drsquatch.com Open in urlscan Pro
2606:4700::6810:953 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://trk.klclick1.com/ls/click?upn=JdiQwfvSrbN9c1yqUR0TabfCpvSHR-2FiBG-2FazOBp-2FPSK-2B5bwKZS8jOtLn-2FJnLd9YgL4pg3IxVj...
Effective URL:
https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVy...
Submission Tags: falconsandbox
Submission: On June 14 via api (June 14th 2022, 12:47:12 am UTC) from US — Scanned from DE

Summary HTTP 258 Redirects Behaviour Indicators

Summary

This website contacted 91 IPs in 11 countries across 73 domains to perform 258 HTTP transactions. The main IP is 2606:4700::6810:953, located in United States and belongs to CLOUDFLARENET, US. The main domain is drsquatch.com. The Cisco Umbrella rank of the primary domain is 144057.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 2nd 2022. Valid for: a year.

This is the only time drsquatch.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:214... 2600:9000:214f:de00:18:359:ab80:93a1	16509 (AMAZON-02) (AMAZON-02)
1 23	2606:4700::68... 2606:4700::6810:953	13335 (CLOUDFLAR...) (CLOUDFLARENET)
39	104.16.254.71 104.16.254.71	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	23.227.38.33 23.227.38.33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:853	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	104.16.255.71 104.16.255.71	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:26f0:6c0... 2a02:26f0:6c00:287::1d72	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2606:4700::68... 2606:4700::6812:1cb4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.86.4.5 99.86.4.5	16509 (AMAZON-02) (AMAZON-02)
1	18.66.97.54 18.66.97.54	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	65.9.66.42 65.9.66.42	16509 (AMAZON-02) (AMAZON-02)
7	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
1 5	2606:4700::68... 2606:4700::6812:5a6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
2	2a02:26f0:170... 2a02:26f0:1700:78a::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a0b:4d07:1::1 2a0b:4d07:1::1	44239 (PROINITY ...) (PROINITY PROINITY)
4	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 4	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
3	52.58.231.73 52.58.231.73	16509 (AMAZON-02) (AMAZON-02)
3	2a02:26f0:6c0... 2a02:26f0:6c00:294::1d72	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 4	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.217.199.128 52.217.199.128	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.112 65.9.66.112	16509 (AMAZON-02) (AMAZON-02)
17	95.101.22.179 95.101.22.179	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	143.204.207.250 143.204.207.250	16509 (AMAZON-02) (AMAZON-02)
1 1	2a04:4e42:400... 2a04:4e42:400::396	54113 (FASTLY) (FASTLY)
2	52.217.163.25 52.217.163.25	16509 (AMAZON-02) (AMAZON-02)
1 1	18.66.248.125 18.66.248.125	16509 (AMAZON-02) (AMAZON-02)
1 2	52.213.70.117 52.213.70.117	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:49::45 2620:1ec:49::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	99.86.4.91 99.86.4.91	16509 (AMAZON-02) (AMAZON-02)
2	104.75.88.209 104.75.88.209	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:400c:c09::9c	15169 (GOOGLE) (GOOGLE)
4	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	143.204.215.118 143.204.215.118	16509 (AMAZON-02) (AMAZON-02)
1	52.200.151.233 52.200.151.233	14618 (AMAZON-AES) (AMAZON-AES)
6	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	34.233.95.60 34.233.95.60	14618 (AMAZON-AES) (AMAZON-AES)
1	2620:1ec:27::... 2620:1ec:27::cafe:1746	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
2	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
2	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
4	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e024	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	20.120.65.166 20.120.65.166	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.139.237.36 151.139.237.36	33438 (STACKPATH) (STACKPATH)
1	143.204.215.128 143.204.215.128	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21f... 2600:9000:21f3:b800:15:decf:f580:21	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6816:2cbd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700::68... 2606:4700::6811:cb35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:214... 2600:9000:214f:a800:2:cea4:aa80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.125 65.9.66.125	16509 (AMAZON-02) (AMAZON-02)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4 4	185.33.220.242 185.33.220.242	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	185.33.223.38 185.33.223.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1 3	52.57.150.184 52.57.150.184	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1 2	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	63.35.168.36 63.35.168.36	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	184.30.20.22 184.30.20.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.29.77.213 52.29.77.213	16509 (AMAZON-02) (AMAZON-02)
1	70.42.32.31 70.42.32.31	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.57.188.199 52.57.188.199	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:2600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	185.86.137.110 185.86.137.110	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 2	52.28.55.96 52.28.55.96	16509 (AMAZON-02) (AMAZON-02)
1	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2	96.16.132.239 96.16.132.239	16625 (AKAMAI-AS) (AKAMAI-AS)
2	63.35.68.240 63.35.68.240	16509 (AMAZON-02) (AMAZON-02)
2	192.229.233.223 192.229.233.223	15133 (EDGECAST) (EDGECAST)
1 2	52.30.130.246 52.30.130.246	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:7b60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
258	91

1 2600:9000:214f:de00:18:359:ab80:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

trk.klclick1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700::6810:953 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

drsquatch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.edgeme.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 104.16.254.71 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.38.33 (Ottawa, Canada)

ASN13335 (CLOUDFLARENET, US)
PTR: checkout.shopify.com

shop.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:853 (United States)

ASN13335 (CLOUDFLARENET, US)

api.edgeme.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.255.71 (None, )

ASN13335 (CLOUDFLARENET, US)

monorail-edge.shopifysvc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:287::1d72 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn-widgetsrepository.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticw2.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:1cb4 (United States)

ASN13335 (CLOUDFLARENET, US)

config.gorgias.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
client-builds.production.gorgias.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.gorgias.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-5.fra6.r.cloudfront.net

public.profitwell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-54.fra56.r.cloudfront.net

js.go2sdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-42.fra56.r.cloudfront.net

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:5a6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

static.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:78a::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:1::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

survey.survicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

surveys-static.survicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.58.231.73 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-231-73.eu-central-1.compute.amazonaws.com

p.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:294::1d72 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn-widget-assets.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn-loyalty.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::13 (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.199.128 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-112.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 95.101.22.179 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-22-179.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::396 (United States) 1 redirects

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.217.163.25 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

redditstatic.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
seapixel.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.125 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-125.dus51.r.cloudfront.net

pixel.pointmediatracker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.70.117 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-70-117.eu-west-1.compute.amazonaws.com

cnv.event.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:49::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

lwpixel.azurefd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-91.fra6.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-118.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.200.151.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-151-233.compute-1.amazonaws.com

loyalty.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.233.95.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-95-60.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:27::cafe:1746 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

static-tracking.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

fast.a.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-forms.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:f7::5c7b:e024 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.120.65.166 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

l.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.237.36 (United States)

ASN33438 (STACKPATH, US)

rechargeassets-bootstrapheroes-rechargeapps.netdna-ssl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-128.fra53.r.cloudfront.net

container.pepperjam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:b800:15:decf:f580:21 (United States)

ASN16509 (AMAZON-02, US)

d38xvr37kwwhcm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:2cbd (United States)

ASN13335 (CLOUDFLARENET, US)

str.rise-ai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
strn.rise-ai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.verifypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6811:cb35 (United States)

ASN13335 (CLOUDFLARENET, US)

scripttags.jst.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.jst.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
my.jst.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aly.jst.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

easyredirects.esc-apps-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:214f:a800:2:cea4:aa80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.builder.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-125.fra56.r.cloudfront.net

shopify-init.blackcrow.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.242 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.223.38 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.57.150.184 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-150-184.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.247 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.35.168.36 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-168-36.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.77.213 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-77-213.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.31 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.188.199 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-188-199.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:2600:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.110 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.55.96 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-55-96.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.16.132.239 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-132-239.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.35.68.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-68-240.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.233.223 (United States)

ASN15133 (EDGECAST, US)

cdn-swell-assets.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.130.246 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-130-246.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7b60 (United States)

ASN13335 (CLOUDFLARENET, US)

www.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	shopify.com cdn.shopify.com — Cisco Umbrella Rank: 2126	6 MB
22	drsquatch.com 1 redirects drsquatch.com — Cisco Umbrella Rank: 144057	279 KB
17	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 1000	89 KB
14	klaviyo.com 1 redirects a.klaviyo.com — Cisco Umbrella Rank: 4209 static.klaviyo.com — Cisco Umbrella Rank: 3561 static-tracking.klaviyo.com — Cisco Umbrella Rank: 3920 fast.a.klaviyo.com — Cisco Umbrella Rank: 4607 static-forms.klaviyo.com — Cisco Umbrella Rank: 4536	84 KB
12	yotpo.com cdn-widgetsrepository.yotpo.com — Cisco Umbrella Rank: 12939 p.yotpo.com — Cisco Umbrella Rank: 5874 cdn-widget-assets.yotpo.com — Cisco Umbrella Rank: 15308 loyalty.yotpo.com — Cisco Umbrella Rank: 18646 cdn-loyalty.yotpo.com — Cisco Umbrella Rank: 14097 staticw2.yotpo.com — Cisco Umbrella Rank: 6279 cdn-swell-assets.yotpo.com — Cisco Umbrella Rank: 14090	565 KB
10	jst.ai scripttags.jst.ai — Cisco Umbrella Rank: 28928 cdn.jst.ai — Cisco Umbrella Rank: 14401 my.jst.ai — Cisco Umbrella Rank: 13697 aly.jst.ai — Cisco Umbrella Rank: 13349	94 KB
10	criteo.com 4 redirects sslwidget.criteo.com — Cisco Umbrella Rank: 1589 widget.us.criteo.com — Cisco Umbrella Rank: 16956 gum.criteo.com — Cisco Umbrella Rank: 381 mug.criteo.com — Cisco Umbrella Rank: 2914 dis.criteo.com — Cisco Umbrella Rank: 717	19 KB
8	gorgias.chat config.gorgias.chat — Cisco Umbrella Rank: 12957 client-builds.production.gorgias.chat — Cisco Umbrella Rank: 30939 assets.gorgias.chat — Cisco Umbrella Rank: 15261	767 KB
7	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 231 secure.adnxs.com — Cisco Umbrella Rank: 399	7 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 561 l.clarity.ms — Cisco Umbrella Rank: 5266 c.clarity.ms — Cisco Umbrella Rank: 1045	27 KB
7	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 48 stats.g.doubleclick.net — Cisco Umbrella Rank: 104 cm.g.doubleclick.net — Cisco Umbrella Rank: 206	7 KB
7	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 5305	100 KB
6	google.de www.google.de — Cisco Umbrella Rank: 5859	954 B
6	google.com www.google.com — Cisco Umbrella Rank: 4	954 B
6	shopifysvc.com monorail-edge.shopifysvc.com — Cisco Umbrella Rank: 2783	3 KB
5	typekit.net use.typekit.net — Cisco Umbrella Rank: 550 p.typekit.net — Cisco Umbrella Rank: 662	77 KB
4	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 962	1 KB
4	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 744 ads.yahoo.com — Cisco Umbrella Rank: 1078 ups.analytics.yahoo.com — Cisco Umbrella Rank: 290	1 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 341 c.bing.com — Cisco Umbrella Rank: 202	13 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 47	57 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 55	3 KB
3	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 286	1 KB
3	builder.io cdn.builder.io — Cisco Umbrella Rank: 25976	14 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 622 script.hotjar.com — Cisco Umbrella Rank: 794 vars.hotjar.com — Cisco Umbrella Rank: 881	67 KB
3	amazonaws.com s3.amazonaws.com redditstatic.s3.amazonaws.com — Cisco Umbrella Rank: 253049 seapixel.s3.amazonaws.com — Cisco Umbrella Rank: 333563	12 KB
3	survicate.com survey.survicate.com — Cisco Umbrella Rank: 7277 surveys-static.survicate.com — Cisco Umbrella Rank: 9809	99 KB
3	heapanalytics.com cdn.heapanalytics.com — Cisco Umbrella Rank: 3096 heapanalytics.com — Cisco Umbrella Rank: 2630	45 KB
3	edgeme.sh static.edgeme.sh — Cisco Umbrella Rank: 54706 api.edgeme.sh — Cisco Umbrella Rank: 59126	17 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 194	2 KB
2	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 1897	439 B
2	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 3325	1 KB
2	advertising.com 1 redirects pixel.advertising.com — Cisco Umbrella Rank: 474	604 B
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 642	852 B
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1518	2 KB
2	rise-ai.com str.rise-ai.com — Cisco Umbrella Rank: 20633 strn.rise-ai.com — Cisco Umbrella Rank: 20614	91 KB
2	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1492	230 B
2	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 793	1 KB
2	bidr.io 1 redirects cnv.event.prod.bidr.io — Cisco Umbrella Rank: 8742	1 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 368	7 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 771	19 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 80	140 KB
1	gstatic.com fonts.gstatic.com	16 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 702	7 KB
1	cloudflare.com www.cloudflare.com — Cisco Umbrella Rank: 6582	437 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 387	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1690	172 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1209	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 615	163 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 736	241 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 600	262 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 321	239 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 607	580 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 730	476 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1355	40 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 519	784 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 317	98 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 1481	235 B
1	blackcrow.ai shopify-init.blackcrow.ai — Cisco Umbrella Rank: 40321	400 B
1	esc-apps-cdn.com easyredirects.esc-apps-cdn.com — Cisco Umbrella Rank: 18801	1 KB
1	verifypass.com cdn.verifypass.com — Cisco Umbrella Rank: 37593	2 KB
1	cloudfront.net d38xvr37kwwhcm.cloudfront.net	16 KB
1	pepperjam.com container.pepperjam.com — Cisco Umbrella Rank: 9873	9 KB
1	netdna-ssl.com rechargeassets-bootstrapheroes-rechargeapps.netdna-ssl.com — Cisco Umbrella Rank: 22250	1 KB
1	azurefd.net lwpixel.azurefd.net — Cisco Umbrella Rank: 162789	270 B
1	pointmediatracker.com 1 redirects pixel.pointmediatracker.com — Cisco Umbrella Rank: 2749	658 B
1	redditstatic.com 1 redirects www.redditstatic.com — Cisco Umbrella Rank: 1383	168 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1125	8 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 127	15 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 613	14 KB
1	go2sdk.com js.go2sdk.com — Cisco Umbrella Rank: 22248	18 KB
1	profitwell.com public.profitwell.com — Cisco Umbrella Rank: 7786	9 KB
1	shop.app shop.app — Cisco Umbrella Rank: 5237	2 KB
1	klclick1.com 1 redirects trk.klclick1.com — Cisco Umbrella Rank: 17645	504 B
258	73

	Domain	Requested by
39	cdn.shopify.com	drsquatch.com cdn.shopify.com
22	drsquatch.com	1 redirects drsquatch.com cdn.shopify.com
17	analytics.tiktok.com	drsquatch.com analytics.tiktok.com
7	dev.visualwebsiteoptimizer.com	drsquatch.com dev.visualwebsiteoptimizer.com cdn.shopify.com
6	www.google.de	drsquatch.com
6	www.google.com	drsquatch.com
6	monorail-edge.shopifysvc.com	cdn.shopify.com
5	cdn.jst.ai	scripttags.jst.ai cdn.jst.ai
5	assets.gorgias.chat	config.gorgias.chat drsquatch.com
5	static.klaviyo.com	drsquatch.com static.klaviyo.com
5	a.klaviyo.com	1 redirects cdn.shopify.com
4	ib.adnxs.com	4 redirects
4	l.clarity.ms	www.clarity.ms cdn.shopify.com
4	use.typekit.net	client use.typekit.net
4	tr.snapchat.com	cdn.shopify.com drsquatch.com
4	googleads.g.doubleclick.net	www.googleadservices.com
4	www.google-analytics.com	www.googletagmanager.com drsquatch.com cdn.shopify.com
4	gum.criteo.com	3 redirects static.criteo.net
4	fonts.googleapis.com	drsquatch.com staticw2.yotpo.com cdn-swell-assets.yotpo.com
3	x.bidswitch.net	1 redirects
3	secure.adnxs.com	2 redirects
3	dis.criteo.com
3	cdn.builder.io	drsquatch.com cdn.shopify.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com drsquatch.com
3	p.yotpo.com	cdn-widgetsrepository.yotpo.com drsquatch.com
2	aly.jst.ai	cdn.jst.ai cdn.shopify.com
2	my.jst.ai	cdn.jst.ai
2	dpm.demdex.net	1 redirects
2	cdn-swell-assets.yotpo.com	cdn-loyalty.yotpo.com cdn-swell-assets.yotpo.com
2	sync-criteo.ads.yieldmo.com
2	ad.yieldlab.net
2	ads.yahoo.com
2	pixel.advertising.com	1 redirects
2	ad.360yield.com	1 redirects
2	r.casalemedia.com	1 redirects
2	c.clarity.ms	1 redirects
2	staticw2.yotpo.com	drsquatch.com staticw2.yotpo.com
2	alb.reddit.com	drsquatch.com
2	static-tracking.klaviyo.com	drsquatch.com
2	heapanalytics.com	drsquatch.com
2	stats.g.doubleclick.net	cdn.shopify.com
2	ct.pinterest.com	cdn.shopify.com drsquatch.com
2	cnv.event.prod.bidr.io	1 redirects drsquatch.com
2	cdn-widget-assets.yotpo.com	cdn-widgetsrepository.yotpo.com cdn-widget-assets.yotpo.com
2	surveys-static.survicate.com	survey.survicate.com
2	s.yimg.com	drsquatch.com cdn.shopify.com
2	s.pinimg.com	drsquatch.com s.pinimg.com
2	www.googletagmanager.com	drsquatch.com
2	config.gorgias.chat	cdn.shopify.com client-builds.production.gorgias.chat
2	api.edgeme.sh	cdn.shopify.com
1	fonts.gstatic.com	fonts.googleapis.com
1	maxcdn.bootstrapcdn.com	cdn-swell-assets.yotpo.com
1	www.cloudflare.com	cdn.shopify.com
1	ups.analytics.yahoo.com
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	s.ad.smaato.net
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	contextual.media.net
1	idsync.rlcdn.com
1	visitor.omnitagjs.com
1	cm.g.doubleclick.net	1 redirects
1	c.bing.com	1 redirects
1	shopify-init.blackcrow.ai	drsquatch.com
1	easyredirects.esc-apps-cdn.com	drsquatch.com
1	scripttags.jst.ai	drsquatch.com
1	seapixel.s3.amazonaws.com	drsquatch.com
1	cdn.verifypass.com	drsquatch.com
1	cdn-loyalty.yotpo.com	drsquatch.com
1	strn.rise-ai.com	drsquatch.com
1	str.rise-ai.com	drsquatch.com
1	d38xvr37kwwhcm.cloudfront.net	drsquatch.com
1	container.pepperjam.com	drsquatch.com
1	rechargeassets-bootstrapheroes-rechargeapps.netdna-ssl.com	drsquatch.com
1	p.typekit.net	use.typekit.net
1	static-forms.klaviyo.com	cdn.shopify.com
1	fast.a.klaviyo.com	cdn.shopify.com
1	www.clarity.ms	bat.bing.com
1	loyalty.yotpo.com	cdn.shopify.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	mug.criteo.com	drsquatch.com
1	sp.analytics.yahoo.com	drsquatch.com
1	lwpixel.azurefd.net	drsquatch.com
1	pixel.pointmediatracker.com	1 redirects
1	redditstatic.s3.amazonaws.com	drsquatch.com
1	www.redditstatic.com	1 redirects
1	sc-static.net	drsquatch.com
1	static.hotjar.com	drsquatch.com
1	s3.amazonaws.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	client-builds.production.gorgias.chat	drsquatch.com
1	widget.us.criteo.com	drsquatch.com
1	sslwidget.criteo.com	1 redirects
1	static.criteo.net	drsquatch.com
1	survey.survicate.com	drsquatch.com
1	cdn.heapanalytics.com	drsquatch.com
1	js.go2sdk.com	drsquatch.com
1	public.profitwell.com	drsquatch.com
1	cdn-widgetsrepository.yotpo.com	drsquatch.com
1	shop.app	cdn.shopify.com
1	static.edgeme.sh	drsquatch.com
1	trk.klclick1.com	1 redirects
258	109

This site contains no links.

Subject Issuer	Validity	Valid
drsquatch.com Cloudflare Inc ECC CA-3	`2022-03-02` - `2023-03-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-28` - `2023-05-28`	a year	crt.sh
cdn.shopify.com R3	`2022-05-21` - `2022-08-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
shop.app R3	`2022-05-21` - `2022-08-19`	3 months	crt.sh
monorail-edge.shopifysvc.com R3	`2022-05-29` - `2022-08-27`	3 months	crt.sh
*.yotpo.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-04` - `2023-04-04`	a year	crt.sh
gorgias.chat Cloudflare Inc ECC CA-3	`2022-04-15` - `2022-07-14`	3 months	crt.sh
*.profitwell.com Amazon	`2021-08-02` - `2022-08-31`	a year	crt.sh
js.go2sdk.com Amazon	`2021-10-07` - `2022-11-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
cdn.heapanalytics.com Amazon	`2021-08-28` - `2022-09-26`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2020-06-19` - `2022-07-06`	2 years	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
*.survicate.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-01` - `2022-10-02`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-13` - `2022-08-03`	2 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
yotpo.com Amazon	`2022-04-04` - `2023-05-03`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
*.azurefd.net Microsoft Azure TLS Issuing CA 01	`2022-05-17` - `2023-05-12`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.yotpo.xyz Amazon	`2021-09-04` - `2022-10-03`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
heapanalytics.com Amazon	`2021-12-09` - `2023-01-06`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
static-tracking.klaviyo.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
static.klaviyo.com R3	`2022-05-23` - `2022-08-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2022-08-16`	6 months	crt.sh
fast.a.klaviyo.com R3	`2022-05-23` - `2022-08-21`	3 months	crt.sh
static-forms.klaviyo.com R3	`2022-05-01` - `2022-07-30`	3 months	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
*.netdna-ssl.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-21` - `2023-03-18`	a year	crt.sh
*.pepperjam.com Go Daddy Secure Certificate Authority - G2	`2022-01-29` - `2023-03-02`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh
scripttags.jst.ai Cloudflare Inc ECC CA-3	`2022-05-06` - `2023-05-06`	a year	crt.sh
*.esc-apps-cdn.com E1	`2022-05-06` - `2022-08-04`	3 months	crt.sh
*.builder.io Amazon	`2021-11-30` - `2022-12-28`	a year	crt.sh
*.blackcrow.ai Amazon	`2021-12-21` - `2023-01-18`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-24` - `2022-06-23`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
exchange.mediavine.com Amazon	`2021-08-05` - `2022-09-03`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
teads.tv R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-07` - `2022-11-30`	6 months	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2022-01-14` - `2023-01-13`	a year	crt.sh
*.ads.yieldmo.com Amazon	`2022-06-02` - `2023-07-01`	a year	crt.sh
cdn.jst.ai Cloudflare Inc ECC CA-3	`2022-05-05` - `2023-05-05`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
my.jst.ai Cloudflare Inc ECC CA-3	`2022-04-30` - `2023-04-30`	a year	crt.sh
www.cloudflare.com Cloudflare Inc ECC CA-3	`2021-09-18` - `2022-09-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
aly.jst.ai Cloudflare Inc ECC CA-3	`2022-03-14` - `2023-03-14`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
Frame ID: AD3A224437E29647FCD73F102FE791C0
Requests: 217 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=drsquatch.com&origin=onetag
Frame ID: 5C770D5FA4045DF868C36AA99F5ADEA2
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Frame ID: F11987727E0BCC2522331DE99701564F
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=6d55c4e0-88b9-494c-9e35-9505d220a547
Frame ID: 8BFDDF4FC36F93F27033A91157152A6C
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 5A390D8013E9728277FDFD8CED6CE555
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6984659939019381507
Frame ID: 9193BFB7961F2B1715E8B792EDD87F89
Requests: 30 HTTP requests in this frame

Frame: https://cdn.jst.ai/store_4.1.html?v=5.28
Frame ID: 88B33F8F87FC25E32C290080A02BEDB7
Requests: 1 HTTP requests in this frame

Frame: https://cdn-swell-assets.yotpo.com/bootstrap.min.css
Frame ID: BC31AB709760464AB028CDF4D63BB109
Requests: 3 HTTP requests in this frame

Frame: https://cdn.jst.ai/store_4.1.html?v=5.28
Frame ID: 0399CE4BE81F14E92E73966FB1A8F748
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Subscription Flow - Dr. Squatch

Page URL History Show full URLs

https://trk.klclick1.com/ls/click?upn=JdiQwfvSrbN9c1yqUR0TabfCpvSHR-2FiBG-2FazOBp-2FPSK-2B5bwKZS8jOtL... HTTP 302
https://drsquatch.com/pages/soap-subscription?variation=B&utm_source=klaviyo-automated-flow&utm_me... HTTP 301
https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFp... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Apple Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

<script id="apple-pay

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Klaviyo (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

klaviyo\.com

Profitwell (Analytics) Expand

Overall confidence: 100%
Detected patterns

public\.profitwell\.com/js/profitwell\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

258
Requests

94 %
HTTPS

38 %
IPv6

73
Domains

109
Subdomains

91
IPs

11
Countries

9352 kB
Transfer

16742 kB
Size

107
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://trk.klclick1.com/ls/click?upn=JdiQwfvSrbN9c1yqUR0TabfCpvSHR-2FiBG-2FazOBp-2FPSK-2B5bwKZS8jOtLn-2FJnLd9YgL4pg3IxVjVNuEf7St40hKxVP9OsIWpy7HT44LbvHQ-2FgMhzUgLs-2BpMslYufLAkAoXE3oMfRpcd7c417DY7SwOTURr-2BeK09-2FexHcRTisjzToQIDnT846YeLB2mJwZFhpTR65zWZ0feSMlBHEPwb6h4dhE8e2m9NI6RfxWyCmYK9l8fjvR1siA-2BL5DIMXMWdYPDy0WOanjigtalAVBB8aSxBFlKCK-2FAMOo3XM0tU38tNBQ-2Fk5YzNyLNaltJrtn3NX-2F1bxC4sS8clC1OdJQIABTPYx0JuP4TjaCVhYCnCP5XoSCzHREkvmAMWc4840e7ia5luV9LbxkVCWpQK17iwQQGz-2F6q5bLQ6UasS-2BYgCSt6BaBylnmJNHMPS6mjvfGeGlRa2Gdh_5tkYxBmRmcFS5AQVtAgAPjV59SjDvGCbj-2FF0ibbXOlKMdMq4UtB-2FcOVxpi1DhgAMcVbHuQXeodN-2BoL4u5XF-2Be0SWnSnLkEv4KJdQsCCDs1bzupvc3JPyhuKSqYDlCytZoNZZIXGoszFvYbhnR-2FXW83VN1BbNb1pkNuEU1tDcff-2Fl54tjIx0u-2FlDyPj2AU7LKXXFERX-2BJSipp-2FzuQR-2BMYC0LPWcF-2BMfvOhWz24BCO9qRmYzOBrBltb8tCmosmvQDFTWpXmSbiFK97fCaHl6KwIQKvC0ZIPhm3abiHVMEpTXdAsBxfV1IXDEzwFCYrQANKN-2FfHKjuxA4yb9SLWJyAa0k-2BmRCo2RNJQ6cNw8lCBlTJgKXdZtfyRHD0wZSxnddnkEQX1swZRZGXIgQN2nbsEjg-3D-3D HTTP 302
https://drsquatch.com/pages/soap-subscription?variation=B&utm_source=klaviyo-automated-flow&utm_medium=email&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D HTTP 301
https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 74

https://a.klaviyo.com/media/js/analytics/analytics.js HTTP 301
https://static.klaviyo.com/onsite/js/klaviyo.js

Request Chain 81

https://sslwidget.criteo.com/event?a=22076&v=5.11.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&tld=drsquatch.com&fu=https%3A%2F%2Fdrsquatch.com%2Fpages%2Fsubscription-flow%3F_ke%3DeyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%253D%26utm_campaign%3DFlow%253A1A-PrePurchaseFlow-EmailModal%257CNum%253A2%257CDay%253A2%257CEM%253ARaisingTheBarSamplerBundle%257CPromo%253ANA%257C%26utm_medium%3Demail%26utm_source%3Dklaviyo-automated-flow%26variation%3DB%23barsoap&dtycbr=41647 HTTP 302
https://widget.us.criteo.com/event?a=22076&v=5.11.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&tld=drsquatch.com&fu=https%3A%2F%2Fdrsquatch.com%2Fpages%2Fsubscription-flow%3F_ke%3DeyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%253D%26utm_campaign%3DFlow%253A1A-PrePurchaseFlow-EmailModal%257CNum%253A2%257CDay%253A2%257CEM%253ARaisingTheBarSamplerBundle%257CPromo%253ANA%257C%26utm_medium%3Demail%26utm_source%3Dklaviyo-automated-flow%26variation%3DB%23barsoap&dtycbr=41647

Request Chain 98

https://www.redditstatic.com/ads/pixel.js HTTP 302
https://redditstatic.s3.amazonaws.com/ads/pixel.js

Request Chain 99

https://pixel.pointmediatracker.com/kpi?c=drsquatch&tag_id=62&kpi=visit&fpc=3fa3c60e-68b4-4737-bc34-189c3ef5fc88&user_id=&order_value=undefined&new_user=undefined&gtmcb=1169609609 HTTP 302
https://cnv.event.prod.bidr.io/log/cnv?tag_id=62&buzz_key=blisspoint&value=drsquatch&segment_key=&order=86d4860e-9039-48bf-9aac-412c231f2fcb.&ord=6649356296234649772 HTTP 303
https://cnv.event.prod.bidr.io/log/cnv?tag_id=62&buzz_key=blisspoint&value=drsquatch&segment_key=&order=86d4860e-9039-48bf-9aac-412c231f2fcb.&ord=6649356296234649772&_bee_ppp=1

Request Chain 106

https://gum.criteo.com/sid/json?origin=onetag&domain=drsquatch.com&sn=ChromeSyncframe&so=0&topUrl=drsquatch.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=HfAI4XxxbUk1c0k1VXpZRW1zaTZ2YmlMTXdzNFlaaytUQi9iOU5nRlg5a2wwbUhXb3dJNktLSGk2TmlGV254NlluVUkzYk54NlVneU9yaFN5SzBZOHFvaFdpMlF3aXZ1TjIxLzc3WStjakxGUUZsVFJXajR3ci91SCtmSEJ2VCtEUkhIak1FeW9wWit2WjlvWmxFeUNCeFBCQzdWUVgvMUJzenZENEd5MTFrZ3c1akhGbTl0eWljL0RheVhhS0l5OG1VbnZDZU90N3U1ZDZaMFhWaDNJMGlaeDFzUks3UklYS0dlVVYrSlAvQWJSbitJdUJnTVgrRUdCTDRjaVN6YS9EY20wYWlQVDdxaTlSSU4rcWVVZlp1dUg0QT09fA&cppv=2

Request Chain 194

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=A66B3B7458B54541AE1AD6A679957710&RedC=c.clarity.ms&MXFR=1B3D1957760368AE15A508947203664D HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=A66B3B7458B54541AE1AD6A679957710&MUID=1F9850D0A93D6E1529C94113A8566F1D

Request Chain 195

https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fappnxsid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6984659939019381507

Request Chain 196

https://secure.adnxs.com/seg?add=1005440&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D1005440%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fappnxsid%253D%2524UID HTTP 302
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6270259480026791653

Request Chain 197

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-IanjXPBdMRT_v8NKYLuza7BONzpUnrismZbi-w&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-IanjXPBdMRT_v8NKYLuza7BONzpUnrismZbi-w&expires=30

Request Chain 198

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-nqOYsfBdMRT_v8NKYLuza7BONzq3RZpJymFXNg&google_cm&google_hm=ay1ucU9Zc2ZCZE1SVF92OE5LWUx1emE3Qk9OenEzUlpwSnltRlhOZw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-nqOYsfBdMRT_v8NKYLuza7BONzq3RZpJymFXNg&google_gid=CAESEGyP46hrbHoiDbdhk2axKoA&google_cver=1&google_ula=913071,0

Request Chain 200

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-UU7LOvBdMRT_v8NKYLuza7BONzrDKQsu7C5KvQ HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-UU7LOvBdMRT_v8NKYLuza7BONzrDKQsu7C5KvQ&C=1

Request Chain 201

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-1akAq_BdMRT_v8NKYLuza7BONzphIiVL-Op7pA HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-1akAq_BdMRT_v8NKYLuza7BONzphIiVL-Op7pA

Request Chain 202

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=59Gg9LWCO-2sleE3BNtFyJPFOufzEL5B

Request Chain 214

https://pixel.advertising.com/ups/55945/sync?uid=k-Yvo_-PBdMRT_v8NKYLuza7BONzrxgPPMPO0YtA&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55945/sync?uid=k-Yvo_-PBdMRT_v8NKYLuza7BONzrxgPPMPO0YtA&_origin=1&verify=true

Request Chain 225

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=8NgCb8rEzOG9qidUdfsY1LaAmAI_ncfW HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=8NgCb8rEzOG9qidUdfsY1LaAmAI_ncfW

258 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request subscription-flow Show response
drsquatch.com/pages/
Redirect Chain

https://trk.klclick1.com/ls/click?upn=JdiQwfvSrbN9c1yqUR0TabfCpvSHR-2FiBG-2FazOBp-2FPSK-2B5bwKZS8jOtLn-2FJnLd9YgL4pg3IxVjVNuEf7St40hKxVP9OsIWpy7HT44LbvHQ-2FgMhzUgLs-2BpMslYufLAkAoXE3oMfRpcd7c417DY7...
https://drsquatch.com/pages/soap-subscription?variation=B&utm_source=klaviyo-automated-flow&utm_medium=email&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheB...
https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7C...

498 KB
39 KB

862ms
862ms

Document
text/html

2606:4700::6810:953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:953 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a26582ad573946e62190ed7c97bb0a4629b345ab1c95bbadcda4bfcff9972a34

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=1, s-maxage=28800
cache-tag: ems-global,drsquatch.com,https://drsquatch.com/pages/subscription-flow,drsquatch.com:text/html
cf-cache-status: DYNAMIC
cf-ray: 71af0d74ac7a5c3e-FRA
content-encoding: br
content-language: en
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Tue, 14 Jun 2022 00:47:05 GMT
digest: sha-256=W29iamVjdCBBcnJheUJ1ZmZlcl0=
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Tue, 14 Jun 2022 00:47:05 GMT
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
server: cloudflare
server-timing: ems-cache-miss;desc="Cache Miss" ems-get-config;desc="Get Config";dur=0 ems-parse-url;desc="Parse URL";dur=0 ems-create-request;desc="Create Request";dur=0 ems-backend-fetch;desc="Backend Fetch";dur=814 ems-rewrite-response;desc="Rewrite Response";dur=1 ems-create-response;desc="Create Response";dur=0 ems-cache-set;desc="Cache Set";dur=0
server-timing-public: processing;dur=466, db;dur=89
strict-transport-security: max-age=7889238
vary: Accept, Accept-Encoding
via: 1.1 varnish
x-alternate-cache-key: cacheable:f814afa1fb6ffc1cb1f59943f3bb7c16
x-cache: miss, MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-download-options: noopen
x-edgemesh-backend: www.drsquatch.com
x-edgemesh-server: miss, proxy
x-edgemesh-server-version: 1.6.0
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-request-id: a687ac9e-7e76-44eb-8e85-189854bc71d5
x-served-by: cache-fra19157-FRA
x-shardid: 104
x-shopid: 27577843817
x-shopify-stage: production
x-sorting-hat-podid: 104
x-sorting-hat-shopid: 27577843817
x-storefront-renderer-rendered: 1
x-timer: S1655167624.454780,VS0,VE602
x-xss-protection: 1; mode=block

Redirect headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=1, s-maxage=28800
cache-tag: ems-global,drsquatch.com,https://drsquatch.com/pages/soap-subscription,drsquatch.com:text/html
cf-cache-status: DYNAMIC
cf-ray: 71af0d731ac95c3e-FRA
content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-type: text/html; charset=utf-8
date: Tue, 14 Jun 2022 00:47:04 GMT
digest: sha-256=W29iamVjdCBBcnJheUJ1ZmZlcl0=
etag: effdf29e3946dbd16b39718bb576eedf206a6fff220949648c2199851356a5c2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Tue, 14 Jun 2022 00:47:04 GMT
location: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
server: cloudflare
server-timing: ems-cache-miss;desc="Cache Miss" ems-get-config;desc="Get Config";dur=0 ems-parse-url;desc="Parse URL";dur=0 ems-create-request;desc="Create Request";dur=0 ems-backend-fetch;desc="Backend Fetch";dur=225 ems-rewrite-response;desc="Rewrite Response";dur=0 ems-create-response;desc="Create Response";dur=0 ems-cache-set;desc="Cache Set";dur=0
server-timing-public: processing;dur=89, db;dur=23
strict-transport-security: max-age=7889238
vary: Accept, Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-download-options: noopen
x-edgemesh-backend: www.drsquatch.com
x-edgemesh-server: miss, proxy
x-edgemesh-server-version: 1.6.0
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-request-id: 5b06d3da-93e7-474e-a3a2-750cd55d03c3
x-served-by: cache-fra19137-FRA
x-shardid: 104
x-shopid: 27577843817
x-shopify-stage: production
x-sorting-hat-podid: 104
x-sorting-hat-shopid: 27577843817
x-storefront-renderer-rendered: 1
x-timer: S1655167624.202140,VS0,VE209
x-xss-protection: 1; mode=block

GET
H3 200 load_feature-37a17a663bce00c3e1703d247d958d410831e9e5dac457e1e9aa9f37481e2eb5.js Show response
drsquatch.com/shopifycloud/shopify/assets/storefront/ 10 KB
4 KB 39ms
38ms Script
text/javascript 2606:4700::6810:953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://drsquatch.com/shopifycloud/shopify/assets/storefront/load_feature-37a17a663bce00c3e1703d247d958d410831e9e5dac457e1e9aa9f37481e2eb5.js?em-origin=cdn.shopify.com

Requested by

Host: drsquatch.com
URL: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:953 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37a17a663bce00c3e1703d247d958d410831e9e5dac457e1e9aa9f37481e2eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
Origin: https://drsquatch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
digest: sha-256=W29iamVjdCBBcnJheUJ1ZmZlcl0=
x-dc: gcp-us-east1,us-east1
age: 127
x-edgemesh-server-version: 1.6.0
server-timing: imagery;dur=14.344, imageryFetch;dur=14.114, ems-cache-hit;desc="Cache Hit", ems-parse-url;desc="Parse URL";dur=0, ems-get-config;desc="Get Config";dur=0, ems-cache-lookup;desc="Cache Lookup";dur=13
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: a43035cc-bfd7-4a2d-b947-a870ac8eb31e
timing-allow-origin: *
access-control-allow-origin: *
surrogate-key: segment4-23263 mime-text/javascript-23263 time-bucket-20220511-23263 89bbf77d1cad2c0bea2a7f1f72da169b70c2bf265907466160d0427d43316b03
last-modified: Wed, 11 May 2022 23:18:04 GMT
server: cloudflare
x-edgemesh-backend: proxy.edgeme.sh
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
x-edgemesh-server: hit, proxy
vary: Accept-Encoding
cache-control: public, max-age=31556952, immutable
cf-ray: 71af0d7a3ada9a3c-FRA
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-37a17a663bce00c3e1703d247d958d410831e9e5dac457e1e9aa9f37481e2eb5.js>; rel="canonical"

GET
H3 200 storefront-b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8.js Show response
drsquatch.com/shopifycloud/shopify/assets/shopify_pay/ 49 KB
19 KB 40ms
38ms Script
text/javascript 2606:4700::6810:953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://drsquatch.com/shopifycloud/shopify/assets/shopify_pay/storefront-b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8.js?v=20210208&em-origin=cdn.shopify.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:953 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
Origin: https://drsquatch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
digest: sha-256=W29iamVjdCBBcnJheUJ1ZmZlcl0=
x-dc: gcp-us-east1,us-east1
age: 127
x-edgemesh-server-version: 1.6.0
server-timing: imagery;dur=26.137, imageryFetch;dur=25.915, ems-cache-hit;desc="Cache Hit", ems-parse-url;desc="Parse URL";dur=0, ems-get-config;desc="Get Config";dur=0, ems-cache-lookup;desc="Cache Lookup";dur=10
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: c012c12e-9ad7-4f02-aaaa-734b6403f02f
timing-allow-origin: *
access-control-allow-origin: *
surrogate-key: segment4-30758 mime-text/javascript-30758 time-bucket-20220512-30758 57886d42f8e1b6f67f9f68d6374570d3f2ba17563194032a3e36c3856d91b2fd
last-modified: Thu, 12 May 2022 00:15:55 GMT
server: cloudflare
x-edgemesh-backend: proxy.edgeme.sh
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
x-edgemesh-server: hit, proxy
vary: Accept-Encoding
cache-control: public, max-age=31556952, immutable
cf-ray: 71af0d7a3adb9a3c-FRA
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shopify_pay/storefront-b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8.js>; rel="canonical"

GET
H3 200 features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js Show response
drsquatch.com/shopifycloud/shopify/assets/storefront/ 37 KB
14 KB 30ms
29ms Script
text/javascript 2606:4700::6810:953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://drsquatch.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js?em-origin=cdn.shopify.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:953 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
Origin: https://drsquatch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
digest: sha-256=W29iamVjdCBBcnJheUJ1ZmZlcl0=
x-dc: gcp-us-east1,us-central1
age: 127
x-edgemesh-server-version: 1.6.0
server-timing: imagery;dur=37.685, imageryFetch;dur=37.490, ems-cache-hit;desc="Cache Hit", ems-parse-url;desc="Parse URL";dur=0, ems-get-config;desc="Get Config";dur=0, ems-cache-lookup;desc="Cache Lookup";dur=7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: d4534967-2a31-4a40-a5aa-e4b09cbdd2e6
timing-allow-origin: *
access-control-allow-origin: *
surrogate-key: segment4-42351 mime-text/javascript-42351 time-bucket-20220512-42351 3cd7a93697726990d34cdb0483f82490a2ebf6a0cee838bd6b8381caf8ef28bf
last-modified: Thu, 12 May 2022 01:45:15 GMT
server: cloudflare
x-edgemesh-backend: proxy.edgeme.sh
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
x-edgemesh-server: hit, proxy
vary: Accept-Encoding
cache-control: public, max-age=31556952, immutable
cf-ray: 71af0d7b3c1b9a3c-FRA
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/features-87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae.js>; rel="canonical"

GET
H3 200 core.1654901605544.css
drsquatch.com/s/files/1/0275/7784/3817/t/993/assets/ 53 KB
8 KB 52ms
50ms Stylesheet
text/css 2606:4700::6810:953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://drsquatch.com/s/files/1/0275/7784/3817/t/993/assets/core.1654901605544.css?v=47203131340259472011654901717&em-origin=cdn.shopify.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:953 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efd14f20f41b7e771c8b10fd3eeab94490989e9d7fb5d22c20ce5ff6711ab457

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
digest: sha-256=W29iamVjdCBBcnJheUJ1ZmZlcl0=
x-dc: gcp-us-east1,us-central1
age: 141
x-edgemesh-server-version: 1.6.0
server-timing: imagery;dur=150.791, imageryFetch;dur=145.972, ems-cache-hit;desc="Cache Hit", ems-parse-url;desc="Parse URL";dur=0, ems-get-config;desc="Get Config";dur=0, ems-cache-lookup;desc="Cache Lookup";dur=11
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 021f37c0-2997-4c2c-9165-6c382b945e1a
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Sat, 11 Jun 2022 03:58:53 GMT
server: cloudflare
x-edgemesh-backend: proxy.edgeme.sh
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
x-edgemesh-server: hit, proxy
vary: Accept-Encoding
cache-control: public, max-age=31557600
cf-ray: 71af0d7a4add9a3c-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/t/993/assets/core.1654901605544.css>; rel="canonical"
access-control-expose-headers: *

GET
H3 200 layout-page.1654901605544.css
drsquatch.com/s/files/1/0275/7784/3817/t/993/assets/ 314 KB
46 KB 45ms
43ms Stylesheet
text/css 2606:4700::6810:953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://drsquatch.com/s/files/1/0275/7784/3817/t/993/assets/layout-page.1654901605544.css?v=50347089669130898461654901715&em-origin=cdn.shopify.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:953 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcc632327e2aa5f6110b076974476b0d110cd986f75f4178f9537031a6b5139f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
digest: sha-256=W29iamVjdCBBcnJheUJ1ZmZlcl0=
x-dc: gcp-us-east1,us-east1
age: 5880
x-edgemesh-server-version: 1.6.0
server-timing: imagery;dur=83.432, imageryFetch;dur=54.481, ems-cache-hit;desc="Cache Hit", ems-parse-url;desc="Parse URL";dur=0, ems-get-config;desc="Get Config";dur=0, ems-cache-lookup;desc="Cache Lookup";dur=9
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 83a3c330-08e3-45ce-a514-0539004908a9
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Sat, 11 Jun 2022 03:58:53 GMT
server: cloudflare
x-edgemesh-backend: proxy.edgeme.sh
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
x-edgemesh-server: hit, proxy
vary: Accept-Encoding
cache-control: public, max-age=31557600
cf-ray: 71af0d7a4adf9a3c-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/t/993/assets/layout-page.1654901605544.css>; rel="canonical"
access-control-expose-headers: *

GET
H3 200 page-subscription-flow.1654901605544.css
drsquatch.com/s/files/1/0275/7784/3817/t/993/assets/ 15 KB
3 KB 57ms
55ms Stylesheet
text/css 2606:4700::6810:953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://drsquatch.com/s/files/1/0275/7784/3817/t/993/assets/page-subscription-flow.1654901605544.css?v=120492378248851970431654901675&em-origin=cdn.shopify.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:953 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

795d6aaac9d46ac95717716959debe78139252af9b93a1f66af6339951e21fe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
digest: sha-256=W29iamVjdCBBcnJheUJ1ZmZlcl0=
x-dc: gcp-us-east1,us-central1
age: 22017
x-edgemesh-server-version: 1.6.0
server-timing: imagery;dur=52.582, imageryFetch;dur=50.229, ems-cache-hit;desc="Cache Hit", ems-parse-url;desc="Parse URL";dur=0, ems-get-config;desc="Get Config";dur=0, ems-cache-lookup;desc="Cache Lookup";dur=10
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 5b9eab40-1d1d-4c27-a7e4-946068b658af
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Sat, 11 Jun 2022 03:59:21 GMT
server: cloudflare
x-edgemesh-backend: proxy.edgeme.sh
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
x-edgemesh-server: hit, proxy
vary: Accept-Encoding
cache-control: public, max-age=31557600
cf-ray: 71af0d7a4ae19a3c-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/t/993/assets/page-subscription-flow.1654901605544.css>; rel="canonical"
access-control-expose-headers: *

GET
H3 200 _fonts.static.css
drsquatch.com/s/files/1/0275/7784/3817/t/993/assets/ 4 KB
1 KB 58ms
56ms Stylesheet
text/css 2606:4700::6810:953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://drsquatch.com/s/files/1/0275/7784/3817/t/993/assets/_fonts.static.css?v=158528574873376105451654901567&em-origin=cdn.shopify.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:953 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5fbfb315159bfa7347c4eef6c94c456dcf245a8e8695212a558718d86fab8b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
digest: sha-256=W29iamVjdCBBcnJheUJ1ZmZlcl0=
x-dc: gcp-us-east1,us-central1
age: 141
x-edgemesh-server-version: 1.6.0
server-timing: imagery;dur=76.429, imageryFetch;dur=75.488, ems-cache-hit;desc="Cache Hit", ems-parse-url;desc="Parse URL";dur=0, ems-get-config;desc="Get Config";dur=0, ems-cache-lookup;desc="Cache Lookup";dur=15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 9c9f0443-30b8-4044-bb34-a9520a1c84d6
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Sat, 11 Jun 2022 03:58:53 GMT
server: cloudflare
x-edgemesh-backend: proxy.edgeme.sh
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
x-edgemesh-server: hit, proxy
vary: Accept-Encoding
cache-control: public, max-age=31557600
cf-ray: 71af0d7a4ae29a3c-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/t/993/assets/_fonts.static.css>; rel="canonical"
access-control-expose-headers: *

GET
H3 200 _vendor-styles.static.scss.css
drsquatch.com/s/files/1/0275/7784/3817/t/993/assets/ 1 KB
1 KB 58ms
56ms Stylesheet
text/css 2606:4700::6810:953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://drsquatch.com/s/files/1/0275/7784/3817/t/993/assets/_vendor-styles.static.scss.css?v=71644524881441071441654901556&em-origin=cdn.shopify.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:953 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1d648b47bdf38124c37e632edd953587cc0845769efadf678a87bdcbff9eda4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
digest: sha-256=W29iamVjdCBBcnJheUJ1ZmZlcl0=
x-dc: gcp-us-east1,us-east1
age: 141
x-edgemesh-server-version: 1.6.0
server-timing: imagery;dur=59.080, imageryFetch;dur=50.283, imageryProcess;dur=7.663;desc="scss", ems-cache-hit;desc="Cache Hit", ems-parse-url;desc="Parse URL";dur=0, ems-get-config;desc="Get Config";dur=0, ems-cache-lookup;desc="Cache Lookup";dur=8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 8fcd1b65-cb26-4ee4-aa8d-752751983196
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Sat, 11 Jun 2022 03:58:53 GMT
server: cloudflare
x-edgemesh-backend: proxy.edgeme.sh
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
x-edgemesh-server: hit, proxy
vary: Accept-Encoding
cache-control: public, max-age=31557600
cf-ray: 71af0d7a4ae39a3c-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/t/993/assets/_vendor-styles.static.scss.css>; rel="canonical"
access-control-expose-headers: *

GET
H3 200 klaviyo.js Show response
drsquatch.com/onsite/js/ 2 KB
2 KB 1072ms
1071ms Script
application/javascript 2606:4700::6810:953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://drsquatch.com/onsite/js/klaviyo.js?company_id=pWh7nE&em-origin=static.klaviyo.com
Requested by: Host: drsquatch.com
URL: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce830a7e96a150e619aa2a7c721293fa3ae94ae45f520f7c4420a2a454e5788b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:06 GMT
via: 1.1 varnish, 1.1 varnish
x-edgemesh-server-version: 1.6.0
cf-cache-status: MISS
digest: sha-256=W29iamVjdCBBcnJheUJ1ZmZlcl0=
access-control-allow-origin: *
x-cache: HIT, HIT
cache-tag: ems-global,drsquatch.com,https://drsquatch.com/onsite/js/klaviyo.js,drsquatch.com:application/javascript
access-control-max-age: 86400
server-timing: ems-cache-miss;desc="Cache Miss", ems-get-config;desc="Get Config";dur=0, ems-parse-url;desc="Parse URL";dur=0, ems-create-request;desc="Create Request";dur=0, ems-backend-fetch;desc="Backend Fetch";dur=1043, ems-rewrite-response;desc="Rewrite Response";dur=0, ems-create-response;desc="Create Response";dur=0, ems-cache-set;desc="Cache Set";dur=0
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-lga21981-LGA, cache-itm18824-ITM
allow: GET, OPTIONS
last-modified: Tue, 14 Jun 2022 00:47:06 GMT
server: cloudflare
x-timer: S1655167626.406161,VS0,VE0
x-edgemesh-backend: www.drsquatch.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
x-edgemesh-server: miss, proxy
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
cf-ray: 71af0d7b3c299a3c-FRA
access-control-allow-headers
x-cache-hits: 1, 10563

GET
H2 200 client.js Show response
static.edgeme.sh/ 61 KB
17 KB 60ms
33ms Script
application/javascript 2606:4700::6810:953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.edgeme.sh/client.js
Requested by: Host: drsquatch.com
URL: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd36b310441d254c4446f730737d55c12471750947f162ac7140628371e72240

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 00:47:05 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2880
cf-ray: 71af0d7b68149b34-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
service-worker-allowed: /

GET
H2 200 vendors.1654901605544.js Show response
cdn.shopify.com/s/files/1/0275/7784/3817/t/993/assets/ 2 MB
365 KB 56ms
31ms Script
text/javascript 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0275/7784/3817/t/993/assets/vendors.1654901605544.js?v=140638354371029986751654901721&em-origin=cdn.shopify.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ea9fd996e0a6e0373f8d0aaf6875e5e0157b0c66eac73352279211f54adb858

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 237060
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2FHYbP1G5hOdul5PFcb0WTYvg5isayYWcHENe%2F9Gag4kaRnNKD7r7x5P8Jvy5EIyo0Gotpo6VrcGH0Wr6sGstJyqUDXb02RNfVcVFzm7WLvlCDDgp4keMTRYi7l0NliWmA%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=5435.612, imageryFetch;dur=87.543
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: fdbc739b-7e6c-4aab-b0e9-52d59a8bb741
timing-allow-origin: *
last-modified: Sat, 11 Jun 2022 03:58:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 71af0d7a6c6d9052-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/t/993/assets/vendors.1654901605544.js>; rel="canonical"

GET
H2 200 core.1654901605544.js Show response
cdn.shopify.com/s/files/1/0275/7784/3817/t/993/assets/ 76 KB
18 KB 47ms
22ms Script
text/javascript 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0275/7784/3817/t/993/assets/core.1654901605544.js?v=156569302448565726531654901720&em-origin=cdn.shopify.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

784572733151b7d4dfe69a2538d84fad0479a23466b1d863e7802a87de0321b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 237060
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vlupDrEk8kk%2FVbf6OrGZ0cBFKsbmmVqaWHbDrY1GYWLfQcXqe95HlkUp4eJwkCBEdIZT3wGNX%2BqaYEpuYyUvLF%2BuEj5ZHX7pCAbRNFIp6JYnB%2FbBa1WhPeQUP1Om050y8g%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=112.116, imageryFetch;dur=101.970
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 5e491fa3-5f69-4977-90ee-6ef1bfce94fa
timing-allow-origin: *
last-modified: Sat, 11 Jun 2022 03:58:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 71af0d7a6c709052-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/t/993/assets/core.1654901605544.js>; rel="canonical"

GET
H2 200 layout-page.1654901605544.js Show response
cdn.shopify.com/s/files/1/0275/7784/3817/t/993/assets/ 457 KB
69 KB 49ms
24ms Script
text/javascript 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0275/7784/3817/t/993/assets/layout-page.1654901605544.js?v=51062547073160657461654901712&em-origin=cdn.shopify.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

991be86ebfeec9c4afdd75e5f756c2e9902885bb82ada7dda55f72d9495418a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 226424
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LUN0CbyI%2Bjtl4WL6TS%2FTNEburj4%2FS5oddZh7EYKdhfxZgIzXl1EFCgnX1%2BZYDChqZyDTVEe%2FMT6onX9eVzQgnEeWVl5%2BSiyKDJGlh8MyjVw0es0svMsARhLXH4pemv4ycQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=139.468, imageryFetch;dur=84.013
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: e0c7d355-1441-409f-84a1-8f45294a4a5b
timing-allow-origin: *
last-modified: Sat, 11 Jun 2022 03:58:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 71af0d7a6c749052-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/t/993/assets/layout-page.1654901605544.js>; rel="canonical"

GET
H2 200 page-subscription-flow.1654901605544.js Show response
cdn.shopify.com/s/files/1/0275/7784/3817/t/993/assets/ 66 KB
14 KB 154ms
130ms Script
text/javascript 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0275/7784/3817/t/993/assets/page-subscription-flow.1654901605544.js?v=104211982836100191211654901695&em-origin=cdn.shopify.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40869a8c22054998c3693dba991347242350e2f74094f57356c1bdf1d839b7a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=23FRrhXnUnp29qM8kEacqBzYFLdrXxFBXKuz%2FTA9BGVjKdVVyG4aTUG%2BYIq5UBwLcH0r6lkFcG1LULEwI9EKuYO%2FXMNADJP2P1zMC2y04fs%2BQLVnkscpDjMQuceSn7o8TA%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=39.992, imageryFetch;dur=32.362
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 0808a12f-38e2-458b-8c0f-d1677d80edd0
timing-allow-origin: *
last-modified: Sat, 11 Jun 2022 03:59:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 71af0d7a6c769052-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/t/993/assets/page-subscription-flow.1654901605544.js>; rel="canonical"

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
940 B 57ms
22ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Space+Mono&display=swap

Requested by

Host: drsquatch.com
URL: https://drsquatch.com/s/files/1/0275/7784/3817/t/993/assets/layout-page.1654901605544.css?v=50347089669130898461654901715&em-origin=cdn.shopify.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

85d2ec9ed123fcc59b617ba303ce2d497201cbb0a6d7d00919e36e8743cd9c66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 00:47:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 14 Jun 2022 00:47:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 14 Jun 2022 00:47:05 GMT

GET
H3 200 trekkie.storefront.6c66fea21eadc085ecedae6b3245f2e755f1f2df.min.js Show response
cdn.shopify.com/s/ 79 KB
18 KB 31ms
18ms Script
text/javascript 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/trekkie.storefront.6c66fea21eadc085ecedae6b3245f2e755f1f2df.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2b5f7217d9242a4febbc4fb061c1230015203d78b5fea0c0713522d65b1e016

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 18860
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BrtCfg005MVpHHacpcpTwHK6TDpjdQWG81XEfbtCzxWb%2BD%2B%2B4WIwOxWcJkw%2BQXk87tNRgiKfUayGqm%2B4XDjIKq4%2Bygbu4R8vfEGG9t%2BqkUIwiojSiVGvHz3DKDCjlMBLxw%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=62.266, imageryFetch;dur=62.021
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 10f93c0c-4b6f-4660-924e-357aff849659
timing-allow-origin: *
last-modified: Mon, 13 Jun 2022 19:32:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
cf-ray: 71af0d7b4e955c50-FRA
link: <https://cdn.shopify.com/s/trekkie.storefront.6c66fea21eadc085ecedae6b3245f2e755f1f2df.min.js>; rel="canonical"

GET
H3 200 shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js Show response
cdn.shopify.com/shopifycloud/shopify/assets/ 8 KB
4 KB 29ms
16ms Script
text/javascript 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 2843435
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fjic0t%2BgBvb9kNIztnmusX1y2YnUwEaIgOhU901tqwe1LvgftjZEtQdzxQ9YnxoV8KM2tpdnJzhya2cy3VHeTSg8CGTYyu%2BvYnYbnWFcKoZZlMyq%2FGGU1UpRUjviwE4yhA%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=36.084, imageryFetch;dur=35.724
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 7a2b6cb7-9ed6-44cd-8d65-c4709b6f994e
timing-allow-origin: *
surrogate-key: segment4-51602 mime-text/javascript-51602 time-bucket-20220512-51602 bbd463f25b75b26047a0dffad90b99212754dba28cb05b4a40bedcb5eb6c6955
last-modified: Thu, 12 May 2022 02:56:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
cf-ray: 71af0d7b4e965c50-FRA
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js>; rel="canonical"

GET
H3 200 shopify-boomerang-1.0.0.min.js Show response
cdn.shopify.com/shopifycloud/boomerang/ 58 KB
19 KB 33ms
16ms Script
text/javascript 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a081ed513735ffb15626985d663652a2879e96f0b6695e7ceda16d519372555c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 2855889
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hgB8Eoxe7pdJXOSa1RTKm3Izs3esWdxYYukXDf26tX0sHTviAT%2By7jA5a9vXyX1OPe8x4zRXBlZDncw7aNYo9SL8ObiuuUO3Tn6LMM5PJ8wW4YDhZFrNClV2Oun1r9a73Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=31.248, imageryFetch;dur=30.958
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 43206d85-71df-43cf-bc36-5bcb0eefac07
timing-allow-origin: *
surrogate-key: segment4-24675 mime-text/javascript-24675 time-bucket-20220511-24675 4cd9f4566786174a1ad1c22d25981943266f2b3b804ae07172669b9092a72bdd
last-modified: Wed, 11 May 2022 23:28:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=3600, must-revalidate
cf-ray: 71af0d7b4e995c50-FRA
link: <https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js>; rel="canonical"

GET
H3 200 page-subscription-flow.1654901605544.css
cdn.shopify.com/s/files/1/0275/7784/3817/t/993/assets/ 15 KB
3 KB 121ms
121ms Stylesheet
text/css 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0275/7784/3817/t/993/assets/page-subscription-flow.1654901605544.css

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/0275/7784/3817/t/993/assets/layout-page.1654901605544.js?v=51062547073160657461654901712&em-origin=cdn.shopify.com

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

795d6aaac9d46ac95717716959debe78139252af9b93a1f66af6339951e21fe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jiRtu%2BI0DiX%2B3F9aONodaCv3hw%2FXc53iUni0ald2CjPz2QIQ3xvvJ7P99BB1zvEpqXcfXgVQfW6%2BNuKqO1%2Blg115mj2yw1OxrEhIlg3JccwfNod3xVVqbW3ph%2Bp5aD%2FKzA%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=52.188, imageryFetch;dur=50.143
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 440ef9d6-e394-4df9-b5fb-0eb303d55d55
timing-allow-origin: *
last-modified: Sat, 11 Jun 2022 03:59:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 71af0d7c6fe95c50-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/t/993/assets/page-subscription-flow.1654901605544.css>; rel="canonical"

GET
H3 200 page-subscription-flow.1654901605544.js Show response
cdn.shopify.com/s/files/1/0275/7784/3817/t/993/assets/ 66 KB
14 KB 124ms
124ms Script
text/javascript 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0275/7784/3817/t/993/assets/page-subscription-flow.1654901605544.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/0275/7784/3817/t/993/assets/layout-page.1654901605544.js?v=51062547073160657461654901712&em-origin=cdn.shopify.com

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed5c2d9e3c1e851a36b8a24e9831a15963f59ebe27444c08ebb8e49b8bda8df6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yHp5Gq1ChuL5n%2BpihWQ1S7qQTDlo18W54JxWWv%2F%2B0WSSuAPuC9wxw%2BPGu2b9VA1F88Jfaqb8Bj1NfdKcCp7q3EDKmxMF2ecig1al1Zzn6g0Z%2BHdWaYOkdQrumhm1MsQ%2Bkw%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=127.762, imageryFetch;dur=119.335
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 7fdc5b2e-4e13-46f3-be86-63e14a1bc0d2
timing-allow-origin: *
last-modified: Sat, 11 Jun 2022 03:59:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 71af0d7c6fea5c50-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/t/993/assets/page-subscription-flow.1654901605544.js>; rel="canonical"

GET
H3 200 core.1654901605544.css
cdn.shopify.com/s/files/1/0275/7784/3817/t/993/assets/ 53 KB
8 KB 17ms
16ms Stylesheet
text/css 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0275/7784/3817/t/993/assets/core.1654901605544.css

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/0275/7784/3817/t/993/assets/layout-page.1654901605544.js?v=51062547073160657461654901712&em-origin=cdn.shopify.com

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62ea6b322a5ae7e2cc2a2116a249c3c295c21566ad0118252454bcf556a85762

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 246619
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KC6FjPbvEMjrupXMWEsKh6LL7p5tOcYFTAIe06jqXwbT%2BXuxNIE6TM%2BhqoLwqGQ7YXPsFXcR%2BP%2FmfF0YlsfiwMrUx5EgIVuCEd%2Fwou6WkeEOFn1v7M4GtrMfbiJlvVX1Jg%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=41.471, imageryFetch;dur=34.313
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: d4eea6a3-e485-47f8-ad14-21705e510b9f
timing-allow-origin: *
last-modified: Sat, 11 Jun 2022 03:58:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 71af0d7c6feb5c50-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/t/993/assets/core.1654901605544.css>; rel="canonical"

GET
H3 200 ems-redirect.js Show response
drsquatch.com/ 1 KB
983 B 15ms
14ms Script
application/javascript 2606:4700::6810:953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://drsquatch.com/ems-redirect.js
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/0275/7784/3817/t/993/assets/layout-page.1654901605544.js?v=51062547073160657461654901712&em-origin=cdn.shopify.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eddc7fd9c10511640c35a52d609d8c4484da144b7db0cdb101d019987f6aba2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
content-encoding: br
server: cloudflare
x-edgemesh-backend: proxy.edgeme.sh
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-edgemesh-server-version: 1.6.0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
server-timing: ems-cache-hit;desc="Cache Hit", ems-parse-url;desc="Parse URL";dur=0, ems-get-config;desc="Get Config";dur=0
x-edgemesh-server: hit, direct, shopify
cf-ray: 71af0d7c6dc19a3c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 cart.js Show response
drsquatch.com/ 283 B
1 KB 335ms
335ms XHR
text/javascript 2606:4700::6810:953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://drsquatch.com/cart.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/files/1/0275/7784/3817/t/993/assets/vendors.1654901605544.js?v=140638354371029986751654901721&em-origin=cdn.shopify.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:953 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f87e4db107d87433cd0a02b5bc8afc938c03ebd93f0e17d8f54640d32ed3579a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept: application/json, text/plain, */*
Cache-Control: no-store
Referer: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-permitted-cross-domain-policies: none
x-dc: gcp-asia-northeast2
cf-ray: 71af0d7c6dc79a3c-FRA
x-cache: MISS
server: cloudflare
server-timing: ems-cache-miss;desc="Cache Miss", ems-get-config;desc="Get Config";dur=0, ems-parse-url;desc="Parse URL";dur=0, ems-create-request;desc="Create Request";dur=0, ems-backend-fetch;desc="Backend Fetch";dur=312, ems-rewrite-response;desc="Rewrite Response";dur=0
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-sorting-hat-shopid: 27577843817
x-served-by: cache-itm18845-ITM
x-storefront-renderer-rendered: 1
last-modified: Tue, 14 Jun 2022 00:47:05 GMT
x-request-id: d3bd3d9b-4366-4865-a9f5-2a7562e66d03
x-timer: S1655167626.829347,VS0,VE23
x-edgemesh-backend: www.drsquatch.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/javascript; charset=utf-8
x-edgemesh-server: miss, proxy, shopify
cache-control: no-cache, no-store
x-edgemesh-server-version: 1.6.0
x-sorting-hat-podid: 104
x-cache-hits: 0

GET
H3 200 / Show response
drsquatch.com/ 15 KB
7 KB 239ms
239ms Fetch
text/html 2606:4700::6810:953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://drsquatch.com/?view=init&em-bypass=server

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:953 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd45d41c91f69fe956a8d16649f6efefc5647697b5a5f9c39ddd6cf8566e6d3f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-encoding: br
x-permitted-cross-domain-policies: none
x-shopify-stage: production
x-alternate-cache-key: cacheable:399f62bf2e6820f25ce1a6ece1e679c8
server-timing: ems-cache-miss;desc="Cache Miss", ems-parse-url;desc="Parse URL";dur=0, ems-get-config;desc="Get Config";dur=0, ems-rewrite-url;desc="Rewrite URL";dur=0, ems-create-request;desc="Create Request";dur=0, ems-backend-fetch;desc="Backend Fetch";dur=163, ems-create-response;desc="Create Response";dur=0
x-sorting-hat-shopid: 27577843817
x-served-by: cache-hhn4061-HHN
x-shardid: 104
x-storefront-renderer-rendered: 1
x-timer: S1655167626.696193,VS0,VE146
x-frame-options: DENY
x-shopid: 27577843817
vary: Accept, Accept-Encoding
content-type: text/html; charset=utf-8
x-edgemesh-server: miss, bypass
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-cache-hits: 0
date: Tue, 14 Jun 2022 00:47:05 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dc: gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-cache: hit, server, MISS
server-timing-public: processing;dur=18, db;dur=7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 3d803799-33c7-4f35-888e-7ea28121dfb1
server: cloudflare
x-edgemesh-server-version: 1.6.0
x-edgemesh-backend: www.drsquatch.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7889238
content-language: en
x-download-options: noopen
cf-ray: 71af0d7c7dd79a3c-FRA
x-sorting-hat-podid: 104

GET
H2 200 session Show response
shop.app/pay/ 18 B
2 KB 172ms
146ms Fetch
application/json 23.227.38.33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.app/pay/session?v=1

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.38.33 Ottawa, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

checkout.shopify.com

Software

cloudflare /

Resource Hash

9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' https://cdn.shopify.com https://cdn.shopifycloud.com https://www.google-analytics.com https://mpsnare.iesnare.com https://cdn1-sandbox.affirm.com https://checkout.shopifycs.com/dist/card_fields.js https://www.google.com https://www.gstatic.com https://hcaptcha.com https://.hcaptcha.com; style-src 'self' 'unsafe-inline' blob: https://cdn.shopify.com https://cdn.shopifycloud.com https://hcaptcha.com https://.hcaptcha.com; connect-src 'self' https://cdn.shopify.com https://cdn.shopifycloud.com https://sessions.bugsnag.com https://notify.bugsnag.com https://monorail-edge.shopifysvc.com https://www.google-analytics.com https://stats.g.doubleclick.net https://atlas.shopifycloud.com https://hcaptcha.com https://.hcaptcha.com; img-src 'self' https:; font-src 'self' https://cdn.shopify.com https://cdn.shopifycloud.com; object-src 'none'; frame-src 'self' https://.shopifycs.com https://checkout.shopifycs.com https://www.affirm.com https://sandbox.affirm.com https://cdn1-sandbox.affirm.com https://www.google.com https://recaptcha.google.com https://hcaptcha.com https://*.hcaptcha.com
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
x-dc: gcp-us-east1,us-east1
p3p: CP="Not used"
content-type: application/json; charset=utf-8
access-control-allow-methods: GET, OPTIONS
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 3d1929c7-c9ec-467d-be9b-515153066cf4
x-runtime: 0.003296
x-robots-tag: noindex
server: cloudflare
x-frame-options: DENY
etag: W/"9b5179ea2a77fe69b294fbd2ed504eac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJDb%2BJu98476tN7po57%2B78nLcORFe4pDUZfda554JF0CS7zU1RQDlOXvT3AJvZLzmlnjbJZLybqKjk%2Bo9BvmmmP0tKjaFsNtwTBAwsX6G4scqQ9TDwzTZyu1"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
access-control-allow-origin: https://drsquatch.com
vary: Accept-Encoding, Accept, Origin
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' https://cdn.shopify.com https://cdn.shopifycloud.com https://www.google-analytics.com https://mpsnare.iesnare.com https://cdn1-sandbox.affirm.com https://checkout.shopifycs.com/dist/card_fields.js https://www.google.com https://www.gstatic.com https://hcaptcha.com https://*.hcaptcha.com; style-src 'self' 'unsafe-inline' blob: https://cdn.shopify.com https://cdn.shopifycloud.com https://hcaptcha.com https://*.hcaptcha.com; connect-src 'self' https://cdn.shopify.com https://cdn.shopifycloud.com https://sessions.bugsnag.com https://notify.bugsnag.com https://monorail-edge.shopifysvc.com https://www.google-analytics.com https://stats.g.doubleclick.net https://atlas.shopifycloud.com https://hcaptcha.com https://*.hcaptcha.com; img-src 'self' https:; font-src 'self' https://cdn.shopify.com https://cdn.shopifycloud.com; object-src 'none'; frame-src 'self' https://*.shopifycs.com https://checkout.shopifycs.com https://www.affirm.com https://sandbox.affirm.com https://cdn1-sandbox.affirm.com https://www.google.com https://recaptcha.google.com https://hcaptcha.com https://*.hcaptcha.com
cf-ray: 71af0d7cacd292b7-FRA
x-sorting-hat-podid: -1
access-control-expose-headers

POST
H3 200 check Show response
api.edgeme.sh/node/ 51 B
303 B 59ms
44ms Fetch
application/octet-stream 2606:4700::6810:853
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.edgeme.sh/node/check
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:853 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb67f543ee92ac7b55f81ee39745ee983aa3ec66ecf193a2feab1ce1edb15490

Request headers

accept: application/octet-stream
Referer: https://drsquatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
content-type: application/octet-stream

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 00:47:05 GMT
server: cloudflare
access-control-allow-headers: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/octet-stream
access-control-allow-origin: *
cf-ray: 71af0d7d2fb96945-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51

OPTIONS
H2 200 check
api.edgeme.sh/node/ Frame 0
0 71ms
44ms Preflight 2606:4700::6810:853
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.edgeme.sh/node/check
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:853 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://drsquatch.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray: 71af0d7cce088fda-FRA
content-length: 0
date: Tue, 14 Jun 2022 00:47:05 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
timing-allow-origin: *
vary: Accept-Encoding

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
317 B 201ms
169ms Ping
text/plain 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6c66fea21eadc085ecedae6b3245f2e755f1f2df.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://drsquatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: 6857a1bb-5faa-4ce2-8457-3b02a5290077
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=idui%2BLsHYrvunWDLsJ0BUFnLej5kUVV6AVqFH6qeIJo4UdtrAA84UdqMc1QjWf6GBLYzU1rkZro8SBYVNqQ%2BR3fqWfvZxXt%2BF%2FU3VhdtFqanMN9WU2IvOzuLdv2JqIn7OA2RfULqjLOn9eaOYS0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://drsquatch.com
access-control-allow-credentials: true
cf-ray: 71af0d7cda3c90d6-FRA
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

GET
H3 200 geo Show response
drsquatch.com/em-cgi/utils/ 130 B
298 B 24ms
24ms XHR
application/json 2606:4700::6810:953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://drsquatch.com/em-cgi/utils/geo
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf9bbdc4b2adaebc75e4818ab822bcb9eefa7386fb473c0f0373bb371e2a905f

Request headers

Accept: application/json, text/plain, */*
Referer: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cf-ray: 71af0d7cce369a3c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
299 B 129ms
129ms Ping
text/plain 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6c66fea21eadc085ecedae6b3245f2e755f1f2df.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://drsquatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: d5182cac-6ae2-45a8-81e0-5a5c3d367041
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fl7Nuzsn50o4zTUYDmXHRZkY0Si1FpnUIh8AnJ6QWM5tRV5CNGPi1%2BHmuHcVVHIXzEisbp8ryoGVPZVDkk1ReIuGbEwUTuNZTeylAhsCdO8vBmBpekP8pjKDwEHJjVLduzwqy%2BDz%2B6D6X7cQGME%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://drsquatch.com
access-control-allow-credentials: true
cf-ray: 71af0d7cda3d90d6-FRA
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
921 B 121ms
121ms Ping
text/plain 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6c66fea21eadc085ecedae6b3245f2e755f1f2df.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://drsquatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: 09529753-8542-400e-b40e-2889436ef4b1
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BkKdocWJGgwwR16aSEFUvp9PfHDD5qlROWKHI%2FmnWLfxWEK4B%2BqvRAyXxPosgPU2Ntc17s8Paki4KJ67t3OVkDNld96aQUybGT7jHQJUy3X6BYyBhpbw5xemXzN19LzlsLZGwVTyfhRNwCr5nm8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://drsquatch.com
access-control-allow-credentials: true
cf-ray: 71af0d7cda4390d6-FRA
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
294 B 164ms
164ms Ping
text/plain 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6c66fea21eadc085ecedae6b3245f2e755f1f2df.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://drsquatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: 6f9c10fa-a6db-4d38-96a6-1e0a173ca658
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bzwns9Ls0mO8UFPyZ2Yw%2FVck7g8WtPRJkn41BL72WdSi6g2iIvLihI7IOwWUaq6tygbdCKnGen04YQvjX8YlyJOvsgYrl8LiDJXo5Kt56tWqJgOQsqgAmPWFqVkiSF70Y3S%2FVU7c2VLHrxDt7Dc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://drsquatch.com
access-control-allow-credentials: true
cf-ray: 71af0d7cda4490d6-FRA
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

POST
H2 200 produce_batch
monorail-edge.shopifysvc.com/unstable/ 0
300 B 170ms
169ms Ping
text/plain 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/unstable/produce_batch

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.6c66fea21eadc085ecedae6b3245f2e755f1f2df.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://drsquatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: e108b371-f66d-42b3-9aaf-41a9c654b359
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ui53NJRAJU9CPfJlHoAFcSQdiFqu8AaTPN2NyP%2FXydn9duxzdbMPyAkabK3aL7%2BO5dHQDl2gCxsl%2FAGA9mULZHf8tulHX%2Fo5Ph0V2nUbEUTsAQ3xJ5R%2B4jHPg4%2FqtcvZrhEBmUTNoqid9OBMYs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://drsquatch.com
access-control-allow-credentials: true
cf-ray: 71af0d7cda4790d6-FRA
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

GET
DATA 200
OK truncated
/ 184 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 721065a2a044d276f74139fbe64d6fa9735ac5bd1074b53c14c3f790119d4069

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H3 200 l
drsquatch.com/af/d9770a/00000000000000007735c89c/30/ 15 KB
15 KB 35ms
34ms Font
application/font-woff2 2606:4700::6810:953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://drsquatch.com/af/d9770a/00000000000000007735c89c/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3&em-origin=use.typekit.net&em-referer-host=cdn.shopify.com&em-referer-proto=https
Requested by: Host: drsquatch.com
URL: https://drsquatch.com/s/files/1/0275/7784/3817/t/993/assets/_fonts.static.css?v=158528574873376105451654901567&em-origin=cdn.shopify.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbe0c16c9ecedd1a20c6f97fe0ab169da67a4872596c38aed32f39bb74217bfe

Request headers

Referer: https://drsquatch.com/s/files/1/0275/7784/3817/t/993/assets/_fonts.static.css?v=158528574873376105451654901567&em-origin=cdn.shopify.com
Origin: https://drsquatch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
etag: cbe0c16c9ecedd1a20c6f97fe0ab169da67a4872596c38aed32f39bb74217bfe
cf-cache-status: HIT
digest: sha-256=W29iamVjdCBBcnJheUJ1ZmZlcl0=
age: 126
cf-ray: 71af0d7d1e9b9a3c-FRA
x-edgemesh-server-version: 1.6.0
cross-origin-resource-policy: cross-origin
server-timing: ems-cache-hit;desc="Cache Hit", ems-parse-url;desc="Parse URL";dur=0, ems-get-config;desc="Get Config";dur=0, ems-cache-lookup;desc="Cache Lookup";dur=8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14976
access-control-allow-origin: *
last-modified: Tue, 14 Jun 2022 00:44:59 GMT
server: cloudflare
x-edgemesh-backend: proxy.edgeme.sh
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff2
x-edgemesh-server: hit, proxy
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 l
drsquatch.com/af/66da5c/0000000000000000773597ae/30/ 31 KB
31 KB 28ms
27ms Font
application/font-woff2 2606:4700::6810:953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://drsquatch.com/af/66da5c/0000000000000000773597ae/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3&em-origin=use.typekit.net&em-referer-host=cdn.shopify.com&em-referer-proto=https
Requested by: Host: drsquatch.com
URL: https://drsquatch.com/s/files/1/0275/7784/3817/t/993/assets/_fonts.static.css?v=158528574873376105451654901567&em-origin=cdn.shopify.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8260fa78cd8644342ee95abcfaa7ac09cde4bb820f66cc501a8eb4a7fbf5552a

Request headers

Referer: https://drsquatch.com/s/files/1/0275/7784/3817/t/993/assets/_fonts.static.css?v=158528574873376105451654901567&em-origin=cdn.shopify.com
Origin: https://drsquatch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
etag: 8260fa78cd8644342ee95abcfaa7ac09cde4bb820f66cc501a8eb4a7fbf5552a
cf-cache-status: HIT
digest: sha-256=W29iamVjdCBBcnJheUJ1ZmZlcl0=
age: 126
cf-ray: 71af0d7d1e9d9a3c-FRA
x-edgemesh-server-version: 1.6.0
cross-origin-resource-policy: cross-origin
server-timing: ems-cache-hit;desc="Cache Hit", ems-parse-url;desc="Parse URL";dur=0, ems-get-config;desc="Get Config";dur=0, ems-cache-lookup;desc="Cache Lookup";dur=7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31296
access-control-allow-origin: *
last-modified: Tue, 14 Jun 2022 00:44:59 GMT
server: cloudflare
x-edgemesh-backend: proxy.edgeme.sh
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff2
x-edgemesh-server: hit, proxy
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 l
drsquatch.com/af/c255b5/0000000000000000773597b3/30/ 29 KB
30 KB 24ms
23ms Font
application/font-woff2 2606:4700::6810:953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://drsquatch.com/af/c255b5/0000000000000000773597b3/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3&em-origin=use.typekit.net&em-referer-host=cdn.shopify.com&em-referer-proto=https
Requested by: Host: drsquatch.com
URL: https://drsquatch.com/s/files/1/0275/7784/3817/t/993/assets/_fonts.static.css?v=158528574873376105451654901567&em-origin=cdn.shopify.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b750e356ba3c2844360786e3e7f31028712ab8a5b7cec5a5cc9bc6f7ddff487

Request headers

Referer: https://drsquatch.com/s/files/1/0275/7784/3817/t/993/assets/_fonts.static.css?v=158528574873376105451654901567&em-origin=cdn.shopify.com
Origin: https://drsquatch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
etag: 4b750e356ba3c2844360786e3e7f31028712ab8a5b7cec5a5cc9bc6f7ddff487
cf-cache-status: HIT
digest: sha-256=W29iamVjdCBBcnJheUJ1ZmZlcl0=
age: 126
cf-ray: 71af0d7d1e9e9a3c-FRA
x-edgemesh-server-version: 1.6.0
cross-origin-resource-policy: cross-origin
server-timing: ems-cache-hit;desc="Cache Hit", ems-parse-url;desc="Parse URL";dur=0, ems-get-config;desc="Get Config";dur=0, ems-cache-lookup;desc="Cache Lookup";dur=7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29648
access-control-allow-origin: *
last-modified: Tue, 14 Jun 2022 00:44:59 GMT
server: cloudflare
x-edgemesh-backend: proxy.edgeme.sh
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff2
x-edgemesh-server: hit, proxy
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 DE_Flag.svg
cdn.shopify.com/s/files/1/0275/7784/3817/files/ 426 B
1 KB 16ms
16ms Image
image/svg+xml 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0275/7784/3817/files/DE_Flag.svg?v=1652208424

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1916294f31b1b1745a644371efad5ac48b7e1abcebd6c7b47996cbbc2e83df3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 1595771
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WtAKBJ7yQiAvGMvwAbHepOwS2nuv5YzCpcHLPGSIM79SFNYyS4S9DosY83FQd6ip5j0888zzPZQJ1t6tjDB3FcOMXdpaTSw09PaDY6LG2zRHBN7adnxiXqd7df8AHNG%2BRA%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=87.603, imageryFetch;dur=86.655, imageryProcess;dur=0.080;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 28d5aa2a-0798-4ffc-aacd-e6237fe34988
timing-allow-origin: *
last-modified: Thu, 26 May 2022 06:39:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 71af0d7d18c35c50-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/files/DE_Flag.svg>; rel="canonical"

GET
H3 200 DRS_MARK.svg
cdn.shopify.com/s/files/1/0275/7784/3817/files/ 54 KB
18 KB 20ms
20ms Image
image/svg+xml 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0275/7784/3817/files/DRS_MARK.svg?v=1615332033

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25dbe289ffa53ae7b29748c517f5aabe2b744ab2282bbf15348207a5e6e9f221

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 1594063
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZzNeaFEJ1yeMmAVZBK7Qyucry6NLW0d5p88tKPB8Agvh3MstD0qm7I2praELhlDplPJbYDgEoYwdDEoQ%2BMgoizwUp8I9iB4MkDFlEciLDz%2BGVBcgYI3NcVMjT9GDvvdw1g%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=84.914, imageryFetch;dur=79.960, imageryProcess;dur=0.168;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 6eeb0002-c07b-422a-8d2d-e77dcfb9a8f4
timing-allow-origin: *
surrogate-key: segment4-24007 shop-27577843817 mime-image/svg+xml-24007 time-bucket-20220510-24007 a7ce94c0d98460c15ac01d82e9ebd392a31028ef6a9b0629054a47c7289fe113
last-modified: Tue, 10 May 2022 12:53:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 71af0d7d99a25c50-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/files/DRS_MARK.svg>; rel="canonical"

GET
H3 200 DRS_horizontal_fullcolor.svg
cdn.shopify.com/s/files/1/0275/7784/3817/files/ 80 KB
24 KB 66ms
65ms Image
image/svg+xml 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0275/7784/3817/files/DRS_horizontal_fullcolor.svg?v=1615332033

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc2df91148c09f84186b5e393c3889f0f3d8c1068bb7bacf609a20ff349b9fad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 1917494
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZ35N%2BPkfl%2B9dedUIqJmcN8GLV19%2BpLUet1j0%2BCyD2gCYtqTHKBYvwF5%2B3QJupaZzi50OtCwNDoAJ%2FWltOFEO8zwe5HK8Y7r4hSbqJkN6gcMXekjfqCZZ0HYR6mC0O8G2w%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: imagery;dur=49.006, imageryFetch;dur=43.143, imageryProcess;dur=0.145;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 6b6ce3db-c12b-4fd4-b8c2-d7605b350a5a
timing-allow-origin: *
surrogate-key: segment4-36508 shop-27577843817 mime-image/svg+xml-36508 time-bucket-20220510-36508 9d2ae9164bda71ca79cb4be519c02c62f8ff81b6cf1b79859a0f1bee355a169f
last-modified: Tue, 10 May 2022 11:51:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
cf-ray: 71af0d7d99a85c50-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/files/DRS_horizontal_fullcolor.svg>; rel="canonical"

GET
H3 200 20210527_DrSquatch_ProductPhotos_FreedomFresh_2902.png
cdn.shopify.com/s/files/1/0275/7784/3817/products/ 289 KB
290 KB 67ms
66ms Image
image/webp 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0275/7784/3817/products/20210527_DrSquatch_ProductPhotos_FreedomFresh_2902.png?v=1623869284

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ffc5ed55130a6dd978949ba292914d5875ca3edbe859f5b3462c2469264b45b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 10705
server-timing: imagery;dur=638.568, imageryFetch;dur=110.355, imageryProcess;dur=527.150;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 296390
x-xss-protection: 1; mode=block
x-request-id: c6392d41-d0c7-4be6-acd9-055f20b24e38
timing-allow-origin: *
last-modified: Mon, 06 Jun 2022 14:16:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2F7jyynSF7usKSsvBUikNZcXy2CioUvjIypwqlXq9Q7f%2BiFjOXxJvg1g9%2FhYaEvAz3K34XfpK%2F2AZCTXQbks9jbhtGCZMTWmWNwZbFD2kxfRlc2RfAV6lG6CV6j6SbOQuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 71af0d7d99ad5c50-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/products/20210527_DrSquatch_ProductPhotos_FreedomFresh_2902.png>; rel="canonical"

GET
H3 200 blackholesingle_1.png
cdn.shopify.com/s/files/1/0275/7784/3817/products/ 184 KB
185 KB 70ms
69ms Image
image/webp 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0275/7784/3817/products/blackholesingle_1.png?v=1652308783

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

563faa416d69320b330d5ca9903de80e7bdf3f77fc154350dafbc92419a7dadb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 10705
server-timing: imagery;dur=413.435, imageryFetch;dur=66.315, imageryProcess;dur=346.271;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 188710
x-xss-protection: 1; mode=block
x-request-id: 9eaca39e-2bf8-4dac-80ca-2df82c207869
timing-allow-origin: *
surrogate-key: segment4-60358 shop-27577843817 mime-image/webp-60358 time-bucket-20220511-60358 d5e4ee87eff3beb132cbc322a176b6cc8c2a4f1fcd26eda5a69110f3d5553452
last-modified: Wed, 11 May 2022 22:41:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbnfgPJ1SMptHZiJW8bVD4m0WoKpc2gdEjbSTWVn9TDS%2FBjC9YjUgt0cYwyY%2BP02dKbUC9OiAQL7TmEGUavhtH1cTdnAZA0QTSRFou0jAsCekVt13scXpIxiCqCb3TvJ7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 71af0d7d99b15c50-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/products/blackholesingle_1.png>; rel="canonical"

GET
H3 200 drsquatch_moonrocksoap_PSD_0006.png
cdn.shopify.com/s/files/1/0275/7784/3817/products/ 285 KB
286 KB 59ms
58ms Image
image/webp 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0275/7784/3817/products/drsquatch_moonrocksoap_PSD_0006.png?v=1651518996

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f532ad53ea0c7fbeba805fcb9b43f376d30e0867313f4c05817cfc2575b9676

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 10705
server-timing: imagery;dur=809.962, imageryFetch;dur=126.685, imageryProcess;dur=679.429;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 291858
x-xss-protection: 1; mode=block
x-request-id: 1474b1f9-d1f9-4df7-940c-dda3a5f9984b
timing-allow-origin: *
last-modified: Tue, 07 Jun 2022 18:30:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6Q1QYceHFwBqa7G7MnkdLq32zQE4PLkKBiAVEUNPeQHCHB0ckwL%2Btsvj9tlWsbjAuzVn6inYBIoxSIFjb3tfEdIUxLUcHHP6g6A4p3MNJn1JoWftYS5vXqz%2FiEPoku%2Bfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 71af0d7d99b25c50-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/products/drsquatch_moonrocksoap_PSD_0006.png>; rel="canonical"

GET
H3 200 drsquatch_marsbarsoap_1200PNG_0005.png
cdn.shopify.com/s/files/1/0275/7784/3817/products/ 329 KB
330 KB 53ms
52ms Image
image/webp 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0275/7784/3817/products/drsquatch_marsbarsoap_1200PNG_0005.png?v=1651519384

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48b994d020e4abfe4ee15fd0586d9091aebc5efcd929f170e4c66fe5f2a90ccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 10705
server-timing: imagery;dur=656.078, imageryFetch;dur=57.015, imageryProcess;dur=597.833;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 336822
x-xss-protection: 1; mode=block
x-request-id: 61be71a1-b143-480e-9aa0-78fe15b6c6b8
timing-allow-origin: *
surrogate-key: segment4-14999 shop-27577843817 mime-image/webp-14999 time-bucket-20220502-14999 931ca1191d94f327f63868154372a7c349dbbb582ad026d54fdbfb67bf3834db
last-modified: Mon, 02 May 2022 19:23:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d56XVlEWHlARTCNV7a3u4RRCskb5jQbKlKLbLAcThH%2FLKpo%2FWI96ae6ynRqIQt%2BTwN30bz5rrazGjGL%2FCecTR2IkKOW%2By%2F9yjKFjK2nhBT4WO35KlC2L%2BdlWHXavf9Uogw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 71af0d7d99b35c50-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/products/drsquatch_marsbarsoap_1200PNG_0005.png>; rel="canonical"

GET
H3 200 20210407_DrSquatch_GalaxyBundle_ProductPhotos_IMG_2601_3a12326d-f088-4de3-be21-229ef3dde823.png
cdn.shopify.com/s/files/1/0275/7784/3817/products/ 244 KB
245 KB 86ms
85ms Image
image/webp 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0275/7784/3817/products/20210407_DrSquatch_GalaxyBundle_ProductPhotos_IMG_2601_3a12326d-f088-4de3-be21-229ef3dde823.png?v=1651519848

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4d0652fb168ac8f58198cf6e74499670d74401c6d464c039d360277f31520f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 10705
server-timing: imagery;dur=614.490, imageryFetch;dur=59.196, imageryProcess;dur=554.227;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 249638
x-xss-protection: 1; mode=block
x-request-id: f6248a56-467b-44cd-8641-a0206fc1bc5f
timing-allow-origin: *
last-modified: Tue, 07 Jun 2022 18:30:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fr6jDFfEFpPSCCLbGqY2ygmlRfUa8RUdI0%2F0X6bp9lV5ZCTg7bzOeQAPU9jlj%2FcYNs99CVepE545ohLC4%2B9%2Fws2puYTuR2zZ01VFiw5SGGjAaEompzJNZaH2BKpgbTrZVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 71af0d7d99b45c50-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/products/20210407_DrSquatch_GalaxyBundle_ProductPhotos_IMG_2601_3a12326d-f088-4de3-be21-229ef3dde823.png>; rel="canonical"

GET
H3 200 DrSquatch_coconutcastawaysoap_1200PNG_0006.png
cdn.shopify.com/s/files/1/0275/7784/3817/products/ 209 KB
210 KB 27ms
26ms Image
image/webp 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0275/7784/3817/products/DrSquatch_coconutcastawaysoap_1200PNG_0006.png?v=1648507920

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65c30c15edace713d7aafb2941507344acda1aeb310aff619b483e68928ae369

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 10705
server-timing: imagery;dur=653.651, imageryFetch;dur=249.007, imageryProcess;dur=403.740;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 214118
x-xss-protection: 1; mode=block
x-request-id: 2f7789d8-2461-4874-935f-c9060c2c55bf
timing-allow-origin: *
surrogate-key: segment4-43278 shop-27577843817 mime-image/webp-43278 time-bucket-20220414-43278 20e4ade3d4024ade35308e352521921c9c9989a3a1a7245e80a7a861eb694697
last-modified: Thu, 14 Apr 2022 16:42:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HC0hFO6oDlc8w3ZL%2BEEYu6%2Bq5x77QrS97PQ%2F5L9Drx6V1c8VPfuoiNHolltsRiVjJRBfUDkkspjmMuxZQXGob16YIBjD54mvKwZNTrwyYdAjoJj%2Br3igPZQvZLc7Gb%2FLMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 71af0d7d99b55c50-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/products/DrSquatch_coconutcastawaysoap_1200PNG_0006.png>; rel="canonical"

GET
H3 200 PineTar_1.png
cdn.shopify.com/s/files/1/0275/7784/3817/products/ 232 KB
233 KB 20ms
18ms Image
image/webp 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0275/7784/3817/products/PineTar_1.png?v=1616617621

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e90b71df357e4d88a442c06e77b8670c751ea952ec8fd456ee33bf6b23c6b41f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 2760544
server-timing: imagery;dur=704.648, imageryFetch;dur=66.384, imageryProcess;dur=637.412;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 237738
x-xss-protection: 1; mode=block
x-request-id: e1d56946-dc58-403a-be3c-361b55161c37
timing-allow-origin: *
surrogate-key: segment4-54254 shop-27577843817 mime-image/webp-54254 time-bucket-20220510-54254 dd3d3f6cfab8c7330fc23f068ef8b9a5cd05324d82a131b0cdc31ed9417b834a
last-modified: Tue, 10 May 2022 11:50:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JMl7rwQhlfugFeEc%2F6Gjq84qQIE1Vkdpjg2zVZ8U0OKePHhCzoll6nIFGHgePiL2yCotozhr1VxeHYlp5HTxKs52fc%2BVY501qDmJH6AU2HXNlCQRbYAvis6Bg9qDGuWFiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 71af0d7d99b65c50-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/products/PineTar_1.png>; rel="canonical"

GET
H3 200 CedarCitrus_1.png
cdn.shopify.com/s/files/1/0275/7784/3817/products/ 168 KB
169 KB 92ms
90ms Image
image/webp 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0275/7784/3817/products/CedarCitrus_1.png?v=1616616360

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f443bb55cfe3463cb19b01ba483df1b0bef7e2fd7d1fed65569b82ad2324101f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 10705
server-timing: imagery;dur=592.839, imageryFetch;dur=42.986, imageryProcess;dur=547.657;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 171576
x-xss-protection: 1; mode=block
x-request-id: 5a3bd6c4-dbe5-4b5e-891b-f565d648513f
timing-allow-origin: *
surrogate-key: segment4-31740 shop-27577843817 mime-image/webp-31740 time-bucket-20220406-31740 923b46ac6b9560470a0abda096b90360469ba6498e280f3534ef0c4eaa105edb
last-modified: Wed, 06 Apr 2022 22:54:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cQC50vzVAYLEWi3%2FvBh5wYwzh6JksSdo0ADun3xeOUvpZ4GzYYwd%2FZUBcgqyT6Z%2BL3h4apNd0rfAvLg5q10CAREYnL85IRCGvCWyGIgj0sOQBx8UWmHb4WPntfZlNgL0Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 71af0d7d99b95c50-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/products/CedarCitrus_1.png>; rel="canonical"

GET
H3 200 BayRum_1.png
cdn.shopify.com/s/files/1/0275/7784/3817/products/ 228 KB
229 KB 94ms
92ms Image
image/webp 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0275/7784/3817/products/BayRum_1.png?v=1616616258

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93163a4dcb6a6041c16a24d663f72380661c495314dde82ea50c719103713c13

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 10705
server-timing: imagery;dur=457.160, imageryFetch;dur=64.781, imageryProcess;dur=391.463;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 233834
x-xss-protection: 1; mode=block
x-request-id: a2ab294a-07a9-405c-98c8-7ce87dde517f
timing-allow-origin: *
surrogate-key: segment4-51744 shop-27577843817 mime-image/webp-51744 time-bucket-20220511-51744 5057e6dd0e42c0aee2900fb304bf456571c54e29ec6d070ed2bbc8db9638c14f
last-modified: Wed, 11 May 2022 12:52:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OAgmzyxOLhKJrenooElWDcwD8uxX%2BkOfzCcW%2FZN%2Fr78Rvs%2BJkCQxnptf4seKetop3rL63mLCGqHz1Rqe9m43f79%2FLpx1KD1diO1uIWURFvZN3qGdApfVl75dMb5uiPzLBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 71af0d7d99bd5c50-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/products/BayRum_1.png>; rel="canonical"

GET
H3 200 FreshFalls_1.png
cdn.shopify.com/s/files/1/0275/7784/3817/products/ 225 KB
226 KB 99ms
96ms Image
image/webp 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0275/7784/3817/products/FreshFalls_1.png?v=1616616867

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71a93a1ae1969ddacf565cd03e01be722592deaeee54d1b790f4b9704670e78c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 5218481
server-timing: imagery;dur=596.195, imageryFetch;dur=45.549, imageryProcess;dur=549.207;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 230188
x-xss-protection: 1; mode=block
x-request-id: 3a568ac0-6a44-41c5-b1ae-9bf31d8c352d
timing-allow-origin: *
surrogate-key: segment4-24807 shop-27577843817 mime-image/webp-24807 time-bucket-20220406-24807 00e6229c1182d3eb27213a6e2b2801f37274a1c5dc52bc3db95e679d727f525b
last-modified: Wed, 06 Apr 2022 22:54:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1afD0BjM42Pqiw2cYY2Xe9aJ1vcWUGPBsprCVmuFH95hj%2FPC%2BzxBTMprkYhIMgmynHN7pUo%2BLaeqamLQxurNPwABQ4VZUpY6jnQ%2F5ZNhJhbJmT1BBd0pz%2BV%2BCq01s7MIYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 71af0d7da9c45c50-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/products/FreshFalls_1.png>; rel="canonical"

GET
H3 200 AlpinsSage_1.png
cdn.shopify.com/s/files/1/0275/7784/3817/products/ 190 KB
191 KB 104ms
101ms Image
image/webp 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0275/7784/3817/products/AlpinsSage_1.png?v=1616617440

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a219149b81c094f4674e199a990fff01a092e9a9adc61a917c8a0d49e4098da

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 10705
server-timing: imagery;dur=578.340, imageryFetch;dur=93.693, imageryProcess;dur=483.654;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 194528
x-xss-protection: 1; mode=block
x-request-id: 01f6e216-2b37-4f41-a4a9-58bf9e13c963
timing-allow-origin: *
surrogate-key: segment4-47812 shop-27577843817 mime-image/webp-47812 time-bucket-20220510-47812 c3134d63280a232f743e4f703e86e902bf83e2ec971f5176a603c3673743c3f2
last-modified: Tue, 10 May 2022 11:49:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pMYuyU%2Bz827T7DBENEgFXC1AwfXHadO0lKOlg4S2E1IUpo7P81yh6ZDgFTMNCzG3RC%2BqH7G90fsxUcux5L7tzfPvltPTFUsBgmcOuBFmtqjxzuLZB1Fn1jGAkX0PVDcung%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 71af0d7da9c55c50-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/products/AlpinsSage_1.png>; rel="canonical"

GET
H3 200 CoolFreshAloe_1.png
cdn.shopify.com/s/files/1/0275/7784/3817/products/ 231 KB
232 KB 107ms
104ms Image
image/webp 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0275/7784/3817/products/CoolFreshAloe_1.png?v=1632844339

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6ec28b0f402801a68a3b500fc7706f59e7961859acbfc368b556544855318eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 4544895
server-timing: imagery;dur=557.100, imageryFetch;dur=117.667, imageryProcess;dur=437.758;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 236250
x-xss-protection: 1; mode=block
x-request-id: 2e6bc9f8-358a-452d-a35f-a855e353a7a5
timing-allow-origin: *
surrogate-key: segment4-46857 shop-27577843817 mime-image/webp-46857 time-bucket-20220405-46857 c9357cd0f4638437d63218473e6434769a393860c1986dd6dcd64b007d574ca1
last-modified: Tue, 05 Apr 2022 19:22:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCp%2Fgo5w%2FX6GeFJP6l9Cp3qzNyx0LV%2Bv61qbTtWs6Kw2%2FOwGt9soGfPoaohKqiXYFab6xdPuRMj5etjhTxw19Eyd9mqwmE5C1JG7gtW00qsrlx%2B0aslfzvdLVjZVTPPWfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 71af0d7da9c85c50-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/products/CoolFreshAloe_1.png>; rel="canonical"

GET
H3 200 DeepSeaGoatsMilk_1.png
cdn.shopify.com/s/files/1/0275/7784/3817/products/ 220 KB
221 KB 111ms
108ms Image
image/webp 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0275/7784/3817/products/DeepSeaGoatsMilk_1.png?v=1616617993

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e265d9da575c25523dcf9f0406fa9f60350e878e24bdc93be8a93984b626e9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 10705
server-timing: imagery;dur=619.239, imageryFetch;dur=41.183, imageryProcess;dur=576.806;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 224942
x-xss-protection: 1; mode=block
x-request-id: c802232e-c725-476d-aa54-ce106df24327
timing-allow-origin: *
surrogate-key: segment4-12602 shop-27577843817 mime-image/webp-12602 time-bucket-20220406-12602 42733a30dcf2831a26de301d6b84e3e787cf39ccad4c1c6e5a22866b6b424ae1
last-modified: Wed, 06 Apr 2022 22:54:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3yYmrGC0ZfhCGOlEN0qwhBprHDCEILj404ZxTJNhXfDQWZiqvs%2FEKADlERoXpuswGFmM6%2FHlnQ4NfxwZc9kJwmkoA8WIve0Q58F4y0hOjJYp%2BZD0jKbxd24hVuFyObPtJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 71af0d7da9c95c50-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/products/DeepSeaGoatsMilk_1.png>; rel="canonical"

GET
H3 200 SpearmintBasil_1.png
cdn.shopify.com/s/files/1/0275/7784/3817/products/ 183 KB
184 KB 128ms
125ms Image
image/webp 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0275/7784/3817/products/SpearmintBasil_1.png?v=1616616658

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1826d122785e0fbc7c1fda8fa7c760fd34e04d421c46a446878195b88aede7e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 10705
server-timing: imagery;dur=506.653, imageryFetch;dur=25.520, imageryProcess;dur=479.985;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 187258
x-xss-protection: 1; mode=block
x-request-id: 239ba1b9-f7b4-4820-b1f9-2b239149f5dd
timing-allow-origin: *
surrogate-key: segment4-17136 shop-27577843817 mime-image/webp-17136 time-bucket-20220406-17136 f32c79d716c3a2cc6a1ef6bd9d9def2a3dedef1dfaf33d27544e58c51b49b3dc
last-modified: Wed, 06 Apr 2022 22:54:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TMjsxNUEyO25c1Diy55XtVLd30Xq3UO6AEqwbBbC7oLPmf%2BEoltPW3PHKh784m6AZIVszIMTWEMxtXH24YDOisAxBfyE%2BYVo6j%2FYYx9HaQnHnvDnRSN0TZXdxnGwE7EPpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 71af0d7da9ca5c50-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/products/SpearmintBasil_1.png>; rel="canonical"

GET
H3 200 EucalyptusGreekYogurt_1.png
cdn.shopify.com/s/files/1/0275/7784/3817/products/ 202 KB
203 KB 114ms
111ms Image
image/webp 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0275/7784/3817/products/EucalyptusGreekYogurt_1.png?v=1616616936

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd2a08038ea2b86d80169da30c55ca1d5ca44b4281ce74197d1d891d27255169

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 10705
server-timing: imagery;dur=513.766, imageryFetch;dur=53.579, imageryProcess;dur=455.812;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 207048
x-xss-protection: 1; mode=block
x-request-id: e394c649-a3a7-49af-b736-23d773758397
timing-allow-origin: *
last-modified: Tue, 07 Jun 2022 18:30:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KbqCzIIrd7RvRfSwT9e0VGGC32XA%2F%2FA5AJthJs58wWG01ZWr9debDB8ZkIN7LTItzrJFR%2FEBJumTZwGd2xihjDfD%2Bzu9XC20y6lW9Z5Cxk5gLJaXkxE8rDAaViaU3wAiPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 71af0d7da9cc5c50-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/products/EucalyptusGreekYogurt_1.png>; rel="canonical"

GET
H3 200 ColdBrew_1.png
cdn.shopify.com/s/files/1/0275/7784/3817/products/ 276 KB
277 KB 118ms
115ms Image
image/webp 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0275/7784/3817/products/ColdBrew_1.png?v=1616617758

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0f5dc64b7a04ce339d706fe4e14e7a300f92badd70815ff937facc839120316

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 10705
server-timing: imagery;dur=679.479, imageryFetch;dur=86.822, imageryProcess;dur=591.806;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 282952
x-xss-protection: 1; mode=block
x-request-id: 1c9fa274-0a1e-4feb-840c-cd634e511878
timing-allow-origin: *
last-modified: Tue, 07 Jun 2022 18:30:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3IaDEv%2FsDE2%2FX05SnRll6OM6UNxuTtbBpFz5tKCnPmAVol%2B2qTCujkQrJfj4TIj13VlpXzVtE5QDuT%2BScWVR1Xh4oI78rE2D%2FYKxQ3b2CAkl1lQNpB2rbxpCmHIFKvtCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 71af0d7da9ce5c50-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/products/ColdBrew_1.png>; rel="canonical"

GET
H3 200 GrapeFruitIPA_1.png
cdn.shopify.com/s/files/1/0275/7784/3817/products/ 227 KB
228 KB 148ms
145ms Image
image/webp 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0275/7784/3817/products/GrapeFruitIPA_1.png?v=1616617073

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07168b3620ce81a5dd7dcd6a4daa854b7ae0187121e7c0ad91fbf908c02aa5e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
server-timing: imagery;dur=526.106, imageryFetch;dur=54.398, imageryProcess;dur=470.550;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 232374
x-xss-protection: 1; mode=block
x-request-id: c694922f-8a30-4d7b-84f2-d1d9bae6e81e
timing-allow-origin: *
surrogate-key: segment4-56563 shop-27577843817 mime-image/webp-56563 time-bucket-20220407-56563 c670fe586c03a3b4eb68ac1deaa3c1f33a89435bb3360771c17b8e7314a06d3a
last-modified: Thu, 07 Apr 2022 04:15:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pzQxQMEk8DVSAqtke2p2n2QGwozetMxbuL%2FIL%2FzmUINjUQR%2FXtIUFfZGpeRFV8iD26u12i2w2XniTWT2iDC1YXhTIca2g1d7QRo90hC5EH22vGXVcG9oJta29sc1TbxWnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 71af0d7da9d05c50-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/products/GrapeFruitIPA_1.png>; rel="canonical"

GET
H3 200 WoodBarrelBourbon_1.png
cdn.shopify.com/s/files/1/0275/7784/3817/products/ 243 KB
244 KB 135ms
132ms Image
image/webp 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0275/7784/3817/products/WoodBarrelBourbon_1.png?v=1616616812

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf7c39f3b08cf912f116f097f93abb2e76378295a4c46f30d2663fbeaed57f32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 27044
server-timing: imagery;dur=612.550, imageryFetch;dur=43.213, imageryProcess;dur=567.854;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 249174
x-xss-protection: 1; mode=block
x-request-id: bd3c477a-9218-4e1e-b078-6c9c77a1e57d
timing-allow-origin: *
surrogate-key: segment4-3623 shop-27577843817 mime-image/webp-3623 time-bucket-20220406-3623 170ec89c176f4821c8bc23d0cbb8366f29b6d90d9ed1985b90f384819e521d7a
last-modified: Wed, 06 Apr 2022 22:20:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZFpGfYbG7iSwIOhABEM1eZ4R1lXQNJBrGsYNdy3iWyJzzZtyUme%2Fxnm9Edenopkwb58Xn%2Bak1GVV4brpitNv73xDh5Oq7woxeFe57S61JuJoZMiTdyiVWO%2BGOJxsP66pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 71af0d7da9d15c50-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/products/WoodBarrelBourbon_1.png>; rel="canonical"

GET
H3 200 20210504_DrSquatch_StarWarsBundle_ProductPhotos_IMG_9083.png
cdn.shopify.com/s/files/1/0275/7784/3817/products/ 315 KB
316 KB 136ms
133ms Image
image/webp 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0275/7784/3817/products/20210504_DrSquatch_StarWarsBundle_ProductPhotos_IMG_9083.png?v=1624660724

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

273d1f061b6f03aa795e1bc279e2e7208a14e15da75028b494fa4688266d4bdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 59041
server-timing: imagery;dur=568.904, imageryFetch;dur=49.166, imageryProcess;dur=517.467;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 322968
x-xss-protection: 1; mode=block
x-request-id: e4f34fea-8618-4e69-bcbc-f152eac8e86d
timing-allow-origin: *
surrogate-key: segment4-60566 shop-27577843817 mime-image/webp-60566 time-bucket-20220510-60566 5aca127f2a2952c2db892717c7220b9748fd847e3cab4857113db3ac7f3e1711
last-modified: Tue, 10 May 2022 10:58:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WyGZroI4kgZ4p3tnWc22g7KW4iiCXUcifPwVTR6m4QEiMb6R%2BNcyaHBY0GdPTjRX5tVBonzW5O106K97mnLL%2FvMOJdirZcyjA3nc5HuVZAIjpuVIkKqk4riqSRBjxwmC0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 71af0d7da9d25c50-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/products/20210504_DrSquatch_StarWarsBundle_ProductPhotos_IMG_9083.png>; rel="canonical"

GET
H3 200 Front.png
cdn.shopify.com/s/files/1/0275/7784/3817/products/ 206 KB
207 KB 134ms
132ms Image
image/webp 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0275/7784/3817/products/Front.png?v=1619122823

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a718ced4e80f6b0d4a3113473d56c140b4346a7fbb02b46be604925ffc69f22c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 10705
server-timing: imagery;dur=518.095, imageryFetch;dur=48.050, imageryProcess;dur=468.853;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 210844
x-xss-protection: 1; mode=block
x-request-id: a2356baa-06d9-4f0e-aa1d-27479cf596ce
timing-allow-origin: *
surrogate-key: segment4-1514 shop-27577843817 mime-image/webp-1514 time-bucket-20220407-1514 f5acd3a6fcb994f70937dcefa42f23a8efd71b9aa54d4d15b6e686af624b8025
last-modified: Thu, 07 Apr 2022 04:15:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gkt5vCEq1CqY1aCt6KgPdHOs9LpZ2M1Rb7Ov3gwMRG%2BpMvKcgwfMHgStiRFKtVDtgwx9C3atsqWfd58WTG%2BZsJJJdZRoU2NtC1%2B1mDlVjHsFRW7nvLK51gGq3oNiVos2lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 71af0d7da9d35c50-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/products/Front.png>; rel="canonical"

GET
H3 200 GoldMoss_1.png
cdn.shopify.com/s/files/1/0275/7784/3817/products/ 213 KB
213 KB 138ms
136ms Image
image/webp 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0275/7784/3817/products/GoldMoss_1.png?v=1616617167

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45835e048cf3c1777e0e8856346b481f49a33c61a80a6bfa6239acc5e5696340

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 10705
server-timing: imagery;dur=571.392, imageryFetch;dur=63.060, imageryProcess;dur=506.953;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 217614
x-xss-protection: 1; mode=block
x-request-id: 5e156d7f-9173-4edf-be10-92fbbc2fc847
timing-allow-origin: *
surrogate-key: segment4-30959 shop-27577843817 mime-image/webp-30959 time-bucket-20220406-30959 946b74737f84710ead3ea2ed58631ab715f68ad5516ffd166704c99ab929ce35
last-modified: Wed, 06 Apr 2022 22:54:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2FgaJ2levRiPP6K1Ri%2Bo1ve%2F60ZblBCRXvikfm7CGV6Cy2aPOesLjP0VORO0FqlVIRXGgV8eVGcyYPbnRo2fXV0EiEEFUPD31PRNLMHibSqLB1TkI914k8Bb%2B26X4ypl1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 71af0d7da9d45c50-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/products/GoldMoss_1.png>; rel="canonical"

GET
H3 200 SquatchPicks.png
cdn.shopify.com/s/files/1/0275/7784/3817/products/ 11 KB
12 KB 142ms
140ms Image
image/webp 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0275/7784/3817/products/SquatchPicks.png?v=1616624634

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b0709b95a6a8692d6614bd13bd134665d84b60a972a7999445d5ed670c8f864

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 10705
server-timing: imagery;dur=362.633, imageryFetch;dur=64.354, imageryProcess;dur=297.657;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11128
x-xss-protection: 1; mode=block
x-request-id: 19092e6d-e16e-4be6-ba92-3941071dc9d6
timing-allow-origin: *
surrogate-key: segment4-48064 shop-27577843817 mime-image/webp-48064 time-bucket-20220509-48064 94ca96a7c3a6668a9ccede7522b9a75648b9251a23d2d995cc91467f05d26d62
last-modified: Mon, 09 May 2022 10:38:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1q92jsro%2Bsn6OTdCL35TXF%2BLMOzWVRc4%2BmM8yak3r12V1nXGA3yYKRa95PCemH7p0vKuAZMWs1Vvox5E3y7VzVYWU2bdPbYfcCkaAX0BxHklu95Sb5ZOZaV2erqp6nbKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 71af0d7da9d55c50-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/products/SquatchPicks.png>; rel="canonical"

GET
H3 200 20210504_DrSquatch_StarWarsBundle_ProductPhotos_IMG_9068.png
cdn.shopify.com/s/files/1/0275/7784/3817/products/ 332 KB
333 KB 143ms
141ms Image
image/webp 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0275/7784/3817/products/20210504_DrSquatch_StarWarsBundle_ProductPhotos_IMG_9068.png?v=1624660687

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f6a65dc7dfeecafaf5695ea83d68a77d959b04ddcce87a5d74cfd0a22ac2572

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 59041
server-timing: imagery;dur=586.503, imageryFetch;dur=67.289, imageryProcess;dur=518.147;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 340272
x-xss-protection: 1; mode=block
x-request-id: efea1e03-ea76-4ea5-87d4-d31db0f8e17b
timing-allow-origin: *
last-modified: Tue, 07 Jun 2022 18:30:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mm8nMg%2Fh9W3%2Bj9OlBMYW392pFDQZppuyZLwYS%2FHWcxSo1ZT6Uq3%2B7VWLVrRd12q2Nd9HLW94P0H6u2ZhZBGFijf78m2iW%2FUVxDWc2Kmv6KNzudTXSTNY%2FgFczeL41OmBqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 71af0d7da9d75c50-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/products/20210504_DrSquatch_StarWarsBundle_ProductPhotos_IMG_9068.png>; rel="canonical"

GET
H3 200 20210504_DrSquatch_StarWarsBundle_ProductPhotos_IMG_9078.png
cdn.shopify.com/s/files/1/0275/7784/3817/products/ 338 KB
339 KB 148ms
147ms Image
image/webp 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0275/7784/3817/products/20210504_DrSquatch_StarWarsBundle_ProductPhotos_IMG_9078.png?v=1624660703

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

478b8bdc5913f6ff54e0b1c14abe84dbfe1e0c0db931b8f8cb1b3c46504c0fd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
age: 59041
server-timing: imagery;dur=903.431, imageryFetch;dur=64.085, imageryProcess;dur=838.086;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 345864
x-xss-protection: 1; mode=block
x-request-id: 47bd353a-dbbe-4111-82d6-9f50c7f80a99
timing-allow-origin: *
surrogate-key: segment4-42696 shop-27577843817 mime-image/webp-42696 time-bucket-20220504-42696 b9de6c270f39f5b9caf430664500eaac446e7f59a916022c0046d6b26476c4cc
last-modified: Wed, 04 May 2022 04:40:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NK0pcuRN2%2BqNdmam%2BZpz9lw%2FG%2BTFT0xH%2BS%2ByHzvs8xyDNoPXGYIQ%2F2n9%2FazBd%2FsXhJpVTBTzS%2BbH8earj079orufEyHAda0P5MWKJaTUmBZ0CR5F%2Ftw54KzXe5iEZu%2BJEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 71af0d7da9d85c50-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/products/20210504_DrSquatch_StarWarsBundle_ProductPhotos_IMG_9078.png>; rel="canonical"

GET
H3 200 20210504_DrSquatch_StarWarsBundle_ProductPhotos_IMG_9074.png
cdn.shopify.com/s/files/1/0275/7784/3817/products/ 350 KB
351 KB 154ms
152ms Image
image/webp 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0275/7784/3817/products/20210504_DrSquatch_StarWarsBundle_ProductPhotos_IMG_9074.png?v=1624660711

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

baa174d134738ac011b8ea17d20ccf5da7db345c0a2e7f0dbdd939f335975ccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
age: 59041
server-timing: imagery;dur=659.768, imageryFetch;dur=60.335, imageryProcess;dur=598.161;desc="image"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 358710
x-xss-protection: 1; mode=block
x-request-id: 7390248a-3129-41e9-b483-9fddcc7e91b2
timing-allow-origin: *
surrogate-key: segment4-56082 shop-27577843817 mime-image/webp-56082 time-bucket-20220406-56082 40ac98447d032c5af6b9d963c72e1bec05e9924054cd430213b55a9ea883d480
last-modified: Wed, 06 Apr 2022 23:58:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WlLolQazuYHWTRtXi6AwhuzeY019BWzB1XlUcChsdnzVukxSRcS3x1fDHTsFn5ZGQlKWqAPRIoY%2FW9KT4dDfg15OvZjCwhnaGFZL3WgHL1MmbBrQkQfLC09DAPAXHqyrog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31557600
accept-ranges: bytes
cf-ray: 71af0d7da9db5c50-FRA
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/products/20210504_DrSquatch_StarWarsBundle_ProductPhotos_IMG_9074.png>; rel="canonical"

GET
H3 200 squatch-icons.static.ttf
drsquatch.com/s/files/1/0275/7784/3817/t/993/assets/ 49 KB
50 KB 52ms
51ms Font
font/woff2 2606:4700::6810:953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://drsquatch.com/s/files/1/0275/7784/3817/t/993/assets/squatch-icons.static.ttf?v=49681750990071282931654901554&em-origin=cdn.shopify.com&em-referer-host=cdn.shopify.com&em-referer-proto=https

Requested by

Host: drsquatch.com
URL: https://drsquatch.com/s/files/1/0275/7784/3817/t/993/assets/_fonts.static.css?v=158528574873376105451654901567&em-origin=cdn.shopify.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:953 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e4643eb1ef284cac0965b9551ff41f0e446fb7df8ce9fc705f3b82ab717cf8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://drsquatch.com/s/files/1/0275/7784/3817/t/993/assets/_fonts.static.css?v=158528574873376105451654901567&em-origin=cdn.shopify.com
Origin: https://drsquatch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
digest: sha-256=W29iamVjdCBBcnJheUJ1ZmZlcl0=
x-dc: gcp-us-east1,us-central1
age: 10428
cf-ray: 71af0d7daf3f9a3c-FRA
x-edgemesh-server-version: 1.6.0
server-timing: imagery;dur=422.722, imageryFetch;dur=85.166, imageryProcess;dur=337.303;desc="font", ems-cache-hit;desc="Cache Hit", ems-parse-url;desc="Parse URL";dur=0, ems-get-config;desc="Get Config";dur=0, ems-cache-lookup;desc="Cache Lookup";dur=9
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50640
x-xss-protection: 1; mode=block
x-request-id: 9187cc53-f94a-492e-b93d-43e481937224
access-control-allow-origin: *
last-modified: Sat, 11 Jun 2022 03:59:02 GMT
server: cloudflare
x-edgemesh-backend: proxy.edgeme.sh
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: font/woff2
x-edgemesh-server: hit, proxy
vary: Accept-Encoding
cache-control: public, max-age=31557600
etag: 5e4643eb1ef284cac0965b9551ff41f0e446fb7df8ce9fc705f3b82ab717cf8c
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0275/7784/3817/t/993/assets/squatch-icons.static.ttf>; rel="canonical"
access-control-expose-headers: *

GET
H/1.1 200
OK aVmUCojw7M4SVKvRhQWlyw Show response
cdn-widgetsrepository.yotpo.com/v1/loader/ 356 KB
38 KB 64ms
10ms Script
application/javascript 2a02:26f0:6c00:287::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-widgetsrepository.yotpo.com/v1/loader/aVmUCojw7M4SVKvRhQWlyw
Requested by: Host: drsquatch.com
URL: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:287::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3f9b60701e9b061278c5328d1bf662e84343b847bca7cca07283ed9ada31df27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 00:47:06 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
l5d-success-class: 1.0
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 38621

GET
H2 200 5462 Show response
config.gorgias.chat/applications/ 106 B
692 B 143ms
117ms XHR
application/json 2606:4700::6812:1cb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://config.gorgias.chat/applications/5462

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cb4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d93564a3d6e61bf58267efb4212fba6aab29975cd52472ad8b5fc6543dee6ae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:06 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6a-SZ0JQgwFcEqgXI6ec91xXFxRIHI"
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cf-ray: 71af0d7ec96b5c02-FRA

GET
H2 200 profitwell.js Show response
public.profitwell.com/js/ 35 KB
9 KB 39ms
8ms Script
application/x-javascript 99.86.4.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.profitwell.com/js/profitwell.js?auth=959f083de8bcb4a711c9759855c6b9a3
Requested by: Host: drsquatch.com
URL: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-5.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94793e651d33131640f21098c7a9ee7155892c1a0be754c80e8e38c3ec5a81d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: znDY4nYU90M6zr4dzZFQuN8coA9KbBKW
content-encoding: gzip
last-modified: Fri, 03 Jun 2022 14:00:55 GMT
server: AmazonS3
age: 13509
etag: W/"f3710cf44008e9509cf9d74fde8cff1f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
cache-control: public,max-age=86400
date: Mon, 13 Jun 2022 21:05:23 GMT
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: eGU1CO5vPQ4RK3NVf78RVypyrtU2o-vzcIBj-0GpuuivuZWPVumd3g==

GET
H2 200 tune.js Show response
js.go2sdk.com/v2/ 18 KB
18 KB 50ms
9ms Script
application/javascript 18.66.97.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.go2sdk.com/v2/tune.js
Requested by: Host: drsquatch.com
URL: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-54.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cca8ce472cbf8c44acf7ac24067c2d6075acd1e0cd4c9003de6055289ac5c68a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
etag: "074c9e70b17ef9db8aced963fef4e2d9"
last-modified: Wed, 06 Jan 2021 18:55:14 GMT
server: AmazonS3
age: 92
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
date: Tue, 14 Jun 2022 00:45:35 GMT
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 17921
x-amz-cf-id: tiYOdf137CFT_ucZZrh4oqnSXabW7SaAGne9GeGA4N3faNJW5UqsAA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 161 KB
58 KB 70ms
30ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1018509496

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

62f31c6b924934108544f4d29780179f4c25ee34e7169a82e3ea8e5381e61820

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58521
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 00:31:20 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 14 Jun 2022 00:47:06 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 313 KB
82 KB 82ms
43ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MQXWN9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

43123c223f39902485cf46a6ef584d360dca5a538190e0f5afeb62cedde73f82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84202
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 00:31:20 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 14 Jun 2022 00:47:06 GMT

GET
H2 200 heap-2438999048.js Show response
cdn.heapanalytics.com/js/ 114 KB
44 KB 359ms
104ms Script
application/javascript 65.9.66.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-2438999048.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-42.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

6687741a092ec9dfa641717aa9d562ea11ecb239e7bd0b94b9054c7431eb0cca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:45:19 GMT
content-encoding: gzip
server: nginx
age: 107
etag: W/"1c83c-7eOwFo5lVKZrGvgqJoN0AQ"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: FRA56-C1
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: r9xBoAmzGIdUBVuQ0IdrYsdy-Lak66y3em7c-ym69lbRmGoF_cvX9w==

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 29 KB
6 KB 61ms
24ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=556780&u=https%3A%2F%2Fdrsquatch.com%2Fpages%2Fsubscription-flow%3F_ke%3DeyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%253D%26utm_campaign%3DFlow%253A1A-PrePurchaseFlow-EmailModal%257CNum%253A2%257CDay%253A2%257CEM%253ARaisingTheBarSamplerBundle%257CPromo%253ANA%257C%26utm_medium%3Demail%26utm_source%3Dklaviyo-automated-flow%26variation%3DB%23barsoap&f=1&r=0.988343283220523
Requested by: Host: drsquatch.com
URL: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: 5fef89a904dd88b14bacfe9135d3c16f6eaff0e4cb8da6c2ce24f6af576a6b04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 00:47:05 GMT
via: 1.1 google
server: gams1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H2

200

klaviyo.js Show response
static.klaviyo.com/onsite/js/
Redirect Chain

https://a.klaviyo.com/media/js/analytics/analytics.js
https://static.klaviyo.com/onsite/js/klaviyo.js

882 B
950 B

57ms
11ms

Script
application/javascript

151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/klaviyo.js
Requested by: Host: drsquatch.com
URL: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
Protocol: H2
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0eed6a9464095d1dab6e569d5b1c04d8a59c78361931f0874d9518e54061b2f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:06 GMT
content-encoding: gzip
age: 15788
x-cache: HIT, HIT
access-control-max-age: 86400
content-length: 553
x-served-by: cache-lga21946-LGA, cache-fra19122-FRA
access-control-allow-origin: *
allow: OPTIONS, GET
server: nginx
x-timer: S1655167626.236434,VS0,VE0
etag: "252b8be63043e5fd780ba548e8f958d6"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 3, 1405

Redirect headers

date: Tue, 14 Jun 2022 00:47:06 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
location: https://static.klaviyo.com/onsite/js/klaviyo.js
cf-ray: 71af0d7edeca5c3e-FRA

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 129ms
100ms Script
application/javascript 2a02:26f0:1700:78a::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: drsquatch.com
URL: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:78a::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "c4a0eea377c5e0da574e46f4d6e838e5"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1142
access-control-expose-headers: X-CDN

GET
H2 200 web_surveys.js Show response
survey.survicate.com/workspaces/bd0cca1ea338864015e788844bc476de/ 12 KB
3 KB 99ms
7ms Script
text/javascript 2a0b:4d07:1::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.survicate.com/workspaces/bd0cca1ea338864015e788844bc476de/web_surveys.js
Requested by: Host: drsquatch.com
URL: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:1::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: c9de8f7f93a001166560395b3fa0b8177fdfcce0d5da03e5ba2c967f60bc4834

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:06 GMT
content-encoding: gzip
last-modified: Tue, 14 Jun 2022 00:29:40 GMT
server: keycdn-engine
x-amz-request-id: P9KRHDHK7XE9Z146
x-edge-location: defr
etag: W/"1f95252fa89ddbc6f5e618a26c134013"
x-cache: HIT
x-amz-version-id: DuHiOqCtyTRdOg9CzDhVprozsm68DdeL
access-control-allow-origin: *
cache-control: max-age=300
content-type: text/javascript
x-amz-id-2: 4tJg4cBWSoHceBhmrLrqa0NjZRBEGvQjHM2yKcHnNL37NTp6bHz2prG3GemOJCJFbykXawgA4r8=

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 73ms
20ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:46:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
x-amz-request-id: G2ZF7VM34X3W3P70
x-amz-id-2: aOMp+PVEkjMmRdXAw0juAJgxtr+omj4L9jmVytfi0UIH/3wTFvH9GMHYIM6xVdkolRRORlRy8LI=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 22 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 17 Jan 2022 12:00:39 GMT
server: ATS
etag: "13a189bb8f25228852b3279db3659c28-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: pAIvW1wzOXi43b8v53GVflu.j8ZqoXS3
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 42 KB
14 KB 44ms
14ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

dfc6678e3b812f3097334f84e4f7ed816c8339cd0f1a5e5b90281e8c3374d463

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:06 GMT
content-encoding: gzip
last-modified: Tue, 31 May 2022 05:07:22 GMT
server: nginx
etag: W/"6295a28a-a708"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 Jun 2022 00:47:06 GMT

GET
H3 200 tag-0f6ee48eb742edce429292f8373e99d0.js Show response
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/ 168 KB
47 KB 36ms
21ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-0f6ee48eb742edce429292f8373e99d0.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=556780&u=https%3A%2F%2Fdrsquatch.com%2Fpages%2Fsubscription-flow%3F_ke%3DeyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%253D%26utm_campaign%3DFlow%253A1A-PrePurchaseFlow-EmailModal%257CNum%253A2%257CDay%253A2%257CEM%253ARaisingTheBarSamplerBundle%257CPromo%253ANA%257C%26utm_medium%3Demail%26utm_source%3Dklaviyo-automated-flow%26variation%3DB%23barsoap&f=1&r=0.988343283220523
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: 5663bcfef1771fc1ed4e419dd0f28ae3aca4454ab48705a245f17d58779fee9e

Request headers

Referer: https://drsquatch.com/
Origin: https://drsquatch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
content-encoding: br
last-modified: Thu, 09 Jun 2022 06:46:00 GMT
server: gams1
etag: "62a19728-bcbc"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48316
via: 1.1 google

GET
H3 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 113ms
96ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=556780&d=drsquatch.com&u=D4513324D7FB2D327E4DAB624E882CC6C&h=ede22b707920736a74c6d3acb7ccbf6a&t=false&r=0.04732131235261061

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 00:47:05 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=22076&v=5.11.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&tld=drsquatch.com&fu=https%3A%2F%2Fdrsquatch.com%2Fpages%2Fsubscription-flow%3F_ke%3DeyJrb...
https://widget.us.criteo.com/event?a=22076&v=5.11.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&tld=drsquatch.com&fu=https%3A%2F%2Fdrsquatch.com%2Fpages%2Fsubscription-flow%3F_ke%3DeyJrb...

9 KB
9 KB

304ms
104ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=22076&v=5.11.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&tld=drsquatch.com&fu=https%3A%2F%2Fdrsquatch.com%2Fpages%2Fsubscription-flow%3F_ke%3DeyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%253D%26utm_campaign%3DFlow%253A1A-PrePurchaseFlow-EmailModal%257CNum%253A2%257CDay%253A2%257CEM%253ARaisingTheBarSamplerBundle%257CPromo%253ANA%257C%26utm_medium%3Demail%26utm_source%3Dklaviyo-automated-flow%26variation%3DB%23barsoap&dtycbr=41647

Requested by

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

1f03618a75be1e1433dac5cd764bbc73f7ebb07d2b6182ba7ed5bfa24098dd0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 00:47:05 GMT
server: Kestrel
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload;
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 11267490
content-type: application/x-javascript
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 00:47:05 GMT
server: Kestrel
location: https://widget.us.criteo.com/event?a=22076&v=5.11.0&p0=e%3Dexd%26site_type%3Dd&p1=e%3Dvh&p2=e%3Ddis&adce=1&tld=drsquatch.com&fu=https%3A%2F%2Fdrsquatch.com%2Fpages%2Fsubscription-flow%3F_ke%3DeyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%253D%26utm_campaign%3DFlow%253A1A-PrePurchaseFlow-EmailModal%257CNum%253A2%257CDay%253A2%257CEM%253ARaisingTheBarSamplerBundle%257CPromo%253ANA%257C%26utm_medium%3Demail%26utm_source%3Dklaviyo-automated-flow%26variation%3DB%23barsoap&dtycbr=41647
strict-transport-security: max-age=31536000; preload;
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2729818
timing-allow-origin: *
content-length: 0
expires: 0

GET
H2 200 fonts.css
surveys-static.survicate.com/fonts/ 10 KB
1 KB 59ms
7ms Stylesheet
text/css 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://surveys-static.survicate.com/fonts/fonts.css
Requested by: Host: survey.survicate.com
URL: https://survey.survicate.com/workspaces/bd0cca1ea338864015e788844bc476de/web_surveys.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: bacc23ae416ef150be09288d366d689a7678849b04094552e67d8e2a032ad5a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:06 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2022 12:02:06 GMT
server: keycdn-engine
x-amz-request-id: XDFXXFPQKA3DVKC8
x-edge-location: defr
etag: W/"175a0d0343589473e72c6e512936d749"
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
x-amz-id-2: mxFv8nvcK5QJrSesAEiuU6PZehODMzgOu6SjS6i/QBiJ8pDKoN+3psv95ktftqfwqga6CmHiAoA=

GET
H2 200 widget_core-15.4.3.js Show response
surveys-static.survicate.com/ 325 KB
95 KB 58ms
6ms Script
application/x-javascript 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://surveys-static.survicate.com/widget_core-15.4.3.js
Requested by: Host: survey.survicate.com
URL: https://survey.survicate.com/workspaces/bd0cca1ea338864015e788844bc476de/web_surveys.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: fe2b612f141cf1aa32ab62663f42b699d63c62f4de2b2da394a701c3eb1bb2c2

Request headers

Referer: https://drsquatch.com/
Origin: https://drsquatch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:06 GMT
content-encoding: gzip
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: NBRYZPH5ZGEGQ31N
x-edge-location: defr
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:121050345386:build/ServiceSurveysStaticBuildAs-HG6JoJVHsH3E:c7a1ccfb-4f9e-4bc9-9190-1e4f78b33a97
x-cache: HIT
x-amz-meta-codebuild-content-sha256: 90a7604948c149d0abcc82980906082a4c8d19e5e51fd5e546e4dfdc06dda484
x-amz-meta-codebuild-content-md5: eb63ce01342a3c263de5b9efd56be129
x-amz-id-2: 2iNIZSo7YbyUWj8xvaiJ10HASbnjDd3z9BBfGcN8oSKBD7Uqf6Kbvkc3iDkOoSUxmVkkyEljaSY=
last-modified: Mon, 13 Jun 2022 13:16:19 GMT
server: keycdn-engine
etag: W/"2897663befe28729074f2423ca559c65"
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000

GET
H2 200 10063850.json Show response
s.yimg.com/wi/config/ 2 B
449 B 70ms
24ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10063850.json

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:45:00 GMT
x-content-type-options: nosniff
age: 126
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: AHY3G1E0HWWSDKW6
x-amz-id-2: 27VnSyN6f+u+OG7K1IFlAlijAByb9eZgRT2NF6FgFHs1Rzn9oypBFq63Bj92wRTzsImWyS6xv24=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 2

GET
H2 200 bundle.js Show response
p.yotpo.com/js/ 42 KB
14 KB 61ms
15ms Script
application/javascript 52.58.231.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.yotpo.com/js/bundle.js
Requested by: Host: cdn-widgetsrepository.yotpo.com
URL: https://cdn-widgetsrepository.yotpo.com/v1/loader/aVmUCojw7M4SVKvRhQWlyw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.231.73 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-231-73.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 34677893e517cafd730303991928856dea0f7563b13692bb80380f26a71c49a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:06 GMT
content-encoding: gzip
last-modified: Wed, 11 Aug 2021 17:25:00 GMT
server: nginx
etag: W/"611407ec-a96b"
content-type: application/javascript
cache-control: max-age=86400, private
expires: Wed, 15 Jun 2022 00:47:06 GMT

GET
H/1.1 200
OK app.v0.0.42-2673.js Show response
cdn-widget-assets.yotpo.com/widgets-initializer/ 24 KB
9 KB 61ms
12ms Script
application/javascript 2a02:26f0:6c00:294::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-widget-assets.yotpo.com/widgets-initializer/app.v0.0.42-2673.js
Requested by: Host: cdn-widgetsrepository.yotpo.com
URL: https://cdn-widgetsrepository.yotpo.com/v1/loader/aVmUCojw7M4SVKvRhQWlyw
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 07323a01c0b955284041a6a883e72d6453c8904d37c42543eefe643389782aba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: s_deQUz1uSMfrPgmHwG80AEFxDshkoOF
Content-Encoding: gzip
Last-Modified: Wed, 03 Nov 2021 08:04:29 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:1000/gname:ubuntu/uname:ubuntu/gid:1000/mode:33188/mtime:1635926668/atime:1635926668/md5:159abe855ef1924f2032833495ff921f/ctime:1635926668
x-amz-request-id: H3N02GQ0D1YD7VD8
ETag: "159abe855ef1924f2032833495ff921f"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=12922284
Date: Tue, 14 Jun 2022 00:47:06 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8139
x-amz-id-2: E+7GBtuUNrOY4tc4eg/P3QvsrkMilr7kaByX0XS9epKwOZLpiiBR2BvRH9G4YMAZ9qQqtIr9FwU=

GET
H2 200 gorgias-chat-bundle-loader.js Show response
client-builds.production.gorgias.chat/new_bundle/ 1 KB
1 KB 57ms
24ms Script
application/javascript 2606:4700::6812:1cb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client-builds.production.gorgias.chat/new_bundle/gorgias-chat-bundle-loader.js?applicationId=5462&ignore=/static/js/main.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cb4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b4401b57973c06bae6db7acf68ed4bd260ab3ee4f5c47d8828285a8a532eacb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:06 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 532652
cf-polished: origSize=1474
x-dns-prefetch-control: off
content-encoding: br
vary: Accept-Encoding
x-xss-protection: 0
referrer-policy: no-referrer
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5c2-9G8pVbIiBTON6K7H98kgbBPqFWk"
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cf-ray: 71af0d7fcd4c5c50-FRA

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 5C77 15 KB
6 KB 53ms
15ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=drsquatch.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

4f6703cd54650cdd75f59266d630970479d273471a330e272cdaaef9481c55cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://drsquatch.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6123
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 00:47:06 GMT
server-processing-duration-in-ticks: 1811
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 main.32155010.js Show response
s.pinimg.com/ct/lib/ 52 KB
18 KB 113ms
111ms Script
application/javascript 2a02:26f0:1700:78a::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.32155010.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:78a::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "fd86de14455274a7c147dc95b77e18e3"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18298
access-control-expose-headers: X-CDN

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 76ms
26ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1018509496

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15069
x-xss-protection: 0
server: cafe
etag: 11223643544955582496
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 14 Jun 2022 00:47:06 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 95 KB
37 KB 65ms
28ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=OPT-TWRJ68P

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQXWN9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7e14e653f4dd3a160ff5bf8de9e60bbe3b2e2c9e807c61127b58b99b4796ffc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37622
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 14 Jun 2022 00:47:06 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 68ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQXWN9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: ECFB8F20403C44A28ED73AE48AC87840 Ref B: FRAEDGE1513 Ref C: 2022-06-14T00:47:06Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Tue, 14 Jun 2022 00:47:05 GMT
accept-ranges: bytes
content-length: 11333

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 38ms
13ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQXWN9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4340
date: Mon, 13 Jun 2022 23:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 14 Jun 2022 01:34:46 GMT

GET
H/1.1 200
OK roblyid.js Show response
s3.amazonaws.com/roblyimages/accounts/24296/roblyid/ 0
367 B 415ms
118ms Script
application/javascript 52.217.199.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/roblyimages/accounts/24296/roblyid/roblyid.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQXWN9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.199.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 00:47:07 GMT
Last-Modified: Tue, 11 Jun 2019 00:49:42 GMT
Server: AmazonS3
x-amz-request-id: QKH0KYXJ5N14J0FD
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 0
x-amz-id-2: KL/ERnomrFUXMuajAk8+OaFaeoi14hFL2KCqHqNOe34WKyb0RWIB9YpMDLakkayzFqa6BFBbf98=

GET
H2 200 hotjar-1353191.js Show response
static.hotjar.com/c/ 5 KB
3 KB 63ms
36ms Script
application/javascript 65.9.66.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1353191.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-112.fra56.r.cloudfront.net

Software

Resource Hash

d06f0152a9fe403493b2c0438fb6981dd03511258c44fcde6c9ef7ba096d9b79

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:06 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA56-C1
etag: W/eeba34c324ad873daccdd3427234433a
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 1e5cc3IKBimWn6nzAGN5NOSWwauUAdj--uUMjv6EdLHfeT3nIDPbTw==
via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 165 KB
47 KB 193ms
110ms Script
application/javascript 95.101.22.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C30GSHTAR64QJ449RK20&lib=ttq
Requested by: Host: drsquatch.com
URL: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.22.179 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-22-179.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6760f19ba40c31339c5448817723ce51abcb1fb5c4918e2095e2f9c2fe51be63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-akamai-request-id: d57678bc.28546e97
date: Tue, 14 Jun 2022 00:47:06 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a104-78-78-23.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a95-101-22-175.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time: 94,95.101.22.175
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=4, inner; dur=2
pragma: no-cache
server: nginx
x-tt-logid: 20220614004706010004003005006003025082E531D
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 4,104.78.78.23
x-tt-trace-host: 01f6be43465a12ed6f674215fbfc8fb5f0f81286662355e6c1051c1903a1f45886c77947171698bc88fba7e8a996a6c12c2ab21197af8a5f7cebbfa108598f94c1452eb455b621f2747c63f1474f1fce50e3b7f9a80fa624337c58603807e6f4621b7c8e515f13b39aaa4467d48a39a5dd
expires: Tue, 14 Jun 2022 00:47:06 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 21 KB
8 KB 49ms
22ms Script
application/javascript 143.204.207.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: drsquatch.com
URL: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-250.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: 9fe8a8e2261e527d5b294b5cd8781b93cecf8223e22ba45630345578599cf308

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:06 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 7452
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
x-amz-cf-id: NKtyPsQ7my78VzbF_t5WfKYp0XFpu8QPIXLRhzUNdpzRSqWknr2ysQ==

GET
H/1.1

200
OK

pixel.js Show response
redditstatic.s3.amazonaws.com/ads/
Redirect Chain

https://www.redditstatic.com/ads/pixel.js
https://redditstatic.s3.amazonaws.com/ads/pixel.js

24 KB
8 KB

405ms
105ms

Script
application/javascript

52.217.163.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://redditstatic.s3.amazonaws.com/ads/pixel.js
Requested by: Host: drsquatch.com
URL: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
Protocol: HTTP/1.1
Server: 52.217.163.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ea011956164ed15022fb5732fd6d810bf75bb104babed05a29beb5c50302b926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 00:47:07 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Apr 2022 22:30:59 GMT
Server: AmazonS3
x-amz-request-id: QKHC9QRG82Z0WCFF
ETag: "5dcf2f59e7a6e0d30193fedad78db790"
Content-Type: application/javascript
Cache-Control: public, max-age=60
Accept-Ranges: bytes
Content-Length: 7461
x-amz-id-2: UEhp/44EkP+EiBxokZ2usISN0rx0fIpFuXiC9vZdQixQbn6Tir9DdCN8H/JyHtqeibhUBqzTFXA=

Redirect headers

date: Tue, 14 Jun 2022 00:47:06 GMT
via: 1.1 varnish, 1.1 varnish
server: snooserv
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
location: https://redditstatic.s3.amazonaws.com/ads/pixel.js
accept-ranges: bytes
content-length: 0
retry-after: 0

GET
H/1.1

200
OK

cnv
cnv.event.prod.bidr.io/log/
Redirect Chain

https://pixel.pointmediatracker.com/kpi?c=drsquatch&tag_id=62&kpi=visit&fpc=3fa3c60e-68b4-4737-bc34-189c3ef5fc88&user_id=&order_value=undefined&new_user=undefined&gtmcb=1169609609
https://cnv.event.prod.bidr.io/log/cnv?tag_id=62&buzz_key=blisspoint&value=drsquatch&segment_key=&order=86d4860e-9039-48bf-9aac-412c231f2fcb.&ord=6649356296234649772
https://cnv.event.prod.bidr.io/log/cnv?tag_id=62&buzz_key=blisspoint&value=drsquatch&segment_key=&order=86d4860e-9039-48bf-9aac-412c231f2fcb.&ord=6649356296234649772&_bee_ppp=1

43 B
793 B

34ms
33ms

Image
image/gif

52.213.70.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cnv.event.prod.bidr.io/log/cnv?tag_id=62&buzz_key=blisspoint&value=drsquatch&segment_key=&order=86d4860e-9039-48bf-9aac-412c231f2fcb.&ord=6649356296234649772&_bee_ppp=1

Requested by

Protocol

HTTP/1.1

Server

52.213.70.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-213-70-117.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
Date: Tue, 14 Jun 2022 00:47:06 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cnv.event.prod.bidr.io/log/cnv?tag_id=62&buzz_key=blisspoint&value=drsquatch&segment_key=&order=86d4860e-9039-48bf-9aac-412c231f2fcb.&ord=6649356296234649772&_bee_ppp=1
Date: Tue, 14 Jun 2022 00:47:06 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2 200 /
lwpixel.azurefd.net/t/v2/drsquatch/ 33 B
270 B 517ms
410ms Image
image/gif 2620:1ec:49::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lwpixel.azurefd.net/t/v2/drsquatch/?c=&d=&y=1655167626232&z=32276401314328363000
Requested by: Host: drsquatch.com
URL: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:49::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bf7c178697d05163c48c177f5c58e49f7f08dfc6e618ddba632a45822ab5c051

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 00:47:06 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 33
x-azure-ref: 0itqnYgAAAADzAkRD7J4PRLHkTvcj0Yo7RlJBMjMxMDUwNDE5MDE3AGI3YzdmZjk1LTRkYjUtNDk5Yi1iOTlhLTRkZjY0NWFlODJlYw==
x-cache: CONFIG_NOCACHE
content-type: image/gif

GET
H3 200 tag-c682f1c227d8588641c313f5e883dc37.js Show response
dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnksdHI6Ny4w/ 105 KB
27 KB 17ms
17ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnksdHI6Ny4w/tag-c682f1c227d8588641c313f5e883dc37.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-0f6ee48eb742edce429292f8373e99d0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: 5b8fa239874a06156a0b66e2bf8d0ae2ab518c48ef6872e72eaa0ae17fe447b0

Request headers

Referer: https://drsquatch.com/
Origin: https://drsquatch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
content-encoding: br
last-modified: Thu, 09 Jun 2022 06:46:00 GMT
server: gams1
etag: "62a19728-6ae0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27360
via: 1.1 google

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
633 B 111ms
32ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2014%20Jun%202022%2000%3A47%3A06%20GMT&n=0&b=Subscription%20Flow%20-%20Dr.%20Squatch&.yp=10063850&f=https%3A%2F%2Fdrsquatch.com%2Fpages%2Fsubscription-flow%3F_ke%3DeyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%253D%26utm_campaign%3DFlow%253A1A-PrePurchaseFlow-EmailModal%257CNum%253A2%257CDay%253A2%257CEM%253ARaisingTheBarSamplerBundle%257CPromo%253ANA%257C%26utm_medium%3Demail%26utm_source%3Dklaviyo-automated-flow%26variation%3DB%23barsoap&enc=UTF-8&yv=1.12.0&tagmgr=gtm

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 00:47:06 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Tue, 14 Jun 2022 00:47:06 GMT

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 32 KB
5 KB 21ms
20ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=556780&settings_type=1&vn=7.0&r=0.753330945595805&exc=1|2|95|3|98|4|99|5|6|7|8|9|10|11|12|13|21|22|96|131|141
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-0f6ee48eb742edce429292f8373e99d0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: 1f4593696fc68f3384c8e3bac8985bf08d52e4616338cd767f7b9b7dae221428

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
via: 1.1 google
server: gams1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H2 200 gorgias-chat-bundle.js Show response
config.gorgias.chat/ 405 KB
126 KB 46ms
45ms Script
application/javascript 2606:4700::6812:1cb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://config.gorgias.chat/gorgias-chat-bundle.js?rev=3c355f92&applicationId=5462

Requested by

Host: client-builds.production.gorgias.chat
URL: https://client-builds.production.gorgias.chat/new_bundle/gorgias-chat-bundle-loader.js?applicationId=5462&ignore=/static/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1cb4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f0d38840ac47b905920102af27fc3227812159632631633a4534bd540da8ca4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:06 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 533412
cf-polished: origSize=414532
x-dns-prefetch-control: off
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
x-xss-protection: 0
referrer-policy: no-referrer
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"65344-RJhbw51qTPd+/fONggQHu5PisRk"
expect-ct: max-age=0
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
sourcemap: gorgias-chat-bundle.js.map
cf-ray: 71af0d805de25c50-FRA

GET
H/1.1 200
OK app.v0.1.9-2830.js Show response
cdn-widget-assets.yotpo.com/widget-referred-friend/ 398 KB
112 KB 20ms
19ms Script
application/javascript 2a02:26f0:6c00:294::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-widget-assets.yotpo.com/widget-referred-friend/app.v0.1.9-2830.js
Requested by: Host: cdn-widget-assets.yotpo.com
URL: https://cdn-widget-assets.yotpo.com/widgets-initializer/app.v0.0.42-2673.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 21cee8799307e24bd6f82f89defee0d881d722970d8bc08c43cfd48d8f5d51d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: sd2lLcwKXwsWN9Rw6Qa_r_SZ87HJZskA
Content-Encoding: gzip
Last-Modified: Wed, 16 Mar 2022 08:57:53 GMT
Server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:1000/gname:ubuntu/uname:ubuntu/gid:1000/mode:33188/mtime:1647421071/atime:1647421071/md5:bfbacb12dc277fa5d31ed4f4b46e00c9/ctime:1647421071
x-amz-request-id: QRS1QPGGXYNXPK87
ETag: "bfbacb12dc277fa5d31ed4f4b46e00c9"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=23789379
Date: Tue, 14 Jun 2022 00:47:06 GMT
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
Transfer-Encoding: chunked
x-amz-id-2: UWGbpCGUv466XawynzOfwu4OK6RH1QEFNqJKajh6xBfVuHKBdFLuCrMiZ4HJfKb6CpsJQnbAUQQ=

GET
H2

200

sid Show response
mug.criteo.com/ Frame 5C77
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=drsquatch.com&sn=ChromeSyncframe&so=0&topUrl=drsquatch.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=HfAI4XxxbUk1c0k1VXpZRW1zaTZ2YmlMTXdzNFlaaytUQi9iOU5nRlg5a2wwbUhXb3dJNktLSGk2TmlGV254NlluVUkzYk54NlVneU9yaFN5SzBZOHFvaFdpMlF3aXZ1TjIxLzc3WStjakxGUUZsVFJXajR3ci91SCtmSE...

422 B
629 B

51ms
16ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=HfAI4XxxbUk1c0k1VXpZRW1zaTZ2YmlMTXdzNFlaaytUQi9iOU5nRlg5a2wwbUhXb3dJNktLSGk2TmlGV254NlluVUkzYk54NlVneU9yaFN5SzBZOHFvaFdpMlF3aXZ1TjIxLzc3WStjakxGUUZsVFJXajR3ci91SCtmSEJ2VCtEUkhIak1FeW9wWit2WjlvWmxFeUNCeFBCQzdWUVgvMUJzenZENEd5MTFrZ3c1akhGbTl0eWljL0RheVhhS0l5OG1VbnZDZU90N3U1ZDZaMFhWaDNJMGlaeDFzUks3UklYS0dlVVYrSlAvQWJSbitJdUJnTVgrRUdCTDRjaVN6YS9EY20wYWlQVDdxaTlSSU4rcWVVZlp1dUg0QT09fA&cppv=2

Requested by

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

5ba33ed046b3a5ebf684d81377456fd6144a348c564f46f81e4ca09dc944afb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 00:47:06 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4413
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 00:47:05 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=HfAI4XxxbUk1c0k1VXpZRW1zaTZ2YmlMTXdzNFlaaytUQi9iOU5nRlg5a2wwbUhXb3dJNktLSGk2TmlGV254NlluVUkzYk54NlVneU9yaFN5SzBZOHFvaFdpMlF3aXZ1TjIxLzc3WStjakxGUUZsVFJXajR3ci91SCtmSEJ2VCtEUkhIak1FeW9wWit2WjlvWmxFeUNCeFBCQzdWUVgvMUJzenZENEd5MTFrZ3c1akhGbTl0eWljL0RheVhhS0l5OG1VbnZDZU90N3U1ZDZaMFhWaDNJMGlaeDFzUks3UklYS0dlVVYrSlAvQWJSbitJdUJnTVgrRUdCTDRjaVN6YS9EY20wYWlQVDdxaTlSSU4rcWVVZlp1dUg0QT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1591
content-length: 541
expires: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1018509496/ 3 KB
2 KB 68ms
26ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1018509496/?random=1655167626330&cv=9&fst=1655167626330&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6d0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdrsquatch.com%2Fpages%2Fsubscription-flow%3F_ke%3DeyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%253D%26utm_campaign%3DFlow%253A1A-PrePurchaseFlow-EmailModal%257CNum%253A2%257CDay%253A2%257CEM%253ARaisingTheBarSamplerBundle%257CPromo%253ANA%257C%26utm_medium%3Demail%26utm_source%3Dklaviyo-automated-flow%26variation%3DB&tiba=Subscription%20Flow%20-%20Dr.%20Squatch&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d001ac9c0f3ccf13e5fcbaf12d945eb7f37a30a60100ef5cacb782c9828aaea3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 00:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1270
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1018509496/ 3 KB
1 KB 67ms
27ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1018509496/?random=1655167626333&cv=9&fst=1655167626333&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6d0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fdrsquatch.com%2Fpages%2Fsubscription-flow%3F_ke%3DeyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%253D%26utm_campaign%3DFlow%253A1A-PrePurchaseFlow-EmailModal%257CNum%253A2%257CDay%253A2%257CEM%253ARaisingTheBarSamplerBundle%257CPromo%253ANA%257C%26utm_medium%3Demail%26utm_source%3Dklaviyo-automated-flow%26variation%3DB&tiba=Subscription%20Flow%20-%20Dr.%20Squatch&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c19441edbeaed7829d98ab5f1e32b2cc4b5cb8951ba2384222005edb9d319236

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 00:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1251
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.b871a939666125f20d79.js Show response
script.hotjar.com/ 243 KB
63 KB 43ms
8ms Script
application/javascript 99.86.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.b871a939666125f20d79.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1353191.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-91.fra6.r.cloudfront.net

Software

Resource Hash

e5827fd8bddccf8f9ca7d06936e0bd6596f9ec6aca0652086c5d593a72d84435

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 08:52:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 402900
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 64109
access-control-allow-origin: *
last-modified: Thu, 09 Jun 2022 08:51:29 GMT
etag: "a7a5f230aae7accf37f785c6590c07fa"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: rlS-6GEai3bQ97bKYu53N2hQuJfXEyQasGb1dATwZmE20k60beXRJw==

GET
H2 200 11009659.js Show response
bat.bing.com/p/action/ 219 B
494 B 150ms
150ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/11009659.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

562e9734043d3c007a670efaf00f73e27e387c20c1e9269b0a2063e8a3566ada

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D16DCFB8A9BE49A29FEEB26360FD9B68 Ref B: FRAEDGE1513 Ref C: 2022-06-14T00:47:06Z
x-powered-by: ARR/3.0
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
date: Tue, 14 Jun 2022 00:47:05 GMT
content-length: 300

GET
H2 204 0
bat.bing.com/action/ 0
175 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=11009659&Ver=2&mid=23537028-883a-43d8-ae29-6603d1d14f2a&sid=83a0fd40eb7b11ec9b7e8dd2a05202b1&vid=83a118a0eb7b11ec973819b37591ea1a&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Subscription%20Flow%20-%20Dr.%20Squatch&p=https%3A%2F%2Fdrsquatch.com%2Fpages%2Fsubscription-flow%3F_ke%3DeyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%253D%26utm_campaign%3DFlow%253A1A-PrePurchaseFlow-EmailModal%257CNum%253A2%257CDay%253A2%257CEM%253ARaisingTheBarSamplerBundle%257CPromo%253ANA%257C%26utm_medium%3Demail%26utm_source%3Dklaviyo-automated-flow%26variation%3DB%23barsoap&r=&lt=1971&evt=pageLoad&msclkid=N&sv=1&rn=838139

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 147BEB42E3BF4460B16A61488EFB02A3 Ref B: FRAEDGE1513 Ref C: 2022-06-14T00:47:06Z
date: Tue, 14 Jun 2022 00:47:05 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 worker-70faafffa0475802f5ee03ca5ff74179.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 17ms
17ms XHR
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:05 GMT
content-encoding: br
last-modified: Thu, 09 Jun 2022 06:45:59 GMT
server: gams1
etag: "62a19727-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13599
via: 1.1 google

GET
H2 200 / Show response
ct.pinterest.com/user/ 487 B
831 B 69ms
41ms XHR
application/json 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2617908370808&pd=%7B%22em%22%3A%22e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855%22%7D&cb=1655167626409

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

3fde7a56c437a737445b59a2a94749888886990dbe40b410dd4a7abe00c4dfc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:06 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.926656b8.1655167626.47892bb
x-envoy-upstream-service-time: 2
x-pinterest-rid: 3381480275946455
pin-unauth: dWlkPVlqaGtNakl3TmpVdE5EaGpaaTAwWWpReUxXRXpOVEF0TkdVd09ERXhOV0ZqT0dOaQ
access-control-allow-origin: https://drsquatch.com
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 352
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
440 B 59ms
19ms XHR
text/plain 2a00:1450:400c:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-7574757-3&cid=1491714775.1655167626&jid=1213731479&gjid=1625526365&_gid=159697642.1655167626&_u=aGBAgEABQAAAAE~&z=1063513647

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://drsquatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 14 Jun 2022 00:47:06 GMT
content-type: text/plain
access-control-allow-origin: https://drsquatch.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 41ms
12ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=106315950&t=pageview&_s=1&dl=https%3A%2F%2Fdrsquatch.com%2Fpages%2Fsubscription-flow%3F_ke%3DeyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%253D%26utm_campaign%3DFlow%253A1A-PrePurchaseFlow-EmailModal%257CNum%253A2%257CDay%253A2%257CEM%253ARaisingTheBarSamplerBundle%257CPromo%253ANA%257C%26utm_medium%3Demail%26utm_source%3Dklaviyo-automated-flow%26variation%3DB&ul=en-us&de=UTF-8&dt=Subscription%20Flow%20-%20Dr.%20Squatch&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEABQ~&jid=1213731479&gjid=1625526365&cid=1491714775.1655167626&tid=UA-7574757-3&_gid=159697642.1655167626&gtm=2wg6d0MQXWN9&cd19=1655167626226.6g9xhskd&cd20=1655167626&did=BwiEti&z=1143054737

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Jun 2022 20:06:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16836
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 init Show response
tr.snapchat.com/ 126 B
478 B 107ms
20ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/init?pids=6d55c4e0-88b9-494c-9e35-9505d220a547

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

48b9f0fa682dd3a43de06b80874b97a312760f7058f950845e85af5187b264a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:06 GMT
content-encoding: gzip
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://drsquatch.com
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 64 B
152 B 106ms
21ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=6d55c4e0-88b9-494c-9e35-9505d220a547&tld=com

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

a73f7c58f5f6f408f7b55271265fe6f96d9135be71615c7b378f67fa0c25c234

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:06 GMT
content-encoding: gzip
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://drsquatch.com
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
via: 1.1 google

GET
H2 200 box-63c3a81830bf549dafe40b369003f751.html Show response
vars.hotjar.com/ Frame F119 2 KB
1 KB 34ms
7ms Document
text/html 143.204.215.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1353191.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-118.fra53.r.cloudfront.net
Software: /
Resource Hash: f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6

Request headers

Referer: https://drsquatch.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1185180
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 07:34:06 GMT
etag: "e6fb1304cb60a0dea0f76f7077cb13c6"
last-modified: Tue, 31 May 2022 07:33:23 GMT
vary: Accept-Encoding
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-id: 9P_Quo03Jou3y2NKUln5NTkOX47UzhU9v3s2tJ2FFsSxiDmyegQxeA==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
333 B 33ms
33ms Image
image/gif 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2617908370808&pd=%7B%22em%22%3A%22e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fdrsquatch.com%2Fpages%2Fsubscription-flow%3F_ke%3DeyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%253D%26utm_campaign%3DFlow%253A1A-PrePurchaseFlow-EmailModal%257CNum%253A2%257CDay%253A2%257CEM%253ARaisingTheBarSamplerBundle%257CPromo%253ANA%257C%26utm_medium%3Demail%26utm_source%3Dklaviyo-automated-flow%26variation%3DB%23barsoap%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1655167626461

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 00:47:06 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.926656b8.1655167626.47892cc
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1024353113683138
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 campaigns Show response
loyalty.yotpo.com/api/public/v1/ 618 B
1 KB 368ms
127ms XHR
application/json 52.200.151.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://loyalty.yotpo.com/api/public/v1/campaigns?guid=aVmUCojw7M4SVKvRhQWlyw&merchant_id=73194&campaign_types[]=ReferralCampaign

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.200.151.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-200-151-233.compute-1.amazonaws.com

Software

Resource Hash

7c81a0c0a237db1f9795e9a388e41628de00e901f1d985d680c38d86e61c6462

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://drsquatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-ratelimit-limit-second: 10000
vary: Accept-Encoding, Origin
ratelimit-reset: 1
x-ratelimit-remaining-second: 9999
x-kong-proxy-latency: 8
x-kong-upstream-latency: 19
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT, HEAD, PATCH
ratelimit-limit: 10000
referrer-policy: strict-origin
x-xss-protection: 1; mode=block
x-request-id: 0df54545e36a53a942abc033bc44acaa
x-runtime: 0.013118
access-control-allow-origin: https://drsquatch.com
correlation-id: 88a6c25f-8748-4869-8cef-943043f9434c
x-frame-options: ALLOWALL
etag: W/"7c81a0c0a237db1f9795e9a388e41628"
x-download-options: noopen
access-control-max-age: 7200
strict-transport-security: max-age=63072000; includeSubDomains
content-type: application/json; charset=utf-8
via: kong/2.1.4
x-permitted-cross-domain-policies: none
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
ratelimit-remaining: 9999
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,x-merchant-id,x-user-email,x-user-id,x-user-token,x-utoken,x-yotpo-token,authority,x-app-key
access-control-expose-headers

GET
H2 200 493.js
assets.gorgias.chat/c5e74a9c57b93302564dd7c7d851c295a117ffd8/static/js/ 0
11 KB 22ms
13ms Other
application/javascript 2606:4700::6812:1cb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.gorgias.chat/c5e74a9c57b93302564dd7c7d851c295a117ffd8/static/js/493.js
Requested by: Host: config.gorgias.chat
URL: https://config.gorgias.chat/gorgias-chat-bundle.js?rev=3c355f92&applicationId=5462
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cb4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:06 GMT
cf-cache-status: HIT
age: 547969
x-guploader-uploadid: ADPycdtOyJZIZrApbcqWtwsst5r7z2L36kAHmKB-fL0XJhjfWA89I7KmAVIA3YuGMoZmx-xJQJfk9X4XFjO-HHxPkIp0
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
content-length: 11035
expires: Wed, 07 Jun 2023 16:15:50 GMT
last-modified: Tue, 07 Jun 2022 15:51:58 GMT
server: cloudflare
etag: "4c9b7cc4780ebb8905e07bdaff3e93fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=Y7my+Q==, md5=TJt8xHgOu4kF4Hva/z6T/Q==
x-goog-generation: 1654617118536077
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, no-transform
x-goog-stored-content-length: 4722
accept-ranges: bytes
cf-ray: 71af0d81af545c50-FRA
cf-bgj: minify

GET
H2 200 gcmw.js
assets.gorgias.chat/c5e74a9c57b93302564dd7c7d851c295a117ffd8/static/js/ 0
597 KB 23ms
15ms Other
application/javascript 2606:4700::6812:1cb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.gorgias.chat/c5e74a9c57b93302564dd7c7d851c295a117ffd8/static/js/gcmw.js
Requested by: Host: config.gorgias.chat
URL: https://config.gorgias.chat/gorgias-chat-bundle.js?rev=3c355f92&applicationId=5462
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cb4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:06 GMT
cf-cache-status: HIT
age: 547942
cf-polished: origSize=610271
x-guploader-uploadid: ADPycduiQAGRr43Sm2oxJWh11NYIfvXbNKrQ5-HS1_W3gV-o_2KubCPfUScGiIQRl8bFxN3qxtkQJ4ulEb0oCknXDhRd0Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
content-length: 610268
expires: Wed, 07 Jun 2023 16:15:50 GMT
last-modified: Tue, 07 Jun 2022 15:51:59 GMT
server: cloudflare
etag: "f7d1b0903a7572b5de9fbebc0a68d814"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=kdvg6Q==, md5=99GwkDp1crXen768CmjYFA==
x-goog-generation: 1654617119593656
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, no-transform
x-goog-stored-content-length: 156153
accept-ranges: bytes
cf-ray: 71af0d81af555c50-FRA
cf-bgj: minify

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 8BFD 0
294 B 50ms
22ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=6d55c4e0-88b9-494c-9e35-9505d220a547

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://drsquatch.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 14 Jun 2022 00:47:06 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 1

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1018509496/ 3 KB
1 KB 78ms
47ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1018509496/?random=1655167626502&cv=9&fst=1655167626502&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6d0&sendb=1&ig=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fdrsquatch.com%2Fpages%2Fsubscription-flow%3F_ke%3DeyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%253D%26utm_campaign%3DFlow%253A1A-PrePurchaseFlow-EmailModal%257CNum%253A2%257CDay%253A2%257CEM%253ARaisingTheBarSamplerBundle%257CPromo%253ANA%257C%26utm_medium%3Demail%26utm_source%3Dklaviyo-automated-flow%26variation%3DB&tiba=Subscription%20Flow%20-%20Dr.%20Squatch&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54ebda69b02676d45de13f9be5fd75d9fe7aa215344e462f067ce2646dff9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 00:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1270
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 83ms
24ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-7574757-3&cid=1491714775.1655167626&jid=1213731479&_u=aGBAgEABQAAAAE~&z=945397455

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 00:47:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 80ms
36ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-7574757-3&cid=1491714775.1655167626&jid=1213731479&_u=aGBAgEABQAAAAE~&z=945397455

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 00:47:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i
p.yotpo.com/ 35 B
278 B 8ms
8ms Image
image/gif 52.58.231.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.yotpo.com/i?e=se&se_ca=referred-friend&se_ac=shown&se_la=layout&se_va=aVmUCojw7M4SVKvRhQWlyw&cx=eyJzZXNzaW9uX2lkIjoiNDRjMGUwZGMtMGI3MS00NjQyLTkyNzQtZmZiZjFjMTQ4NTM2Iiwic2VxdWVuY2UiOiIwIiwid2lkZ2V0X2luc3RhbmNlX2lkIjoiNDAzNTQiLCJpbnN0YW5jZV92ZXJzaW9uX2lkIjoiMTc3MTA1NSIsImlzX21vYmlsZSI6ZmFsc2V9&dtm=1655167626532&tid=938746&vp=1600x1200&ds=1600x3650&vid=1&duid=01f8b068834f246b&p=web&tv=js-0.13.4&fp=1789155876&aid=onsite_v3&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fdrsquatch.com%2Fpages%2Fsubscription-flow%3F_ke%3DeyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%253D%26utm_campaign%3DFlow%253A1A-PrePurchaseFlow-EmailModal%257CNum%253A2%257CDay%253A2%257CEM%253ARaisingTheBarSamplerBundle%257CPromo%253ANA%257C%26utm_medium%3Demail%26utm_source%3Dklaviyo-automated-flow%26variation%3DB%23barsoap
Requested by: Host: drsquatch.com
URL: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.231.73 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-231-73.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:06 GMT
cache-control: max-age=86400, private
server: nginx
content-type: image/gif
content-length: 35
expires: Wed, 15 Jun 2022 00:47:06 GMT

POST
H2 200 p Show response
tr.snapchat.com/ Frame 5A39 0
221 B 21ms
21ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://drsquatch.com
Referer: https://drsquatch.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: https://drsquatch.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-transform
content-length: 0
content-type: text/html
date: Tue, 14 Jun 2022 00:47:06 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 1

GET
H2 200 /
www.google.com/pagead/1p-user-list/1018509496/ 42 B
108 B 65ms
28ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1018509496/?random=1655167626330&cv=9&fst=1655164800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6d0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdrsquatch.com%2Fpages%2Fsubscription-flow%3F_ke%3DeyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%253D%26utm_campaign%3DFlow%253A1A-PrePurchaseFlow-EmailModal%257CNum%253A2%257CDay%253A2%257CEM%253ARaisingTheBarSamplerBundle%257CPromo%253ANA%257C%26utm_medium%3Demail%26utm_source%3Dklaviyo-automated-flow%26variation%3DB&tiba=Subscription%20Flow%20-%20Dr.%20Squatch&async=1&fmt=3&is_vtc=1&random=827060627&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 00:47:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1018509496/ 42 B
548 B 58ms
35ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1018509496/?random=1655167626330&cv=9&fst=1655164800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6d0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdrsquatch.com%2Fpages%2Fsubscription-flow%3F_ke%3DeyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%253D%26utm_campaign%3DFlow%253A1A-PrePurchaseFlow-EmailModal%257CNum%253A2%257CDay%253A2%257CEM%253ARaisingTheBarSamplerBundle%257CPromo%253ANA%257C%26utm_medium%3Demail%26utm_source%3Dklaviyo-automated-flow%26variation%3DB&tiba=Subscription%20Flow%20-%20Dr.%20Squatch&async=1&fmt=3&is_vtc=1&random=827060627&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 00:47:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1018509496/ 42 B
154 B 63ms
26ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1018509496/?random=1655167626333&cv=9&fst=1655164800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6d0&sendb=1&frm=0&url=https%3A%2F%2Fdrsquatch.com%2Fpages%2Fsubscription-flow%3F_ke%3DeyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%253D%26utm_campaign%3DFlow%253A1A-PrePurchaseFlow-EmailModal%257CNum%253A2%257CDay%253A2%257CEM%253ARaisingTheBarSamplerBundle%257CPromo%253ANA%257C%26utm_medium%3Demail%26utm_source%3Dklaviyo-automated-flow%26variation%3DB&tiba=Subscription%20Flow%20-%20Dr.%20Squatch&async=1&fmt=3&is_vtc=1&random=622449844&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 00:47:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1018509496/ 42 B
108 B 52ms
36ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1018509496/?random=1655167626333&cv=9&fst=1655164800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6d0&sendb=1&frm=0&url=https%3A%2F%2Fdrsquatch.com%2Fpages%2Fsubscription-flow%3F_ke%3DeyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%253D%26utm_campaign%3DFlow%253A1A-PrePurchaseFlow-EmailModal%257CNum%253A2%257CDay%253A2%257CEM%253ARaisingTheBarSamplerBundle%257CPromo%253ANA%257C%26utm_medium%3Demail%26utm_source%3Dklaviyo-automated-flow%26variation%3DB&tiba=Subscription%20Flow%20-%20Dr.%20Squatch&async=1&fmt=3&is_vtc=1&random=622449844&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 00:47:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1018509496/ 3 KB
1 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1018509496/?random=1655167626539&cv=9&fst=1655167626539&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6d0&sendb=1&ig=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fdrsquatch.com%2Fpages%2Fsubscription-flow%3F_ke%3DeyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%253D%26utm_campaign%3DFlow%253A1A-PrePurchaseFlow-EmailModal%257CNum%253A2%257CDay%253A2%257CEM%253ARaisingTheBarSamplerBundle%257CPromo%253ANA%257C%26utm_medium%3Demail%26utm_source%3Dklaviyo-automated-flow%26variation%3DB&tiba=Subscription%20Flow%20-%20Dr.%20Squatch&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79322491d27b5e5bdf106eb0d0db84b08a908920b90cdf42b9a07d7f85e4f6af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 00:47:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1270
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 114ms
114ms Script
application/javascript 95.101.22.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C30GSHTAR64QJ449RK20&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.22.179 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-22-179.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-akamai-request-id: 14b5eb6.28547013
date: Tue, 14 Jun 2022 00:47:06 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-32-17-134.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a95-101-22-175.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time: 98,95.101.22.175
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=8, inner; dur=4
pragma: no-cache
server: nginx
x-tt-logid: 20220614004706010002007637004005006003022138B9D15
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.32.17.134
x-tt-trace-host: 01f6be43465a12ed6f674215fbfc8fb5f0f81286662355e6c1051c1903a1f45886bdfe13e15af424806451b85531b0ff0bd828988dc157fa11d5979202df47343e512f8aea8afd69b83f1527085ec11ab86cb130ba46e68c79d840b04cb4cf8fcb86375a9258fa66ab8993e9581b139267
expires: Tue, 14 Jun 2022 00:47:06 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
718 B 125ms
124ms Ping
application/octet-stream 95.101.22.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C30GSHTAR64QJ449RK20&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.22.179 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-22-179.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://drsquatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: a1e6b01a.2854703e
date: Tue, 14 Jun 2022 00:47:06 GMT
x-cache-remote: TCP_MISS from a23-32-17-149.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a95-101-22-175.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time: 109,95.101.22.175
server-timing: cdn-cache; desc=MISS, edge; dur=89, origin; dur=20, inner; dur=15
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20220614004706010004004025004005006003006015125DC
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 20,23.32.17.149
x-tt-trace-host: 01f6be43465a12ed6f674215fbfc8fb5f0f81286662355e6c1051c1903a1f45886aa982f7e48fd6bf1f21bd33c993d1fc10a4958c71d6f1ce8d2bc9925212e7ac4e14aad6368ca8cddaa628fff4204597e42f5f899d59fc09a856af99aa3c2a3e9e0e2565e8f727869ac90028ac5a7ddde
expires: Tue, 14 Jun 2022 00:47:06 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
717 B 180ms
179ms Ping
application/octet-stream 95.101.22.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C30GSHTAR64QJ449RK20&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.22.179 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-22-179.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://drsquatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: f75322e7.28547043
date: Tue, 14 Jun 2022 00:47:06 GMT
x-cache-remote: TCP_MISS from a104-78-78-31.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a95-101-22-175.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time: 161,95.101.22.175
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=71, inner; dur=68
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20220614004706010004003007735002017132FDB7B
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 71,104.78.78.31
x-tt-trace-host: 01f6be43465a12ed6f674215fbfc8fb5f0f81286662355e6c1051c1903a1f45886449a25406b3aa0e5434edc967a87390152b027f5d2da736005d3246d2e2bf79c308b48ef180a594502d5d60d97ddeabf5716f600e6e2342ab99475a78f43377ac32f34a9fdc66a99ffbb60c2ff48eaf2
expires: Tue, 14 Jun 2022 00:47:06 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
721 B 133ms
132ms Ping
application/octet-stream 95.101.22.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C30GSHTAR64QJ449RK20&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.22.179 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-22-179.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://drsquatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 41a2c1f9.28547049
date: Tue, 14 Jun 2022 00:47:06 GMT
x-cache-remote: TCP_MISS from a23-220-106-211.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a95-101-22-175.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time: 113,95.101.22.175
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=24, inner; dur=19
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202206140047060100020060050050060030250C8CC284
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 24,23.220.106.211
x-tt-trace-host: 01f6be43465a12ed6f674215fbfc8fb5f0f81286662355e6c1051c1903a1f4588613f4c50e9c4b001599109d49fb936790cff03b7f587055c87bb858777f799fd19ab29d39772060a9579a6b1652a428e04b60bf1c4c6bd95db274a2e9a50363abe5cb0ad617f1debe046b490b57f9d4b5
expires: Tue, 14 Jun 2022 00:47:06 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
718 B 226ms
225ms Ping
application/octet-stream 95.101.22.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C30GSHTAR64QJ449RK20&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.22.179 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-22-179.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://drsquatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: ebeb35e5.2854704a
date: Tue, 14 Jun 2022 00:47:06 GMT
x-cache-remote: TCP_MISS from a104-78-78-37.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a95-101-22-175.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time: 206,95.101.22.175
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=112, inner; dur=109
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202206140047060100020450077350020150546ECFE
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 112,104.78.78.37
x-tt-trace-host: 01f6be43465a12ed6f674215fbfc8fb5f0f81286662355e6c1051c1903a1f458861bd73983f2a0a839323a75dbddd56b0523fe8ba96ef0bde66fcf961908afe0b8ec4a84261c34195bffbcd3fa6f6a9da5bd3ba3de2e64322c051c13b6386927d3d1360f632f7da1dd52dbcf90cb93898b
expires: Tue, 14 Jun 2022 00:47:06 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
717 B 212ms
212ms Ping
application/octet-stream 95.101.22.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C30GSHTAR64QJ449RK20&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.22.179 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-22-179.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://drsquatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 635a0624.2854704c
date: Tue, 14 Jun 2022 00:47:06 GMT
x-cache-remote: TCP_MISS from a23-32-17-130.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a95-101-22-175.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time: 191,95.101.22.175
server-timing: cdn-cache; desc=MISS, edge; dur=98, origin; dur=94, inner; dur=91
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022061400470601000400700400500600300913A1FEC6
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 94,23.32.17.130
x-tt-trace-host: 01f6be43465a12ed6f674215fbfc8fb5f0f81286662355e6c1051c1903a1f45886e576116f0538e233cab5afbc297417a287d081d34af149006de53ddd399b9b33b2b22c2279d987ef2f9c1f4e91de06d52eb851ffa162185ef03073970207d0717181e062c1e076ae143fab67fe726d80
expires: Tue, 14 Jun 2022 00:47:06 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
715 B 131ms
131ms Ping
application/octet-stream 95.101.22.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C30GSHTAR64QJ449RK20&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.22.179 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-22-179.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://drsquatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 635a05ac.2854705e
date: Tue, 14 Jun 2022 00:47:06 GMT
x-cache-remote: TCP_MISS from a23-32-17-130.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a95-101-22-175.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time: 101,95.101.22.175
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=11, inner; dur=8
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022061400470601000400700400500600300109B871EF
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 11,23.32.17.130
x-tt-trace-host: 01f6be43465a12ed6f674215fbfc8fb5f0f81286662355e6c1051c1903a1f45886e576116f0538e233cab5afbc297417a2940ba7e181d4c3ce71cf42128e3b381ae6ca05cf7288a91f1c4f53273ea650d1c3018c32cf356eeeb187097f1b348d492455c2407d44c6dbe6bf93ee0422f48d
expires: Tue, 14 Jun 2022 00:47:06 GMT

POST
H2 200 performance_interaction
analytics.tiktok.com/api/v2/ 0
716 B 135ms
135ms Ping
application/octet-stream 95.101.22.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/performance_interaction
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C30GSHTAR64QJ449RK20&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.22.179 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-22-179.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://drsquatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: e1c783cf.2854705f
date: Tue, 14 Jun 2022 00:47:06 GMT
x-cache-remote: TCP_MISS from a104-78-78-44.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a95-101-22-175.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time: 105,95.101.22.175
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=15, inner; dur=4
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202206140047060100020030050060030060FA78453
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 15,104.78.78.44
x-tt-trace-host: 01f6be43465a12ed6f674215fbfc8fb5f0f81286662355e6c1051c1903a1f45886df7160852dd4de0f31a691ffa3439226f0444bd6f15f9a36df5363f4a792e6b71b85641333a3495c246d7e6f97bfee137658a48077dfa9eab454f88a8c1920700e1d1a57f20b0e426b050c14f58d9d20
expires: Tue, 14 Jun 2022 00:47:06 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 862 B
1 KB 124ms
124ms Script
application/javascript 95.101.22.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C30GSHTAR64QJ449RK20&hostname=drsquatch.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C30GSHTAR64QJ449RK20&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.22.179 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-22-179.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f84984d798af16719ea008a77ef968f0ae4fe0a5d37f07082ced872e7ddcf3bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-akamai-request-id: 68cf4514.28547061
date: Tue, 14 Jun 2022 00:47:06 GMT
content-encoding: gzip
x-cache-remote: TCP_MISS from a23-32-17-131.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a95-101-22-175.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time: 95,95.101.22.175
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=5, inner; dur=3
content-length: 343
pragma: no-cache
server: nginx
x-tt-logid: 20220614004706010002007637004005006003006123C497A
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,23.32.17.131
x-tt-trace-host: 01f6be43465a12ed6f674215fbfc8fb5f0f81286662355e6c1051c1903a1f4588614d589745ee3a241a73d9e3cbdf03883a860509e3fc3083710b9ea6e25efca902b35008a23dc8dff819c698293e0c6bc123b5176e8be8ec267228005b3842b300d6ba6676b44062319392617be85b72a
expires: Tue, 14 Jun 2022 00:47:06 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
717 B 208ms
207ms Ping
application/octet-stream 95.101.22.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C30GSHTAR64QJ449RK20&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.22.179 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-22-179.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://drsquatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: e62be2de.28547062
date: Tue, 14 Jun 2022 00:47:06 GMT
x-cache-remote: TCP_MISS from a104-78-78-45.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a95-101-22-175.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time: 177,95.101.22.175
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=86, inner; dur=83
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202206140047060100020030050060030080E8E09C9
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 86,104.78.78.45
x-tt-trace-host: 01f6be43465a12ed6f674215fbfc8fb5f0f81286662355e6c1051c1903a1f4588625b09967eeac43fa07f589e4123e92e477b5c1877964de4e2ad0a12c59a2ccf54d600178bf87183df63463672ad6d480e840d622c10d77251c29d8db60541bc78e505cb70c80fbee28628c4924ffcfd8
expires: Tue, 14 Jun 2022 00:47:06 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
722 B 230ms
230ms Ping
application/octet-stream 95.101.22.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C30GSHTAR64QJ449RK20&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.22.179 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-22-179.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://drsquatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 68cf44db.2854706a
date: Tue, 14 Jun 2022 00:47:06 GMT
x-cache-remote: TCP_MISS from a23-32-17-131.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a95-101-22-175.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time: 198,95.101.22.175
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=108, inner; dur=106
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202206140047060100020060050050060030530F9489AE
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 108,23.32.17.131
x-tt-trace-host: 01f6be43465a12ed6f674215fbfc8fb5f0f81286662355e6c1051c1903a1f4588614d589745ee3a241a73d9e3cbdf038838252cd7e903ff2ce528669cc3d880d7867c642edfe8d677f4eedf8553fd91bbde1e5c92e86d7c852c468d0468db2ea69c61c042461429d0c4e2558baebe83e00
expires: Tue, 14 Jun 2022 00:47:06 GMT

GET
H2 200 h
heapanalytics.com/ 37 B
259 B 312ms
97ms Image
image/gif 34.233.95.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=2438999048&u=7400051240437904&v=8194665951362395&s=2571909033492535&b=web&tv=4.0&z=0&g=%23barsoap&h=%2Fpages%2Fsubscription-flow&q=%3F_ke%3DeyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%253D%26utm_campaign%3DFlow%253A1A-PrePurchaseFlow-EmailModal%257CNum%253A2%257CDay%253A2%257CEM%253ARaisingTheBarSamplerBundle%257CPromo%253ANA%257C%26utm_medium%3Demail%26utm_source%3Dklaviyo-automated-flow%26variation%3DB&d=drsquatch.com&t=Subscription%20Flow%20-%20Dr.%20Squatch&us=klaviyo-automated-flow&um=email&ua=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&ts=1655167626681&st=1655167626684

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.233.95.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-233-95-60.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 00:47:06 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 11009659 Show response
www.clarity.ms/tag/uet/ 2 KB
3 KB 198ms
122ms Script
application/x-javascript 2620:1ec:27::cafe:1746
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/11009659
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/11009659.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1746 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: eb48f34a9a5157c2e4393080f2f6752c1db55962e25d6044c5ab0e7ec2d53d85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:06 GMT
x-powered-by: ASP.NET
x-azure-ref: 0itqnYgAAAACinZ6iIfnzRKLWDVCKfnxaQ1BIMzBFREdFMDQwNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
content-length: 2450
expires: -1

GET
H2 206 notification-chat.83dc8908a850dbf79f95.mp3
assets.gorgias.chat/c5e74a9c57b93302564dd7c7d851c295a117ffd8/static/media/ 4 KB
4 KB 25ms
25ms Media
audio/mpeg 2606:4700::6812:1cb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.gorgias.chat/c5e74a9c57b93302564dd7c7d851c295a117ffd8/static/media/notification-chat.83dc8908a850dbf79f95.mp3
Requested by: Host: drsquatch.com
URL: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cb4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d191bedb4ccc9fd7f7eb24b325fb64488c1ad0d949c3b644f5600eafd8aecb73

Request headers

Referer: https://drsquatch.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 14 Jun 2022 00:47:06 GMT
cf-cache-status: HIT
age: 548361
x-guploader-uploadid: ADPycdspyh7s6O9SJYSFPsUlC8at7m7MIsEl0IuO5LG3F-wNGU7iS6WSUk5zxhHPckSBPsJRv0UOPZFspXHI1PHwt8amNhUDGFtp
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: audio/mpeg
Content-Length: 3660
Content-Range: bytes 0-3659/3660
last-modified: Tue, 07 Jun 2022 15:52:08 GMT
server: cloudflare
etag: "97cd95d28b187ffc0c8455c08a688eef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=RoEABg==, md5=l82V0osYf/wMhFXAimiO7w==
x-goog-generation: 1654617128192608
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, no-transform
x-goog-stored-content-length: 3660
cf-ray: 71af0d82f8dc5c50-FRA
expires: Wed, 07 Jun 2023 16:15:51 GMT

GET
H2 200 493.js Show response
assets.gorgias.chat/c5e74a9c57b93302564dd7c7d851c295a117ffd8/static/js/ 11 KB
11 KB 12ms
12ms Script
application/javascript 2606:4700::6812:1cb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.gorgias.chat/c5e74a9c57b93302564dd7c7d851c295a117ffd8/static/js/493.js
Requested by: Host: config.gorgias.chat
URL: https://config.gorgias.chat/gorgias-chat-bundle.js?rev=3c355f92&applicationId=5462
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cb4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79f402ed9eabe65cc3cdf5a33797f405e52fcbcb66b6bfc61407bdb5ba68ee88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:06 GMT
cf-cache-status: HIT
age: 547969
x-guploader-uploadid: ADPycdtOyJZIZrApbcqWtwsst5r7z2L36kAHmKB-fL0XJhjfWA89I7KmAVIA3YuGMoZmx-xJQJfk9X4XFjO-HHxPkIp0
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
content-length: 11035
expires: Wed, 07 Jun 2023 16:15:50 GMT
last-modified: Tue, 07 Jun 2022 15:51:58 GMT
server: cloudflare
etag: "4c9b7cc4780ebb8905e07bdaff3e93fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=Y7my+Q==, md5=TJt8xHgOu4kF4Hva/z6T/Q==
x-goog-generation: 1654617118536077
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, no-transform
x-goog-stored-content-length: 4722
accept-ranges: bytes
cf-ray: 71af0d8329125c50-FRA
cf-bgj: minify

GET
H2 200 campaigns.js Show response
assets.gorgias.chat/c5e74a9c57b93302564dd7c7d851c295a117ffd8/static/js/ 16 KB
16 KB 13ms
13ms Script
application/javascript 2606:4700::6812:1cb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.gorgias.chat/c5e74a9c57b93302564dd7c7d851c295a117ffd8/static/js/campaigns.js
Requested by: Host: config.gorgias.chat
URL: https://config.gorgias.chat/gorgias-chat-bundle.js?rev=3c355f92&applicationId=5462
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1cb4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94cc01740df255c763f9b8275f9c124aa9ff99390d22a39b1d1ae06c84ea83dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:06 GMT
cf-cache-status: HIT
age: 547492
x-guploader-uploadid: ADPycdtBMYUnGBGv3QZYthbvsWWdSBUUvR11tCLUFR2KO59srW-SltRnqerBzXhf1j585I0EfyEkAWyeBuxaonJJPOt4mQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
content-length: 16378
expires: Wed, 07 Jun 2023 16:19:00 GMT
last-modified: Tue, 07 Jun 2022 15:51:58 GMT
server: cloudflare
etag: "2f1ac0c3f6e41f8a6bfcceedded20759"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=83JmTA==, md5=LxrAw/bkH4pr/M7t3tIHWQ==
x-goog-generation: 1654617118912588
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, no-transform
x-goog-stored-content-length: 6141
accept-ranges: bytes
cf-ray: 71af0d8329135c50-FRA
cf-bgj: minify

GET
H2 200 fender_analytics.fab12fd29b3959e0d0b9.js Show response
static-tracking.klaviyo.com/onsite/js/ 29 KB
12 KB 42ms
7ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/fender_analytics.fab12fd29b3959e0d0b9.js?cb=1
Requested by: Host: drsquatch.com
URL: https://drsquatch.com/onsite/js/klaviyo.js?company_id=pWh7nE&em-origin=static.klaviyo.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0ff2eb1ba5c31f12aad85e235e04e54c69e1716785217f1dc41973f349b9138c

Request headers

Referer: https://drsquatch.com/
Origin: https://drsquatch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: Ik5iNyj_dchgWNda_p31WpFv4jAiMVV4
content-encoding: gzip
age: 15788
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 11589
x-amz-id-2: 6YcGoK9VoMCd7xjFZy6XGxNsD6YvGa6xdqXq+vu3dHT4I3wqoUMcP4wKEUzLvtV4v30n8SphJkA=
x-served-by: cache-lga21981-LGA, cache-fra19164-FRA
last-modified: Mon, 13 Jun 2022 20:23:52 GMT
server: AmazonS3
etag: "dc2e9902930479b0d03e1c7b85423233"
vary: Accept-Encoding
x-amz-request-id: C82JWA09TKSKTSD2
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Tue, 14 Jun 2022 00:47:06 GMT
x-cache-hits: 1, 7141

GET
H2 200 static.eeebd653feeb387f94f0.js Show response
static-tracking.klaviyo.com/onsite/js/ 15 KB
6 KB 43ms
8ms Script
application/javascript 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-tracking.klaviyo.com/onsite/js/static.eeebd653feeb387f94f0.js?cb=1
Requested by: Host: drsquatch.com
URL: https://drsquatch.com/onsite/js/klaviyo.js?company_id=pWh7nE&em-origin=static.klaviyo.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d512a6b98a40286c07509439e0340232d64a6a7cfeb25a615ee2f8bca36581df

Request headers

Referer: https://drsquatch.com/
Origin: https://drsquatch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: tYD14crKAFsR4l_l0GIKwxjwLABsRprU
content-encoding: gzip
age: 15788
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 6271
x-amz-id-2: wwgXRqMsySCZAKNUPPaY03kLI/4m3A2FKF3JToZJ5YhCD1k1FSS0ZSbbJ5zsk3jnbc6Xc+Sxspg=
x-served-by: cache-lga21965-LGA, cache-fra19164-FRA
last-modified: Mon, 13 Jun 2022 20:23:52 GMT
server: AmazonS3
etag: "117045de7bbb9fe4f9944ca43efca6d8"
vary: Accept-Encoding
x-amz-request-id: C82GM36Y1M4G6X8J
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Tue, 14 Jun 2022 00:47:06 GMT
x-cache-hits: 1, 7798

GET
H2 200 sharedUtils.ce8700eb51bf7ebc454d.js Show response
static.klaviyo.com/onsite/js/ 32 KB
13 KB 23ms
8ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sharedUtils.ce8700eb51bf7ebc454d.js?cb=1
Requested by: Host: drsquatch.com
URL: https://drsquatch.com/onsite/js/klaviyo.js?company_id=pWh7nE&em-origin=static.klaviyo.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31d9c01045700ad7436883f7c28f0e64b925d3ef03de10537abb536eeedcf458

Request headers

Referer: https://drsquatch.com/
Origin: https://drsquatch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: _tDeRilV9wRkuK7L25bdptr3pqT6ykmp
content-encoding: gzip
age: 15788
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 12613
x-amz-id-2: MqNIHN105m9ARoXQ5Ry2PPTHIxVIEbooI4wdFP/YJTxCpz0Fpm4m0r9Dcc6waiShZVorxIlcQ7g=
x-served-by: cache-lga21941-LGA, cache-fra19133-FRA
last-modified: Tue, 07 Jun 2022 21:45:20 GMT
server: AmazonS3
etag: "a26225bb39f348df22e1e87ea17537c5"
vary: Accept-Encoding
x-amz-request-id: 5V41WJ24SPMGA16G
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Tue, 14 Jun 2022 00:47:06 GMT
x-cache-hits: 2, 7485

GET
H2 200 vendors~signup_forms.d3276964390dc36ba880.js Show response
static.klaviyo.com/onsite/js/ 36 KB
12 KB 25ms
9ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/vendors~signup_forms.d3276964390dc36ba880.js?cb=1
Requested by: Host: drsquatch.com
URL: https://drsquatch.com/onsite/js/klaviyo.js?company_id=pWh7nE&em-origin=static.klaviyo.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6bfa895162152a9af1cc031754747fe2ff5f511a2024b9137f29cba45e522ff5

Request headers

Referer: https://drsquatch.com/
Origin: https://drsquatch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: mj4V_4tUiV4yV0vTudoVlWqAQPRRZu2r
content-encoding: gzip
age: 15781
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 12452
x-amz-id-2: +sbCOxZZlna7b5hA5g+c3hX4fqcAUa9ydfUq5TVHYwGP/Bq5oLvNqIAwl8bAv8lWhI+nA2KJedo=
x-served-by: cache-lga21935-LGA, cache-fra19133-FRA
last-modified: Mon, 13 Jun 2022 20:23:52 GMT
server: AmazonS3
etag: "a13c9d086010496f0baebd8d2c88f633"
vary: Accept-Encoding
x-amz-request-id: BG2F7F920GN67DFH
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Tue, 14 Jun 2022 00:47:06 GMT
x-cache-hits: 1, 5455

GET
H2 200 signup_forms.43552e4c2229e049e891.js Show response
static.klaviyo.com/onsite/js/ 54 KB
20 KB 24ms
8ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/signup_forms.43552e4c2229e049e891.js?cb=1
Requested by: Host: drsquatch.com
URL: https://drsquatch.com/onsite/js/klaviyo.js?company_id=pWh7nE&em-origin=static.klaviyo.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eaa176bfa2223fe37ee4c460cbea462dcd816de37765d4df3ffec7fd4b0d1012

Request headers

Referer: https://drsquatch.com/
Origin: https://drsquatch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: OCyf2rYFkzfuioivgJctV9g2Qbal7izZ
content-encoding: gzip
age: 15788
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 20033
x-amz-id-2: 2Q58fWYlJNSeml/TkGEWnO3H3fpr4WbOhlc2IhnEEfJJJqqsk8JIZRd94eIYP6u0Pdx4845NiFA=
x-served-by: cache-lga21949-LGA, cache-fra19133-FRA
last-modified: Mon, 13 Jun 2022 14:04:34 GMT
server: AmazonS3
etag: "252c6e0d5089f514fd05651d7ba60506"
vary: Accept-Encoding
x-amz-request-id: HMYJAH00D1VER82T
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Tue, 14 Jun 2022 00:47:06 GMT
x-cache-hits: 2, 5468

GET
H3 200 /
www.google.com/pagead/1p-user-list/1018509496/ 42 B
64 B 57ms
26ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1018509496/?random=1655167626539&cv=9&fst=1655164800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6d0&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fdrsquatch.com%2Fpages%2Fsubscription-flow%3F_ke%3DeyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%253D%26utm_campaign%3DFlow%253A1A-PrePurchaseFlow-EmailModal%257CNum%253A2%257CDay%253A2%257CEM%253ARaisingTheBarSamplerBundle%257CPromo%253ANA%257C%26utm_medium%3Demail%26utm_source%3Dklaviyo-automated-flow%26variation%3DB&tiba=Subscription%20Flow%20-%20Dr.%20Squatch&async=1&fmt=3&is_vtc=1&random=2052697130&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 00:47:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1018509496/ 42 B
64 B 59ms
26ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1018509496/?random=1655167626539&cv=9&fst=1655164800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6d0&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fdrsquatch.com%2Fpages%2Fsubscription-flow%3F_ke%3DeyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%253D%26utm_campaign%3DFlow%253A1A-PrePurchaseFlow-EmailModal%257CNum%253A2%257CDay%253A2%257CEM%253ARaisingTheBarSamplerBundle%257CPromo%253ANA%257C%26utm_medium%3Demail%26utm_source%3Dklaviyo-automated-flow%26variation%3DB&tiba=Subscription%20Flow%20-%20Dr.%20Squatch&async=1&fmt=3&is_vtc=1&random=2052697130&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 00:47:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1018509496/ 42 B
64 B 56ms
27ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1018509496/?random=1655167626502&cv=9&fst=1655164800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6d0&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fdrsquatch.com%2Fpages%2Fsubscription-flow%3F_ke%3DeyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%253D%26utm_campaign%3DFlow%253A1A-PrePurchaseFlow-EmailModal%257CNum%253A2%257CDay%253A2%257CEM%253ARaisingTheBarSamplerBundle%257CPromo%253ANA%257C%26utm_medium%3Demail%26utm_source%3Dklaviyo-automated-flow%26variation%3DB&tiba=Subscription%20Flow%20-%20Dr.%20Squatch&async=1&fmt=3&is_vtc=1&random=3808506434&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 00:47:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1018509496/ 42 B
64 B 56ms
26ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1018509496/?random=1655167626502&cv=9&fst=1655164800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6d0&sendb=1&data=event%3Dform_submit&frm=0&url=https%3A%2F%2Fdrsquatch.com%2Fpages%2Fsubscription-flow%3F_ke%3DeyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%253D%26utm_campaign%3DFlow%253A1A-PrePurchaseFlow-EmailModal%257CNum%253A2%257CDay%253A2%257CEM%253ARaisingTheBarSamplerBundle%257CPromo%253ANA%257C%26utm_medium%3Demail%26utm_source%3Dklaviyo-automated-flow%26variation%3DB&tiba=Subscription%20Flow%20-%20Dr.%20Squatch&async=1&fmt=3&is_vtc=1&random=3808506434&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 00:47:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
717 B 137ms
137ms Ping
application/octet-stream 95.101.22.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C30GSHTAR64QJ449RK20&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.22.179 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-22-179.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://drsquatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: b8b80f43.28547133
date: Tue, 14 Jun 2022 00:47:06 GMT
x-cache-remote: TCP_MISS from a104-78-78-13.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a95-101-22-175.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time: 121,95.101.22.175
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=31, inner; dur=26
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022061400470601000200600500500600301400C88582
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 31,104.78.78.13
x-tt-trace-host: 01f6be43465a12ed6f674215fbfc8fb5f0f81286662355e6c1051c1903a1f4588684a7cf186c26b7a2f19c0c4f19efe790bade593c546cefa24d8552e511a751b23d9763ad42238a9b8ba1292265c6cea51cb706323af87ec8ebd357e2fe120c88778fe8fbc14361919bae7584434bc76b
expires: Tue, 14 Jun 2022 00:47:06 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
717 B 148ms
143ms Ping
application/octet-stream 95.101.22.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C30GSHTAR64QJ449RK20&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.22.179 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-22-179.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://drsquatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: a2645208.28547160
date: Tue, 14 Jun 2022 00:47:06 GMT
x-cache-remote: TCP_MISS from a104-78-78-14.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a95-101-22-175.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time: 128,95.101.22.175
server-timing: cdn-cache; desc=MISS, edge; dur=92, origin; dur=37, inner; dur=26
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022061400470601000400300500600301308A2E944
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 37,104.78.78.14
x-tt-trace-host: 01f6be43465a12ed6f674215fbfc8fb5f0f81286662355e6c1051c1903a1f4588691d7487694da79215d5d34ebfc20616bcd775b4b860dd92d616e33d52105a0d6b13cd7db89a4513b0ca0b75a3cf0fa3b1082828155bd77d8660fcca8ec4f50a335e4fa1c403cc48a2d6c2fa7656a9e67
expires: Tue, 14 Jun 2022 00:47:06 GMT

POST
H2 200 monitor
analytics.tiktok.com/api/v2/ 0
718 B 166ms
163ms Ping
application/octet-stream 95.101.22.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/monitor
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C30GSHTAR64QJ449RK20&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.22.179 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-22-179.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://drsquatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 41a2c34d.28547162
date: Tue, 14 Jun 2022 00:47:06 GMT
x-cache-remote: TCP_MISS from a23-220-106-211.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a95-101-22-175.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time: 147,95.101.22.175
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=58, inner; dur=54
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022061400470601000400300500600300003812F58
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 58,23.220.106.211
x-tt-trace-host: 01f6be43465a12ed6f674215fbfc8fb5f0f81286662355e6c1051c1903a1f4588613f4c50e9c4b001599109d49fb93679018efef243f3ae04d43b72df337d4355b67154e559aace3f64ab6f8098c9d04516e6eca4147efddb07d5c017ff09dc41727cfdc7165815b71c52fd246a3bc72ab
expires: Tue, 14 Jun 2022 00:47:06 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
715 B 124ms
123ms Ping
application/octet-stream 95.101.22.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C30GSHTAR64QJ449RK20&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.22.179 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-22-179.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://drsquatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: d5769497.28547163
date: Tue, 14 Jun 2022 00:47:06 GMT
x-cache-remote: TCP_MISS from a104-78-78-23.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a95-101-22-175.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time: 106,95.101.22.175
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=16, inner; dur=12
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2022061400470601000400300500600300708290BB2
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 16,104.78.78.23
x-tt-trace-host: 01f6be43465a12ed6f674215fbfc8fb5f0f81286662355e6c1051c1903a1f45886c77947171698bc88fba7e8a996a6c12c50b708b02a28e790e89cef2bea5f3ce8f0d30b980eb8110a7b593812ebfe899b0497712284e01a0dde6e5032d128feb06f066cf8e93998e2800d54163d67b407
expires: Tue, 14 Jun 2022 00:47:06 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
717 B 128ms
127ms Ping
application/octet-stream 95.101.22.179
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C30GSHTAR64QJ449RK20&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.22.179 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-22-179.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://drsquatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 635a0e87.28547165
date: Tue, 14 Jun 2022 00:47:06 GMT
x-cache-remote: TCP_MISS from a23-32-17-130.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a95-101-22-175.deploy.akamaitechnologies.com (AkamaiGHost/10.8.2-41758951) (-)
x-parent-response-time: 110,95.101.22.175
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=20, inner; dur=13
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202206140047060100020060050050060030280F245457
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 20,23.32.17.130
x-tt-trace-host: 01f6be43465a12ed6f674215fbfc8fb5f0f81286662355e6c1051c1903a1f45886e576116f0538e233cab5afbc297417a21560714d3343c3b5284f5bc6f1375eccc4c0f2208bf4afb87dcb226dafcabff96462cea5baeb4c976d44125aac8c348fb908a4d5ef1f19d679be1a6a888230d4
expires: Tue, 14 Jun 2022 00:47:06 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 129ms
100ms Image
image/gif 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1655167626826&id=t2_36khmc3z&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=7a2d0b75-55fb-483e-b389-6b3a6c15f84d&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_90e98f9f
Requested by: Host: drsquatch.com
URL: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:06 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
73 B 136ms
107ms Image
image/gif 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1655167626826&id=t2_36khmc3z&event=ViewContent&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=7a2d0b75-55fb-483e-b389-6b3a6c15f84d&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_90e98f9f
Requested by: Host: drsquatch.com
URL: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:06 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 sentry.a808d4f2a25ec07b5950.js Show response
static.klaviyo.com/onsite/js/ 39 KB
14 KB 7ms
7ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sentry.a808d4f2a25ec07b5950.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/signup_forms.43552e4c2229e049e891.js?cb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f5b02a7b8d598682ade0ae0c1211a5727b5b766207002eb8bb5d085c9015a82

Request headers

Referer: https://drsquatch.com/
Origin: https://drsquatch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: rvOuHMgRxCl0c8RE3179W.mlMtbyj5mY
content-encoding: gzip
age: 15787
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 13733
x-amz-id-2: 1R6K35lZAtxIy4FPEb7vfCcTHVF25xevqxneYoz2yRQYrVnZ0YOfrzNXLNOGVl5gwr4iqp6M0pU=
x-served-by: cache-lga21948-LGA, cache-fra19133-FRA
last-modified: Thu, 26 May 2022 18:25:22 GMT
server: AmazonS3
etag: "2f353e6cc3ef7ceba6db3873409bfcd0"
vary: Accept-Encoding
x-amz-request-id: Y6GWX3DKNWF9MV0A
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/javascript
date: Tue, 14 Jun 2022 00:47:06 GMT
x-cache-hits: 1, 4768

GET
H2 200 onsite Show response
fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/ 780 B
1 KB 41ms
7ms XHR
application/json 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=pWh7nE

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf2de109d4fe34e88f02c6c26d41ad8350f758a6f3ce74c3e5eaca18e1345eac

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:06 GMT
via: 1.1 varnish, 1.1 varnish
age: 2319455
x-cache: HIT, HIT
access-control-max-age: 86400
strict-transport-security: max-age=900
content-length: 780
x-served-by: cache-bos4677-BOS, cache-fra19171-FRA
allow: GET, HEAD, OPTIONS
server: nginx
vary: Cookie
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 39, 1

GET
H2 200 full-forms Show response
static-forms.klaviyo.com/forms/api/v5/pWh7nE/ 12 KB
3 KB 46ms
7ms XHR
application/json 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-forms.klaviyo.com/forms/api/v5/pWh7nE/full-forms
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58742081f1299cef130501db85a60644be2c8c04b83ae8f2db61cdd7fcb1d530

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: Ne4ha49vYkXbSYu_XUtwrC38nCEnkp1o
content-encoding: gzip
age: 523435
via: 1.1 varnish
x-cache: HIT
client-geo-continent: EU
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: full-forms/shared full-forms/pWh7nE custom-fonts/pWh7nE
content-length: 2019
x-amz-id-2: i1NzE9m+tDIReUyCJGNVHv+smXpffrWPxqo1AWpNvqyxMRyslb9CnDUyITa6hqVEJLWBc9+IJJk=
x-served-by: cache-fra19133-FRA
client-geo-country: DE
last-modified: Mon, 16 May 2022 16:09:19 GMT
server: AmazonS3
x-timer: S1655167627.886117,VS0,VE1
etag: "69e789dacd7fdbb89a3ad5f08c68ec8c"
vary: Accept-Encoding
x-amz-request-id: Z276XFGWCVAH577D
access-control-allow-origin: *
access-control-expose-headers: client-geo-continent, client-geo-country
cache-control: max-age=5
accept-ranges: bytes
content-type: application/json
date: Tue, 14 Jun 2022 00:47:06 GMT
x-cache-hits: 1

POST
H2 200 identify Show response
a.klaviyo.com/api/onsite/ 121 B
690 B 155ms
140ms XHR
application/json 2606:4700::6812:5a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.klaviyo.com/api/onsite/identify?c=pWh7nE
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:5a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f16bd7c19ddb3cae925fb66c5b0843f0fe11483ef9eff81c0701de1096bc8d72

Request headers

Referer: https://drsquatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 14 Jun 2022 00:47:07 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Cookie, Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://drsquatch.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 71af0d83fec0690f-FRA
access-control-allow-headers

GET
H2 200 iyc5wal.css
use.typekit.net/ 3 KB
938 B 74ms
11ms Stylesheet
text/css 2a02:26f0:f7::5c7b:e024
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/iyc5wal.css

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

99322158d7855f0df4daa257ad623032c544ecf9945b9b3acdb39cd813d8e020

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Tue, 14 Jun 2022 00:47:06 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 706

GET
H2 200 clarity.js Show response
l.clarity.ms/s/0.6.34/ 53 KB
23 KB 318ms
95ms Script
application/javascript 20.120.65.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://l.clarity.ms/s/0.6.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/11009659
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:06 GMT
content-encoding: br
etag: "1d87e8642decc54"
last-modified: Sun, 12 Jun 2022 18:00:12 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 147ms
6ms Stylesheet
text/css 2a02:26f0:3500:16::215:148b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=iyc5wal&ht=tk&f=749.755.44458&a=87524560&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/iyc5wal.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:07 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 l
use.typekit.net/af/d9770a/00000000000000007735c89c/30/ 15 KB
15 KB 40ms
10ms Font
application/font-woff2 2a02:26f0:f7::5c7b:e024
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/d9770a/00000000000000007735c89c/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/iyc5wal.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: cbe0c16c9ecedd1a20c6f97fe0ab169da67a4872596c38aed32f39bb74217bfe

Request headers

Referer: https://use.typekit.net/iyc5wal.css
Origin: https://drsquatch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:07 GMT
server: nginx
etag: "ac39f9a92f8cfa0964dd562160e4b5f046ad6e2a"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 14976

GET
H2 200 l
use.typekit.net/af/66da5c/0000000000000000773597ae/30/ 31 KB
31 KB 44ms
13ms Font
application/font-woff2 2a02:26f0:f7::5c7b:e024
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/66da5c/0000000000000000773597ae/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/iyc5wal.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8260fa78cd8644342ee95abcfaa7ac09cde4bb820f66cc501a8eb4a7fbf5552a

Request headers

Referer: https://use.typekit.net/iyc5wal.css
Origin: https://drsquatch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:07 GMT
server: nginx
etag: "11631517702c87c3ed9afbe29c0c2026d2667048"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 31296

GET
H2 200 l
use.typekit.net/af/419f5a/0000000000000000773597ca/30/ 30 KB
30 KB 47ms
17ms Font
application/font-woff2 2a02:26f0:f7::5c7b:e024
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/419f5a/0000000000000000773597ca/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/iyc5wal.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e7a6a499e3632090cc1f12ba7d892fb35177153fa97bd12931fa7f8e4e40713b

Request headers

Referer: https://use.typekit.net/iyc5wal.css
Origin: https://drsquatch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:07 GMT
server: nginx
etag: "f0b090861e67bc7f1c4b118bdccd8d740c49d668"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 30284

GET
H2 200 telemetry
heapanalytics.com/api/ 37 B
258 B 98ms
97ms Image
image/gif 34.233.95.60
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/api/telemetry?a=2438999048&te=type&te=data&te=cm&te=Cookie%20too%20large%20to%20store%20full%20landing%20page%20params&te=val&te=1&st=1655167626999&hv=4.17.2

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.233.95.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-233-95-60.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 00:47:07 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

POST
H2 200 identify Show response
a.klaviyo.com/api/onsite/ 121 B
409 B 133ms
133ms XHR
application/json 2606:4700::6812:5a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.klaviyo.com/api/onsite/identify?c=pWh7nE
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:5a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f16bd7c19ddb3cae925fb66c5b0843f0fe11483ef9eff81c0701de1096bc8d72

Request headers

Referer: https://drsquatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 14 Jun 2022 00:47:07 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Cookie, Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://drsquatch.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 71af0d84df9b690f-FRA
access-control-allow-headers

POST
H2 200 track Show response
a.klaviyo.com/api/ 1 B
363 B 140ms
139ms XHR
text/html 2606:4700::6812:5a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.klaviyo.com/api/track
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:5a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer: https://drsquatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarydXRCgkQZqyOOMAex

Response headers

date: Tue, 14 Jun 2022 00:47:07 GMT
content-encoding: gzip
vary: Accept, Cookie, Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: GET, POST, HEAD, OPTIONS
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://drsquatch.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 71af0d84df9f690f-FRA
access-control-allow-headers

POST
H2 200 track Show response
a.klaviyo.com/api/ 1 B
299 B 140ms
140ms XHR
text/html 2606:4700::6812:5a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.klaviyo.com/api/track
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:5a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer: https://drsquatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryy9ABQeBpVUEIWfZR

Response headers

date: Tue, 14 Jun 2022 00:47:07 GMT
content-encoding: gzip
vary: Accept, Cookie, Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: GET, POST, HEAD, OPTIONS
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://drsquatch.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 71af0d85b87a690f-FRA
access-control-allow-headers

GET
H2 200 recharge.js Show response
rechargeassets-bootstrapheroes-rechargeapps.netdna-ssl.com/static/js/ 1 KB
1 KB 31ms
6ms Script
application/javascript 151.139.237.36
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL

https://rechargeassets-bootstrapheroes-rechargeapps.netdna-ssl.com/static/js/recharge.js?shop=drsquatchsoapco.myshopify.com

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.237.36 , United States, ASN33438 (STACKPATH, US),

Reverse DNS

Software

NetDNA-cache/2.2 /

Resource Hash

a6ddce7219a701ec884b2fdf70480de50807d3966dd8ce70d66e5a4eadc00054

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
content-disposition: inline; filename=recharge.js
vary: Cookie
x-request-id: 27431-1645742906.215-94.46.149.17-535
last-modified: Thu, 24 Feb 2022 21:50:26 GMT
server: NetDNA-cache/2.2
strict-transport-security: max-age=63072000; includeSubdomains
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31104000
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Fri, 09 Jun 2023 00:47:07 GMT

GET
H2 200 2703561306.js Show response
container.pepperjam.com/ 8 KB
9 KB 64ms
13ms Script
application/x-javascript 143.204.215.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://container.pepperjam.com/2703561306.js?shop=drsquatchsoapco.myshopify.com
Requested by: Host: drsquatch.com
URL: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-128.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0845965bb6f39caab6e9132495f4c6e773db92584cc4a2d8359aaf06f193424

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: co3AXVQsxTmpitXEuuuKzIyhSDzPes.t
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
last-modified: Mon, 17 Aug 2020 18:09:32 GMT
server: AmazonS3
age: 582
etag: "cda0a8b1fb96cd23c5b8431794f284c4"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=900
date: Tue, 14 Jun 2022 00:47:07 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 8688
x-amz-cf-id: r5QmFlyr1nPBw_vtTtZy5MT_zuTtDiMi3JYz1Qu5zpfK9VP9DLOcNg==

GET
H2 200 grin-sdk.js Show response
d38xvr37kwwhcm.cloudfront.net/js/ 45 KB
16 KB 52ms
8ms Script
application/javascript 2600:9000:21f3:b800:15:decf:f580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d38xvr37kwwhcm.cloudfront.net/js/grin-sdk.js?shop=drsquatchsoapco.myshopify.com
Requested by: Host: drsquatch.com
URL: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:b800:15:decf:f580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 534f1b852d1222d493f53c008c11f8ed9bcfd97d8a40d45980f7d63c869d82f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 18:05:42 GMT
content-encoding: gzip
etag: W/"342611b8772b89642d8f910d8b74117e"
last-modified: Tue, 26 Apr 2022 15:00:35 GMT
server: AmazonS3
age: 24086
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: WNt0WYb8l2nrWmG-tVtCRmPqcL56XZiFeY0KpDt0aRRjPmBrDi-MLQ==

GET
H2 200 / Show response
str.rise-ai.com/ 142 KB
38 KB 44ms
17ms Script
text/javascript 2606:4700:10::6816:2cbd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://str.rise-ai.com/?shop=drsquatchsoapco.myshopify.com
Requested by: Host: drsquatch.com
URL: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2cbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 399e5f4805cd8d92ae467cedd211dc29379c11b23c6ed6be388d57210cea61b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:07 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 486470
x-powered-by: Express
etag: W/"23630-0TeJm5yZXIQ/jTpvNqkITngahHg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 71af0d87384f9b7c-FRA

GET
H2 200 / Show response
strn.rise-ai.com/ 153 KB
53 KB 61ms
22ms Script
text/javascript 2606:4700:10::6816:2cbd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://strn.rise-ai.com/?shop=drsquatchsoapco.myshopify.com
Requested by: Host: drsquatch.com
URL: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2cbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9a148e0757d808d46e3e234b02492f44ce9787c3091d6ab4f55ade4e77310914

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:07 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 486550
x-powered-by: Express
etag: W/"2631c-qfWIdm4EROh07SKRTqJevt6wONw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 71af0d8749019211-FRA

GET
H2 200 aVmUCojw7M4SVKvRhQWlyw.js Show response
cdn-loyalty.yotpo.com/loader/ 109 KB
17 KB 62ms
11ms Script
text/javascript 2a02:26f0:6c00:294::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-loyalty.yotpo.com/loader/aVmUCojw7M4SVKvRhQWlyw.js?shop=drsquatchsoapco.myshopify.com

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d621643306de0a11eb292b5ba2c21238357e9697c9ad668e9863a6a6de3d6b24

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

ratelimit-reset: 1
content-encoding: gzip
x-content-type-options: nosniff
x-ratelimit-limit-second: 10000
x-kong-proxy-latency: 2
x-ratelimit-remaining-second: 9999
x-kong-upstream-latency: 45
ratelimit-remaining: 9999
referrer-policy: strict-origin
ratelimit-limit: 10000
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
content-length: 16401
x-xss-protection: 1; mode=block
x-request-id: b3fe9e0d17ddce5b9deb0e765be9fb77
x-runtime: 0.032924
correlation-id: b72ceebd-f926-4ef0-b6e8-c9f1d9bd1924
x-frame-options: ALLOWALL
date: Tue, 14 Jun 2022 00:47:07 GMT
x-download-options: noopen
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-permitted-cross-domain-policies: none
cache-control: private, must-revalidate, max-age=0
access-control-allow-credentials: false
etag: W/"d621643306de0a11eb292b5ba2c21238"
access-control-allow-headers: *

GET
H2 200 launcher.js Show response
cdn.verifypass.com/seller/ 4 KB
2 KB 247ms
219ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.verifypass.com/seller/launcher.js?shop=drsquatchsoapco.myshopify.com
Requested by: Host: drsquatch.com
URL: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4cbd80926d06eb9cb19c1498ef0a86446f65fc46fe8180230fcc7a43950c78f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:07 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: NPP9QMFN8QSZTK18
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: WD99Z4DfeXrczYHmWifqyOGQDAvEVUUbEfRdd6q14jMn2QX0cbmSWsCSWhFnB0mWPKkbP1jAN/U=
last-modified: Fri, 27 Mar 2020 21:01:29 GMT
server: cloudflare
etag: W/"3de9072d7f2266e960535f403bf00e03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=37grOjg6omw4A%2B3F4KLBKRnoU%2BBRFfMs%2F%2B%2BII1GqkX1r042wyA9rS9VHQ0DLMtXWMN%2BXcILSSrJ7d2nGe0FcIWITZnPzwn%2BFvByX2I%2BihO0B9x2W2qT7UVqDIG4%2BQvy%2FGBtQvNK%2BhN6FnJlGccxH3ls%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 71af0d873a638fd6-FRA

GET
H/1.1 200
OK script.min.js Show response
seapixel.s3.amazonaws.com/kraken/ 3 KB
4 KB 425ms
114ms Script
application/octet-stream 52.217.163.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://seapixel.s3.amazonaws.com/kraken/script.min.js?shop=drsquatchsoapco.myshopify.com
Requested by: Host: drsquatch.com
URL: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.163.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1b77f03b407fcd25a92d890affb9f07404eac42cb8085b63ec1c2d40b304221a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 00:47:08 GMT
Last-Modified: Fri, 15 Apr 2022 12:56:53 GMT
Server: AmazonS3
x-amz-request-id: HCW7HN4T82JBYNJ9
ETag: "b1eae64ec91b342b7679d7b5f35b5c22"
x-amz-version-id: OC4yx80RfzR2YUb9DYgKq0.DvUIcPhJs
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Type: application/octet-stream
Content-Length: 3137
x-amz-id-2: GCWFzwld4aipNn/evVzcKzuco8lehDS5RCQb3uKSx9ao3h2+tRE9K1K2BMvR50hhOaBKJZrPnO4=

GET
H2 200 shopify_justuno_27577843817_a0886a70-8862-11ec-a58a-f1799901d9e6.js Show response
scripttags.jst.ai/ 405 B
835 B 99ms
59ms Script
application/x-javascript 2606:4700::6811:cb35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripttags.jst.ai/shopify_justuno_27577843817_a0886a70-8862-11ec-a58a-f1799901d9e6.js?shop=drsquatchsoapco.myshopify.com
Requested by: Host: drsquatch.com
URL: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:cb35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e4564fb0b6c042f0eb24f5ef3eecc0aa6e4c4ccb0201f28650dc26e3734cf47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 14 Jun 2022 00:47:07 GMT
content-encoding: br
cf-cache-status: HIT
x-77-nzt-ray: uLRyrgzzims=
age: 5880
cf-polished: origSize=411
x-77-cache: MISS
last-modified: Mon, 07 Feb 2022 22:09:33 GMT
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: JEHMACYYA4HPQ0D0
x-amz-id-2: xJWExpuPi8iCdm3t2a++yTrY6qhj9KBKqSSlclpqYSFfm8Zo+CNCZZGjeYZyC98KzLAlb/8JrMk=
x-77-nzt: AcO1ryyDX2DB
cf-bgj: minify
server: cloudflare
etag: W/"c3117ac48ac6818ff2eed6e9018f26c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=691200
cf-ray: 71af0d874a5c9016-FRA
expires: Wed, 22 Jun 2022 00:47:07 GMT

GET
H2 200 widget.js Show response
staticw2.yotpo.com/7iRas2It4piijhOgK1yNtPNRfj7UB4jkXIr7ZtHd/ 448 KB
115 KB 309ms
263ms Script
text/javascript 2a02:26f0:6c00:287::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/7iRas2It4piijhOgK1yNtPNRfj7UB4jkXIr7ZtHd/widget.js?shop=drsquatchsoapco.myshopify.com

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:287::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

85e387b5253056dd1dcc0307937b75ea2d507f2a9c401f74222772fcb26e06b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=128, origin; dur=125
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 395d243fbae645e660c5b24f59dd92ea
x-runtime: 0.033937
x-frame-options: SAMEORIGIN
etag: W/"aea31664b20c0a84b79bf32966dc7401"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 redirect-app.js Show response
easyredirects.esc-apps-cdn.com/ 1 KB
1 KB 59ms
25ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://easyredirects.esc-apps-cdn.com/redirect-app.js?shop=drsquatchsoapco.myshopify.com
Requested by: Host: drsquatch.com
URL: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b810cb1fc12da903c39b4e4b98d9d31f71b45b29c8d3dee4d5f692f2218ccc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:07 GMT
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P1
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 10 Mar 2022 10:52:17 GMT
server: cloudflare
etag: W/"9643234c1fa77f5a0767132cdbd8bd1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYG%2BzTyaZyef5Pfp3rxP%2Bt%2B4oSSbYid0vr6GfCrLJ9VMtzrC4nhtrpRwjTSsENUgUoO0N7mHqyiHUsLeS1cLnE4N0Dy0OLOyj0DXHVGxtn9%2Fpo30qVHu7PphH%2FI%2BHpg5DvDvHq7cu5K%2BF2syHeNvqCWasVkDVJtP%2F9XAg3E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 71af0d877cbd9a09-FRA
x-amz-cf-id: zMR5PUpN-0EInnV6ntSQRl3JTtH_ZXUeB3sOdrc0I_bmPuDBTccmBw==
cf-bgj: minify

GET
H2 200 track.js Show response
cdn.builder.io/js/shopify/ 42 KB
13 KB 87ms
26ms Script
application/javascript 2600:9000:214f:a800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.builder.io/js/shopify/track.js?apiKey=2d5df289fb7a4e928548dc06df95bdbe&shop=drsquatchsoapco.myshopify.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:a800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

ce637969c373b60405eefebbf0175f4aa0cd557abdc8ada62b59f1750b404a80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
age: 284
x-cache: Hit from cloudfront
x-via: s3
date: Tue, 14 Jun 2022 00:42:36 GMT
content-length: 12900
via: 1.1 varnish, 1.1 varnish, 1.1 a75b67932d84d80b40e12159613deb16.cloudfront.net (CloudFront)
x-served-by: cache-chi-kigq8000047-CHI, cache-chi-kigq8000092-CHI, cache-hhn4034-HHN
server: Google Frontend
x-timer: S1654822268.482067,VS0,VE104
etag: W/"a615-sPR0o5y1io45Hb+so288hqxwzU4"
vary: cookie,accept-encoding,Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: e004022cd97d9cb36a4b387455affc07;o=1
cache-control: public, max-age=600, s-maxage=600, stale-if-error=2678400, stale-while-revalidate=86400
function-execution-id: ef61t6s0jgja
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-robots-tag: noindex
x-amz-cf-id: xIQEOI-ult6X-CnHh_mruFMDOKR3z_ufbAf4EZmpqtrqcCfStnGE7Q==
x-country-code: US
x-cache-hits: 1, 1, 0

GET
H3 404 VBMURxqUR3s9Gjgw.js
cdn.shopify.com/s/files/1/0275/7784/3817/t/874/assets/ 0
0 121ms
121ms Script
text/html 104.16.254.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.shopify.com/s/files/1/0275/7784/3817/t/874/assets/VBMURxqUR3s9Gjgw.js?v=1647504127&shopId=9217&shop=drsquatchsoapco.myshopify.com
Requested by: Host: drsquatch.com
URL: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.254.71 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H2 200 drsquatchsoapco.js Show response
shopify-init.blackcrow.ai/js/core/ 0
400 B 33ms
8ms Script
application/javascript 65.9.66.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://shopify-init.blackcrow.ai/js/core/drsquatchsoapco.js?shopify_app_version=1.0.39&shop=drsquatchsoapco.myshopify.com
Requested by: Host: drsquatch.com
URL: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-125.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id: 152IXRSAwucD9FGGQWnYGCyZl1skb4UT
via: 1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
last-modified: Mon, 13 Jun 2022 22:09:46 GMT
server: AmazonS3
age: 2227
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Error from cloudfront
content-type: application/javascript
cache-control: max-age=600
date: Tue, 14 Jun 2022 00:10:29 GMT
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-robots-tag: noindex
content-length: 0
x-amz-cf-id: y6W_LUnY4WfzooVdzSoxs_mH01jS-flfLl81U1MaMpnDrDawFw-l-Q==

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=A66B3B7458B54541AE1AD6A679957710&RedC=c.clarity.ms&MXFR=1B3D1957760368AE15A508947203664D
https://c.clarity.ms/c.gif?CtsSyncId=A66B3B7458B54541AE1AD6A679957710&MUID=1F9850D0A93D6E1529C94113A8566F1D

42 B
368 B

30ms
29ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=A66B3B7458B54541AE1AD6A679957710&MUID=1F9850D0A93D6E1529C94113A8566F1D
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 00:47:07 GMT
last-modified: Fri, 20 May 2022 21:53:17 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "17a28a3946cd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 00:47:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 964F856494C948A7A43FEB076CFA8ED3 Ref B: FRAEDGE1513 Ref C: 2022-06-14T00:47:07Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=A66B3B7458B54541AE1AD6A679957710&MUID=1F9850D0A93D6E1529C94113A8566F1D
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 9193
Redirect Chain

https://ib.adnxs.com/seg?add=95287&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://ib.adnxs.com/bounce?%2Fseg%3Fadd%3D95287%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx%253Fa...
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6984659939019381507

43 B
370 B

14ms
14ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6984659939019381507

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 00:47:07 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1221322
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 00:47:07 GMT
X-Proxy-Origin: 178.162.209.142; 178.162.209.142; 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: bd64a1a9-ee48-4a0a-ab94-0f38359e70ab
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6984659939019381507
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 9193
Redirect Chain

https://secure.adnxs.com/seg?add=1005440&redir=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D1005440%26redir%3Dhttps%253A%252F%252Fib.adnxs.com%252Fgetuid%253Fhttps%253A%252F%252Fdis.criteo.com%252Fdis%252Frtb%252Fappnexus%252Fcookiematch.aspx...
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6270259480026791653

43 B
370 B

16ms
14ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6270259480026791653

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 00:47:07 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1668892
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 00:47:07 GMT
X-Proxy-Origin: 178.162.209.142; 178.162.209.142; 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 036771d7-0336-4877-aa66-159ede2d3767
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6270259480026791653
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 9193
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-IanjXPBdMRT_v8NKYLuza7BONzpUnrismZbi-w&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-IanjXPBdMRT_v8NKYLuza7BONzpUnrismZbi-w&expires=30

43 B
495 B

8ms
8ms

Image
image/gif

52.57.150.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-IanjXPBdMRT_v8NKYLuza7BONzpUnrismZbi-w&expires=30
Protocol: HTTP/1.1
Server: 52.57.150.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-150-184.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 00:47:07 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-IanjXPBdMRT_v8NKYLuza7BONzpUnrismZbi-w&expires=30
Date: Tue, 14 Jun 2022 00:47:07 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 9193
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-nqOYsfBdMRT_v8NKYLuza7BONzq3RZpJymFXNg&google_cm&google_hm=ay1ucU9Zc2ZCZE1SVF92OE5LWUx1emE3Qk9OenEzUlpwS...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-nqOYsfBdMRT_v8NKYLuza7BONzq3RZpJymFXNg&google_gid=CAESEGyP46hrbHoiDbdhk2axKoA&google_cver=1&google_ula=913071,0

43 B
370 B

14ms
14ms

Image
image/gif

178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-nqOYsfBdMRT_v8NKYLuza7BONzq3RZpJymFXNg&google_gid=CAESEGyP46hrbHoiDbdhk2axKoA&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 00:47:06 GMT
content-type: image/gif
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1708992
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 00:47:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-nqOYsfBdMRT_v8NKYLuza7BONzq3RZpJymFXNg&google_gid=CAESEGyP46hrbHoiDbdhk2axKoA&google_cver=1&google_ula=913071,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 9193 49 B
235 B 68ms
17ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-ksWYhPBdMRT_v8NKYLuza7BONzpOBFDDA-H6VA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 00:47:07 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
content-length: 49
expires: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 9193
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-UU7LOvBdMRT_v8NKYLuza7BONzrDKQsu7C5KvQ
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-UU7LOvBdMRT_v8NKYLuza7BONzrDKQsu7C5KvQ&C=1

43 B
783 B

11ms
11ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-UU7LOvBdMRT_v8NKYLuza7BONzrDKQsu7C5KvQ&C=1
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 00:47:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 14 Jun 2022 00:47:07 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 00:47:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-UU7LOvBdMRT_v8NKYLuza7BONzrDKQsu7C5KvQ&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Tue, 14 Jun 2022 00:47:07 GMT

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 9193
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-1akAq_BdMRT_v8NKYLuza7BONzphIiVL-Op7pA
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-1akAq_BdMRT_v8NKYLuza7BONzphIiVL-Op7pA

43 B
447 B

33ms
33ms

Image
image/gif

63.35.168.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-1akAq_BdMRT_v8NKYLuza7BONzphIiVL-Op7pA
Protocol: H2
Server: 63.35.168.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-168-36.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 14 Jun 2022 00:47:07 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-1akAq_BdMRT_v8NKYLuza7BONzphIiVL-Op7pA
date: Tue, 14 Jun 2022 00:47:07 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

451

397596.gif
idsync.rlcdn.com/ Frame 9193
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=59Gg9LWCO-2sleE3BNtFyJPFOufzEL5B

0
98 B

54ms
18ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=59Gg9LWCO-2sleE3BNtFyJPFOufzEL5B
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:07 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=59Gg9LWCO-2sleE3BNtFyJPFOufzEL5B
date: Tue, 14 Jun 2022 00:47:06 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 4288
content-length: 197
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8

GET
H2 200 cksync.php
contextual.media.net/ Frame 9193 45 B
784 B 61ms
25ms Image
image/gif 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-uT4lhvBdMRT_v8NKYLuza7BONzo8bduyj1Qtyg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Tue, 14 Jun 2022 00:47:07 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Tue, 14 Jun 2022 00:47:07 GMT

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 9193 40 B
40 B 46ms
10ms Image
text/html 52.29.77.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-gLXAhPBdMRT_v8NKYLuza7BONzqXZIATvXbwJg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.77.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-77-213.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:07 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 9193 0
476 B 348ms
86ms Image
text/plain 70.42.32.31
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-XjyWBPBdMRT_v8NKYLuza7BONzr3yneru6ha8Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 00:47:07 GMT
Cache-Control: no-cache
X-TraceId: 5a9f24cb5ab3f23dfe6347c2de465d2a
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 9193 42 B
580 B 81ms
17ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-GaBVD_BdMRT_v8NKYLuza7BONzrkbc3AOss2ew
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:07 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 9193 0
239 B 38ms
7ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-dUzT2PBdMRT_v8NKYLuza7BONzovxpLuC_YVSQ&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/gif

GET
H2 200 v1
match.sharethrough.com/sync/ Frame 9193 68 B
262 B 60ms
8ms Image
image/png 52.57.188.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-XxJkVPBdMRT_v8NKYLuza7BONzowiN315_h2xQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.188.199 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-188-199.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:07 GMT
content-length: 68
content-type: image/png

GET
H2 204 /
s.ad.smaato.net/c/ Frame 9193 0
241 B 35ms
8ms Image
text/plain 2600:9000:2156:2600:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-tBYjDPBdMRT_v8NKYLuza7BONzrnqcM2aD8Zgg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:2600:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:07 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: zuhSNQiyvefLpfAcxKUKz5zyv5vE-kFzqBRZ8xyStVqL3EWiLiVmrg==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 9193 43 B
163 B 57ms
16ms Image
image/gif 185.86.137.110
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-jXNmCvBdMRT_v8NKYLuza7BONzp0v6Kp1RBHjA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:06 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 9193 0
99 B 57ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-LJox6vBdMRT_v8NKYLuza7BONzr8mi_-5psIWQ
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12251

GET
H2 200 um
criteo-sync.teads.tv/ Frame 9193 23 B
172 B 75ms
31ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-vQPa_fBdMRT_v8NKYLuza7BONzp7qxEjWJr-XA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 00:47:07 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 14 Jun 2022 00:47:07 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 9193 37 B
140 B 42ms
7ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-5q9vzfBdMRT_v8NKYLuza7BONzoklBDz_BuL0g&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

404

sync
pixel.advertising.com/ups/55945/ Frame 9193
Redirect Chain

https://pixel.advertising.com/ups/55945/sync?uid=k-Yvo_-PBdMRT_v8NKYLuza7BONzrxgPPMPO0YtA&_origin=1
https://pixel.advertising.com/ups/55945/sync?uid=k-Yvo_-PBdMRT_v8NKYLuza7BONzrxgPPMPO0YtA&_origin=1&verify=true

0
256 B

10ms
9ms

Image
text/plain

52.28.55.96
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55945/sync?uid=k-Yvo_-PBdMRT_v8NKYLuza7BONzrxgPPMPO0YtA&_origin=1&verify=true

Protocol

Server

52.28.55.96 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-55-96.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:07 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://pixel.advertising.com/ups/55945/sync?uid=k-Yvo_-PBdMRT_v8NKYLuza7BONzrxgPPMPO0YtA&_origin=1&verify=true
date: Tue, 14 Jun 2022 00:47:07 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 9193 0
47 B 20ms
19ms Image
text/plain 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~7315a025058f3128185459bfaf16e164414683fc&nwid=10000545908&sigv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:07 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 9193 0
398 B 58ms
10ms Image
text/plain 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QLWGkPBdMRT_v8NKYLuza7BONzqj3i90PRvhOA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.46 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:07 GMT
server: ATS/9.1.0.46
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 9193 0
522 B 44ms
20ms Image
text/plain 96.16.132.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dm_id=8666&ext_id=k-zVgw1vBdMRT_v8NKYLuza7BONzoRLBHn5IN2mA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-132-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 00:47:07 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Mon, 13 Jun 2022 00:47:07 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 9193 43 B
220 B 139ms
30ms Image
image/gif 63.35.68.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-bVv6LvBdMRT_v8NKYLuza7BONzp2v_Eyz_h4jw&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.68.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-68-240.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 14 Jun 2022 00:47:07 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 20ms
20ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=106315950&t=event&ni=1&_s=1&dl=https%3A%2F%2Fdrsquatch.com%2Fpages%2Fsubscription-flow%3F_ke%3DeyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%253D%26utm_campaign%3DFlow%253A1A-PrePurchaseFlow-EmailModal%257CNum%253A2%257CDay%253A2%257CEM%253ARaisingTheBarSamplerBundle%257CPromo%253ANA%257C%26utm_medium%3Demail%26utm_source%3Dklaviyo-automated-flow%26variation%3DB&ul=en-us&de=UTF-8&dt=Subscription%20Flow%20-%20Dr.%20Squatch&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=undefined&ea=undefined&ev=1491714775&_u=aHDAAEABQAAAAG~&jid=1867508011&gjid=130223454&cid=1491714775.1655167626&tid=UA-7574757-3&_gid=159697642.1655167626&_r=1&gtm=2wg6d0MQXWN9&did=BwiEti&cd18=1491714775.1655167626&z=70033010

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://drsquatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 00:47:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://drsquatch.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
l.clarity.ms/ 0
68 B 187ms
186ms XHR
text/plain 20.120.65.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://l.clarity.ms/collect
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://drsquatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: https://drsquatch.com
date: Tue, 14 Jun 2022 00:47:06 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-7574757-3&cid=1491714775.1655167626&jid=1867508011&gjid=130223454&_gid=159697642.1655167626&_u=aHDAAEABQAAAAG~&z=994409639

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://drsquatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 14 Jun 2022 00:47:07 GMT
content-type: text/plain
access-control-allow-origin: https://drsquatch.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 app.v1.0.362.js Show response
cdn-swell-assets.yotpo.com/ 1 MB
192 KB 57ms
7ms Script
text/plain 192.229.233.223
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-swell-assets.yotpo.com/app.v1.0.362.js
Requested by: Host: cdn-loyalty.yotpo.com
URL: https://cdn-loyalty.yotpo.com/loader/aVmUCojw7M4SVKvRhQWlyw.js?shop=drsquatchsoapco.myshopify.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.223 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A8) /
Resource Hash: ccaa9fc98ba7153973c89263d4ab6ff949c201a412e7410c7367ddfdb8d0a841

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:07 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 07:26:37 GMT
server: ECS (frb/67A8)
x-amz-meta-s3cmd-attrs: uid:1000/gname:ubuntu/uname:ubuntu/gid:1000/mode:33188/mtime:1648020396/atime:1648020396/md5:52177ec1835a3b62cdda9bd550079d16/ctime:1648020396
age: 491944
etag: "52177ec1835a3b62cdda9bd550079d16+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/plain
x-amz-request-id: 3NBQS3MC2C10GT9Z
content-length: 195961
x-amz-version-id: gw6HTulc93XmmOsvhQGZkxCIUp.PMBsM
x-amz-id-2: i6Rj1ISV+PwiTqD3lCqNpPq29dTDzCo/BDsQRknIYG2p01+AU4/2DIGNksYDRAu7LWG0ArRzAWc=

GET
H2 200 vck-shopify.js Show response
cdn.jst.ai/ 7 KB
3 KB 58ms
31ms Script
application/javascript 2606:4700::6811:cb35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jst.ai/vck-shopify.js
Requested by: Host: scripttags.jst.ai
URL: https://scripttags.jst.ai/shopify_justuno_27577843817_a0886a70-8862-11ec-a58a-f1799901d9e6.js?shop=drsquatchsoapco.myshopify.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:cb35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7643a3944c3c7df42904eca59254287373639d4ca7c178cc7484d387aec0a8f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 14 Jun 2022 00:47:07 GMT
content-encoding: br
cf-cache-status: HIT
x-77-nzt-ray: Yu30AYbAayk=
age: 7357
cf-polished: origSize=10925
cf-ray: 71af0d893d099963-FRA
x-77-cache: MISS
x-cache: MISS
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: V3G91VAAXVVHYJRN
x-amz-id-2: ebkRgX2THt7x53VkGoKq+JOMZztoCKSmLIssi+enfsSD4VyaNPFgvWm6qjqY8NPsRgGGvx/d5fc=
x-77-nzt: AcO1ryxdj5eh
last-modified: Tue, 18 Jan 2022 22:56:21 GMT
server: cloudflare
etag: W/"259ddac425e70184b1c9890febcb1a48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: mkHVrKu9..67dXu1ksQk643SRpaI.rtc
cache-control: public, max-age=700000
content-type: application/javascript
expires: Wed, 22 Jun 2022 03:13:47 GMT

POST
H3 200 produce
monorail-edge.shopifysvc.com/v1/ 0
852 B 147ms
129ms Ping
text/plain 104.16.255.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monorail-edge.shopifysvc.com/v1/produce

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.255.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://drsquatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 14 Jun 2022 00:47:07 GMT
access-control-allow-methods: OPTIONS,POST
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: 15fa4ce6-e405-474b-a38c-5dbd489a0e67
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JRQu3O87Ccr0xhlDMMY%2FJD9zdtMKCLo%2FNAB6Rkn4y9CZk06QD6nvQYne5DE7gKtv9OoDsUFCOZiVsPQdGtwsA4Y7pQTw0tbjpS8XHsbOFRPEMvivBdrvvrJ03XkL8at1Krc0d%2FZyyS1HZZhwBZY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://drsquatch.com
access-control-allow-credentials: true
cf-ray: 71af0d87dfe79975-FRA
access-control-allow-headers: User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 9193
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=8NgCb8rEzOG9qidUdfsY1LaAmAI_ncfW
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=8NgCb8rEzOG9qidUdfsY1LaAmAI_ncfW

42 B
945 B

34ms
33ms

Image
image/gif

52.30.130.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=8NgCb8rEzOG9qidUdfsY1LaAmAI_ncfW

Protocol

HTTP/1.1

Server

52.30.130.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-130-246.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v034-02e95eed9.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: qBJVQn3SRhU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v034-0467c4b8c.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: wHYpEV7oSt0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=8NgCb8rEzOG9qidUdfsY1LaAmAI_ncfW
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 24ms
24ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-7574757-3&cid=1491714775.1655167626&jid=1867508011&_u=aHDAAEABQAAAAG~&z=1288218080

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 00:47:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 25ms
25ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-7574757-3&cid=1491714775.1655167626&jid=1867508011&_u=aHDAAEABQAAAAG~&z=1288218080

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 00:47:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 track
cdn.builder.io/api/v1/ Frame 0
0 27ms
8ms Preflight
application/json 2600:9000:214f:a800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.builder.io/api/v1/track
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://drsquatch.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: *
age: 19787115
cache-control: max-age=100000000
content-length: 19
content-type: application/json
date: Thu, 28 Oct 2021 00:21:52 GMT
server: CloudFront
via: 1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
x-amz-cf-id: -4ktsYwyKkKpNe_eVARwOqi4XaGZ1TbXjiVECSSWLsTDme6XHRATGQ==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront

POST
H2 200 track Show response
cdn.builder.io/api/v1/ 19 B
422 B 23ms
23ms Fetch
application/json 2600:9000:214f:a800:2:cea4:aa80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.builder.io/api/v1/track
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a800:2:cea4:aa80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 9dbcb789cce44f6a1ebf8b0c8b1f453538fa057a271a75c5dd3dff663b8b4cc8

Request headers

Referer: https://drsquatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
content-type: application/json

Response headers

date: Thu, 28 Oct 2021 00:21:55 GMT
via: 1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
server: CloudFront
age: 19787112
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
x-api-call-time: 2
cache-control: max-age=100000000
x-cache: LambdaGeneratedResponse from cloudfront
x-amz-cf-pop: FRA53-C1
access-control-allow-headers: content-type
content-length: 19
x-amz-cf-id: -WICwh0PF4KUoTNMR-9u3ApG71VGVaeltfHTlK9RU9IEZOmae88Vhg==

GET
H/1.1 200
OK setuid
secure.adnxs.com/ Frame 9193 43 B
1 KB 14ms
14ms Image
image/gif 185.33.223.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=52&code=k-A4YTDPBdMRT_v8NKYLuza7BONzoH6reOnUVlLQ&seg=1005440

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 00:47:07 GMT
X-Proxy-Origin: 178.162.209.142; 178.162.209.142; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f8cf552f-5c7d-4bb1-895d-2d3733da58ae
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 9193 43 B
220 B 8ms
8ms Image
image/gif 52.57.150.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=117&user_id=k-IanjXPBdMRT_v8NKYLuza7BONzpUnrismZbi-w&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.150.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-150-184.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 00:47:07 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 9193 0
17 B 19ms
19ms Image
text/plain 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~fa63d183df77c65a03eac82806b701b9c4f726b8&nwid=10000892938&sigv=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:07 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 9193 0
522 B 18ms
18ms Image
text/plain 96.16.132.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-zVgw1vBdMRT_v8NKYLuza7BONzoRLBHn5IN2mA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-132-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 00:47:07 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Mon, 13 Jun 2022 00:47:07 GMT

GET
H2 200 account_version_check.html Show response
my.jst.ai/ajax/ 36 B
685 B 422ms
395ms Script
application/json 2606:4700::6811:cb35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.jst.ai/ajax/account_version_check.html?id=E6B3B4ED-5398-4F86-901B-59498241FBF5
Requested by: Host: cdn.jst.ai
URL: https://cdn.jst.ai/vck-shopify.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:cb35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c37235de3a01b766452473ba7ad57576299e849f0164b64e37e21d0b55d502b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:08 GMT
content-encoding: br
cf-cache-status: EXPIRED
p3p: CP="CURa ADMa DEVa TAIa CONa OUR BUS DSP NON COR"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 13 Jun 2022 17:47:08 PST
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=30
cf-ray: 71af0d899c949b70-FRA
access-control-allow-headers: X-CSRFToken, x-csrf-token, x-rover-source, X-Requested-With, origin, content-type, accept
expires: Tue, 14 Jun 2022 00:47:38 GMT

GET
H3 200 cart.js Show response
drsquatch.com/ 283 B
1 KB 487ms
486ms XHR
text/javascript 2606:4700::6810:953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://drsquatch.com/cart.js

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:953 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13d57fcd618398732a528226a00b563a1852e3afe37475e8a016c32200403dbf

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-encoding: br
x-permitted-cross-domain-policies: none
x-shopify-stage: production
x-cache-hits: 0
server-timing: ems-cache-miss;desc="Cache Miss", ems-get-config;desc="Get Config";dur=0, ems-parse-url;desc="Parse URL";dur=0, ems-create-request;desc="Create Request";dur=0, ems-backend-fetch;desc="Backend Fetch";dur=471, ems-rewrite-response;desc="Rewrite Response";dur=0
x-sorting-hat-shopid: 27577843817
x-served-by: cache-itm18849-ITM
x-shardid: 104
x-storefront-renderer-rendered: 1
x-timer: S1655167628.979346,VS0,VE175
x-frame-options: DENY
x-shopid: 27577843817
vary: Accept-Encoding, Accept
content-type: text/javascript; charset=utf-8
x-edgemesh-server: miss, proxy, shopify
x-cartjs-updatedat: 0
date: Tue, 14 Jun 2022 00:47:08 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-dc: gcp-asia-northeast2,gcp-us-central1,gcp-us-central1
x-cache: MISS
server-timing-public: processing;dur=18, db;dur=8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: a9c527b2-9658-414c-b5e8-b48db4c581b4
last-modified: Tue, 14 Jun 2022 00:47:08 GMT
server: cloudflare
x-edgemesh-server-version: 1.6.0
x-edgemesh-backend: www.drsquatch.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7889238
content-language: en
x-download-options: noopen
cf-ray: 71af0d89cd879a3c-FRA
x-sorting-hat-podid: 104

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 9193 43 B
219 B 30ms
30ms Image
image/gif 63.35.68.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=%3Ccriteo%20user%20id%3E&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.68.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-68-240.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 14 Jun 2022 00:47:07 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H2 200 widget.css
staticw2.yotpo.com/7iRas2It4piijhOgK1yNtPNRfj7UB4jkXIr7ZtHd/ 535 KB
50 KB 15ms
15ms Stylesheet
text/css 2a02:26f0:6c00:287::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/7iRas2It4piijhOgK1yNtPNRfj7UB4jkXIr7ZtHd/widget.css?widget_version=2022-04-24_06-59-01

Requested by

Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/7iRas2It4piijhOgK1yNtPNRfj7UB4jkXIr7ZtHd/widget.js?shop=drsquatchsoapco.myshopify.com

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:287::1d72 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c465f8353fbaf2eeb3d0276f1ba0486319d41b36bf41812a1cadfdb724a1dfbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=5
vary: Accept-Encoding
content-length: 50711
x-xss-protection: 1; mode=block
x-request-id: a6877c217b327314ffa88aebfe9d0661
x-runtime: 0.098003
x-frame-options: SAMEORIGIN
etag: W/"f14c18683d7e841e82bde06a03beb1ba"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3450
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 i
p.yotpo.com/ 35 B
278 B 12ms
11ms Image
image/gif 52.58.231.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.yotpo.com/i?e=pv&page=Subscription%20Flow%20-%20Dr.%20Squatch&se_va=7iRas2It4piijhOgK1yNtPNRfj7UB4jkXIr7ZtHd&cx=eyJwdl91dWlkIjoxNjczNjMxMDN9&dtm=1655167627864&tid=405536&vp=1600x1200&ds=1600x3650&vid=1&duid=01f8b068834f246b&p=web&tv=js-0.13.2&fp=1789155876&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Etc%2FUTC&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fdrsquatch.com%2Fpages%2Fsubscription-flow%3F_ke%3DeyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%253D%26utm_campaign%3DFlow%253A1A-PrePurchaseFlow-EmailModal%257CNum%253A2%257CDay%253A2%257CEM%253ARaisingTheBarSamplerBundle%257CPromo%253ANA%257C%26utm_medium%3Demail%26utm_source%3Dklaviyo-automated-flow%26variation%3DB%23barsoap
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.231.73 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-231-73.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:07 GMT
cache-control: max-age=86400, private
server: nginx
content-type: image/gif
content-length: 35
expires: Wed, 15 Jun 2022 00:47:07 GMT

GET
H3 200 css
fonts.googleapis.com/ 3 KB
643 B 52ms
22ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/7iRas2It4piijhOgK1yNtPNRfj7UB4jkXIr7ZtHd/widget.css?widget_version=2022-04-24_06-59-01

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

71ab148cfc90acf719758d5afa6afe0e131647522a2516616e494b7469235752

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://staticw2.yotpo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 23:16:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 14 Jun 2022 00:47:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 14 Jun 2022 00:47:07 GMT

GET
H3 200 mwgt_4.1.js Show response
cdn.jst.ai/ 207 KB
52 KB 39ms
25ms Script
application/javascript 2606:4700::6811:cb35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jst.ai/mwgt_4.1.js?v=5.28
Requested by: Host: cdn.jst.ai
URL: https://cdn.jst.ai/vck-shopify.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:cb35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb108d6740e4eaf4d00cd7ed588a21b30b7356f3fcd6eddede1e6578604be5c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 14 Jun 2022 00:47:08 GMT
content-encoding: br
cf-cache-status: HIT
x-77-nzt-ray: FlJRcCuTp4g
age: 153016
cf-polished: origSize=281138
cf-ray: 71af0d8c296f994e-FRA
x-77-cache: MISS
x-cache: MISS
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: Z1QG2Z1JQFDSC8WP
x-amz-id-2: chkYaG3+a3oy/Z9qOsbS/3SSa8aa7a8MDj2rsYvbYfYuhLEZjnovuxyt7yA/6LG45Le1f1zAd3w=
x-77-nzt: AcO1ry9XR9qh
last-modified: Wed, 18 May 2022 22:55:31 GMT
server: cloudflare
etag: W/"cb7785c9e76ad1dad30131601549101d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: w5YqBBLKcADderhIwtX2PI3V_SfVVsx3
cache-control: public, max-age=700000
content-type: application/javascript
expires: Wed, 22 Jun 2022 03:13:48 GMT

GET
H2 200 trace Show response
www.cloudflare.com/cdn-cgi/ 291 B
437 B 34ms
8ms XHR
text/plain 2606:4700::6810:7b60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cloudflare.com/cdn-cgi/trace

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7b60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c814a04f52d229dafe07809fc64f073b35c211746768d630e0d391d9199a92f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 71af0d8c9ab29b82-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 jquery-3.3.1.min.js Show response
cdn.jst.ai/ 85 KB
31 KB 29ms
29ms Script
application/javascript 2606:4700::6811:cb35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jst.ai/jquery-3.3.1.min.js
Requested by: Host: cdn.jst.ai
URL: https://cdn.jst.ai/mwgt_4.1.js?v=5.28
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:cb35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 14 Jun 2022 00:47:08 GMT
content-encoding: br
cf-cache-status: HIT
x-77-nzt-ray: OGqMgEIyP2U
age: 24559
x-77-cache: HIT
content-type: application/javascript
x-cache: HIT
x-age: 145450
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 7388724N2TQAXRKQ
x-amz-id-2: AD8YNsoTkWkqjCMrJxS0sIcgSK2zveJoGwp0tfMz0j5E8ScDAzRfou/TPI2beUaXhaZ7IK664Ys=
x-77-nzt: AcO1ryzB+VXvKjgCAA
last-modified: Tue, 14 May 2019 18:11:41 GMT
server: cloudflare
etag: W/"378087a64e1394fc51f300bb9c11878c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: WVSarkncFMGMbDTFtItJEyauJ_gI3R_b
cache-control: public, max-age=700000
cf-ray: 71af0d8cca5f994e-FRA
expires: Wed, 22 Jun 2022 03:13:48 GMT

GET
H3 200 loggedincustomer Show response
drsquatch.com/apps/ 2 B
2 KB 671ms
670ms XHR
application/json 2606:4700::6810:953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://drsquatch.com/apps/loggedincustomer

Requested by

Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:953 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-encoding: br
x-permitted-cross-domain-policies: none
x-shopify-stage: production
server-timing: ems-cache-miss;desc="Cache Miss", ems-get-config;desc="Get Config";dur=0, ems-parse-url;desc="Parse URL";dur=0, ems-create-request;desc="Create Request";dur=0, ems-backend-fetch;desc="Backend Fetch";dur=645, ems-rewrite-response;desc="Rewrite Response";dur=0
x-sorting-hat-shopid: 27577843817
x-served-by: cache-hhn4020-HHN
x-shardid: 104
x-storefront-renderer-rendered: 1
x-timer: S1655167628.319457,VS0,VE631
x-frame-options: DENY
x-shopid: 27577843817
vary: Accept-Encoding, Accept
content-type: application/json; charset=utf-8
x-edgemesh-server: miss, proxy, shopify
link: <https://cdn.shopify.com>; rel="preconnect", <https://cdn.shopify.com>; rel="preconnect"; crossorigin
x-cache-hits: 0
date: Tue, 14 Jun 2022 00:47:08 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dc: gcp-europe-west1,gcp-europe-west1,gcp-us-east1,gcp-us-east1
x-cache: MISS
server-timing-public: processing;dur=38, db;dur=16
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: c85d90f4-eb83-49d7-af7d-af2194937128
server: cloudflare
x-edgemesh-server-version: 1.6.0
x-edgemesh-backend: www.drsquatch.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=7889238
content-language: en
x-download-options: noopen
cf-ray: 71af0d8cd8d09a3c-FRA
x-sorting-hat-podid: 104

GET
H3 200 store_4.1.html Show response
cdn.jst.ai/ Frame 88B3 2 KB
1018 B 24ms
23ms Document
text/html 2606:4700::6811:cb35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jst.ai/store_4.1.html?v=5.28
Requested by: Host: cdn.jst.ai
URL: https://cdn.jst.ai/mwgt_4.1.js?v=5.28
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:cb35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c189dd46df7ab8b489d4a3238defd7975ad02f114eb3f72fedadeb6fde7cbe0

Request headers

Referer: https://drsquatch.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=700000
cf-cache-status: DYNAMIC
cf-ray: 71af0d8d2ae2994e-FRA
content-encoding: br
content-type: text/html
date: Tue, 14 Jun 2022 00:47:08 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Tue, 31 Mar 2020 15:31:26 GMT
server: cloudflare
x-77-cache: HIT
x-77-nzt: AcO1ry85aBX/plUCAA
x-77-nzt-ray: hwGNV22mAUc
x-77-pop: frankfurtDE
x-age: 152998
x-amz-id-2: 3mtr9iqeUfycc6k7/lmp6tPtTPzRLPbu3FReDDaC5evS3/2NdbHJjxY8Qun2kR9PHhF6+xbpKeA=
x-amz-request-id: VKDHWGF1XBWSPQCN
x-amz-version-id: n8._QaxL6VauG4hu9U02QXwqY3LVnM24
x-cache: HIT

POST
H2 204 collect Show response
l.clarity.ms/ 0
48 B 95ms
94ms XHR
text/plain 20.120.65.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://l.clarity.ms/collect
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://drsquatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: https://drsquatch.com
date: Tue, 14 Jun 2022 00:47:07 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 bootstrap.min.css
cdn-swell-assets.yotpo.com/ Frame BC31 128 KB
17 KB 8ms
7ms Stylesheet
text/css 192.229.233.223
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-swell-assets.yotpo.com/bootstrap.min.css
Requested by: Host: cdn-swell-assets.yotpo.com
URL: https://cdn-swell-assets.yotpo.com/app.v1.0.362.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.223 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BC) /
Resource Hash: d85fdb38867dbfd85d49d3711045f03ba72cccfc3217003f911b34d18a05d580

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:08 GMT
content-encoding: gzip
last-modified: Sat, 03 Nov 2018 07:07:15 GMT
server: ECS (frb/67BC)
age: 30583153
etag: "ac7e8e8ff20e7d843326d71a28ecb087+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=315360000
x-amz-request-id: 79MJEZWPXMC7A7RR
content-length: 16944
x-amz-version-id: null
x-amz-id-2: e2iSR1D67Sfe+Eugix0aGXPrBmYbBfYSc5EmsV3wpzUzNfYn9qDJFLibjIVM5uq7CFEeENp3QYU=

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame BC31 30 KB
7 KB 36ms
14ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: cdn-swell-assets.yotpo.com
URL: https://cdn-swell-assets.yotpo.com/app.v1.0.362.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723
age: 12393302
cdn-cachedat: 11/15/2021 21:49:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.0
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 8b677d48aa464c28c0815c97adbbe174
cf-ray: 71af0d9149409b25-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 css
fonts.googleapis.com/ 10 KB
808 B 24ms
24ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto|Open%20Sans:300,400,700

Requested by

Host: cdn-swell-assets.yotpo.com
URL: https://cdn-swell-assets.yotpo.com/app.v1.0.362.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d4fb447275bc7b31ce1c201fa177b36d66326facf14cef895227cd514efe5019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 00:47:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 14 Jun 2022 00:47:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 14 Jun 2022 00:47:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 101ms
14ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Open%20Sans:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://drsquatch.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 20354
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 19:07:55 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame BC31 10 KB
808 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto|Open%20Sans:300,400,700

Requested by

Host: cdn-swell-assets.yotpo.com
URL: https://cdn-swell-assets.yotpo.com/app.v1.0.362.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d4fb447275bc7b31ce1c201fa177b36d66326facf14cef895227cd514efe5019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 00:47:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 14 Jun 2022 00:47:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 14 Jun 2022 00:47:09 GMT

GET
H3 200 account_config_4.1.html Show response
my.jst.ai/ajax/ 29 KB
3 KB 248ms
238ms Script
application/json 2606:4700::6811:cb35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://my.jst.ai/ajax/account_config_4.1.html?callback=jsonCallback&m=0&id=E6B3B4ED-5398-4F86-901B-59498241FBF5&p=0&cm=0&pl=25
Requested by: Host: cdn.jst.ai
URL: https://cdn.jst.ai/jquery-3.3.1.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:cb35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d4e19f979b8c6c26b654c10b2dc1396bf3247837502c356c14ab9304daa1f1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
p3p: CP="CURa ADMa DEVa TAIa CONa OUR BUS DSP NON COR"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 13 Jun 2022 17:47:09 PST
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; Charset=UTF-8
cache-control: no-store,private
cf-ray: 71af0d938def6940-FRA
access-control-allow-headers: X-CSRFToken, x-csrf-token, x-rover-source, X-Requested-With, origin, content-type, accept
expires: Tue, 14 Jun 2022 00:47:09 GMT

GET
H2 200 findp Show response
aly.jst.ai/api/session/ 2 KB
1 KB 166ms
131ms Script
application/javascript 2606:4700::6811:cb35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aly.jst.ai/api/session/findp?callback=jsonFindCallback&accid=E6B3B4ED-5398-4F86-901B-59498241FBF5&genhash=&device_static_hash=&userid_hash=&pageId=9ez143&guid=&time=0&segment=0&language=en-US&camefrom=&thisurl=https%3A%2F%2Fdrsquatch.com%2Fpages%2Fsubscription-flow%3F_ke%3DeyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%253D%26utm_campaign%3DFlow%253A1A-PrePurchaseFlow-EmailModal%257CNum%253A2%257CDay%253A2%257CEM%253ARaisingTheBarSamplerBundle%257CPromo%253ANA%257C%26utm_medium%3Demail%26utm_source%3Dklaviyo-automated-flow%26variation%3DB%23barsoap&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36&sw=1600&sh=1200
Requested by: Host: cdn.jst.ai
URL: https://cdn.jst.ai/jquery-3.3.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:cb35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caaba0e2a465163bebd75e7089e159cb1c5f6a3e1aa44166c34a0fb333117926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-headers: X-CSRF-Token, x-rover-source, origin, x-requested-with, content-type, accept, cache-control
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: DAV, content-length, Allow
access-control-allow-credentials: true
cf-ray: 71af0d93bee55b44-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 store_4.1.html Show response
cdn.jst.ai/ Frame 0399 2 KB
1020 B 31ms
30ms Document
text/html 2606:4700::6811:cb35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jst.ai/store_4.1.html?v=5.28
Requested by: Host: cdn.jst.ai
URL: https://cdn.jst.ai/mwgt_4.1.js?v=5.28
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:cb35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c189dd46df7ab8b489d4a3238defd7975ad02f114eb3f72fedadeb6fde7cbe0

Request headers

Referer: https://drsquatch.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=700000
cf-cache-status: DYNAMIC
cf-ray: 71af0d951b93994e-FRA
content-encoding: br
content-type: text/html
date: Tue, 14 Jun 2022 00:47:09 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Tue, 31 Mar 2020 15:31:26 GMT
server: cloudflare
x-77-cache: HIT
x-77-nzt: AcO1ry+/xFn/p1UCAA
x-77-nzt-ray: 2vBmTLVzMmY
x-77-pop: frankfurtDE
x-age: 152999
x-amz-id-2: 3mtr9iqeUfycc6k7/lmp6tPtTPzRLPbu3FReDDaC5evS3/2NdbHJjxY8Qun2kR9PHhF6+xbpKeA=
x-amz-request-id: VKDHWGF1XBWSPQCN
x-amz-version-id: n8._QaxL6VauG4hu9U02QXwqY3LVnM24
x-cache: HIT

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 2 KB
999 B 20ms
20ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=556780&settings_type=2&vn=7.0&r=0.31973397100194534&u=https%3A%2F%2Fdrsquatch.com%2Fpages%2Fsubscription-flow%3F_ke%3DeyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%253D%26utm_campaign%3DFlow%253A1A-PrePurchaseFlow-EmailModal%257CNum%253A2%257CDay%253A2%257CEM%253ARaisingTheBarSamplerBundle%257CPromo%253ANA%257C%26utm_medium%3Demail%26utm_source%3Dklaviyo-automated-flow%26variation%3DB%23barsoap&exc=1|2|95|3|98|4|99|5|6|7|8|9|10|11|12|13|21|22|96|131|141|29|142
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-0f6ee48eb742edce429292f8373e99d0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: b75ad660846f93d5ed8003df329775ef04e75d221e53f608fc71b28d8102da65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://drsquatch.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 00:47:08 GMT
via: 1.1 google
server: gams1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

POST
H3 200 update Show response
aly.jst.ai/api/session/ 15 B
476 B 140ms
129ms XHR
text/html 2606:4700::6811:cb35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aly.jst.ai/api/session/update
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:cb35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8c1eec073ee8f06e30252e9a2623d67f3c804bb21de1a97714af8ab4b2f9f75

Request headers

Accept: */*
Referer: https://drsquatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 14 Jun 2022 00:47:10 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-headers: X-CSRF-Token, x-rover-source, origin, x-requested-with, content-type, accept, cache-control
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST
content-type: text/html; charset=utf-8
access-control-allow-origin: https://drsquatch.com
access-control-expose-headers: DAV, content-length, Allow
access-control-allow-credentials: true
cf-ray: 71af0d972e2c995a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 204 collect Show response
l.clarity.ms/ 0
48 B 95ms
94ms XHR
text/plain 20.120.65.166
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://l.clarity.ms/collect
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.120.65.166 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://drsquatch.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: https://drsquatch.com
date: Tue, 14 Jun 2022 00:47:10 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

POST
H3 200 ems-prerender Show response
drsquatch.com/ 2 B
235 B 38ms
22ms Fetch
text/plain 2606:4700::6810:953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://drsquatch.com/ems-prerender
Requested by: Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://drsquatch.com/pages/subscription-flow?_ke=eyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%3D&utm_campaign=Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C&utm_medium=email&utm_source=klaviyo-automated-flow&variation=B
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
content-type: application/json

Response headers

date: Tue, 14 Jun 2022 00:47:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://drsquatch.com
cf-ray: 71af0d9e4ccf9a3c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2

Verdicts & Comments Add Verdict or Comment

549 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

107 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 03:47:34	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
.drsquatch.com/	1970-01-20 12:31:43	Name: secure_customer_sig Value:
.drsquatch.com/	1970-01-20 04:06:17	Name: localization Value:
.drsquatch.com/	1970-01-20 03:46:09	Name: _shopify_country Value: Germany
.drsquatch.com/	1970-01-20 04:06:17	Name: cart_currency Value: USD
.drsquatch.com/	1969-12-31 23:59:59	Name: _orig_referrer Value:
.drsquatch.com/	1969-12-31 23:59:59	Name: _landing_page Value: %2Fpages%2Fsubscription-flow%3F_ke%3DeyJrbF9jb21wYW55X2lkIjogInBXaDduRSIsICJrbF9lbWFpbCI6ICJjb2xsaW4ubWVydGVuc0BybC5kb2UuZ292In0%253D%26utm_campaign%3DFlow%253A1A-PrePurchaseFlow-EmailModal%257CNum%253A2%257CDay%253A2%257CEM%253ARaisingTheBarSamplerBundle%257CPromo%253ANA%257C%26utm_medium%3Demail%26utm_source%3Dklaviyo-automated-flow%26variation%3DB
.drsquatch.com/	1969-12-31 23:59:59	Name: _y Value: 67bdd2df-975d-4e7f-86a1-599b72da209e
.drsquatch.com/	1969-12-31 23:59:59	Name: _s Value: 9a7a9734-1d93-4a01-9e43-bccabe723ead
.drsquatch.com/	1969-12-31 23:59:59	Name: _shopify_y Value: 67bdd2df-975d-4e7f-86a1-599b72da209e
.drsquatch.com/	1969-12-31 23:59:59	Name: _shopify_s Value: 9a7a9734-1d93-4a01-9e43-bccabe723ead
.drsquatch.com/	1970-01-20 12:31:43	Name: _tracking_consent Value: %7B%22v%22%3A%222.0%22%2C%22con%22%3A%7B%22GDPR%22%3A%22%22%7D%2C%22lim%22%3A%5B%22GDPR%22%5D%2C%22reg%22%3A%22GDPR%22%7D
.drsquatch.com/	1970-01-20 03:46:09	Name: _shopify_tm Value:
.drsquatch.com/	1970-01-20 04:06:17	Name: _shopify_tw Value:
.drsquatch.com/	1970-01-20 12:31:43	Name: _shopify_m Value: session
drsquatch.com/	1969-12-31 23:59:59	Name: em_session Value: 0x2c6895c592457597
.drsquatch.com/	1969-12-31 23:59:59	Name: _shopify_d Value: 2022-06-14T00%3A47%3A05.703Z
.drsquatch.com/	1969-12-31 23:59:59	Name: _shopify_evids Value:
.drsquatch.com/	1969-12-31 23:59:59	Name: _shopify_sa_t Value: 2022-06-14T00%3A47%3A05.731Z
.drsquatch.com/	1969-12-31 23:59:59	Name: _shopify_sa_p Value: utm_source%3Dklaviyo-automated-flow%26utm_medium%3Demail%26utm_campaign%3DFlow%253A1A-PrePurchaseFlow-EmailModal%257CNum%253A2%257CDay%253A2%257CEM%253ARaisingTheBarSamplerBundle%257CPromo%253ANA%257C
.drsquatch.com/	1970-01-20 03:46:11	Name: shopify_pay_redirect Value: pending
.drsquatch.com/	1969-12-31 23:59:59	Name: sq_cart_token Value: e5b00a71f2f959bacd71bdb3d43230be
.drsquatch.com/	1970-01-20 12:33:10	Name: _vwo_uuid_v2 Value: D4513324D7FB2D327E4DAB624E882CC6C\|ede22b707920736a74c6d3acb7ccbf6a
.klaviyo.com/	1970-01-20 03:46:09	Name: __cf_bm Value: QCyYWA.f4YZafuB4VM0AFAWkg.Ph1HEb6KN.xveyF4w-1655167626-0-AcJcZ3aPhp79zZhcFe6toRbLRE0QfMZAgBdKrM+/jaH2W89/ZQSKoG05AkD6FcElqsj0G0frRVTWcZRx7S4n9SE=
.drsquatch.com/	1970-01-20 05:55:43	Name: _gcl_au Value: 1.1.1905081632.1655167626
.drsquatch.com/	1970-01-20 03:56:12	Name: FPC_1 Value: 3fa3c60e-68b4-4737-bc34-189c3ef5fc88
.criteo.com/	1970-01-20 13:07:43	Name: uid Value: de7f4be4-49ba-44c8-a4f2-b6914e860237
.drsquatch.com/	1970-01-20 06:10:07	Name: _vis_opt_s Value: 1%7C
.drsquatch.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.drsquatch.com/	1970-01-23 19:22:07	Name: _vwo_uuid Value: D4513324D7FB2D327E4DAB624E882CC6C
.bing.com/	1970-01-20 13:07:43	Name: MUID Value: 1F9850D0A93D6E1529C94113A8566F1D
.drsquatch.com/	1969-12-31 23:59:59	Name: account_survey Value: 1
.drsquatch.com/	1970-01-20 03:47:34	Name: _uetsid Value: 83a0fd40eb7b11ec9b7e8dd2a05202b1
.drsquatch.com/	1970-01-20 13:07:43	Name: _uetvid Value: 83a118a0eb7b11ec973819b37591ea1a
.drsquatch.com/	1970-01-20 05:12:31	Name: _vwo_ds Value: 3%3Aa_0%2Ct_0%3A-1%241655167625%3A42.69097067%3A%3A14_0%2C13_0%2C12_0%2C11_0%2C10_0%2C9_0%2C8_0%2C7_0%2C6_0%2C5_0%2C4_0%2C3_0%2C2_0%2C1_0%3A22_0%2C1_0%3A0
.yahoo.com/	1970-01-20 12:32:05	Name: A3 Value: d=AQABBIrap2ICEEMGBY8VEiCQ4sBMqLvCe6YFEgEBAQEsqWKxYgAAAAAA_eMAAA&S=AQAAAhmv563WECFnSv_8U2RVA3g
.drsquatch.com/	1970-01-20 21:17:19	Name: _ga Value: GA1.2.1491714775.1655167626
.drsquatch.com/	1970-01-20 03:47:34	Name: _gid Value: GA1.2.159697642.1655167626
.drsquatch.com/	1970-01-20 03:46:07	Name: _dc_gtm_UA-7574757-3 Value: 1
.drsquatch.com/	1970-01-20 13:15:54	Name: _scid Value: 9a1d1046-8d17-444d-ae14-ca670a897e16
.drsquatch.com/	1970-01-20 12:31:43	Name: _pin_unauth Value: dWlkPVlqaGtNakl3TmpVdE5EaGpaaTAwWWpReUxXRXpOVEF0TkdVd09ERXhOV0ZqT0dOaQ
.drsquatch.com/	1970-01-20 03:46:09	Name: _sp_ses.90f0 Value: *
.yotpo.com/	1970-01-20 12:31:43	Name: pixel Value: 82f4a286-5ce1-46d1-4182-2064ed04ff5e
.snapchat.com/	1970-01-20 13:07:43	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ0AIAgDsItIHOAm5xijV3C8beR+5SHT1bUc5VaqY1hJvFTGQTc4Jyg6e3w8mcunMgAAAA==
.doubleclick.net/	1970-01-20 13:07:43	Name: IDE Value: AHWqTUn6EO_FveHbdQuBcpjRSNRe6XDjaQXEftsYE5jbGIyEObkgwgkxVQVJcmdY
.drsquatch.com/	1970-01-20 13:15:31	Name: cto_bundle Value: gZAAyF9TN2I2TU82ODR4VmJ0c1oxaSUyRlNyQ3QxMXZyM2tzWkhrY1diMGRvMTJiMlhQM3dSZHZYbVFyWmtjYTZKRXl4dDRvMUcyNmNsenlKMVRVTzdTYTVVWVdEdXpmeUp4VlJ2U1V5UEJDN0tuWVU0akNOc3klMkJFaWtacTZ4YXhjTUl0YXpZYmhxSW00dW9Ka0Y2NnZxUnFhaDVBJTNEJTNE
.drsquatch.com/	1970-01-20 13:14:05	Name: _hp2_id.2438999048 Value: %7B%22userId%22%3A%227400051240437904%22%2C%22pageviewId%22%3A%228194665951362395%22%2C%22sessionId%22%3A%222571909033492535%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
.tiktok.com/	1970-01-20 13:07:43	Name: _ttp Value: 2AXtC09dvF1kJaV3zl8USE7NafH
.drsquatch.com/	1970-01-20 12:31:43	Name: _hjSessionUser_1353191 Value: eyJpZCI6ImZiMmNjZmEyLWUzZDYtNTZkZC1hZTlmLWU1NWY0ZTkwOWQ5YiIsImNyZWF0ZWQiOjE2NTUxNjc2MjY1NzAsImV4aXN0aW5nIjpmYWxzZX0=
.drsquatch.com/	1970-01-20 03:46:09	Name: _hjFirstSeen Value: 1
.drsquatch.com/	1970-01-20 03:46:07	Name: _hjIncludedInSessionSample Value: 0
.drsquatch.com/	1970-01-20 03:46:09	Name: _hjSession_1353191 Value: eyJpZCI6IjI2MDVjYTg5LTIxMGQtNGI1MC1iNTgyLWI4MWRhMTA3MTJiNyIsImNyZWF0ZWQiOjE2NTUxNjc2MjY3NzEsImluU2FtcGxlIjpmYWxzZX0=
.drsquatch.com/	1970-01-20 03:46:09	Name: _hjAbsoluteSessionInProgress Value: 0
.pointmediatracker.com/	1970-01-20 12:31:43	Name: c Value: 45d2f9e9-1880-4ca7-a6b7-c9d1bd0eeae1
.drsquatch.com/	1970-01-20 13:07:43	Name: _tt_enable_cookie Value: 1
.drsquatch.com/	1970-01-20 13:07:43	Name: _ttp Value: 5ffb4ddc-4249-421b-aa1a-4d372760a3d1
.drsquatch.com/	1970-01-20 05:55:43	Name: _rdt_uuid Value: 1655167626825.7a2d0b75-55fb-483e-b389-6b3a6c15f84d
www.clarity.ms/	1970-01-20 12:31:43	Name: CLID Value: 7ceccfdc946e43ca804775d51db20475.20220614.20230614
.drsquatch.com/	1970-01-20 03:46:09	Name: _hp2_ses_props.2438999048 Value: %7B%22us%22%3A%22klaviyo-automated-flow%22%2C%22um%22%3A%22email%22%2C%22ua%22%3A%22Flow%3A1A-PrePurchaseFlow-EmailModal%7CNum%3A2%7CDay%3A2%7CEM%3ARaisingTheBarSamplerBundle%7CPromo%3ANA%7C%22%2C%22ts%22%3A1655167626681%2C%22d%22%3A%22drsquatch.com%22%2C%22h%22%3A%22%2Fpages%2Fsubscription-flow%22%7D
.bidr.io/	1970-01-20 13:14:41	Name: bito Value: AABJp07FT7UAAC3bNTZcDw
.bidr.io/	1970-01-20 13:14:41	Name: bitoIsSecure Value: ok
.drsquatch.com/	1970-01-20 21:17:19	Name: __kla_id Value: eyIkcmVmZXJyZXIiOnsidHMiOjE2NTUxNjc2MjcsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vZHJzcXVhdGNoLmNvbS9wYWdlcy9zdWJzY3JpcHRpb24tZmxvdz9fa2U9ZXlKcmJGOWpiMjF3WVc1NVgybGtJam9nSW5CWGFEZHVSU0lzSUNKcmJGOWxiV0ZwYkNJNklDSmpiMnhzYVc0dWJXVnlkR1Z1YzBCeWJDNWtiMlV1WjI5MkluMCUzRCZ1dG1fY2FtcGFpZ249RmxvdyUzQTFBLVByZVB1cmNoYXNlRmxvdy1FbWFpbE1vZGFsJTdDTnVtJTNBMiU3Q0RheSUzQTIlN0NFTSUzQVJhaXNpbmdUaGVCYXJTYW1wbGVyQnVuZGxlJTdDUHJvbW8lM0FOQSU3QyZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9a2xhdml5by1hdXRvbWF0ZWQtZmxvdyZ2YXJpYXRpb249QiNiYXJzb2FwIn0sIiRsYXN0X3JlZmVycmVyIjp7InRzIjoxNjU1MTY3NjI3LCJ2YWx1ZSI6IiIsImZpcnN0X3BhZ2UiOiJodHRwczovL2Ryc3F1YXRjaC5jb20vcGFnZXMvc3Vic2NyaXB0aW9uLWZsb3c/X2tlPWV5SnJiRjlqYjIxd1lXNTVYMmxrSWpvZ0luQlhhRGR1UlNJc0lDSnJiRjlsYldGcGJDSTZJQ0pqYjJ4c2FXNHViV1Z5ZEdWdWMwQnliQzVrYjJVdVoyOTJJbjAlM0QmdXRtX2NhbXBhaWduPUZsb3clM0ExQS1QcmVQdXJjaGFzZUZsb3ctRW1haWxNb2RhbCU3Q051bSUzQTIlN0NEYXklM0EyJTdDRU0lM0FSYWlzaW5nVGhlQmFyU2FtcGxlckJ1bmRsZSU3Q1Byb21vJTNBTkElN0MmdXRtX21lZGl1bT1lbWFpbCZ1dG1fc291cmNlPWtsYXZpeW8tYXV0b21hdGVkLWZsb3cmdmFyaWF0aW9uPUIjYmFyc29hcCJ9LCIkZXhjaGFuZ2VfaWQiOiJqRTZIeUFaQjhVU3AyWkxWVHg4ekVnaGFTZGNKaVdqS0s2cUhYMlNHS3EwRkplQmJQVmNLX0NzYTE4VXpEWEdlLnBXaDduRSJ9
.drsquatch.com/	1970-01-20 12:31:43	Name: _clck Value: wkxvhw\|1\|f2b\|0
.drsquatch.com/	1970-01-20 03:46:07	Name: _gat_UA-7574757-3 Value: 1
.drsquatch.com/	1970-01-20 03:46:09	Name: builderSessionId Value: 0c39191bfa454aaa8cd866e7c93d26cd
.adnxs.com/	1970-01-20 05:55:43	Name: uuid2 Value: 6984659939019381507
.casalemedia.com/	1970-01-20 12:31:43	Name: CMID Value: Yqfai3GdULalB41VsO3sAgAA
.casalemedia.com/	1970-01-20 05:55:43	Name: CMPS Value: 3162
.casalemedia.com/	1970-01-20 05:55:43	Name: CMPRO Value: 3162
.bidswitch.net/	1970-01-20 12:31:43	Name: tuuid Value: 0d64becc-54d1-4fb4-b73d-3a00ba88dbec
.bidswitch.net/	1970-01-20 12:31:43	Name: c Value: 1655167627
.bidswitch.net/	1970-01-20 12:31:43	Name: tuuid_lu Value: 1655167627
.c.bing.com/	1970-01-20 13:07:43	Name: SRM_B Value: 1F9850D0A93D6E1529C94113A8566F1D
exchange.mediavine.com/	1970-01-20 04:06:17	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22845d8930-eb7b-11ec-a66d-5d2dec0bd394%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 04:06:17	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22845d8930-eb7b-11ec-a66d-5d2dec0bd394%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 04:06:17	Name: criteo Value: %7B%22id%22%3A%22k-gLXAhPBdMRT_v8NKYLuza7BONzqXZIATvXbwJg%22%2C%22version%22%3A%22criteo%22%7D
.media.net/	1970-01-20 12:31:43	Name: visitor-id Value: 2981692271492635000V10
.media.net/	1970-01-20 04:29:19	Name: data-c-ts Value: 1655167627
.media.net/	1970-01-20 04:29:19	Name: data-c Value: k-uT4lhvBdMRT_v8NKYLuza7BONzo8bduyj1Qtyg~~3
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 13:07:43	Name: MUID Value: 1F9850D0A93D6E1529C94113A8566F1D
.c.clarity.ms/	1970-01-20 03:46:08	Name: ANONCHK Value: 0
.drsquatch.com/	1970-01-20 03:47:34	Name: _clsk Value: rj89ld\|1655167627631\|1\|1\|l.clarity.ms/collect
.pubmatic.com/	1970-01-20 04:29:19	Name: KRTBCOOKIE_97 Value: 3385-uid:k-GaBVD_BdMRT_v8NKYLuza7BONzrkbc3AOss2ew&KRTB&23144-uid:k-GaBVD_BdMRT_v8NKYLuza7BONzrkbc3AOss2ew&KRTB&23286-uid:k-GaBVD_BdMRT_v8NKYLuza7BONzrkbc3AOss2ew&KRTB&23287-uid:k-GaBVD_BdMRT_v8NKYLuza7BONzrkbc3AOss2ew
.pubmatic.com/	1970-01-20 04:29:19	Name: PugT Value: 1655167627
.demdex.net/	1970-01-20 08:05:19	Name: demdex Value: 28304344002882631692835258343486215541
.sharethrough.com/	1970-01-20 04:29:19	Name: stx_user_id Value: 35c9416e-c6c8-4352-8ec2-85031bf00ceb
.advertising.com/	1970-01-20 12:33:10	Name: APID Value: UP8469bed9-eb7b-11ec-9648-06e47b2397f2
.dpm.demdex.net/	1970-01-20 08:05:19	Name: dpm Value: 28304344002882631692835258343486215541
.360yield.com/	1970-01-20 05:55:43	Name: tuuid Value: cd956da3-a320-4490-a1b8-0c3ebed1d32e
.360yield.com/	1970-01-20 05:55:43	Name: tuuid_lu Value: 1655167627
.adnxs.com/	1970-01-20 05:55:43	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2C''ja8%K!]tbPl@/D!9hy6]/CwiM/Zr>fcf`8b0r_SRdXy@qZrMw%lwaL[1h<1J1.PS<4gC_u>s[4%w5JOJ%nugO%v4VB%np/9+EeEV
.yieldlab.net/	1970-01-20 12:31:43	Name: id Value: 39c527f5-e9c7-4066-a20d-e436462a428c
.360yield.com/	1970-01-20 05:55:43	Name: um Value: !38,fxTkt71Bo1YLMCqPstuDxpeqMnDzbO8z.UQr.ggJJI06xwjm4ICjlwot8VYlpmZf-UClROIx,1662943627
.360yield.com/	1970-01-20 05:55:43	Name: umeh Value: !38,0,1717375627,-1
.analytics.yahoo.com/	1970-01-20 12:31:43	Name: IDSYNC Value: 18zh~25g0
.drsquatch.com/	1970-01-20 21:17:19	Name: _sp_id.90f0 Value: 01f8b068834f246b.1655167627.1.1655167628.1655167627
.outbrain.com/	1970-01-20 05:55:43	Name: obuid Value: abe9d865-0872-4403-ade1-c9fc4720e502
.outbrain.com/	1970-01-20 04:06:17	Name: criteo Value: k-XjyWBPBdMRT_v8NKYLuza7BONzr3yneru6ha8Q
my.jst.ai/	1970-01-20 03:46:09	Name: __cflb Value: 04dToS6decDvtn94xCUC2uayerbxCZA9Nf9pHwUy4h
.drsquatch.com/	1970-01-20 03:46:09	Name: _ju_v Value: 4.1_5.28
.drsquatch.com/	1970-01-20 03:47:34	Name: _ju_dm Value: cookie
.drsquatch.com/	1970-01-20 04:29:19	Name: _ju_dn Value: 1
aly.jst.ai/	1970-01-20 03:46:09	Name: __cflb Value: 0H28w1Xe92a6MDGAYi67xooNWNgK6i6iBmEPWpBF3Fj
.drsquatch.com/	1970-01-20 12:31:43	Name: _ju_dc Value: 857ca024-eb7b-11ec-aaff-59de74e41ce0
.drsquatch.com/	1970-01-20 03:46:09	Name: _ju_pn Value: 1
.drsquatch.com/	1970-01-20 03:46:09	Name: _vwo_sn Value: 0%3A3

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://static.criteo.net/js/ld/ld.js Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://idsync.rlcdn.com/397596.gif?partner_uid=59Gg9LWCO-2sleE3BNtFyJPFOufzEL5B Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://cdn.shopify.com/s/files/1/0275/7784/3817/t/874/assets/VBMURxqUR3s9Gjgw.js?v=1647504127&shopId=9217&shop=drsquatchsoapco.myshopify.com Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pixel.advertising.com/ups/55945/sync?uid=k-Yvo_-PBdMRT_v8NKYLuza7BONzrxgPPMPO0YtA&_origin=1&verify=true Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security	max-age=7889238
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.klaviyo.com
ad.360yield.com
ad.yieldlab.net
ads.yahoo.com
alb.reddit.com
aly.jst.ai
analytics.tiktok.com
api.edgeme.sh
assets.gorgias.chat
bat.bing.com
c.bing.com
c.clarity.ms
cdn-loyalty.yotpo.com
cdn-swell-assets.yotpo.com
cdn-widget-assets.yotpo.com
cdn-widgetsrepository.yotpo.com
cdn.builder.io
cdn.heapanalytics.com
cdn.jst.ai
cdn.shopify.com
cdn.verifypass.com
client-builds.production.gorgias.chat
cm.g.doubleclick.net
cnv.event.prod.bidr.io
config.gorgias.chat
container.pepperjam.com
contextual.media.net
criteo-sync.teads.tv
ct.pinterest.com
d38xvr37kwwhcm.cloudfront.net
dev.visualwebsiteoptimizer.com
dis.criteo.com
dpm.demdex.net
drsquatch.com
easyredirects.esc-apps-cdn.com
eb2.3lift.com
exchange.mediavine.com
fast.a.klaviyo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
heapanalytics.com
ib.adnxs.com
idsync.rlcdn.com
js.go2sdk.com
l.clarity.ms
loyalty.yotpo.com
lwpixel.azurefd.net
match.sharethrough.com
maxcdn.bootstrapcdn.com
monorail-edge.shopifysvc.com
mug.criteo.com
my.jst.ai
p.typekit.net
p.yotpo.com
pixel.advertising.com
pixel.pointmediatracker.com
pixel.rubiconproject.com
public.profitwell.com
r.casalemedia.com
rechargeassets-bootstrapheroes-rechargeapps.netdna-ssl.com
redditstatic.s3.amazonaws.com
rtb-csync.smartadserver.com
s.ad.smaato.net
s.pinimg.com
s.yimg.com
s3.amazonaws.com
sc-static.net
script.hotjar.com
scripttags.jst.ai
seapixel.s3.amazonaws.com
secure.adnxs.com
shop.app
shopify-init.blackcrow.ai
simage2.pubmatic.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static-forms.klaviyo.com
static-tracking.klaviyo.com
static.criteo.net
static.edgeme.sh
static.hotjar.com
static.klaviyo.com
staticw2.yotpo.com
stats.g.doubleclick.net
str.rise-ai.com
strn.rise-ai.com
survey.survicate.com
surveys-static.survicate.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tr.snapchat.com
trk.klclick1.com
ups.analytics.yahoo.com
use.typekit.net
vars.hotjar.com
visitor.omnitagjs.com
widget.us.criteo.com
www.clarity.ms
www.cloudflare.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.redditstatic.com
x.bidswitch.net
104.111.242.245
104.16.254.71
104.16.255.71
104.75.88.209
13.248.245.213
141.226.228.48
142.250.184.226
142.250.186.98
143.204.207.250
143.204.215.118
143.204.215.128
151.101.130.133
151.101.193.140
151.101.194.133
151.101.2.133
151.139.237.36
178.250.2.146
178.250.2.151
18.66.248.125
18.66.97.54
184.30.20.22
185.255.84.153
185.33.220.242
185.33.223.38
185.64.190.80
185.86.137.110
192.229.233.223
20.120.65.166
20.234.93.27
212.82.100.181
23.227.38.33
23.35.236.247
2600:9000:214f:a800:2:cea4:aa80:93a1
2600:9000:214f:de00:18:359:ab80:93a1
2600:9000:2156:2600:1b:5138:8a40:93a1
2600:9000:21f3:b800:15:decf:f580:21
2606:4700:10::6816:2cbd
2606:4700::6810:7b60
2606:4700::6810:853
2606:4700::6810:953
2606:4700::6811:cb35
2606:4700::6812:1cb4
2606:4700::6812:5a6
2606:4700::6812:acf
2620:1ec:27::cafe:1746
2620:1ec:49::45
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:809::2008
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::2003
2a00:1450:4001:830::2004
2a00:1450:400c:c09::9c
2a02:2638:1::13
2a02:2638:1::3
2a02:26f0:1700:78a::1931
2a02:26f0:3500:16::215:148b
2a02:26f0:6c00:287::1d72
2a02:26f0:6c00:294::1d72
2a02:26f0:f7::5c7b:e024
2a04:4e42:400::396
2a06:98c1:3120::3
2a06:98c1:3121::3
2a0b:4d07:102::1
2a0b:4d07:1::1
3.126.56.137
34.233.95.60
34.96.102.137
35.190.43.134
35.244.174.68
52.200.151.233
52.213.70.117
52.217.163.25
52.217.199.128
52.28.55.96
52.29.77.213
52.30.130.246
52.57.150.184
52.57.188.199
52.58.231.73
63.35.168.36
63.35.68.240
65.9.66.112
65.9.66.125
65.9.66.42
69.173.144.139
70.42.32.31
74.119.119.150
95.101.22.179
96.16.132.239
99.86.4.5
99.86.4.91
07168b3620ce81a5dd7dcd6a4daa854b7ae0187121e7c0ad91fbf908c02aa5e2
07323a01c0b955284041a6a883e72d6453c8904d37c42543eefe643389782aba
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0eed6a9464095d1dab6e569d5b1c04d8a59c78361931f0874d9518e54061b2f9
0f6a65dc7dfeecafaf5695ea83d68a77d959b04ddcce87a5d74cfd0a22ac2572
0ff2eb1ba5c31f12aad85e235e04e54c69e1716785217f1dc41973f349b9138c
10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956
13d57fcd618398732a528226a00b563a1852e3afe37475e8a016c32200403dbf
1826d122785e0fbc7c1fda8fa7c760fd34e04d421c46a446878195b88aede7e3
1916294f31b1b1745a644371efad5ac48b7e1abcebd6c7b47996cbbc2e83df3e
1b77f03b407fcd25a92d890affb9f07404eac42cb8085b63ec1c2d40b304221a
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1f03618a75be1e1433dac5cd764bbc73f7ebb07d2b6182ba7ed5bfa24098dd0d
1f4593696fc68f3384c8e3bac8985bf08d52e4616338cd767f7b9b7dae221428
21cee8799307e24bd6f82f89defee0d881d722970d8bc08c43cfd48d8f5d51d7
22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad
25dbe289ffa53ae7b29748c517f5aabe2b744ab2282bbf15348207a5e6e9f221
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
273d1f061b6f03aa795e1bc279e2e7208a14e15da75028b494fa4688266d4bdb
2d93564a3d6e61bf58267efb4212fba6aab29975cd52472ad8b5fc6543dee6ae
31d9c01045700ad7436883f7c28f0e64b925d3ef03de10537abb536eeedcf458
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34677893e517cafd730303991928856dea0f7563b13692bb80380f26a71c49a6
37a17a663bce00c3e1703d247d958d410831e9e5dac457e1e9aa9f37481e2eb5
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
399e5f4805cd8d92ae467cedd211dc29379c11b23c6ed6be388d57210cea61b1
3f0d38840ac47b905920102af27fc3227812159632631633a4534bd540da8ca4
3f5b02a7b8d598682ade0ae0c1211a5727b5b766207002eb8bb5d085c9015a82
3f9b60701e9b061278c5328d1bf662e84343b847bca7cca07283ed9ada31df27
3fde7a56c437a737445b59a2a94749888886990dbe40b410dd4a7abe00c4dfc4
3ffc5ed55130a6dd978949ba292914d5875ca3edbe859f5b3462c2469264b45b
40869a8c22054998c3693dba991347242350e2f74094f57356c1bdf1d839b7a8
43123c223f39902485cf46a6ef584d360dca5a538190e0f5afeb62cedde73f82
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45835e048cf3c1777e0e8856346b481f49a33c61a80a6bfa6239acc5e5696340
478b8bdc5913f6ff54e0b1c14abe84dbfe1e0c0db931b8f8cb1b3c46504c0fd8
48b994d020e4abfe4ee15fd0586d9091aebc5efcd929f170e4c66fe5f2a90ccd
48b9f0fa682dd3a43de06b80874b97a312760f7058f950845e85af5187b264a1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b750e356ba3c2844360786e3e7f31028712ab8a5b7cec5a5cc9bc6f7ddff487
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e265d9da575c25523dcf9f0406fa9f60350e878e24bdc93be8a93984b626e9e
4e4564fb0b6c042f0eb24f5ef3eecc0aa6e4c4ccb0201f28650dc26e3734cf47
4f532ad53ea0c7fbeba805fcb9b43f376d30e0867313f4c05817cfc2575b9676
4f6703cd54650cdd75f59266d630970479d273471a330e272cdaaef9481c55cc
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
534f1b852d1222d493f53c008c11f8ed9bcfd97d8a40d45980f7d63c869d82f5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54ebda69b02676d45de13f9be5fd75d9fe7aa215344e462f067ce2646dff9280
562e9734043d3c007a670efaf00f73e27e387c20c1e9269b0a2063e8a3566ada
563faa416d69320b330d5ca9903de80e7bdf3f77fc154350dafbc92419a7dadb
5663bcfef1771fc1ed4e419dd0f28ae3aca4454ab48705a245f17d58779fee9e
58742081f1299cef130501db85a60644be2c8c04b83ae8f2db61cdd7fcb1d530
5a219149b81c094f4674e199a990fff01a092e9a9adc61a917c8a0d49e4098da
5b8fa239874a06156a0b66e2bf8d0ae2ab518c48ef6872e72eaa0ae17fe447b0
5ba33ed046b3a5ebf684d81377456fd6144a348c564f46f81e4ca09dc944afb8
5c189dd46df7ab8b489d4a3238defd7975ad02f114eb3f72fedadeb6fde7cbe0
5c37235de3a01b766452473ba7ad57576299e849f0164b64e37e21d0b55d502b
5e4643eb1ef284cac0965b9551ff41f0e446fb7df8ce9fc705f3b82ab717cf8c
5ea9fd996e0a6e0373f8d0aaf6875e5e0157b0c66eac73352279211f54adb858
5fef89a904dd88b14bacfe9135d3c16f6eaff0e4cb8da6c2ce24f6af576a6b04
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
62ea6b322a5ae7e2cc2a2116a249c3c295c21566ad0118252454bcf556a85762
62f31c6b924934108544f4d29780179f4c25ee34e7169a82e3ea8e5381e61820
65c30c15edace713d7aafb2941507344acda1aeb310aff619b483e68928ae369
6687741a092ec9dfa641717aa9d562ea11ecb239e7bd0b94b9054c7431eb0cca
6760f19ba40c31339c5448817723ce51abcb1fb5c4918e2095e2f9c2fe51be63
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bfa895162152a9af1cc031754747fe2ff5f511a2024b9137f29cba45e522ff5
71a93a1ae1969ddacf565cd03e01be722592deaeee54d1b790f4b9704670e78c
71ab148cfc90acf719758d5afa6afe0e131647522a2516616e494b7469235752
721065a2a044d276f74139fbe64d6fa9735ac5bd1074b53c14c3f790119d4069
7643a3944c3c7df42904eca59254287373639d4ca7c178cc7484d387aec0a8f2
784572733151b7d4dfe69a2538d84fad0479a23466b1d863e7802a87de0321b7
79322491d27b5e5bdf106eb0d0db84b08a908920b90cdf42b9a07d7f85e4f6af
795d6aaac9d46ac95717716959debe78139252af9b93a1f66af6339951e21fe4
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79f402ed9eabe65cc3cdf5a33797f405e52fcbcb66b6bfc61407bdb5ba68ee88
7b0709b95a6a8692d6614bd13bd134665d84b60a972a7999445d5ed670c8f864
7b810cb1fc12da903c39b4e4b98d9d31f71b45b29c8d3dee4d5f692f2218ccc4
7c81a0c0a237db1f9795e9a388e41628de00e901f1d985d680c38d86e61c6462
7e14e653f4dd3a160ff5bf8de9e60bbe3b2e2c9e807c61127b58b99b4796ffc9
8260fa78cd8644342ee95abcfaa7ac09cde4bb820f66cc501a8eb4a7fbf5552a
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
85d2ec9ed123fcc59b617ba303ce2d497201cbb0a6d7d00919e36e8743cd9c66
85e387b5253056dd1dcc0307937b75ea2d507f2a9c401f74222772fcb26e06b0
87e8399988880142f2c62771b9d8f2ff6c290b3ff745dd426eb0dfe0db9d1dae
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b4401b57973c06bae6db7acf68ed4bd260ab3ee4f5c47d8828285a8a532eacb
8d4e19f979b8c6c26b654c10b2dc1396bf3247837502c356c14ab9304daa1f1e
93163a4dcb6a6041c16a24d663f72380661c495314dde82ea50c719103713c13
94793e651d33131640f21098c7a9ee7155892c1a0be754c80e8e38c3ec5a81d2
94cc01740df255c763f9b8275f9c124aa9ff99390d22a39b1d1ae06c84ea83dd
991be86ebfeec9c4afdd75e5f756c2e9902885bb82ada7dda55f72d9495418a7
99322158d7855f0df4daa257ad623032c544ecf9945b9b3acdb39cd813d8e020
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a148e0757d808d46e3e234b02492f44ce9787c3091d6ab4f55ade4e77310914
9b5179ea2a77fe69b294fbd2ed504eacbfbe048ede58967b43af2ca537144b1f
9dbcb789cce44f6a1ebf8b0c8b1f453538fa057a271a75c5dd3dff663b8b4cc8
9fe8a8e2261e527d5b294b5cd8781b93cecf8223e22ba45630345578599cf308
a081ed513735ffb15626985d663652a2879e96f0b6695e7ceda16d519372555c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a26582ad573946e62190ed7c97bb0a4629b345ab1c95bbadcda4bfcff9972a34
a4cbd80926d06eb9cb19c1498ef0a86446f65fc46fe8180230fcc7a43950c78f
a6ddce7219a701ec884b2fdf70480de50807d3966dd8ce70d66e5a4eadc00054
a718ced4e80f6b0d4a3113473d56c140b4346a7fbb02b46be604925ffc69f22c
a73f7c58f5f6f408f7b55271265fe6f96d9135be71615c7b378f67fa0c25c234
a8c1eec073ee8f06e30252e9a2623d67f3c804bb21de1a97714af8ab4b2f9f75
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b2b5f7217d9242a4febbc4fb061c1230015203d78b5fea0c0713522d65b1e016
b61f50798075db890698930c4405673937fe89353f7fea7be88b5ce16a9c0af8
b6ec28b0f402801a68a3b500fc7706f59e7961859acbfc368b556544855318eb
b75ad660846f93d5ed8003df329775ef04e75d221e53f608fc71b28d8102da65
baa174d134738ac011b8ea17d20ccf5da7db345c0a2e7f0dbdd939f335975ccd
bacc23ae416ef150be09288d366d689a7678849b04094552e67d8e2a032ad5a0
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb67f543ee92ac7b55f81ee39745ee983aa3ec66ecf193a2feab1ce1edb15490
bf7c178697d05163c48c177f5c58e49f7f08dfc6e618ddba632a45822ab5c051
c0845965bb6f39caab6e9132495f4c6e773db92584cc4a2d8359aaf06f193424
c0f5dc64b7a04ce339d706fe4e14e7a300f92badd70815ff937facc839120316
c19441edbeaed7829d98ab5f1e32b2cc4b5cb8951ba2384222005edb9d319236
c465f8353fbaf2eeb3d0276f1ba0486319d41b36bf41812a1cadfdb724a1dfbd
c814a04f52d229dafe07809fc64f073b35c211746768d630e0d391d9199a92f2
c9de8f7f93a001166560395b3fa0b8177fdfcce0d5da03e5ba2c967f60bc4834
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
caaba0e2a465163bebd75e7089e159cb1c5f6a3e1aa44166c34a0fb333117926
cbe0c16c9ecedd1a20c6f97fe0ab169da67a4872596c38aed32f39bb74217bfe
cc2df91148c09f84186b5e393c3889f0f3d8c1068bb7bacf609a20ff349b9fad
cca8ce472cbf8c44acf7ac24067c2d6075acd1e0cd4c9003de6055289ac5c68a
ccaa9fc98ba7153973c89263d4ab6ff949c201a412e7410c7367ddfdb8d0a841
ce637969c373b60405eefebbf0175f4aa0cd557abdc8ada62b59f1750b404a80
ce830a7e96a150e619aa2a7c721293fa3ae94ae45f520f7c4420a2a454e5788b
cf2de109d4fe34e88f02c6c26d41ad8350f758a6f3ce74c3e5eaca18e1345eac
cf7c39f3b08cf912f116f097f93abb2e76378295a4c46f30d2663fbeaed57f32
cf9bbdc4b2adaebc75e4818ab822bcb9eefa7386fb473c0f0373bb371e2a905f
d001ac9c0f3ccf13e5fcbaf12d945eb7f37a30a60100ef5cacb782c9828aaea3
d06f0152a9fe403493b2c0438fb6981dd03511258c44fcde6c9ef7ba096d9b79
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d191bedb4ccc9fd7f7eb24b325fb64488c1ad0d949c3b644f5600eafd8aecb73
d4fb447275bc7b31ce1c201fa177b36d66326facf14cef895227cd514efe5019
d512a6b98a40286c07509439e0340232d64a6a7cfeb25a615ee2f8bca36581df
d621643306de0a11eb292b5ba2c21238357e9697c9ad668e9863a6a6de3d6b24
d85fdb38867dbfd85d49d3711045f03ba72cccfc3217003f911b34d18a05d580
dcc632327e2aa5f6110b076974476b0d110cd986f75f4178f9537031a6b5139f
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd2a08038ea2b86d80169da30c55ca1d5ca44b4281ce74197d1d891d27255169
dd36b310441d254c4446f730737d55c12471750947f162ac7140628371e72240
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfc6678e3b812f3097334f84e4f7ed816c8339cd0f1a5e5b90281e8c3374d463
e1d648b47bdf38124c37e632edd953587cc0845769efadf678a87bdcbff9eda4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d0652fb168ac8f58198cf6e74499670d74401c6d464c039d360277f31520f8
e5827fd8bddccf8f9ca7d06936e0bd6596f9ec6aca0652086c5d593a72d84435
e7a6a499e3632090cc1f12ba7d892fb35177153fa97bd12931fa7f8e4e40713b
e90b71df357e4d88a442c06e77b8670c751ea952ec8fd456ee33bf6b23c6b41f
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
ea011956164ed15022fb5732fd6d810bf75bb104babed05a29beb5c50302b926
eaa176bfa2223fe37ee4c460cbea462dcd816de37765d4df3ffec7fd4b0d1012
eb108d6740e4eaf4d00cd7ed588a21b30b7356f3fcd6eddede1e6578604be5c5
eb48f34a9a5157c2e4393080f2f6752c1db55962e25d6044c5ab0e7ec2d53d85
ed5c2d9e3c1e851a36b8a24e9831a15963f59ebe27444c08ebb8e49b8bda8df6
eddc7fd9c10511640c35a52d609d8c4484da144b7db0cdb101d019987f6aba2d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd14f20f41b7e771c8b10fd3eeab94490989e9d7fb5d22c20ce5ff6711ab457
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
f16bd7c19ddb3cae925fb66c5b0843f0fe11483ef9eff81c0701de1096bc8d72
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
f443bb55cfe3463cb19b01ba483df1b0bef7e2fd7d1fed65569b82ad2324101f
f5fbfb315159bfa7347c4eef6c94c456dcf245a8e8695212a558718d86fab8b9
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f84984d798af16719ea008a77ef968f0ae4fe0a5d37f07082ced872e7ddcf3bb
f87e4db107d87433cd0a02b5bc8afc938c03ebd93f0e17d8f54640d32ed3579a
fa61fd11817b231631d2fe43dc869d0b1d14a06332792d42f1a1d94bda5aa31e
fd45d41c91f69fe956a8d16649f6efefc5647697b5a5f9c39ddd6cf8566e6d3f
fe2b612f141cf1aa32ab62663f42b699d63c62f4de2b2da394a701c3eb1bb2c2

drsquatch.com Open in urlscan Pro 2606:4700::6810:953 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

258 Requests

94 %HTTPS

38 %IPv6

73 Domains

109 Subdomains

91 IPs

11 Countries

9352 kBTransfer

16742 kBSize

107 Cookies

0 Outgoing links

Page URL History

Redirected requests

258 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

drsquatch.com Open in urlscan Pro
2606:4700::6810:953 Public Scan

Screenshot
Live screenshot

Full Image

258
Requests

94 %
HTTPS

38 %
IPv6

73
Domains

109
Subdomains

91
IPs

11
Countries

9352 kB
Transfer

16742 kB
Size

107
Cookies

258 HTTP transactions
1 data transactions