URL: https://www.refurbished-palace.com/buy.php?p_id=3
Submission: On January 19 via manual from US

Summary

This website contacted 11 IPs in 3 countries across 11 domains to perform 39 HTTP transactions. The main IP is 90.156.146.109, located in Russian Federation and belongs to MASTERHOST-AS Moscow, Russia, RU. The main domain is www.refurbished-palace.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 25th 2019. Valid for: 3 months.
This is the only time www.refurbished-palace.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
18 www.refurbished-palace.com www.refurbished-palace.com
5 includes.ccdc02.com www.refurbished-palace.com
includes.ccdc02.com
3 fonts.gstatic.com www.refurbished-palace.com
2 writer.cardinalcommerce.com includes.ccdc02.com
2 centinelapi.cardinalcommerce.com includes.ccdc02.com
2 www.google-analytics.com www.googletagmanager.com
www.refurbished-palace.com
1 geo.cardinalcommerce.com includes.ccdc02.com
1 www.google.de www.refurbished-palace.com
1 www.google.com www.refurbished-palace.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 www.googletagmanager.com www.refurbished-palace.com
1 fonts.googleapis.com www.refurbished-palace.com
39 13

This site contains no links.

Subject Issuer Validity Valid
refurbished-palace.com
Let's Encrypt Authority X3
2019-11-25 -
2020-02-23
3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1
2019-12-20 -
2020-03-13
3 months crt.sh
ssl981396.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-03-22 -
2020-03-19
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2019-12-20 -
2020-03-13
3 months crt.sh
*.google.com
GTS CA 1O1
2019-12-20 -
2020-03-13
3 months crt.sh
www.googleadservices.com
GTS CA 1O1
2019-12-20 -
2020-03-13
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2019-12-20 -
2020-03-13
3 months crt.sh
ssl981384.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-03-22 -
2020-03-19
a year crt.sh
www.google.com
GTS CA 1O1
2019-12-20 -
2020-03-13
3 months crt.sh
www.google.de
GTS CA 1O1
2019-12-20 -
2020-03-13
3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.refurbished-palace.com/buy.php?p_id=3
Frame ID: EEC389940BB81974715EDCFE7CA590F3
Requests: 38 HTTP requests in this frame

Frame: https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=59d7c4ea33fadd2d7c9f1eaf&tmEventType=PAYMENT&referenceId=0_f4c2620e-78f1-4f7f-beaa-968723eae115&geolocation=false&origin=Songbird
Frame ID: 969639281BEB9B29DA7A7A20B262FE7C
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

39
Requests

100 %
HTTPS

82 %
IPv6

11
Domains

13
Subdomains

11
IPs

3
Countries

523 kB
Transfer

1039 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set buy.php
www.refurbished-palace.com/
63 KB
14 KB
Document
General
Full URL
https://www.refurbished-palace.com/buy.php?p_id=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
90.156.146.109 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
vm594746.vps.masterhost.ru
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
4d9368cf0939b72e091a4bf0228b8586106758339373b50ef9d143395e457971

Request headers

Host
www.refurbished-palace.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User
?1

Response headers

Date
Sun, 19 Jan 2020 20:03:46 GMT
Server
Apache/2.4.7 (Ubuntu)
Vary
User-Agent,Accept-Encoding
Set-Cookie
merchant=qualpay; expires=Sun, 19-Jan-2020 22:03:46 GMT; Max-Age=7200; HttpOnly _eventqueue=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0 tracking_id=31909590; expires=Tue, 18-Feb-2020 20:03:46 GMT; Max-Age=2592000 campaign=refurbished-palace.com; expires=Tue, 18-Feb-2020 20:03:46 GMT; Max-Age=2592000 orderid=3930404; expires=Tue, 18-Feb-2020 20:03:46 GMT; Max-Age=2592000
Content-Encoding
gzip
Content-Length
14001
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
main.css
www.refurbished-palace.com/
11 KB
3 KB
Stylesheet
General
Full URL
https://www.refurbished-palace.com/main.css
Requested by
Host: www.refurbished-palace.com
URL: https://www.refurbished-palace.com/buy.php?p_id=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
90.156.146.109 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
vm594746.vps.masterhost.ru
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
9d7bbf0030782e6549b103878aecb271eec3e4809ccf667097cb6953460c2c87

Request headers

Referer
https://www.refurbished-palace.com/buy.php?p_id=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 19 Jan 2020 20:03:46 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Nov 2019 14:47:53 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"2d03-5986932ba04d4-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2667
remodal.css
www.refurbished-palace.com/
2 KB
998 B
Stylesheet
General
Full URL
https://www.refurbished-palace.com/remodal.css
Requested by
Host: www.refurbished-palace.com
URL: https://www.refurbished-palace.com/buy.php?p_id=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
90.156.146.109 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
vm594746.vps.masterhost.ru
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
d4a45eefb5b510457aaa6164b95dc6ec3514fa68aac520b958efba0e1e196f05

Request headers

Referer
https://www.refurbished-palace.com/buy.php?p_id=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 19 Jan 2020 20:03:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Jun 2016 15:37:23 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"661-535b77b0892c0-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
664
remodal-default-theme.css
www.refurbished-palace.com/
5 KB
2 KB
Stylesheet
General
Full URL
https://www.refurbished-palace.com/remodal-default-theme.css
Requested by
Host: www.refurbished-palace.com
URL: https://www.refurbished-palace.com/buy.php?p_id=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
90.156.146.109 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
vm594746.vps.masterhost.ru
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
8c712c710d19e7205525c1fd18aabf61e0e0ac77e0cee05546393f6e3ab1932d

Request headers

Referer
https://www.refurbished-palace.com/buy.php?p_id=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 19 Jan 2020 20:03:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Jun 2016 15:37:24 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"15ac-535b77b17d500-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1323
unslider.css
www.refurbished-palace.com/
573 B
597 B
Stylesheet
General
Full URL
https://www.refurbished-palace.com/unslider.css
Requested by
Host: www.refurbished-palace.com
URL: https://www.refurbished-palace.com/buy.php?p_id=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
90.156.146.109 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
vm594746.vps.masterhost.ru
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
a0b779ad590272d25a6b625b33f3d117b71ab8b77efa8266cf2ebcd90bd76764

Request headers

Referer
https://www.refurbished-palace.com/buy.php?p_id=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 19 Jan 2020 20:03:46 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Jul 2017 13:36:04 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"23d-554bfd47cf900-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
262
unslider-dots.css
www.refurbished-palace.com/
778 B
785 B
Stylesheet
General
Full URL
https://www.refurbished-palace.com/unslider-dots.css
Requested by
Host: www.refurbished-palace.com
URL: https://www.refurbished-palace.com/buy.php?p_id=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
90.156.146.109 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
vm594746.vps.masterhost.ru
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
92b758fa6195848b306a834a4654683aff3f7b747cf5a65c824677e481cd137d

Request headers

Referer
https://www.refurbished-palace.com/buy.php?p_id=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 19 Jan 2020 20:03:46 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Jul 2017 13:36:04 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"30a-554bfd47cf900-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
450
css
fonts.googleapis.com/
11 KB
886 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500,700,400italic,500italic
Requested by
Host: www.refurbished-palace.com
URL: https://www.refurbished-palace.com/buy.php?p_id=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7c7d3b665f486cd8583f00a76a26069ea5a1327ce84822210ae7f92ade3f9820
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.refurbished-palace.com/buy.php?p_id=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sun, 19 Jan 2020 20:03:45 GMT
server
ESF
access-control-allow-origin
*
date
Sun, 19 Jan 2020 20:03:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Sun, 19 Jan 2020 20:03:45 GMT
jquery.min.js
www.refurbished-palace.com/
82 KB
29 KB
Script
General
Full URL
https://www.refurbished-palace.com/jquery.min.js
Requested by
Host: www.refurbished-palace.com
URL: https://www.refurbished-palace.com/buy.php?p_id=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
90.156.146.109 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
vm594746.vps.masterhost.ru
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Request headers

Referer
https://www.refurbished-palace.com/buy.php?p_id=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 19 Jan 2020 20:03:46 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Mar 2016 00:00:33 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"14960-52da680d7ca40-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
29524
remodal.min.js
www.refurbished-palace.com/
8 KB
3 KB
Script
General
Full URL
https://www.refurbished-palace.com/remodal.min.js
Requested by
Host: www.refurbished-palace.com
URL: https://www.refurbished-palace.com/buy.php?p_id=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
90.156.146.109 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
vm594746.vps.masterhost.ru
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
d61ef8de59f092755d56f5a8b31d43b5b42a4ebfbbcd1e9a51a41d73bae4006b

Request headers

Referer
https://www.refurbished-palace.com/buy.php?p_id=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 19 Jan 2020 20:03:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Jun 2016 15:37:25 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"1e04-535b77b271740-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2637
unslider-min.js
www.refurbished-palace.com/
6 KB
3 KB
Script
General
Full URL
https://www.refurbished-palace.com/unslider-min.js
Requested by
Host: www.refurbished-palace.com
URL: https://www.refurbished-palace.com/buy.php?p_id=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
90.156.146.109 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
vm594746.vps.masterhost.ru
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
68ccb3e710e9f83015617a055d3c3aa203cc60e872f128665869dd9a69ade0c5

Request headers

Referer
https://www.refurbished-palace.com/buy.php?p_id=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 19 Jan 2020 20:03:46 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Jul 2017 13:36:04 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"1753-554bfd47cf900-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
2217
parsley.min.js
www.refurbished-palace.com/
39 KB
11 KB
Script
General
Full URL
https://www.refurbished-palace.com/parsley.min.js
Requested by
Host: www.refurbished-palace.com
URL: https://www.refurbished-palace.com/buy.php?p_id=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
90.156.146.109 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
vm594746.vps.masterhost.ru
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
d6be0dbc50cf682f7d981d0f33094d4bcc7ac3d3d8e2f1ce225b950affd0c9bf

Request headers

Referer
https://www.refurbished-palace.com/buy.php?p_id=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 19 Jan 2020 20:03:46 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Mar 2016 00:00:34 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"9ae8-52da680e70c80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
11040
songbird.js
includes.ccdc02.com/cruisecontrol/v1/
5 KB
3 KB
Script
General
Full URL
https://includes.ccdc02.com/cruisecontrol/v1/songbird.js
Requested by
Host: www.refurbished-palace.com
URL: https://www.refurbished-palace.com/buy.php?p_id=3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::c6d9:fbef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
220b83e1d5ad19042a3cdff36f6275061f591a88928a92fa5848054b58923b68

Request headers

Referer
https://www.refurbished-palace.com/buy.php?p_id=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 19 Jan 2020 20:03:46 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-powered-by
ASP.NET
status
200
content-length
2519
last-modified
Wed, 23 Oct 2019 00:24:50 GMT
server
cloudflare
etag
"07536483889d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
557b69f46ac0c277-FRA
expires
Mon, 20 Jan 2020 00:03:46 GMT
js
www.googletagmanager.com/gtag/
73 KB
27 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1014224577
Requested by
Host: www.refurbished-palace.com
URL: https://www.refurbished-palace.com/buy.php?p_id=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0bc084435526878944b45ea06c69cdec6fdce3ea2802c017f6ce020a768d3730
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.refurbished-palace.com/buy.php?p_id=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 19 Jan 2020 20:03:45 GMT
content-encoding
br
last-modified
Sun, 19 Jan 2020 18:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
27818
x-xss-protection
0
expires
Sun, 19 Jan 2020 20:03:45 GMT
main.js
www.refurbished-palace.com/
3 KB
1 KB
Script
General
Full URL
https://www.refurbished-palace.com/main.js
Requested by
Host: www.refurbished-palace.com
URL: https://www.refurbished-palace.com/buy.php?p_id=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
90.156.146.109 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
vm594746.vps.masterhost.ru
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
658a1b2dcec47b53b0284544a359035a9b1b5d38a9ef8503cb7ec0ae91a7e60e

Request headers

Referer
https://www.refurbished-palace.com/buy.php?p_id=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 19 Jan 2020 20:03:46 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Sep 2018 16:21:44 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"d64-5764feb3502a6-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
945
logorefurb.png
www.refurbished-palace.com/images/
12 KB
12 KB
Image
General
Full URL
https://www.refurbished-palace.com/images/logorefurb.png
Requested by
Host: www.refurbished-palace.com
URL: https://www.refurbished-palace.com/buy.php?p_id=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
90.156.146.109 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
vm594746.vps.masterhost.ru
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
9875359fb4a3b7ea379b7c67be2936527023a3c551d905f09921833f9ea7f1bc

Request headers

Referer
https://www.refurbished-palace.com/buy.php?p_id=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 19 Jan 2020 20:03:46 GMT
Last-Modified
Fri, 17 May 2019 00:43:37 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"2e3f-5890aac523f03"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
11839
1pxline.gif
www.refurbished-palace.com/images/
56 B
337 B
Image
General
Full URL
https://www.refurbished-palace.com/images/1pxline.gif
Requested by
Host: www.refurbished-palace.com
URL: https://www.refurbished-palace.com/buy.php?p_id=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
90.156.146.109 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
vm594746.vps.masterhost.ru
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
63288c71b107f2b73ee946e57d76016b392511b7aef3208ada64c4ab015479c6

Request headers

Referer
https://www.refurbished-palace.com/buy.php?p_id=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 19 Jan 2020 20:03:46 GMT
Last-Modified
Fri, 25 Aug 2017 18:54:25 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"38-5579879489a40"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
56
switch.png
www.refurbished-palace.com/images/
103 KB
103 KB
Image
General
Full URL
https://www.refurbished-palace.com/images/switch.png
Requested by
Host: www.refurbished-palace.com
URL: https://www.refurbished-palace.com/buy.php?p_id=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
90.156.146.109 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
vm594746.vps.masterhost.ru
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
1dda73123e4d1dcf435742388877e9076263284c77a54331b321ac0e5205c3c5

Request headers

Referer
https://www.refurbished-palace.com/buy.php?p_id=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 19 Jan 2020 20:03:46 GMT
Last-Modified
Fri, 24 May 2019 19:57:12 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"19c59-589a79ac1615d"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
105561
visamc.png
www.refurbished-palace.com/images/
17 KB
17 KB
Image
General
Full URL
https://www.refurbished-palace.com/images/visamc.png
Requested by
Host: www.refurbished-palace.com
URL: https://www.refurbished-palace.com/buy.php?p_id=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
90.156.146.109 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
vm594746.vps.masterhost.ru
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
2a294176d950da42355786d428c75b5acd725e83b096c498d2eb2ebc3f791522

Request headers

Referer
https://www.refurbished-palace.com/buy.php?p_id=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 19 Jan 2020 20:03:46 GMT
Last-Modified
Wed, 24 Apr 2019 18:32:31 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"43ff-5874aecae266d"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
17407
rapidssl_icon.jpg
www.refurbished-palace.com/images/
5 KB
6 KB
Image
General
Full URL
https://www.refurbished-palace.com/images/rapidssl_icon.jpg
Requested by
Host: www.refurbished-palace.com
URL: https://www.refurbished-palace.com/buy.php?p_id=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
90.156.146.109 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
vm594746.vps.masterhost.ru
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
6017a8ab183d5244d922a4ee9fc3edf70efc1909679d40ec3b7b574dfdca544f

Request headers

Referer
https://www.refurbished-palace.com/buy.php?p_id=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 19 Jan 2020 20:03:46 GMT
Last-Modified
Fri, 25 Aug 2017 18:54:32 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"152c-5579879b36a00"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
5420
cvv2.jpg
www.refurbished-palace.com/images/
30 KB
30 KB
Image
General
Full URL
https://www.refurbished-palace.com/images/cvv2.jpg
Requested by
Host: www.refurbished-palace.com
URL: https://www.refurbished-palace.com/buy.php?p_id=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
90.156.146.109 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
vm594746.vps.masterhost.ru
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
54626988e69b66781740a361d3f793e9d895ed80800c769b0b85f4a39acd41c2

Request headers

Referer
https://www.refurbished-palace.com/buy.php?p_id=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 19 Jan 2020 20:03:46 GMT
Last-Modified
Fri, 25 Aug 2017 18:54:26 GMT
Server
Apache/2.4.7 (Ubuntu)
ETag
"77ad-557987957dc80"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
30637
1.5043628fc57bc9f1e688.songbird.js
includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/
387 KB
161 KB
Script
General
Full URL
https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js
Requested by
Host: includes.ccdc02.com
URL: https://includes.ccdc02.com/cruisecontrol/v1/songbird.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::c6d9:fbef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9e8c5dc44cfa246890ec4191c7ddde4d71ffe08a6c5408bf6de074efc18f1c7a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.refurbished-palace.com/buy.php?p_id=3
Origin
https://www.refurbished-palace.com

Response headers

date
Sun, 19 Jan 2020 20:03:46 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3834071
x-powered-by
ASP.NET
status
200
last-modified
Wed, 23 Oct 2019 00:24:50 GMT
server
cloudflare
etag
"07536483889d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=15552000
cf-ray
557b69f60a35974e-FRA
expires
Fri, 17 Jul 2020 20:03:46 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: www.refurbished-palace.com
URL: https://www.refurbished-palace.com/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,500,700,400italic,500italic
Origin
https://www.refurbished-palace.com

Response headers

date
Fri, 17 Jan 2020 17:18:55 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
182691
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11056
x-xss-protection
0
expires
Sat, 16 Jan 2021 17:18:55 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.refurbished-palace.com
URL: https://www.refurbished-palace.com/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,500,700,400italic,500italic
Origin
https://www.refurbished-palace.com

Response headers

date
Thu, 09 Jan 2020 00:21:24 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
934942
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11016
x-xss-protection
0
expires
Fri, 08 Jan 2021 00:21:24 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: www.refurbished-palace.com
URL: https://www.refurbished-palace.com/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400,500,700,400italic,500italic
Origin
https://www.refurbished-palace.com

Response headers

date
Fri, 22 Nov 2019 04:03:04 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
5068842
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
11020
x-xss-protection
0
expires
Sat, 21 Nov 2020 04:03:04 GMT
buildjwt.php
www.refurbished-palace.com/
323 B
529 B
XHR
General
Full URL
https://www.refurbished-palace.com/buildjwt.php
Requested by
Host: www.refurbished-palace.com
URL: https://www.refurbished-palace.com/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
90.156.146.109 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
vm594746.vps.masterhost.ru
Software
Apache/2.4.7 (Ubuntu) /
Resource Hash
bd48ab53efaf873627a30282213ab26cddeaafde9c7986443e3660a6a64e4758

Request headers

Accept
*/*
Referer
https://www.refurbished-palace.com/buy.php?p_id=3
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sun, 19 Jan 2020 20:03:46 GMT
Content-Encoding
gzip
Server
Apache/2.4.7 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
279
conversion_async.js
www.googleadservices.com/pagead/
26 KB
10 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1014224577
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
e70adb67bcdec61516ea9e7174456c50effa918e43b3c8663baf1aa762f705de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.refurbished-palace.com/buy.php?p_id=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sun, 19 Jan 2020 20:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
9920
x-xss-protection
0
server
cafe
etag
4870430129932666244
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 19 Jan 2020 20:03:46 GMT
analytics.js
www.google-analytics.com/
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1014224577
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.refurbished-palace.com/buy.php?p_id=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
1531
date
Sun, 19 Jan 2020 19:38:15 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Sun, 19 Jan 2020 21:38:15 GMT
collect
www.google-analytics.com/r/
35 B
112 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=914586747&t=pageview&_s=1&dl=https%3A%2F%2Fwww.refurbished-palace.com%2Fbuy.php%3Fp_id%3D3&ul=en-us&de=UTF-8&dt=Refurbished%20iPhones%2C%20Macbooks%2C%20Xbox%2C%20Nintendos%20%E2%80%93%20Used%20PS4s%20%26%20iPhones%20On%20Sale&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1428250998&gjid=1955762733&cid=1569136991.1579464226&tid=UA-10611734-66&_gid=1457116981.1579464226&_r=1&gtm=2oa181&z=101587857
Requested by
Host: www.refurbished-palace.com
URL: https://www.refurbished-palace.com/buy.php?p_id=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.refurbished-palace.com/buy.php?p_id=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Jan 2020 20:03:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
12.5043628fc57bc9f1e688.songbird.js
includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/
22 KB
10 KB
Script
General
Full URL
https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/12.5043628fc57bc9f1e688.songbird.js
Requested by
Host: includes.ccdc02.com
URL: https://includes.ccdc02.com/cruisecontrol/v1/songbird.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::c6d9:fbef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0ab7cd0f585db30303e38e0bab08e398277120bd15abc6a5a6066e3d27223ea

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.refurbished-palace.com/buy.php?p_id=3
Origin
https://www.refurbished-palace.com

Response headers

date
Sun, 19 Jan 2020 20:03:46 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1992163
status
200
content-length
9788
last-modified
Wed, 23 Oct 2019 00:24:50 GMT
server
cloudflare
etag
"07536483889d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=15552000
accept-ranges
bytes
cf-ray
557b69f68b10974e-FRA
expires
Fri, 17 Jul 2020 20:03:46 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1014224577/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014224577/?random=1579464226321&cv=9&fst=1579464226321&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa181&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.refurbished-palace.com%2Fbuy.php%3Fp_id%3D3&tiba=Refurbished%20iPhones%2C%20Macbooks%2C%20Xbox%2C%20Nintendos%20%E2%80%93%20Used%20PS4s%20%26%20iPhones%20On%20Sale&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d41a13697f93c056da4be365089244e6cdc9b870c1551acb2416404dbc08a544
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.refurbished-palace.com/buy.php?p_id=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Jan 2020 20:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1089
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Init
centinelapi.cardinalcommerce.com/V1/Order/JWT/
0
707 B
XHR
General
Full URL
https://centinelapi.cardinalcommerce.com/V1/Order/JWT/Init
Requested by
Host: includes.ccdc02.com
URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.refurbished-palace.com
Referer
https://www.refurbished-palace.com/buy.php?p_id=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Access-Control-Request-Headers
content-type,x-cardinal-tid

Response headers

date
Sun, 19 Jan 2020 20:03:46 GMT
vary
Origin
cf-cache-status
DYNAMIC
status
200
content-length
0
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1800
access-control-allow-methods
GET,POST,HEAD,OPTIONS
access-control-allow-origin
https://www.refurbished-palace.com
access-control-expose-headers
Access-Control-Allow-Origin
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
557b69f6e9f0978a-FRA
access-control-allow-headers
content-type, x-cardinal-tid
/
www.google.com/pagead/1p-user-list/1014224577/
42 B
110 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/1014224577/?random=1579464226321&cv=9&fst=1579464000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa181&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.refurbished-palace.com%2Fbuy.php%3Fp_id%3D3&tiba=Refurbished%20iPhones%2C%20Macbooks%2C%20Xbox%2C%20Nintendos%20%E2%80%93%20Used%20PS4s%20%26%20iPhones%20On%20Sale&async=1&fmt=3&is_vtc=1&random=3156576206&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.refurbished-palace.com
URL: https://www.refurbished-palace.com/buy.php?p_id=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.refurbished-palace.com/buy.php?p_id=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Jan 2020 20:03:46 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1014224577/
42 B
110 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/1014224577/?random=1579464226321&cv=9&fst=1579464000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa181&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.refurbished-palace.com%2Fbuy.php%3Fp_id%3D3&tiba=Refurbished%20iPhones%2C%20Macbooks%2C%20Xbox%2C%20Nintendos%20%E2%80%93%20Used%20PS4s%20%26%20iPhones%20On%20Sale&async=1&fmt=3&is_vtc=1&random=3156576206&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.refurbished-palace.com
URL: https://www.refurbished-palace.com/buy.php?p_id=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::75 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.refurbished-palace.com/buy.php?p_id=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Jan 2020 20:03:46 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Init
centinelapi.cardinalcommerce.com/V1/Order/JWT/
2 KB
2 KB
XHR
General
Full URL
https://centinelapi.cardinalcommerce.com/V1/Order/JWT/Init
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b5dcdf6e53d57509fe1efd142add7b52658d147f7a0edc6df23ec108044cfc1

Request headers

Referer
https://www.refurbished-palace.com/buy.php?p_id=3
Origin
https://www.refurbished-palace.com
X-Cardinal-Tid
Tid-1b979800-9656-4906-b0c0-d2937b96d164
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sun, 19 Jan 2020 20:03:46 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://www.refurbished-palace.com
access-control-expose-headers
Access-Control-Allow-Origin
access-control-allow-credentials
true
cf-ray
557b69f7eb54978a-FRA
11.5043628fc57bc9f1e688.songbird.js
includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/
25 KB
10 KB
Script
General
Full URL
https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/11.5043628fc57bc9f1e688.songbird.js
Requested by
Host: includes.ccdc02.com
URL: https://includes.ccdc02.com/cruisecontrol/v1/songbird.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::c6d9:fbef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4589f1d2ab85a42e19939efd9c32366c8cbfa840b425ba1b729c9fa9287c11d4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.refurbished-palace.com/buy.php?p_id=3
Origin
https://www.refurbished-palace.com

Response headers

date
Sun, 19 Jan 2020 20:03:46 GMT
content-encoding
gzip
cf-cache-status
HIT
age
875714
status
200
content-length
10474
last-modified
Wed, 23 Oct 2019 00:24:50 GMT
server
cloudflare
etag
"07536483889d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=15552000
accept-ranges
bytes
cf-ray
557b69f91f15974e-FRA
expires
Fri, 17 Jul 2020 20:03:46 GMT
Render
geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/ Frame 9696
0
0
Document
General
Full URL
https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=59d7c4ea33fadd2d7c9f1eaf&tmEventType=PAYMENT&referenceId=0_f4c2620e-78f1-4f7f-beaa-968723eae115&geolocation=false&origin=Songbird
Requested by
Host: includes.ccdc02.com
URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
geo.cardinalcommerce.com
:scheme
https
:path
/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=59d7c4ea33fadd2d7c9f1eaf&tmEventType=PAYMENT&referenceId=0_f4c2620e-78f1-4f7f-beaa-968723eae115&geolocation=false&origin=Songbird
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.refurbished-palace.com/buy.php?p_id=3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.refurbished-palace.com/buy.php?p_id=3

Response headers

status
200
date
Sun, 19 Jan 2020 20:03:47 GMT
content-type
text/html;charset=ISO-8859-1
p3p
CP="This site does not have a p3p policy."
content-language
en-US
vary
Accept-Encoding
set-cookie
BIGipServerPortal-Prod-Web-DeviceFingerprintWeb.app~Portal-Prod-Web-DeviceFingerprintWeb_pool=!Q6c/uImsoZsdbKGLh9TJYiGoJpZ/XKVcP9i1pQzW9gA8q9WNbc8esaDpzUOEUjnvomPKZ3TeeFwK; path=/; Httponly; Secure
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
557b69f95e00d6b9-FRA
content-encoding
gzip
3.5043628fc57bc9f1e688.songbird.js
includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/
23 KB
9 KB
Script
General
Full URL
https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/3.5043628fc57bc9f1e688.songbird.js
Requested by
Host: includes.ccdc02.com
URL: https://includes.ccdc02.com/cruisecontrol/v1/songbird.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::c6d9:fbef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2b0d5eefcc5ba6d4078b877f54d4712a388efc83cafaf1ab68aaab2e92a3238

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.refurbished-palace.com/buy.php?p_id=3
Origin
https://www.refurbished-palace.com

Response headers

date
Sun, 19 Jan 2020 20:03:46 GMT
content-encoding
gzip
cf-cache-status
HIT
age
6027
status
200
content-length
9444
last-modified
Wed, 23 Oct 2019 00:24:50 GMT
server
cloudflare
etag
"07536483889d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=15552000
accept-ranges
bytes
cf-ray
557b69f94f4d974e-FRA
expires
Fri, 17 Jul 2020 20:03:46 GMT
log
writer.cardinalcommerce.com/prod/
0
370 B
XHR
General
Full URL
https://writer.cardinalcommerce.com/prod/log
Requested by
Host: includes.ccdc02.com
URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://www.refurbished-palace.com
Referer
https://www.refurbished-palace.com/buy.php?p_id=3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Access-Control-Request-Headers
content-type,x-cardinal-tid

Response headers

date
Sun, 19 Jan 2020 20:03:47 GMT
via
1.1 06537b68374202c0bf3dc19dcba08ecb.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-amz-cf-pop
LHR61-C1
x-amzn-requestid
b32baabf-941c-4503-bd4b-33090ff5a25c
x-cache
Miss from cloudfront
status
200
x-amz-apigw-id
GkFloHeQIAMFd2w=
content-length
0
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
557b69ff5e67978a-FRA
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Cardinal-Tid
x-amz-cf-id
pZL_3ik76NvSGkTU56kmz-VWKk3k_wrTgngOGMpakdOaXEOrciCqPw==
log
writer.cardinalcommerce.com/prod/
15 B
241 B
XHR
General
Full URL
https://writer.cardinalcommerce.com/prod/log
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://www.refurbished-palace.com/buy.php?p_id=3
Origin
https://www.refurbished-palace.com
X-Cardinal-Tid
Tid-1b979800-9656-4906-b0c0-d2937b96d164
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sun, 19 Jan 2020 20:03:48 GMT
via
1.1 06537b68374202c0bf3dc19dcba08ecb.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
x-amz-cf-pop
LHR61-C1
x-amzn-requestid
0dfd17e7-8936-4c46-bea3-87a83f1f69d0
x-cache
Miss from cloudfront
status
200
x-amz-apigw-id
GkFlpGEFoAMFv8g=
content-length
15
server
cloudflare
x-amzn-trace-id
Root=1-5e24b624-177d9050401f200467e24b3c;Sampled=0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
557b6a00c846978a-FRA
x-amz-cf-id
EWkvh5BpY7Bk-jhA_d_Z-m6_wVg6KmS-GbnsQjsz6IWv1MGNEti-9w==

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| _toConsumableArray function| _slice object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI object| parsley function| songbirdLoader object| Cardinal function| gtag object| dataLayer string| url function| getAnid function| getExp string| token undefined| anid undefined| exp undefined| d undefined| expires function| deselect boolean| popupToggled boolean| cvvToggled number| time function| enableDisableBilling function| checkcctype function| timeHere function| validateSurvey function| doCardinal function| displayErrorMessage boolean| cardinalDone boolean| attachedCardinal function| validateForm object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| setImmediate function| clearImmediate function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO number| finalTime

7 Cookies

Domain/Path Name / Value
.refurbished-palace.com/ Name: _gid
Value: GA1.2.1457116981.1579464226
.refurbished-palace.com/ Name: _ga
Value: GA1.2.1569136991.1579464226
www.refurbished-palace.com/ Name: campaign
Value: refurbished-palace.com
www.refurbished-palace.com/ Name: tracking_id
Value: 31909590
.refurbished-palace.com/ Name: _gat_gtag_UA_10611734_66
Value: 1
www.refurbished-palace.com/ Name: orderid
Value: 3930404
www.refurbished-palace.com/ Name: merchant
Value: qualpay

59 Console Messages

Source Level URL
Text
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.Events: Publishing [active] event [setup] as a historic event with [1] subscriber(s)
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.EndpointMonitor: Monitored /songbird.js
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.EndpointMonitor: Monitored https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.FarnsworthLabs: Setting session Tid to: 1b979800-9656-4906-b0c0-d2937b96d164
console-api info URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.Main: Using Songbird.js v1.30.0
console-api info URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.Events.SetupHandler: Setting up Cardinal.js.
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.QueueUtility: [passive] queue was empty
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.QueueUtility: [active] queue was empty
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.JWTUtility: JWT decoded successfully
console-api info URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.Events.SetupHandler: JWT Detected on Setup. Processing will continue using JWT with signature [0xNyP4ucoeZCwevZnTs1rhD7TrTFemtMFupKgqV2f4w]
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.FormParser: No tagged elements found
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.MessageRouter: Searching for correct Message route...
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.StorageUtility: local storage is unavailable
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.StorageUtility: Cookies are enabled
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.cors: Disabling retry logic due to invalid extended timeout value: undefined
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.HTMLUtility: Event listener attached to event [message] to [window]
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.cors: Disabling retry logic due to invalid extended timeout value: undefined
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.cors: Disabling retry logic due to invalid extended timeout value: undefined
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.cors: Disabling retry logic due to invalid extended timeout value: undefined
console-api info URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.Message.Init: Processing Init message...
console-api info URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.SupportedPaymentsUtility: Missing required field for Hosted Fields: AccountNumber
console-api info URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.cors: Sending async post request to https://centinelapi.cardinalcommerce.com/V1/Order/JWT/Init with a timeout value of 6000ms
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.EndpointMonitor: Monitored https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/12.5043628fc57bc9f1e688.songbird.js
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.cors: Content-Type: text/plain;charset=UTF-8
console-api info URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.cors: CORS message completed successfully
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.cors: {"message":"CORS Connection Results","wasRequestSuccessful":true,"statusCode":200,"domain":"https://centinelapi.cardinalcommerce.com/V1/Order/JWT","path":"/Init","method":"post","elapsedTime":388.66499811410904,"isAsync":true,"timeout":6000,"response":{"CardinalJWT":"eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJWb3J0ZXgyN181MDgxNyIsImlhdCI6MTU3OTQ2NDIyNiwiZXhwIjoxNTc5NDcxNDI2LCJqdGkiOiI5ODBiODVkMy0yYmFmLTQ1MzYtOGQ0Ni0wYmNlYWYzOGQwNTUiLCJDb25zdW1lclNlc3Npb25JZCI6IjBfZjRjMjYyMGUtNzhmMS00ZjdmLWJlYWEtOTY4NzIzZWFlMTE1IiwiUmVmZXJlbmNlSWQiOiIwX2Y0YzI2MjBlLTc4ZjEtNGY3Zi1iZWFhLTk2ODcyM2VhZTExNSIsImF1ZCI6IjVlMjRiNjIyYmU0OWYiLCJQYXlsb2FkIjp7IkRldmljZUZpbmdlcnByaW50aW5nVVJMIjoiaHR0cHM6Ly9nZW8uY2FyZGluYWxjb21tZXJjZS5jb20vRGV2aWNlRmluZ2VycHJpbnRXZWIvVjIvQnJvd3Nlci9SZW5kZXI_cmVmZXJlbmNlSWRcdTAwM2QwX2Y0YzI2MjBlLTc4ZjEtNGY3Zi1iZWFhLTk2ODcyM2VhZTExNVx1MDAyNm9yZ1VuaXRJZFx1MDAzZDU5ZDdjNGVhMzNmYWRkMmQ3YzlmMWVhZlx1MDAyNnRocmVhdG1ldHJpeFx1MDAzZHRydWVcdTAwMjZ0bUV2ZW50VHlwZVx1MDAzZFBBWU1FTlRcdTAwMjZnZW9sb2NhdGlvblx1MDAzZGZhbHNlXHUwMDI2YWxpYXNcdTAwM2REZWZhdWx0IiwiVVJMcyI6eyJEZXZpY2VGaW5nZXJwcmludCI6eyJCYXNlIjoiaHR0cHM6Ly9nZW8uY2FyZGluYWxjb21tZXJjZS5jb20vRGV2aWNlRmluZ2VycHJpbnRXZWIvVjIiLCJRdWVyeVBhcmFtZXRlcnMiOnsidGhyZWF0bWV0cml4IjoidHJ1ZSIsImFsaWFzIjoiRGVmYXVsdCIsIm9yZ1VuaXRJZCI6IjU5ZDdjNGVhMzNmYWRkMmQ3YzlmMWVhZiIsInRtRXZlbnRUeXBlIjoiUEFZTUVOVCIsInJlZmVyZW5jZUlkIjoiMF9mNGMyNjIwZS03OGYxLTRmN2YtYmVhYS05Njg3MjNlYWUxMTUiLCJnZW9sb2NhdGlvbiI6ImZhbHNlIn19LCJIb3N0ZWRGaWVsZHMiOiJodHRwczovL2hvc3RlZGZpZWxkcy5jYXJkaW5hbGNvbW1lcmNlLmNvbS9Ib3N0ZWRGaWVsZHNXZWIvVjEifSwiRW5hYmxlZEFwcGxlUGF5IjpmYWxzZSwiRW5hYmxlZENDQSI6dHJ1ZSwiRW5hYmxlZERpc2NvdmVyIjpmYWxzZSwiRW5hYmxlZEhvc3RlZEZpZWxkcyI6ZmFsc2UsIkVuYWJsZWRQYXlwYWwiOmZhbHNlLCJFbmFibGVkVmlzYUNoZWNrb3V0IjpmYWxzZSwiRmVhdHVyZUZsYWdzIjp7IkVuYWJsZWRTdXBwcmVzc2VkUGF5bWVudHNWYWxpZGF0ZWRSZXNwb25zZSI6ZmFsc2UsIkJpblByZWxvYWRFbmFibGVkIjpmYWxzZX0sIkVycm9yTnVtYmVyIjowLCJFcnJvckRlc2NyaXB0aW9uIjoiU3VjY2VzcyJ9fQ.8x0tv2OW3eGO_7Xt8rx86me-cKXZ5aAeCAchfs1oRRI"},"maxRetries":0,"currentRetryIteration":0}
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.EndpointMonitor: Monitored https://centinelapi.cardinalcommerce.com/V1/Order/JWT/Init
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.JWTUtility: JWT decoded successfully
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.JWTUtility: Cardinal response returned as successful
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.Message.Init: Starting new session with midas
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.Message.Init: Detected DF as enabled, starting collection
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.Message.Init: Waiting for [1] payment modules to load
console-api info URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.Payment.ConsumerAuthentication: Initializing plugin
console-api info URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.UiManager: Loading UI Framework [cardinal]
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.EndpointMonitor: Monitored https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/11.5043628fc57bc9f1e688.songbird.js
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.EndpointMonitor: Monitored https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/3.5043628fc57bc9f1e688.songbird.js
console-api info URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.Payment.ConsumerAuthentication: CCA Initialized
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.Events: Publishing [internal] event [CCA.buttonLoaded] as an average event with [1] subscriber(s)
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.Message.Init: Payment [CCA] loaded in [47]ms
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.Message.Init: All payment brands initalized in [46]ms
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.EndpointMonitor: Monitored https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=59d7c4ea33fadd2d7c9f1eaf&tmEventType=PAYMENT&referenceId=0_f4c2620e-78f1-4f7f-beaa-968723eae115&geolocation=false&origin=Songbird
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.Events: Publishing [internal] event [df.messageReceived] as an average event with [1] subscriber(s)
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.DF: Received browser profileComplete message from DF
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.DF: DF profiling times: [{"DataSource":"CardinalData","Status":true,"ElapsedTime":266},{"DataSource":"ThreatMetrix","Status":true,"ElapsedTime":-1}]for nonce [undefined]
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.DF: DF Profiling is marked as successful
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.Events: Publishing [internal] event [df.browserProfilingCompleted] as an average event with [1] subscriber(s)
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.Events: time boxed event completed in [964]ms
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.DF: Browser device profiling completed in [966]ms
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.Message.Init: DF and all payment brands completed in [966]ms
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.EndpointMonitor: Flushing resource timings
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.cors: Disabling retry logic due to invalid extended timeout value: undefined
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.S3Writer: Pushing data set
console-api info URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.cors: Sending async post request to https://writer.cardinalcommerce.com/prod/log with a timeout value of 6000ms
console-api info URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.Message.Init: All expected payments have finished loading.
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.Events: Publishing [passive] event [payments.setupComplete] as an average event with [1] subscriber(s)
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.cors: Content-Type: application/json
console-api info URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.cors: CORS message completed successfully
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.cors: {"message":"CORS Connection Results","wasRequestSuccessful":true,"statusCode":200,"domain":"https://writer.cardinalcommerce.com/prod","path":"/log","method":"post","elapsedTime":513.1550021469593,"isAsync":true,"timeout":6000,"response":{"status":"ok"},"maxRetries":0,"currentRetryIteration":0}
console-api debug URL: https://includes.ccdc02.com/cardinalcruise/v1/5043628fc57bc9f1e688/1.5043628fc57bc9f1e688.songbird.js(Line 17)
Message:
Base.S3Writer: s3 client post successful

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

centinelapi.cardinalcommerce.com
fonts.googleapis.com
fonts.gstatic.com
geo.cardinalcommerce.com
googleads.g.doubleclick.net
includes.ccdc02.com
writer.cardinalcommerce.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.refurbished-palace.com
2001:4860:4802:32::75
216.58.206.2
2606:4700::c6d9:fbef
2606:4700::c6d9:fbfb
2a00:1450:4001:806::200a
2a00:1450:4001:814::2003
2a00:1450:4001:81a::200e
2a00:1450:4001:81b::2004
2a00:1450:4001:820::2008
2a00:1450:4001:821::2002
90.156.146.109
0bc084435526878944b45ea06c69cdec6fdce3ea2802c017f6ce020a768d3730
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
1dda73123e4d1dcf435742388877e9076263284c77a54331b321ac0e5205c3c5
220b83e1d5ad19042a3cdff36f6275061f591a88928a92fa5848054b58923b68
2a294176d950da42355786d428c75b5acd725e83b096c498d2eb2ebc3f791522
4589f1d2ab85a42e19939efd9c32366c8cbfa840b425ba1b729c9fa9287c11d4
4b5dcdf6e53d57509fe1efd142add7b52658d147f7a0edc6df23ec108044cfc1
4d9368cf0939b72e091a4bf0228b8586106758339373b50ef9d143395e457971
54626988e69b66781740a361d3f793e9d895ed80800c769b0b85f4a39acd41c2
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6017a8ab183d5244d922a4ee9fc3edf70efc1909679d40ec3b7b574dfdca544f
63288c71b107f2b73ee946e57d76016b392511b7aef3208ada64c4ab015479c6
658a1b2dcec47b53b0284544a359035a9b1b5d38a9ef8503cb7ec0ae91a7e60e
68ccb3e710e9f83015617a055d3c3aa203cc60e872f128665869dd9a69ade0c5
7c7d3b665f486cd8583f00a76a26069ea5a1327ce84822210ae7f92ade3f9820
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
8c712c710d19e7205525c1fd18aabf61e0e0ac77e0cee05546393f6e3ab1932d
92b758fa6195848b306a834a4654683aff3f7b747cf5a65c824677e481cd137d
9875359fb4a3b7ea379b7c67be2936527023a3c551d905f09921833f9ea7f1bc
9d7bbf0030782e6549b103878aecb271eec3e4809ccf667097cb6953460c2c87
9e8c5dc44cfa246890ec4191c7ddde4d71ffe08a6c5408bf6de074efc18f1c7a
a0ab7cd0f585db30303e38e0bab08e398277120bd15abc6a5a6066e3d27223ea
a0b779ad590272d25a6b625b33f3d117b71ab8b77efa8266cf2ebcd90bd76764
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
bd48ab53efaf873627a30282213ab26cddeaafde9c7986443e3660a6a64e4758
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d41a13697f93c056da4be365089244e6cdc9b870c1551acb2416404dbc08a544
d4a45eefb5b510457aaa6164b95dc6ec3514fa68aac520b958efba0e1e196f05
d61ef8de59f092755d56f5a8b31d43b5b42a4ebfbbcd1e9a51a41d73bae4006b
d6be0dbc50cf682f7d981d0f33094d4bcc7ac3d3d8e2f1ce225b950affd0c9bf
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e2b0d5eefcc5ba6d4078b877f54d4712a388efc83cafaf1ab68aaab2e92a3238
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70adb67bcdec61516ea9e7174456c50effa918e43b3c8663baf1aa762f705de
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629