canonical"
x-cache-hits
1, 0
password.js
cdn.shopify.com/s/files/1/0382/0090/1764/t/1/assets/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0382/0090/1764/t/1/assets/password.js?v=16754382210079724339
Requested by
Host: covid19-maskoverstock.myshopify.com
URL: https://covid19-maskoverstock.myshopify.com/password
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::104 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-hhn4020-HHN /
Resource Hash
baae8ac1408b19f85adf0a99879b005e62b71749adff14481978d2ace3131156
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://covid19-maskoverstock.myshopify.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-url
/s/files/1/0382/0090/1764/t/1/assets/password.js?v=16754382210079724339
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
Fastly, http2
x-dc
gke
edge-cache-tag
mime-application/javascript,source-GcsShopAssetsBackend,segment2-30,segment4-7796,revision-33ce2ffc7ccb1eb33a695ba3fa0c9b8116d8060c,cdn-shopify-com-s-files-1-0382-0090-1764-t-1-assets-password-js,shop-38200901764
status
200
x-cache
HIT, MISS
content-length
1171
x-xss-protection
1; mode=block
x-request-id
56dd70f1d459882bdd262d1a9319d93c5574f0a5d035d99dd9b13b75347cdbad
x-served-by
cache-lga21934-LGA, cache-hhn4020-HHN
last-modified
Thu, 09 Apr 2020 15:13:32 GMT
server
cache-hhn4020-HHN
x-timer
S1588182871.699663,VS0,VE84
date
Wed, 29 Apr 2020 17:54:30 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
expires
Thu, 29 Apr 2021 06:34:24 GMT
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0382/0090/1764/t/1/assets/password.js>; rel="canonical"
x-cache-hits
1, 0
load_feature-589ff3342d639ed23c94f5fc11e03d64e0788e2a4a687391ebeeeef20eaf2f50.js
cdn.shopify.com/s/assets/storefront/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/assets/storefront/load_feature-589ff3342d639ed23c94f5fc11e03d64e0788e2a4a687391ebeeeef20eaf2f50.js
Requested by
Host: covid19-maskoverstock.myshopify.com
URL: https://covid19-maskoverstock.myshopify.com/password
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::104 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-hhn4054-HHN /
Resource Hash
589ff3342d639ed23c94f5fc11e03d64e0788e2a4a687391ebeeeef20eaf2f50
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://covid19-maskoverstock.myshopify.com/password
Origin
https://covid19-maskoverstock.myshopify.com

Response headers

x-url
/s/assets/storefront/load_feature-589ff3342d639ed23c94f5fc11e03d64e0788e2a4a687391ebeeeef20eaf2f50.js
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
Fastly, http2
x-dc
gke
edge-cache-tag
mime-application/javascript,source-ShopAssetsBackend,segment2-43,segment4-11237,revision-33ce2ffc7ccb1eb33a695ba3fa0c9b8116d8060c,cdn-shopify-com-s-assets-storefront-load_feature-589ff3342d639ed23c94f5fc11e03d64e0788e2a4a687391ebeeeef20eaf2f50-js
status
200
x-cache
HIT, HIT
content-length
3015
x-xss-protection
1; mode=block
x-request-id
ff4fd1222ceef641e3f4935e579463056407df4e81718ab9fb5a3ef6f39cf4ec
x-served-by
cache-lga21934-LGA, cache-hhn4054-HHN
last-modified
Tue, 28 Apr 2020 18:35:46 GMT
server
cache-hhn4054-HHN
x-timer
S1588182871.806076,VS0,VE0
date
Wed, 29 Apr 2020 17:54:30 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/assets/storefront/load_feature-589ff3342d639ed23c94f5fc11e03d64e0788e2a4a687391ebeeeef20eaf2f50.js>; rel="canonical"
x-cache-hits
1, 73252
storefront-f95c62afca18778ed8677facd32818c864b5e4938cba1769e8d8ba0b541d41dc.js
cdn.shopify.com/s/assets/shopify_pay/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/assets/shopify_pay/storefront-f95c62afca18778ed8677facd32818c864b5e4938cba1769e8d8ba0b541d41dc.js?v=20190107
Requested by
Host: covid19-maskoverstock.myshopify.com
URL: https://covid19-maskoverstock.myshopify.com/password
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::104 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-hhn4054-HHN /
Resource Hash
f95c62afca18778ed8677facd32818c864b5e4938cba1769e8d8ba0b541d41dc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://covid19-maskoverstock.myshopify.com/password
Origin
https://covid19-maskoverstock.myshopify.com

Response headers

x-url
/s/assets/shopify_pay/storefront-f95c62afca18778ed8677facd32818c864b5e4938cba1769e8d8ba0b541d41dc.js?v=20190107
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
Fastly, http2
x-dc
gke
edge-cache-tag
mime-application/javascript,source-ShopAssetsBackend,segment2-225,segment4-57726,revision-4d30131f1323257a0ce73743d3d6da546b354e39,cdn-shopify-com-s-assets-shopify_pay-storefront-f95c62afca18778ed8677facd32818c864b5e4938cba1769e8d8ba0b541d41dc-js
status
200
x-cache
HIT, HIT
content-length
11061
x-xss-protection
1; mode=block
x-request-id
ce318a06b0cf2773afc68df9f17309da68d3435490c4f2004a023f0b1dd1c7d4
x-served-by
cache-lga21978-LGA, cache-hhn4054-HHN
last-modified
Mon, 09 Sep 2019 20:33:20 GMT
server
cache-hhn4054-HHN
x-timer
S1588182871.813853,VS0,VE0
date
Wed, 29 Apr 2020 17:54:30 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/assets/shopify_pay/storefront-f95c62afca18778ed8677facd32818c864b5e4938cba1769e8d8ba0b541d41dc.js>; rel="canonical"
x-cache-hits
1, 182154
trekkie.storefront.min.js
cdn.shopify.com/s/javascripts/tricorder/ 		44 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/javascripts/tricorder/trekkie.storefront.min.js?v=2020.04.13.1
Requested by
Host: covid19-maskoverstock.myshopify.com
URL: https://covid19-maskoverstock.myshopify.com/password
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::104 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-hhn4020-HHN /
Resource Hash
fb10d669f19c662bd30a58717f082488940471675cba27f047db04650bde2fd2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://covid19-maskoverstock.myshopify.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-url
/s/javascripts/tricorder/trekkie.storefront.min.js?v=2020.04.13.1
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
Fastly, http2
x-dc
gke
edge-cache-tag
mime-application/javascript,source-ShopAssetsBackend,segment2-123,segment4-31719,revision-add2e77f40635cd80f2352e1d1819b6acbee36b5,cdn-shopify-com-s-javascripts-tricorder-trekkie-storefront-min-js
status
200
x-cache
HIT, HIT
content-length
11121
x-xss-protection
1; mode=block
x-request-id
81d03e3c0b1723c2f700145531f44cf75d64959bef341751c62c9cef391f2879
x-served-by
cache-lga21980-LGA, cache-hhn4020-HHN
last-modified
Fri, 24 Apr 2020 13:48:54 GMT
server
cache-hhn4020-HHN
x-timer
S1588182872.065714,VS0,VE0
date
Wed, 29 Apr 2020 17:54:32 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/javascripts/tricorder/trekkie.storefront.min.js>; rel="canonical"
x-cache-hits
9, 3194
shop_events_listener-2c6237918c4bbec8783d8ceecd5759edc38afa9b5bef55134462710955517539.js
cdn.shopify.com/s/assets/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/assets/shop_events_listener-2c6237918c4bbec8783d8ceecd5759edc38afa9b5bef55134462710955517539.js
Requested by
Host: covid19-maskoverstock.myshopify.com
URL: https://covid19-maskoverstock.myshopify.com/password
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::104 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-hhn4020-HHN /
Resource Hash
2c6237918c4bbec8783d8ceecd5759edc38afa9b5bef55134462710955517539
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://covid19-maskoverstock.myshopify.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-url
/s/assets/shop_events_listener-2c6237918c4bbec8783d8ceecd5759edc38afa9b5bef55134462710955517539.js
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
Fastly, http2
x-dc
gke
edge-cache-tag
mime-application/javascript,source-ShopAssetsBackend,segment2-193,segment4-49528,revision-4d30131f1323257a0ce73743d3d6da546b354e39,cdn-shopify-com-s-assets-shop_events_listener-2c6237918c4bbec8783d8ceecd5759edc38afa9b5bef55134462710955517539-js
status
200
x-cache
HIT, HIT
content-length
2155
x-xss-protection
1; mode=block
x-request-id
b1630dd9b74aa4cf1a6c1224295d0b3809db6a2db6a3f1285d7ecaeceaa20296
x-served-by
cache-lga21949-LGA, cache-hhn4020-HHN
last-modified
Wed, 25 Mar 2020 18:42:50 GMT
server
cache-hhn4020-HHN
x-timer
S1588182872.065970,VS0,VE0
date
Wed, 29 Apr 2020 17:54:32 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/assets/shop_events_listener-2c6237918c4bbec8783d8ceecd5759edc38afa9b5bef55134462710955517539.js>; rel="canonical"
x-cache-hits
1, 1041842
helvetica_n7.39bee04bd277a9c4e94e2fd42d53f4e3c0afb8a5.woff2
fonts.shopifycdn.com/helvetica/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.shopifycdn.com/helvetica/helvetica_n7.39bee04bd277a9c4e94e2fd42d53f4e3c0afb8a5.woff2?&hmac=b99c35ba03edd5495ba7af87326d5fe8af5b2363f485475338ae16401b9af50d
Requested by
Host: covid19-maskoverstock.myshopify.com
URL: https://covid19-maskoverstock.myshopify.com/password
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::104 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c5529d40c44a9fc7a7325d3db1ef37b56c0a210d0c4ee3cef18e76cdaf73d79

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://cdn.shopify.com/s/files/1/0382/0090/1764/t/1/assets/theme.scss.css?v=17428624679682549415
Origin
https://covid19-maskoverstock.myshopify.com

Response headers

x-amz-version-id
bf14xZ3Y7004VsnG_0HLBKaH33hlKrVM
via
1.1 varnish
etag
"48bdbd2fdba819c4761d8eaf7948ffce"
age
1560
x-cache
HIT
status
200
content-length
18784
x-amz-id-2
NqEirAXWfyvipRUcyOD6o8t1TBqfdzQi37Ghi9VTnAM9dveOKRzL0ZUtZ8y6OD2P5AQrPpZBfz4=
x-served-by
cache-hhn4054-HHN
last-modified
Mon, 14 May 2018 14:32:27 GMT
server
AmazonS3
x-timer
S1588182872.074469,VS0,VE0
date
Wed, 29 Apr 2020 17:54:32 GMT
x-amz-request-id
546034D36E48111F
access-control-allow-origin
*
cache-control
max-age=2629800, immutable
accept-ranges
bytes
content-type
application/octet-stream
x-cache-hits
188
helvetica_n4.fe093fe9ca22a15354813c912484945a36b79146.woff2
fonts.shopifycdn.com/helvetica/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.shopifycdn.com/helvetica/helvetica_n4.fe093fe9ca22a15354813c912484945a36b79146.woff2?&hmac=64c57d7fee8da8223a0d4856285068c02c248ef210cae57dcd9c3e633375e8a4
Requested by
Host: covid19-maskoverstock.myshopify.com
URL: https://covid19-maskoverstock.myshopify.com/password
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::104 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de60693f31597c2ec2c1bd972d15900b6bb7be2bcc19db7b71bd171469b7dbe0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://cdn.shopify.com/s/files/1/0382/0090/1764/t/1/assets/theme.scss.css?v=17428624679682549415
Origin
https://covid19-maskoverstock.myshopify.com

Response headers

x-amz-version-id
4AdVwUM1RcK6IjFPXS0IVdOvOSLg0L4d
via
1.1 varnish
etag
"3081ae959e35d7dfa394138443e9095e"
age
67438
x-cache
HIT
status
200
content-length
19252
x-amz-id-2
mXOcj66XlFYfUO2DANSO66BEPJPekkmKXfsrU8slsn0WiIiAdcRsd/PHdJVStXaPKgpgiagchqQ=
x-served-by
cache-hhn4054-HHN
last-modified
Mon, 14 May 2018 14:32:27 GMT
server
AmazonS3
x-timer
S1588182872.074485,VS0,VE0
date
Wed, 29 Apr 2020 17:54:32 GMT
x-amz-request-id
81F32EF26038681D
access-control-allow-origin
*
cache-control
max-age=2629800, immutable
accept-ranges
bytes
content-type
application/octet-stream
x-cache-hits
6274
session
pay.shopify.com/ 		18 B
844 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pay.shopify.com/session?v=1
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/assets/shopify_pay/storefront-f95c62afca18778ed8677facd32818c864b5e4938cba1769e8d8ba0b541d41dc.js?v=20190107
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.196.190.76 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.190.196.104.bc.googleusercontent.com
Software
/
Resource Hash
9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options DENY

Request headers

Referer
https://covid19-maskoverstock.myshopify.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 17:54:32 GMT
content-encoding
gzip
vary
Accept-Encoding, Origin
x-dc
gke
p3p
CP="Not used"
status
200
access-control-allow-methods
GET, OPTIONS
server-timing
processing;dur=5, socket_queue;dur=1.166, edge;dur=6.051, util;dur=0.1
x-request-id
fca285565afa962e47f21b3cbe6971ea
x-runtime
0.004530
x-frame-options
DENY
etag
W/"9b5179ea2a77fe69b294fbd2ed504eac"
access-control-max-age
7200
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json; charset=utf-8
access-control-allow-origin
https://covid19-maskoverstock.myshopify.com
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
UpsellTracker.js
upsells.boldapps.net/v2_ui/js/ 		146 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upsells.boldapps.net/v2_ui/js/UpsellTracker.js?shop=covid19-maskoverstock.myshopify.com
Requested by
Host: covid19-maskoverstock.myshopify.com
URL: https://covid19-maskoverstock.myshopify.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6d12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0004aabee4faefe52fa6bab7b81d2a05c556ffd02f275214a8b0c19bc29f652a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://covid19-maskoverstock.myshopify.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 17:54:32 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
MISS
status
200
content-length
36402
cf-request-id
0268ac88a900001762f19c7200000001
last-modified
Tue, 14 Apr 2020 19:00:18 GMT
server
cloudflare
etag
"24700-5a344cf811480-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript
cache-control
public, max-age=172800
accept-ranges
bytes
cf-ray
58bae38778b91762-FRA
expires
Fri, 01 May 2020 17:54:32 GMT
upsell.js
upsells.boldapps.net/v2_ui/js/ 		300 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upsells.boldapps.net/v2_ui/js/upsell.js?shop=covid19-maskoverstock.myshopify.com
Requested by
Host: covid19-maskoverstock.myshopify.com
URL: https://covid19-maskoverstock.myshopify.com/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:6d12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c61e5c0e90eac91129f23e2718cbdf6ffad05619b14978f643f1ae4dfc01a447
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://covid19-maskoverstock.myshopify.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 17:54:32 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 14 Apr 2020 19:00:18 GMT
server
cloudflare
etag
"4b17e-5a344cf811480-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=172800
strict-transport-security
max-age=15724800; includeSubDomains
cf-ray
58bae38778be1762-FRA
cf-request-id
0268ac88a900001762f19c8200000001
expires
Fri, 01 May 2020 17:54:32 GMT
main.js
www.glowloyalty.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.glowloyalty.com/main.js?id=924&shop=covid19-maskoverstock.myshopify.com
Requested by
Host: covid19-maskoverstock.myshopify.com
URL: https://covid19-maskoverstock.myshopify.com/password
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.234.153.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-234-153-185.compute-1.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
eff7b09210eba171e1f8417249ce4f59465daf90d48413e2f228cb7becceffb3

Request headers

Referer
https://covid19-maskoverstock.myshopify.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 29 Apr 2020 17:54:32 GMT
Content-Encoding
gzip
Server
Apache/2.4.29 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, private, max-age=600
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
1332
Expires
Wed, 29 Apr 2020 18:04:32 GMT
shopify-boomerang-1.0.0.min.js
cdn.shopify.com/shopifycloud/boomerang/ 		99 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js
Requested by
Host: covid19-maskoverstock.myshopify.com
URL: https://covid19-maskoverstock.myshopify.com/password
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::104 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
cache-hhn4020-HHN /
Resource Hash
ebf754dcf881c01dc1614e144c4e8a38000f809dad75a3b92004c1a50db3c070
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://covid19-maskoverstock.myshopify.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-url
/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cdn
Fastly, http2
x-dc
gke
edge-cache-tag
mime-application/javascript,source-GcsBackend,segment2-96,segment4-24675,revision-426904124fe6b96d3e6bfe2e9e9fbd414a4609c9,cdn-shopify-com-shopifycloud-boomerang-shopify-boomerang-1-0-0-min-js
status
200
x-cache
HIT, HIT
content-length
30882
x-xss-protection
1; mode=block
x-request-id
882184339fc4cda2549c3c25be7d51ee3a719937562fbf0f83b88b3c0bc6f750
x-served-by
cache-lga21929-LGA, cache-hhn4020-HHN
last-modified
Wed, 22 Apr 2020 19:19:06 GMT
server
cache-hhn4020-HHN
x-timer
S1588182872.234434,VS0,VE0
date
Wed, 29 Apr 2020 17:54:32 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
expires
Thu, 22 Apr 2021 19:20:54 GMT
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js>; rel="canonical"
x-cache-hits
3, 444655
produce
monorail-edge.shopifysvc.com/v1/ 		0
482 B 		Other
General
Check archive.org
Download Go to
Full URL
https://monorail-edge.shopifysvc.com/v1/produce
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/javascripts/tricorder/trekkie.storefront.min.js?v=2020.04.13.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.188.198.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.198.188.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://covid19-maskoverstock.myshopify.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 29 Apr 2020 17:54:32 GMT
x-dc
gke
status
200
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://covid19-maskoverstock.myshopify.com
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length
0
x-request-id
49f9b722-911d-4ce8-9b17-40aa6480e3fd
produce
monorail-edge.shopifysvc.com/v1/ 		0
481 B 		Other
General
Check archive.org
Download Go to
Full URL
https://monorail-edge.shopifysvc.com/v1/produce
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/javascripts/tricorder/trekkie.storefront.min.js?v=2020.04.13.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.188.198.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.198.188.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://covid19-maskoverstock.myshopify.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 29 Apr 2020 17:54:32 GMT
x-dc
gke
status
200
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://covid19-maskoverstock.myshopify.com
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length
0
x-request-id
101d638e-46c0-480b-b9ec-1f5a16cacdb7
produce
monorail-edge.shopifysvc.com/v1/ 		0
481 B 		Other
General
Check archive.org
Download Go to
Full URL
https://monorail-edge.shopifysvc.com/v1/produce
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.188.198.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.198.188.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://covid19-maskoverstock.myshopify.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 29 Apr 2020 17:54:32 GMT
x-dc
gke
status
200
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://covid19-maskoverstock.myshopify.com
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length
0
x-request-id
9bb956ce-8de4-4532-adf5-2efacf6552e2
cart.json
covid19-maskoverstock.myshopify.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://covid19-maskoverstock.myshopify.com/cart.json
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/assets/shop_events_listener-2c6237918c4bbec8783d8ceecd5759edc38afa9b5bef55134462710955517539.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.64 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
shops.myshopify.com
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=show&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fcart&source%5Bsection%5D=storefront&source%5Buuid%5D=b7b67af1-70f4-4dae-b119-b4eb6413c78b
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block; report=/xss-report?source%5Baction%5D=show&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fcart&source%5Bsection%5D=storefront&source%5Buuid%5D=b7b67af1-70f4-4dae-b119-b4eb6413c78b

Request headers

Accept
application/json
Referer
https://covid19-maskoverstock.myshopify.com/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 17:54:32 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-dc
gcp-us-central1,gcp-us-central1
x-shopify-stage
production
status
401
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection
1; mode=block; report=/xss-report?source%5Baction%5D=show&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fcart&source%5Bsection%5D=storefront&source%5Buuid%5D=b7b67af1-70f4-4dae-b119-b4eb6413c78b
x-sorting-hat-shopid
38200901764
x-shardid
131
content-type
text/html
server
cloudflare
content-language
en
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
x-download-options
noopen
x-shopid
38200901764
x-request-id
b7b67af1-70f4-4dae-b119-b4eb6413c78b
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=show&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fcart&source%5Bsection%5D=storefront&source%5Buuid%5D=b7b67af1-70f4-4dae-b119-b4eb6413c78b
cf-request-id
0268ac899600009d7297270200000001
cf-ray
58bae388fa539d72-AMS
x-sorting-hat-podid
131

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| Shopify object| ShopifyPay object| __st boolean| ShopifyPaypalV4VisibilityTracking object| meta string| attr object| ShopifyAnalytics object| trekkie object| theme object| enquire function| $ function| jQuery function| _ function| mobileCheck object| Modernizr object| bodyScrollLock object| selectors function| onYouTubeIframeAPIReady object| slate object| $slideshow function| gm_authFailure function| Modals object| __core-js_shared__ object| core object| regeneratorRuntime object| $RecoverHeading object| $RecoverEmail object| $LoginHeading object| _visit object| BOOMR object| BOLD object| upsellTracker function| launchLoyalty boolean| kb_ref function| launchLedger function| embedSpruli number| ledgerLaunched number| embedLaunched function| receiveSpruliMessage function| launchPixel function| getPoints

0 Cookies

1 Console Messages

Source Level URL
Text
console-api log URL: https://www.glowloyalty.com/main.js?id=924&shop=covid19-maskoverstock.myshopify.com(Line 1)
Message:
Glow initiated.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=password&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fstorefront&source%5Bsection%5D=storefront&source%5Buuid%5D=e683d039-11cf-4082-9e7a-c8c2ecf7ceab
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block; report=/xss-report?source%5Baction%5D=password&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=storefront_section%2Fstorefront&source%5Bsection%5D=storefront&source%5Buuid%5D=e683d039-11cf-4082-9e7a-c8c2ecf7ceab

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.shopify.com
covid19-maskoverstock.myshopify.com
fonts.shopifycdn.com
monorail-edge.shopifysvc.com
pay.shopify.com
upsells.boldapps.net
www.glowloyalty.com
104.196.190.76
18.234.153.185
23.227.38.64
2606:4700::6810:6d12
2a04:4e42:1b::104
35.188.198.106
0004aabee4faefe52fa6bab7b81d2a05c556ffd02f275214a8b0c19bc29f652a
2c6237918c4bbec8783d8ceecd5759edc38afa9b5bef55134462710955517539
2dbb75cdd921d7a33db005df9d809aba3448a85e6a44e0306e0ce76f4651904e
3f4e63ade0abfdec9607bc470a9a6cd18df80260c3a6ef709843f4b9033a7cb6
589ff3342d639ed23c94f5fc11e03d64e0788e2a4a687391ebeeeef20eaf2f50
9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f
9c5529d40c44a9fc7a7325d3db1ef37b56c0a210d0c4ee3cef18e76cdaf73d79
b172d5a1a85aa48204ea31db4ebb179e6cce3c1b4fea3e320e490d8683da30a1
baae8ac1408b19f85adf0a99879b005e62b71749adff14481978d2ace3131156
c61e5c0e90eac91129f23e2718cbdf6ffad05619b14978f643f1ae4dfc01a447
d78a288913ae085450dd52c9075f060b4770b4feab0c966f2d81d3c677a39b91
de60693f31597c2ec2c1bd972d15900b6bb7be2bcc19db7b71bd171469b7dbe0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebf754dcf881c01dc1614e144c4e8a38000f809dad75a3b92004c1a50db3c070
eff7b09210eba171e1f8417249ce4f59465daf90d48413e2f228cb7becceffb3
f95c62afca18778ed8677facd32818c864b5e4938cba1769e8d8ba0b541d41dc
fb10d669f19c662bd30a58717f082488940471675cba27f047db04650bde2fd2