Submitted URL: http://shopsafemask.com/
Effective URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Submission: On March 27 via api from US

Summary

This website contacted 31 IPs in 7 countries across 27 domains to perform 60 HTTP transactions. The main IP is 94.237.49.114, located in Amersham, United Kingdom and belongs to UPCLOUD, FI. The main domain is shopsafemask.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 12th 2020. Valid for: 3 months.
This is the only time shopsafemask.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 4 94.237.49.114 202053 (UPCLOUD)
1 2a00:1450:400... 15169 (GOOGLE)
16 195.181.175.52 60068 (CDN77)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:200... 54113 (FASTLY)
2 195.181.175.49 60068 (CDN77)
2 151.101.12.176 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 72.246.168.118 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 172.217.16.130 15169 (GOOGLE)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 35.188.42.15 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.45.98.207 20940 (AKAMAI-ASN1)
3 2a03:2880:f12... 32934 (FACEBOOK)
1 151.101.114.110 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 162.247.242.19 23467 (NEWRELIC-...)
60 31
Domain Requested by
16 assets.widitrade.com shopsafemask.com
4 www.paypal.com shopsafemask.com
www.paypal.com
browser.sentry-cdn.com
4 cdnjs.cloudflare.com shopsafemask.com
3 www.facebook.com shopsafemask.com
3 shopsafemask.com 2 redirects
2 bam.nr-data.net js-agent.newrelic.com
browser.sentry-cdn.com
2 connect.facebook.net shopsafemask.com
connect.facebook.net
2 bat.bing.com www.googletagmanager.com
shopsafemask.com
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 js.stripe.com shopsafemask.com
js.stripe.com
2 cdn.widitrade.com shopsafemask.com
2 www.gstatic.com shopsafemask.com
1 track.hubspot.com
1 js-agent.newrelic.com shopsafemask.com
1 t.paypal.com shopsafemask.com
1 forms.hsforms.com shopsafemask.com
1 www.google.de shopsafemask.com
1 www.google.com shopsafemask.com
1 sentry.io browser.sentry-cdn.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 js.hscollectedforms.net js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 stats.g.doubleclick.net shopsafemask.com
1 js.hs-scripts.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 fonts.gstatic.com shopsafemask.com
1 www.googletagmanager.com shopsafemask.com
1 store.ecomerzpro.net shopsafemask.com
1 cdn.jsdelivr.net shopsafemask.com
1 browser.sentry-cdn.com shopsafemask.com
1 fonts.googleapis.com shopsafemask.com
60 31

This site contains links to these domains. Also see Links.

Domain
ecomerzpro.net
publishers.widitrade.com
advertisers.widitrade.com
Subject Issuer Validity Valid
shopsafemask.com
Let's Encrypt Authority X3
2020-02-12 -
2020-05-12
3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
1741345642.rsc.cdn77.org
Let's Encrypt Authority X3
2020-01-19 -
2020-04-18
3 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-12-05 -
2020-06-12
6 months crt.sh
*.google.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
v2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-03-23 -
2021-02-05
10 months crt.sh
1253777694.rsc.cdn77.org
Let's Encrypt Authority X3
2020-01-19 -
2020-04-18
3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2020-02-12 -
2020-06-03
4 months crt.sh
ssl363648.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2020-02-22 -
2020-08-30
6 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA
2020-01-09 -
2022-01-12
2 years crt.sh
store.ecomerzpro.net
Let's Encrypt Authority X3
2020-03-16 -
2020-06-14
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2
2020-01-07 -
2020-10-09
9 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
www.bing.com
Microsoft IT TLS CA 2
2019-04-30 -
2021-04-30
2 years crt.sh
ssl817718.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2020-01-21 -
2020-07-29
6 months crt.sh
ssl803670.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-11-06 -
2020-05-14
6 months crt.sh
ssl803673.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-11-06 -
2020-05-14
6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-03-01 -
2020-05-30
3 months crt.sh
sentry.io
DigiCert SHA2 Secure Server CA
2017-03-24 -
2020-06-21
3 years crt.sh
www.google.com
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
www.google.de
GTS CA 1O1
2020-03-03 -
2020-05-26
3 months crt.sh
ssl431287.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2020-01-01 -
2020-07-09
6 months crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA
2020-01-09 -
2022-01-12
2 years crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2020-03-26 -
2021-03-18
a year crt.sh
hubspot.com
CloudFlare Inc ECC CA-2
2019-12-04 -
2020-10-09
10 months crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA
2020-02-05 -
2022-02-08
2 years crt.sh

This page contains 2 frames:

Primary Page: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Frame ID: 7CA9B6537C0AFA34A7065D735FA91DD6
Requests: 59 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-a0f6c1465b8d9aab778cf2913d1d3c86.html
Frame ID: 26356DDE6E1C05994F7DF97692A20007
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://shopsafemask.com/ HTTP 301
    https://shopsafemask.com/ HTTP 302
    https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d38... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

60
Requests

100 %
HTTPS

68 %
IPv6

27
Domains

31
Subdomains

31
IPs

7
Countries

1178 kB
Transfer

3525 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://shopsafemask.com/ HTTP 301
    https://shopsafemask.com/ HTTP 302
    https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=563093358&t=pageview&_s=1&dl=https%3A%2F%2Fshopsafemask.com%2F%3Fwtrd_offer_id%3D5e427848ef28642c2828b8a4%26wtrd_offer_lids%5B%5D%3D5e4278acef28642d386cf264&ul=en-us&de=UTF-8&dt=Safe%20Mask&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=717061149&gjid=1750286022&cid=500776329.1585299100&tid=UA-123669295-1&_gid=191828989.1585299100&_r=1&gtm=2wg3i0NGZ7Z7Q&z=135960914 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-123669295-1&cid=500776329.1585299100&jid=717061149&_gid=191828989.1585299100&gjid=1750286022&_v=j81&z=135960914

60 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
shopsafemask.com/
Redirect Chain
  • http://shopsafemask.com/
  • https://shopsafemask.com/
  • https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
86 KB
22 KB
Document
General
Full URL
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.237.49.114 Amersham, United Kingdom, ASN202053 (UPCLOUD, FI),
Reverse DNS
94-237-49-114.uk-lon1.upcloud.host
Software
nginx/1.12.1 /
Resource Hash
5a50d0dfe8a5bfb016f0bbf4c4904fd2db476b297adb9b9e276f1072ab2369bd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

:method
GET
:authority
shopsafemask.com
:scheme
https
:path
/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
server
nginx/1.12.1
content-type
text/html; charset=UTF-8
set-cookie
PHPSESSID=6eeac8a56a09c10908ebf4d4aefab3cb; path=/; HttpOnly wtrd_click=5e7dbe9b4e7c5b162e2dede9; expires=Wed, 27-Mar-2030 08:51:39 GMT; Max-Age=315532800; path=/; httponly
cache-control
max-age=0, must-revalidate, private
date
Fri, 27 Mar 2020 08:51:39 GMT
strict-transport-security
max-age=15768000
content-encoding
gzip

Redirect headers

status
302
server
nginx/1.12.1
content-type
text/html; charset=UTF-8
location
https://shopsafemask.com?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
cache-control
no-cache, private
date
Fri, 27 Mar 2020 08:51:39 GMT
strict-transport-security
max-age=15768000
icon
fonts.googleapis.com/
574 B
468 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d9f14f79d6695318d80e6a5f118dd7c703cfbc4aec4fc629c3e317cf166d1fbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 27 Mar 2020 08:51:39 GMT
server
ESF
date
Fri, 27 Mar 2020 08:51:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 27 Mar 2020 08:51:39 GMT
css-combined.min.css
assets.widitrade.com/assets/templates/5c371856263e5ceb2d2c09c4/
659 KB
81 KB
Stylesheet
General
Full URL
https://assets.widitrade.com/assets/templates/5c371856263e5ceb2d2c09c4/css-combined.min.css
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.52 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-175-52.datapacket.com
Software
CDN77-Turbo /
Resource Hash
6b732c62da0c88a9c0df625a48b1907f2c13ed2a195977c150dca1a4b24e1b6d

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 27 Mar 2020 08:51:39 GMT
content-encoding
br
last-modified
Mon, 01 Jul 2019 09:55:02 GMT
server
CDN77-Turbo
access-control-allow-origin
*
x-edge-location
frankfurtDE
etag
W/"5d19d876-a4de9"
x-cache
HIT
content-type
text/css
status
200
x-edge-ip
195.181.175.50
x-age
74728
formvalidation.min.css
assets.widitrade.com/assets/templates/5c371856263e5ceb2d2c09c4/
5 KB
2 KB
Stylesheet
General
Full URL
https://assets.widitrade.com/assets/templates/5c371856263e5ceb2d2c09c4/formvalidation.min.css
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.52 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-175-52.datapacket.com
Software
CDN77-Turbo /
Resource Hash
f8c536428d9dd97a5a91bcebdedd6d7d00cd75ad2da9059e5c87f8ac9175bf5f

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 27 Mar 2020 08:51:39 GMT
content-encoding
br
last-modified
Mon, 01 Jul 2019 09:55:05 GMT
server
CDN77-Turbo
access-control-allow-origin
*
x-edge-location
frankfurtDE
etag
W/"5d19d879-13ea"
x-cache
HIT
content-type
text/css
status
200
x-edge-ip
195.181.175.50
x-age
74728
customc.css
assets.widitrade.com/assets/templates/5c371856263e5ceb2d2c09c4/
758 B
520 B
Stylesheet
General
Full URL
https://assets.widitrade.com/assets/templates/5c371856263e5ceb2d2c09c4/customc.css
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.52 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-175-52.datapacket.com
Software
CDN77-Turbo /
Resource Hash
b6ea6f6ffd11032e3de58ba4cac137bd5faa5f1b6852e1c903cb6a47f98924c3

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 27 Mar 2020 08:51:39 GMT
content-encoding
br
last-modified
Mon, 01 Jul 2019 09:55:03 GMT
server
CDN77-Turbo
access-control-allow-origin
*
x-edge-location
frankfurtDE
etag
W/"5d19d877-2f6"
x-cache
HIT
content-type
text/css
status
200
x-edge-ip
195.181.175.50
x-age
74728
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.4.0/css/
26 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.4.0/css/font-awesome.min.css
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 27 Mar 2020 08:51:39 GMT
content-encoding
br
cf-cache-status
HIT
age
3939866
cf-ray
57a7deec4f12d6ed-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:19:53 GMT
server
cloudflare
etag
W/"5afd4939-6857"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Wed, 17 Mar 2021 08:51:39 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.001
check.min.css
assets.widitrade.com/assets/templates/5c371856263e5ceb2d2c09c4/
12 KB
3 KB
Stylesheet
General
Full URL
https://assets.widitrade.com/assets/templates/5c371856263e5ceb2d2c09c4/check.min.css
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.52 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-175-52.datapacket.com
Software
CDN77-Turbo /
Resource Hash
2eb793403efb6a9640651cf612a3defa3d99cd945bf0be1a79d003325dce4fff

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 27 Mar 2020 08:51:39 GMT
content-encoding
br
last-modified
Mon, 01 Jul 2019 09:55:03 GMT
server
CDN77-Turbo
access-control-allow-origin
*
x-edge-location
frankfurtDE
etag
W/"5d19d877-2eda"
x-cache
HIT
content-type
text/css
status
200
x-edge-ip
195.181.175.50
x-age
74728
sales-en.png
assets.widitrade.com/assets/templates/5c371856263e5ceb2d2c09c4/
6 KB
7 KB
Image
General
Full URL
https://assets.widitrade.com/assets/templates/5c371856263e5ceb2d2c09c4/sales-en.png
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.52 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-175-52.datapacket.com
Software
CDN77-Turbo /
Resource Hash
77a8e2edfb8db214cd35015990c97a6e9ab427ff2c01068dd499fd17322dbb78

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 27 Mar 2020 08:51:39 GMT
last-modified
Fri, 03 Jan 2020 12:51:58 GMT
server
CDN77-Turbo
access-control-allow-origin
*
x-edge-location
frankfurtDE
etag
"5e0f38ee-19be"
x-cache
HIT
content-type
image/png
status
200
x-edge-ip
195.181.175.50
x-age
53650
accept-ranges
bytes
content-length
6590
productlogo.png
assets.widitrade.com/assets/products/5e42757fef28642e25387b72/
4 KB
4 KB
Image
General
Full URL
https://assets.widitrade.com/assets/products/5e42757fef28642e25387b72/productlogo.png
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.52 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-175-52.datapacket.com
Software
CDN77-Turbo /
Resource Hash
1ce4ae676d4c31a34f6130ebc3a893a66fb55c674d0771180b98eec2e82dced9

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 27 Mar 2020 08:51:39 GMT
last-modified
Tue, 11 Feb 2020 09:44:29 GMT
server
CDN77-Turbo
access-control-allow-origin
*
x-edge-location
frankfurtDE
etag
"5e42777d-f18"
x-cache
HIT
content-type
image/png
status
200
x-edge-ip
195.181.175.50
x-age
9682
accept-ranges
bytes
content-length
3864
product1.png
assets.widitrade.com/assets/products/5e42757fef28642e25387b72/
160 KB
161 KB
Image
General
Full URL
https://assets.widitrade.com/assets/products/5e42757fef28642e25387b72/product1.png
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.52 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-175-52.datapacket.com
Software
CDN77-Turbo /
Resource Hash
1154b86464dccca79b8f8e913fd9558253409097d476e97d864b1d853ef7bbf3

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 27 Mar 2020 08:51:39 GMT
last-modified
Tue, 11 Feb 2020 09:44:25 GMT
server
CDN77-Turbo
access-control-allow-origin
*
x-edge-location
frankfurtDE
etag
"5e427779-281dc"
x-cache
HIT
content-type
image/png
status
200
x-edge-ip
195.181.175.50
x-age
52836
accept-ranges
bytes
content-length
164316
productpackb1.png
assets.widitrade.com/assets/products/5db6cafcef28647820614ca2/
6 KB
6 KB
Image
General
Full URL
https://assets.widitrade.com/assets/products/5db6cafcef28647820614ca2/productpackb1.png
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.52 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-175-52.datapacket.com
Software
CDN77-Turbo /
Resource Hash
58de561fcc864609a62c98bee82fe6aef095c6bc94ddf2188d50b04c88b0c99e

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 27 Mar 2020 08:51:39 GMT
last-modified
Wed, 19 Feb 2020 15:04:13 GMT
server
CDN77-Turbo
access-control-allow-origin
*
x-edge-location
frankfurtDE
etag
"5e4d4e6d-18c5"
x-cache
HIT
content-type
image/png
status
200
x-edge-ip
195.181.175.50
x-age
63443
accept-ranges
bytes
content-length
6341
productpackb1.png
assets.widitrade.com/assets/products/5d317e80ef28643b407413e2/
5 KB
5 KB
Image
General
Full URL
https://assets.widitrade.com/assets/products/5d317e80ef28643b407413e2/productpackb1.png
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.52 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-175-52.datapacket.com
Software
CDN77-Turbo /
Resource Hash
d7755ce4fd92cc8b48b365e938a7335a046d1f5485b30ce90993a712b676997f

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 27 Mar 2020 08:51:39 GMT
last-modified
Tue, 23 Jul 2019 15:02:56 GMT
server
CDN77-Turbo
access-control-allow-origin
*
x-edge-location
frankfurtDE
etag
"5d3721a0-121f"
x-cache
HIT
content-type
image/png
status
200
x-edge-ip
195.181.175.50
x-age
76120
accept-ranges
bytes
content-length
4639
3party-securepayment.png
assets.widitrade.com/assets/templates/5c371856263e5ceb2d2c09c4/
13 KB
13 KB
Image
General
Full URL
https://assets.widitrade.com/assets/templates/5c371856263e5ceb2d2c09c4/3party-securepayment.png
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.52 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-175-52.datapacket.com
Software
CDN77-Turbo /
Resource Hash
74532987edcac4535c03dfa2b00c5b5c8c2b643813fb06b7bb3bef02228060f2

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 27 Mar 2020 08:51:39 GMT
last-modified
Mon, 01 Jul 2019 09:55:06 GMT
server
CDN77-Turbo
access-control-allow-origin
*
x-edge-location
frankfurtDE
etag
"5d19d87a-34be"
x-cache
HIT
content-type
image/png
status
200
x-edge-ip
195.181.175.50
x-age
74067
accept-ranges
bytes
content-length
13502
icreturns.png
assets.widitrade.com/assets/stores/5d399b41625da7d7e511b538/
2 KB
2 KB
Image
General
Full URL
https://assets.widitrade.com/assets/stores/5d399b41625da7d7e511b538/icreturns.png
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.52 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-175-52.datapacket.com
Software
CDN77-Turbo /
Resource Hash
8b07e1d528d93b0e554d1b56931867db7607da5360a2fec9f767d65cc50f40fb

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 27 Mar 2020 08:51:39 GMT
last-modified
Thu, 25 Jul 2019 13:02:10 GMT
server
CDN77-Turbo
access-control-allow-origin
*
x-edge-location
frankfurtDE
etag
"5d39a852-625"
x-cache
HIT
content-type
image/png
status
200
x-edge-ip
195.181.175.50
x-age
76120
accept-ranges
bytes
content-length
1573
icsatisfaction.png
assets.widitrade.com/assets/stores/5d399b41625da7d7e511b538/
2 KB
2 KB
Image
General
Full URL
https://assets.widitrade.com/assets/stores/5d399b41625da7d7e511b538/icsatisfaction.png
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.52 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-175-52.datapacket.com
Software
CDN77-Turbo /
Resource Hash
e400b1a0912d862a2aca75343d99518a4d8a617cc4a3fda8738ee55f02468b3e

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 27 Mar 2020 08:51:39 GMT
last-modified
Thu, 25 Jul 2019 13:02:13 GMT
server
CDN77-Turbo
access-control-allow-origin
*
x-edge-location
frankfurtDE
etag
"5d39a855-6fd"
x-cache
HIT
content-type
image/png
status
200
x-edge-ip
195.181.175.50
x-age
76120
accept-ranges
bytes
content-length
1789
icsecure.png
assets.widitrade.com/assets/stores/5d399b41625da7d7e511b538/
2 KB
2 KB
Image
General
Full URL
https://assets.widitrade.com/assets/stores/5d399b41625da7d7e511b538/icsecure.png
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.52 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-175-52.datapacket.com
Software
CDN77-Turbo /
Resource Hash
c2e75d255424af9b8f68217d7e6a455b43e518520e2e26dd0e68ac6f7b4e1d55

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 27 Mar 2020 08:51:39 GMT
last-modified
Thu, 25 Jul 2019 13:02:17 GMT
server
CDN77-Turbo
access-control-allow-origin
*
x-edge-location
frankfurtDE
etag
"5d39a859-696"
x-cache
HIT
content-type
image/png
status
200
x-edge-ip
195.181.175.50
x-age
76120
accept-ranges
bytes
content-length
1686
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/
85 KB
29 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 27 Mar 2020 08:51:39 GMT
content-encoding
br
cf-cache-status
HIT
age
12970531
cf-ray
57a7deedcab2d6ed-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:21:00 GMT
server
cloudflare
etag
W/"5afd497c-1538f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 17 Mar 2021 08:51:39 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.003
moment-with-locales.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.20.1/
306 KB
58 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.20.1/moment-with-locales.min.js
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d6ac652a4a210d983f1b2fe05578b97b8827e1b3ea643f222aad941c4b64def
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 27 Mar 2020 08:51:39 GMT
content-encoding
br
cf-cache-status
HIT
age
4235619
cf-ray
57a7deeddabdd6ed-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:24:28 GMT
server
cloudflare
etag
W/"5afd4a4c-4c8c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Wed, 17 Mar 2021 08:51:39 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.003
firebase-app.js
www.gstatic.com/firebasejs/5.5.3/
34 KB
12 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/5.5.3/firebase-app.js
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81dff483fdac22b45e404c729c8cf593a995840478f4101cd8e97e09b47ae96e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 05 Mar 2020 13:37:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Oct 2018 21:56:42 GMT
server
sffe
age
1883641
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
12419
x-xss-protection
0
expires
Fri, 05 Mar 2021 13:37:38 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/5.5.3/
35 KB
10 KB
Script
General
Full URL
https://www.gstatic.com/firebasejs/5.5.3/firebase-messaging.js
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e87c14a38296bdf92c4f9a1cd41ad9077a3cbe2d33d51eb4fb54f4706c9ebe2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 29 Jan 2020 18:37:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Oct 2018 21:56:42 GMT
server
sffe
age
4976054
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
10045
x-xss-protection
0
expires
Thu, 28 Jan 2021 18:37:25 GMT
bundle.min.js
browser.sentry-cdn.com/5.9.1/
51 KB
16 KB
Script
General
Full URL
https://browser.sentry-cdn.com/5.9.1/bundle.min.js
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::729 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
297ea7466b446d1c83023e7713b8619a49ce814ef877b1aa8aed20f7a0bdd1a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Origin
https://shopsafemask.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Mar 2020 08:51:39 GMT
content-encoding
gzip
last-modified
Tue, 19 Nov 2019 10:29:47 GMT
server
Fastly
age
10968818
etag
"31ff343b783ff902ada3a13c10d5cb2d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
accept-ranges
bytes
access-control-allow-origin
*
content-length
16243
expires
Fri, 20 Nov 2020 09:58:01 GMT
router.js
cdn.widitrade.com/bundles/fosjsrouting/js/
13 KB
3 KB
Script
General
Full URL
https://cdn.widitrade.com/bundles/fosjsrouting/js/router.js
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.49 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-175-49.datapacket.com
Software
CDN77-Turbo /
Resource Hash
815263ac174311e55cf1711c6d05cb8a52c2468d86a2805f98028d5ed0f986b8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 27 Mar 2020 08:51:39 GMT
content-encoding
br
last-modified
Wed, 11 Mar 2020 19:57:19 GMT
server
CDN77-Turbo
x-edge-location
frankfurtDE
etag
W/"5e69429f-332c"
strict-transport-security
max-age=15768000
x-cache
HIT
content-type
application/javascript
status
200
x-edge-ip
195.181.175.47
x-age
422858
routes-5d27f20.js
cdn.widitrade.com/assets/js/routes/
6 KB
850 B
Script
General
Full URL
https://cdn.widitrade.com/assets/js/routes/routes-5d27f20.js
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.49 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-175-49.datapacket.com
Software
CDN77-Turbo /
Resource Hash
bd11898cf0cce178b7c5d95575fa989ad02736e3fe60f5e60460500a94083ac4
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 27 Mar 2020 08:51:39 GMT
content-encoding
br
last-modified
Wed, 25 Mar 2020 16:31:27 GMT
server
CDN77-Turbo
x-edge-location
frankfurtDE
etag
W/"5e7b875f-1790"
strict-transport-security
max-age=15768000
x-cache
HIT
content-type
application/javascript
status
200
x-edge-ip
195.181.175.47
x-age
145182
/
js.stripe.com/v3/
158 KB
41 KB
Script
General
Full URL
https://js.stripe.com/v3/
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0509796bd6781f6d686e6f908fad60a802e5f0f0985e47a5765b99274a34a107
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 27 Mar 2020 08:51:39 GMT
content-encoding
gzip
content-type
application/javascript; charset=utf-8
age
76
x-cache
HIT
status
200
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-length
41517
x-amz-id-2
rFhHeUu0mn7Dd5yXs1az1AH20Ha2q+ylQs8ecsOw06W92w6IBvzha2nqBf32ieY98wnNyQbYSv0=
x-served-by
cache-fra19177-FRA
last-modified
Thu, 26 Mar 2020 17:47:13 GMT
server
AmazonS3
x-timer
S1585299100.916258,VS0,VE0
etag
"a3db7c8ac54a2ad387953285eedd2560"
vary
Accept-Encoding
x-amz-request-id
88733279E0DA8FF4
via
1.1 varnish
cache-control
public, max-age=300
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
68
jscombined.min.js
assets.widitrade.com/assets/templates/5c371856263e5ceb2d2c09c4/
386 KB
102 KB
Script
General
Full URL
https://assets.widitrade.com/assets/templates/5c371856263e5ceb2d2c09c4/jscombined.min.js
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.52 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-175-52.datapacket.com
Software
CDN77-Turbo /
Resource Hash
7aa59e703f46064ff5d8940a07a57e33bc7279f04f7ae7ac448d12bded7b46a9

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 27 Mar 2020 08:51:39 GMT
content-encoding
br
last-modified
Mon, 01 Jul 2019 09:55:01 GMT
server
CDN77-Turbo
access-control-allow-origin
*
x-edge-location
frankfurtDE
etag
W/"5d19d875-606fc"
x-cache
HIT
content-type
application/javascript
status
200
x-edge-ip
195.181.175.50
x-age
74456
formutils.js
assets.widitrade.com/assets/templates/5c371856263e5ceb2d2c09c4/
5 KB
2 KB
Script
General
Full URL
https://assets.widitrade.com/assets/templates/5c371856263e5ceb2d2c09c4/formutils.js
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.52 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-175-52.datapacket.com
Software
CDN77-Turbo /
Resource Hash
b2c284b4c02d16a0bc516e913ec156c0718ace31fd3bafdd193ec318e18de112

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 27 Mar 2020 08:51:39 GMT
content-encoding
br
last-modified
Mon, 01 Jul 2019 09:54:57 GMT
server
CDN77-Turbo
access-control-allow-origin
*
x-edge-location
frankfurtDE
etag
W/"5d19d871-133f"
x-cache
HIT
content-type
application/javascript
status
200
x-edge-ip
195.181.175.50
x-age
74456
loadingoverlay.min.js
cdn.jsdelivr.net/npm/gasparesganga-jquery-loading-overlay@2.1.6/dist/
12 KB
3 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/gasparesganga-jquery-loading-overlay@2.1.6/dist/loadingoverlay.min.js
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6c098f1491055376679ccfc0d46cd0a512e1beec85f7e00038404885ba742f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 27 Mar 2020 08:51:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
3810663
cf-ray
57a7deeddaa563f5-FRA
x-cache
HIT, HIT
status
200
vary
Accept-Encoding
x-served-by
cache-ams4144-AMS, cache-fra19135-FRA
server
cloudflare
etag
W/"2f0c-8/i2QXIbsblKaxOikwT5PT+ipvw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
js
www.paypal.com/sdk/
227 KB
70 KB
Script
General
Full URL
https://www.paypal.com/sdk/js?client-id=AQ6F9cnZ8KKEqxuhguGHxrYBi3s2h6NGGtUE8CRmIiQuC0Tmtp-NnRtoga-YC4GIyv9_MkHAZHFR5l28&currency=GBP&disable-funding=card
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d0487d96f10445cb3793a83224fff89d64bd60206f6e75da0c847f634c883d78
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-pjxppHAQBxeZnSZMhrNSE3Vh4v+Fw/lJPZXm11q0UMfjz5Ee' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-pjxppHAQBxeZnSZMhrNSE3Vh4v+Fw/lJPZXm11q0UMfjz5Ee' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-pjxppHAQBxeZnSZMhrNSE3Vh4v+Fw/lJPZXm11q0UMfjz5Ee' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-pjxppHAQBxeZnSZMhrNSE3Vh4v+Fw/lJPZXm11q0UMfjz5Ee' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
p3p
true
status
200
paypal-debug-id
e7c0f0a411352
strict-transport-security
max-age=63072000
dc
slc-b-origin-www-3.paypal.com
content-length
70669
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
date
Fri, 27 Mar 2020 08:51:39 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
must-revalidate, max-age=21600
etag
W/"1140d-6x6OSCAOl/AMNOXNQ1WgcB5RU7Q"
expires
Fri, 27 Mar 2020 14:51:39 GMT
pixel-click.gif
store.ecomerzpro.net/
43 B
551 B
Image
General
Full URL
https://store.ecomerzpro.net/pixel-click.gif?avd=5af593e1eeb3a7076b536e32&offer=5e427848ef28642c2828b8a4&offerLanding=5e4278acef28642d386cf264&attributionDays=30&renderType=landing&clickId=5e7dbe9b4e7c5b162e2dede9&chargeCost=0&wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids%5B0%5D=5e4278acef28642d386cf264
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.237.49.114 Amersham, United Kingdom, ASN202053 (UPCLOUD, FI),
Reverse DNS
94-237-49-114.uk-lon1.upcloud.host
Software
nginx/1.12.1 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

status
200
date
Fri, 27 Mar 2020 08:51:40 GMT
cache-control
must-revalidate, no-cache, private
server
nginx/1.12.1
strict-transport-security
max-age=15768000
content-type
image/gif
gtm.js
www.googletagmanager.com/
113 KB
35 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NGZ7Z7Q
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
313593ac3fb4a03dc4b385001d42218359e452a6abd46cc6ebb833ba50b3b6ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 27 Mar 2020 08:51:39 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35905
x-xss-protection
0
last-modified
Fri, 27 Mar 2020 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 27 Mar 2020 08:51:39 GMT
productbackground3.jpeg
assets.widitrade.com/assets/products/5e42757fef28642e25387b72/
109 KB
109 KB
Image
General
Full URL
https://assets.widitrade.com/assets/products/5e42757fef28642e25387b72/productbackground3.jpeg
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.52 Frankfurt am Main, Germany, ASN60068 (CDN77, GB),
Reverse DNS
unn-195-181-175-52.datapacket.com
Software
CDN77-Turbo /
Resource Hash
3c201bf8fedf02c38a22ee79a0e4c51347c55d4b274232ee8f2ed4874cb1a40b

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 27 Mar 2020 08:51:39 GMT
last-modified
Tue, 11 Feb 2020 09:44:44 GMT
server
CDN77-Turbo
access-control-allow-origin
*
x-edge-location
frankfurtDE
etag
"5e42778c-1b42f"
x-cache
HIT
content-type
image/jpeg
status
200
x-edge-ip
195.181.175.50
x-age
83685
accept-ranges
bytes
content-length
111663
flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v50/
59 KB
60 KB
Font
General
Full URL
https://fonts.gstatic.com/s/materialicons/v50/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/icon?family=Material+Icons
Origin
https://shopsafemask.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 10 Mar 2020 20:01:58 GMT
x-content-type-options
nosniff
last-modified
Thu, 20 Feb 2020 01:57:25 GMT
server
sffe
age
1428581
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
60840
x-xss-protection
0
expires
Wed, 10 Mar 2021 20:01:58 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.4.0/fonts/
63 KB
63 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.4.0/css/font-awesome.min.css
Origin
https://shopsafemask.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Mar 2020 08:51:39 GMT
cf-cache-status
HIT
age
29933033
cf-ray
57a7deedeef4c2c7-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
64464
last-modified
Thu, 17 May 2018 09:19:12 GMT
server
cloudflare
etag
"5afd4910-fbd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
expires
Wed, 17 Mar 2021 08:51:39 GMT
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
served-in-seconds
0.003
analytics.js
www.google-analytics.com/
44 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGZ7Z7Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
784
date
Fri, 27 Mar 2020 08:38:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
18174
expires
Fri, 27 Mar 2020 10:38:35 GMT
conversion_async.js
www.googleadservices.com/pagead/
26 KB
10 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGZ7Z7Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
c5b1ef448841c8a0f34532d4be5f5656d9eb4eea66e04755c0b64f2662d35eed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 27 Mar 2020 08:51:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
9982
x-xss-protection
0
server
cafe
etag
13837497077581106518
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 27 Mar 2020 08:51:39 GMT
bat.js
bat.bing.com/
24 KB
8 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGZ7Z7Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0d0cbd713d59b1214b24864c2d86699c88d951162983b8e20011a8738be20589

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 27 Mar 2020 08:51:39 GMT
content-encoding
gzip
last-modified
Thu, 19 Mar 2020 02:21:04 GMT
x-msedge-ref
Ref A: A795C4EA887E4C5AB5F47CFF58B7D457 Ref B: FRAEDGE0211 Ref C: 2020-03-27T08:51:39Z
access-control-allow-origin
*
etag
"0682da95fdd51:0"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7461
6766895.js
js.hs-scripts.com/
795 B
930 B
Script
General
Full URL
https://js.hs-scripts.com/6766895.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGZ7Z7Q
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e903292948a1f1b0da97746a9202a8a2d87e7e9fc53249533463c801f8d4aea

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 27 Mar 2020 08:51:39 GMT
content-encoding
gzip
cf-cache-status
HIT
age
23
cf-polished
origSize=892
status
200
access-control-max-age
3600
cf-bgj
minify
server
cloudflare
x-trace
2B2D5404BEEC2F9B09FF3604F2ED65971D1590C44B000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://ewatchpromo.net
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
57a7deeebd3cd6ed-FRA
expires
Fri, 27 Mar 2020 08:52:39 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=563093358&t=pageview&_s=1&dl=https%3A%2F%2Fshopsafemask.com%2F%3Fwtrd_offer_id%3D5e427848ef28642c2828b8a4%26wtrd_offer_lids%5B%5D%3D5e4278ace...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-123669295-1&cid=500776329.1585299100&jid=717061149&_gid=191828989.1585299100&gjid=1750286022&_v=j81&z=135960914
35 B
102 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-123669295-1&cid=500776329.1585299100&jid=717061149&_gid=191828989.1585299100&gjid=1750286022&_v=j81&z=135960914
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Fri, 27 Mar 2020 08:51:39 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 27 Mar 2020 08:51:39 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-123669295-1&cid=500776329.1585299100&jid=717061149&_gid=191828989.1585299100&gjid=1750286022&_v=j81&z=135960914
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
417
expires
Fri, 01 Jan 1990 00:00:00 GMT
6766895.js
js.hs-analytics.net/analytics/1585299000000/
80 KB
22 KB
Script
General
Full URL
https://js.hs-analytics.net/analytics/1585299000000/6766895.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6766895.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62dab0a425fa55beca1cbe8619c4e59609b1b4ff5df6573618bd72b62413a1b0

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 27 Mar 2020 08:51:40 GMT
content-encoding
br
cf-cache-status
HIT
age
90
x-amz-server-side-encryption
AES256
status
200
x-amz-request-id
7E518B50C4A9DB7F
x-amz-id-2
Qn8LnjQlfhytVAQhxFsDdKHeWA8hEDAfQLIjNxdU26ohgQZ9P/Viy9G/G5Gk0oiF04l8uFc6nEU=
last-modified
Thu, 12 Mar 2020 18:59:05 GMT
server
cloudflare
etag
W/"bd4dedaf3c7f59779a6066038ea0f8c2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300, public
access-control-allow-credentials
false
x-amz-version-id
null
cf-ray
57a7deeee996dfdf-FRA
expires
Fri, 27 Mar 2020 08:55:09 GMT
collectedforms.js
js.hscollectedforms.net/
85 KB
22 KB
Script
General
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/6766895.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:81ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69b9acf28aa23de86049ef99df499b5144735d8f65a86e962a5542f6fb3ce9ab

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Origin
https://shopsafemask.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 27 Mar 2020 08:51:40 GMT
via
1.1 05a90e634e0872685ad69ee9a4e0eba5.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
49128
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
x-amz-replication-status
COMPLETED
content-encoding
gzip
content-type
application/javascript; charset=utf-8
last-modified
Fri, 21 Feb 2020 04:12:07 GMT
server
cloudflare
etag
W/"c00f8a7a08e52f63a2b33d54d330a070"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
x-amz-version-id
3yoBVacLLgVfkY3C5uUUkp3Y6DI.cfqb
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
x-amz-cf-pop
IAD89-C2
cf-ray
57a7deeef9b09ac2-FRA
x-amz-cf-id
J-REtLjSmAT2wZM7J9Bdj8_fdJSzNe9cFSz0etreFRtAeM2hygpyjg==
0
bat.bing.com/action/
0
149 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=26055977&Ver=2&mid=3ca36bc9-5419-e520-c152-884fa4a400a8&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Safe%20Mask&p=https%3A%2F%2Fshopsafemask.com%2F%3Fwtrd_offer_id%3D5e427848ef28642c2828b8a4%26wtrd_offer_lids%5B%5D%3D5e4278acef28642d386cf264&r=&evt=pageLoad&msclkid=N&rn=170018
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

status
204
pragma
no-cache
date
Fri, 27 Mar 2020 08:51:39 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: AF0E8CAB60AD4F659C3DB15B39D78FC7 Ref B: FRAEDGE0211 Ref C: 2020-03-27T08:51:40Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/787909066/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/787909066/?random=1585299100010&cv=9&fst=1585299100010&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3i0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fshopsafemask.com%2F%3Fwtrd_offer_id%3D5e427848ef28642c2828b8a4%26wtrd_offer_lids%5B%5D%3D5e4278acef28642d386cf264&tiba=Safe%20Mask&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e21bd4a76b279be3122a2123b95ee9e0cd9d882c42dedf3a50ec61e3df17be3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Fri, 27 Mar 2020 08:51:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
1050
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/
126 KB
30 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
JSDNN5Qkf3+VFpzaE53na2igUf57XUmng/snDZel0mAntyH5WCp3qxJlo0U5l09pjkC/ef5nODCSwqHmBr+4Uw==
x-fb-trip-id
1850256238
date
Fri, 27 Mar 2020 08:51:40 GMT, Fri, 27 Mar 2020 08:51:40 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
m-outer-a0f6c1465b8d9aab778cf2913d1d3c86.html
js.stripe.com/v3/ Frame 2635
0
0
Document
General
Full URL
https://js.stripe.com/v3/m-outer-a0f6c1465b8d9aab778cf2913d1d3c86.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/m-outer-a0f6c1465b8d9aab778cf2913d1d3c86.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264

Response headers

status
200
x-amz-id-2
lOVZPwHw2eHUggJo+nNzViPbudJD8r1WfDvQn7Z9Jnsrnrvxe8dfzNoMP2rkNwYoQarhb7XBt7E=
x-amz-request-id
0E590926584BA576
last-modified
Fri, 28 Feb 2020 23:42:06 GMT
etag
"a0f6c1465b8d9aab778cf2913d1d3c86"
cache-control
public, max-age=300
content-type
text/html; charset=utf-8
server
AmazonS3
content-encoding
gzip
accept-ranges
bytes
date
Fri, 27 Mar 2020 08:51:40 GMT
via
1.1 varnish
age
177
x-served-by
cache-fra19177-FRA
x-cache
HIT
x-cache-hits
131
x-timer
S1585299100.049135,VS0,VE0
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
content-length
203
/
sentry.io/api/1833286/store/
41 B
446 B
Fetch
General
Full URL
https://sentry.io/api/1833286/store/?sentry_key=512946b58e444414882f63e1e84b6139&sentry_version=7
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.9.1/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.42.15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
15.42.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e36e16bc8aeb207a606735f8bea1a85d8ed5765349a34a5b57d60df42be626d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://shopsafemask.com/
Origin
https://shopsafemask.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 27 Mar 2020 08:51:40 GMT
vary
Origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/json
access-control-allow-origin
https://shopsafemask.com
access-control-expose-headers
x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time
1
Connection
keep-alive
Content-Length
41
pptm.js
www.paypal.com/tagmanager/
12 KB
5 KB
Script
General
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=shopsafemask.com&t=xo&v=5.0.112&source=payments_sdk&client_id=AQ6F9cnZ8KKEqxuhguGHxrYBi3s2h6NGGtUE8CRmIiQuC0Tmtp-NnRtoga-YC4GIyv9_MkHAZHFR5l28
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQ6F9cnZ8KKEqxuhguGHxrYBi3s2h6NGGtUE8CRmIiQuC0Tmtp-NnRtoga-YC4GIyv9_MkHAZHFR5l28&currency=GBP&disable-funding=card
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7d42fd2cf7adef6e2ca9b9b706eef67e44e0f120c1435ea233807b8eda62fc55
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-aepH8Z8J/c21NJ0mEobmZJF6EMaAf0FzlfYJbLRIHj9C9uAb' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-aepH8Z8J/c21NJ0mEobmZJF6EMaAf0FzlfYJbLRIHj9C9uAb' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
etag
W/"310f-FGviSVLWgsmjFEfYfieMcNrYi0M"
x-frame-options
SAMEORIGIN
content-type
application/x-javascript; charset=utf-8
status
200
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Fri, 27 Mar 2020 08:51:40 GMT
paypal-debug-id
df21e5a134887
strict-transport-security
max-age=63072000
dc
phx-origin-www-2.paypal.com
vary
Accept-Encoding
content-length
4456
x-xss-protection
1; mode=block
/
www.google.com/pagead/1p-user-list/787909066/
42 B
122 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/787909066/?random=1585299100010&cv=9&fst=1585296000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3i0&sendb=1&frm=0&url=https%3A%2F%2Fshopsafemask.com%2F%3Fwtrd_offer_id%3D5e427848ef28642c2828b8a4%26wtrd_offer_lids%5B%5D%3D5e4278acef28642d386cf264&tiba=Safe%20Mask&async=1&fmt=3&is_vtc=1&random=3803734689&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Fri, 27 Mar 2020 08:51:40 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/787909066/
42 B
110 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/787909066/?random=1585299100010&cv=9&fst=1585296000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3i0&sendb=1&frm=0&url=https%3A%2F%2Fshopsafemask.com%2F%3Fwtrd_offer_id%3D5e427848ef28642c2828b8a4%26wtrd_offer_lids%5B%5D%3D5e4278acef28642d386cf264&tiba=Safe%20Mask&async=1&fmt=3&is_vtc=1&random=3803734689&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Fri, 27 Mar 2020 08:51:40 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
551800715557688
connect.facebook.net/signals/config/
447 KB
113 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/551800715557688?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ee66c5d7cd068e6e36db90b67b20e3c758dbbc51b844ebfc34d20f482633b448
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=3600
content-length
115254
x-xss-protection
0
pragma
public
x-fb-debug
T2ntbaWRk9TYj+t8JkaosX1s2MtuqxnkCqMLQYrTb/6tEd8BY4WieAOa+ArMgrJNlawHIFFo3A6zheYA0Tx6uw==
x-fb-trip-id
1850256238
date
Fri, 27 Mar 2020 08:51:40 GMT, Fri, 27 Mar 2020 08:51:40 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
counters.gif
forms.hsforms.com/embed/v3/
35 B
495 B
Image
General
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-error-caught&count=1
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 27 Mar 2020 08:51:40 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-trace
2BF749DD58B4031E6F7A3FF3948661C114B6109A11000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
cf-ray
57a7deef9b52c2c2-FRA
content-length
35
ts
t.paypal.com/
42 B
846 B
Image
General
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Safe%20Mask&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1585299100087&g=-60&completeurl=https%3A%2F%2Fshopsafemask.com%2F%3Fwtrd_offer_id%3D5e427848ef28642c2828b8a4%26wtrd_offer_lids%5B%5D%3D5e4278acef28642d386cf264&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.45.98.207 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-98-207.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.11 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Date
Fri, 27 Mar 2020 08:51:40 GMT
Server
akka-http/10.1.11
P3P
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
HTTP_X_PP_AZ_LOCATOR
slcb.slc
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Fri, 27 Mar 2020 08:51:40 GMT
/
www.facebook.com/tr/
44 B
253 B
Image
General
Full URL
https://www.facebook.com/tr/?id=551800715557688&ev=PageView&dl=https%3A%2F%2Fshopsafemask.com%2F%3Fwtrd_offer_id%3D5e427848ef28642c2828b8a4%26wtrd_offer_lids%5B%5D%3D5e4278acef28642d386cf264&rl=&if=false&ts=1585299100107&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1585299100106.1549483820&it=1585299100067&coo=false&rqm=GET
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 27 Mar 2020 08:51:40 GMT, Fri, 27 Mar 2020 08:51:40 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Fri, 27 Mar 2020 08:51:40 GMT
/
www.facebook.com/tr/
44 B
208 B
Image
General
Full URL
https://www.facebook.com/tr/?id=551800715557688&ev=ViewContent&dl=https%3A%2F%2Fshopsafemask.com%2F%3Fwtrd_offer_id%3D5e427848ef28642c2828b8a4%26wtrd_offer_lids%5B%5D%3D5e4278acef28642d386cf264&rl=&if=false&ts=1585299100108&cd[content_name]=Safe%20Mask&cd[content_ids]=5e427848ef28642c2828b8a4&cd[content_type]=landing&cd[publisher_id]=&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1585299100106.1549483820&it=1585299100067&coo=false&rqm=GET
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 27 Mar 2020 08:51:40 GMT, Fri, 27 Mar 2020 08:51:40 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Fri, 27 Mar 2020 08:51:40 GMT
nr-1167.min.js
js-agent.newrelic.com/
26 KB
10 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-1167.min.js
Requested by
Host: shopsafemask.com
URL: https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f4ae8a2c83e0a851fd331bbf34d7a6f9184b3e31b6f2e681e8377fb8a8edc10f

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 27 Mar 2020 08:51:40 GMT
content-encoding
gzip
x-amz-request-id
9F168BA697B778D0
x-cache
HIT
status
200
content-length
10178
x-amz-id-2
yYgBioLjCplIhDxMZm/PKonf0xZGo/IH9CxBrQAf8lWo1+WyLnApygFOHARQZ+4eJQtQu20EMwQ=
x-served-by
cache-hhn4051-HHN
last-modified
Fri, 07 Feb 2020 23:39:55 GMT
server
AmazonS3
x-timer
S1585299100.475793,VS0,VE0
etag
"8155781ab74e51eee2ead2c1d5902e63"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
13943
__ptq.gif
track.hubspot.com/
45 B
493 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2430194794&v=1.1&a=6766895&pu=https%3A%2F%2Fshopsafemask.com%2F%3Fwtrd_offer_id%3D5e427848ef28642c2828b8a4%26wtrd_offer_lids%5B%5D%3D5e4278acef28642d386cf264&t=Safe+Mask&cts=1585299100386&vi=90830af701a7b20380a4a7c2c271ce96&nc=true&u=108254557.90830af701a7b20380a4a7c2c271ce96.1585299100383.1585299100383.1585299100383.1&b=108254557.1.1585299100383
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:fa05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 27 Mar 2020 08:51:40 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI CUR ADM OUR NOR STA NID"
status
200
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
57a7def19eaa650f-FRA
content-type
image/gif
content-length
45
x-robots-tag
none
logger
www.paypal.com/xoplatform/logger/api/
2 B
1 KB
XHR
General
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.9.1/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
/ Express
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

Access-Control-Request-Method
POST
Origin
https://shopsafemask.com
Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

x-edgeconnect-origin-mex-latency
58
date
Fri, 27 Mar 2020 08:51:40 GMT
x-content-type-options
nosniff
x-edgeconnect-midmile-rtt
138
x-powered-by
Express
status
200
paypal-debug-id
92450e753c6b4
dc
ccg11-origin-www-2.paypal.com
content-length
2
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
strict-transport-security
max-age=63072000
access-control-allow-methods
POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://shopsafemask.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-headers
content-type
de79bc54f6
bam.nr-data.net/1/
57 B
275 B
Script
General
Full URL
https://bam.nr-data.net/1/de79bc54f6?a=117809743&v=1167.2a4546b&to=Y1VXNxcEWEQCWhZQClofdhYWEVlaTEoWVhdRb10MCAA%3D&rst=1242&ref=https://shopsafemask.com/&ap=73&be=321&fe=1121&dc=770&perf=%7B%22timing%22:%7B%22of%22:1585299099260,%22n%22:0,%22f%22:166,%22dn%22:166,%22dne%22:166,%22c%22:166,%22ce%22:166,%22rq%22:167,%22rp%22:279,%22rpe%22:284,%22dl%22:287,%22di%22:769,%22ds%22:769,%22de%22:780,%22dc%22:1120,%22l%22:1120,%22le%22:1128%7D,%22navigation%22:%7B%7D%7D&fp=602&fcp=602&at=TxJUQV8eS0o%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1167.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-7.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Content-Type
text/javascript;charset=ISO-8859-1
Content-Length
57
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.facebook.com/tr/
44 B
106 B
Image
General
Full URL
https://www.facebook.com/tr/?id=551800715557688&ev=Microdata&dl=https%3A%2F%2Fshopsafemask.com%2F%3Fwtrd_offer_id%3D5e427848ef28642c2828b8a4%26wtrd_offer_lids%5B%5D%3D5e4278acef28642d386cf264&rl=&if=false&ts=1585299100609&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Safe%20Mask%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Safe%20Mask%22%2C%22og%3Adescription%22%3A%22The%20best%20protection%20against%20viruses%20and%20air%20pollution.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fassets.widitrade.com%2Fassets%2Fproducts%2F5e42757fef28642e25387b72%2Fproduct1.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=2&o=30&fbp=fb.1.1585299100106.1549483820&it=1585299100067&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 27 Mar 2020 08:51:40 GMT, Fri, 27 Mar 2020 08:51:40 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-27=":443"; ma=3600
content-length
44
expires
Fri, 27 Mar 2020 08:51:40 GMT
logger
www.paypal.com/xoplatform/logger/api/
2 B
991 B
XHR
General
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.118 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-118.deploy.static.akamaitechnologies.com
Software
/ Express
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Origin
https://shopsafemask.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type
application/json

Response headers

x-edgeconnect-origin-mex-latency
51
date
Fri, 27 Mar 2020 08:51:40 GMT
x-content-type-options
nosniff
status
200
x-powered-by
Express
strict-transport-security
max-age=63072000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://shopsafemask.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-edgeconnect-midmile-rtt
139
paypal-debug-id
9ea6298808f20
dc
ccg11-origin-www-2.paypal.com
content-length
2
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
de79bc54f6
bam.nr-data.net/events/1/
24 B
183 B
XHR
General
Full URL
https://bam.nr-data.net/events/1/de79bc54f6?a=117809743&v=1167.2a4546b&to=Y1VXNxcEWEQCWhZQClofdhYWEVlaTEoWVhdRb10MCAA%3D&rst=11242&ref=https://shopsafemask.com/
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.9.1/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-7.nr-data.net
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264
Origin
https://shopsafemask.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://shopsafemask.com
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| NREUM object| newrelic function| __nr_require object| dataLayer function| $ function| jQuery function| moment object| core object| __core-js_shared__ object| firebase object| Sentry object| __SENTRY__ object| google_tag_manager string| GoogleAnalyticsObject function| ga object| uetq object| Routing object| fos object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| Stripe function| Popper object| jQuery112405092920219479755 object| FormValidation function| Spinner object| Ladda function| Timer function| addUrlParameter function| UET function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| _hsq object| _paq object| _hsp boolean| _hspb_loaded boolean| _hstc_loaded object| __post_robot_10_0_31__ object| paypal object| __zoid_9_0_42__ object| ShoppingCart undefined| config undefined| callAjax function| fbq function| _fbq string| url object| paramReg undefined| value object| body object| html number| height function| OutpostErrorReporter function| setImmediate function| clearImmediate object| __hsCollectedFormsDebug object| paypalDDL boolean| _hspb_ran boolean| _hstc_ran string| __hsUserToken number| expireDateTime object| __paypal_storage__

13 Cookies

Domain/Path Name / Value
.shopsafemask.com/ Name: _ga
Value: GA1.2.500776329.1585299100
shopsafemask.com/ Name: hubspotutk
Value: 90830af701a7b20380a4a7c2c271ce96
shopsafemask.com/ Name: __hssrc
Value: 1
shopsafemask.com/ Name: __hstc
Value: 108254557.90830af701a7b20380a4a7c2c271ce96.1585299100383.1585299100383.1585299100383.1
.shopsafemask.com/ Name: __stripe_sid
Value: 0cc15666-03f0-4498-a248-3c2011073213
.shopsafemask.com/ Name: _fbp
Value: fb.1.1585299100106.1549483820
.shopsafemask.com/ Name: __stripe_mid
Value: f8d1e543-acd7-44a1-98b3-f1d30f2a3d05
.shopsafemask.com/ Name: _gat_UA-123669295-1
Value: 1
shopsafemask.com/ Name: PHPSESSID
Value: 6eeac8a56a09c10908ebf4d4aefab3cb
.shopsafemask.com/ Name: _gid
Value: GA1.2.191828989.1585299100
.shopsafemask.com/ Name: _gcl_au
Value: 1.1.987300062.1585299100
shopsafemask.com/ Name: __hssc
Value: 108254557.1.1585299100383
shopsafemask.com/ Name: wtrd_click
Value: 5e7dbe9b4e7c5b162e2dede9

1 Console Messages

Source Level URL
Text
console-api log URL: https://browser.sentry-cdn.com/5.9.1/bundle.min.js(Line 2)
Message:
https://shopsafemask.com/?wtrd_offer_id=5e427848ef28642c2828b8a4&wtrd_offer_lids[]=5e4278acef28642d386cf264

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.widitrade.com
bam.nr-data.net
bat.bing.com
browser.sentry-cdn.com
cdn.jsdelivr.net
cdn.widitrade.com
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
googleads.g.doubleclick.net
js-agent.newrelic.com
js.hs-analytics.net
js.hs-scripts.com
js.hscollectedforms.net
js.stripe.com
sentry.io
shopsafemask.com
stats.g.doubleclick.net
store.ecomerzpro.net
t.paypal.com
track.hubspot.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.paypal.com
151.101.114.110
151.101.12.176
162.247.242.19
172.217.16.130
195.181.175.49
195.181.175.52
23.45.98.207
2606:4700::6810:5505
2606:4700::6810:5514
2606:4700::6810:fa05
2606:4700::6811:4004
2606:4700::6811:4104
2606:4700::6811:47b0
2606:4700::6811:81ab
2606:4700::6811:d3cc
2620:1ec:c11::200
2a00:1450:4001:800::200e
2a00:1450:4001:809::2004
2a00:1450:4001:814::2003
2a00:1450:4001:816::200a
2a00:1450:4001:81a::2003
2a00:1450:4001:81d::2008
2a00:1450:4001:820::2003
2a00:1450:4001:825::2002
2a00:1450:400c:c00::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:200::729
35.188.42.15
72.246.168.118
94.237.49.114
0509796bd6781f6d686e6f908fad60a802e5f0f0985e47a5765b99274a34a107
0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d0cbd713d59b1214b24864c2d86699c88d951162983b8e20011a8738be20589
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1154b86464dccca79b8f8e913fd9558253409097d476e97d864b1d853ef7bbf3
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1ce4ae676d4c31a34f6130ebc3a893a66fb55c674d0771180b98eec2e82dced9
1e903292948a1f1b0da97746a9202a8a2d87e7e9fc53249533463c801f8d4aea
297ea7466b446d1c83023e7713b8619a49ce814ef877b1aa8aed20f7a0bdd1a3
2eb793403efb6a9640651cf612a3defa3d99cd945bf0be1a79d003325dce4fff
313593ac3fb4a03dc4b385001d42218359e452a6abd46cc6ebb833ba50b3b6ff
3c201bf8fedf02c38a22ee79a0e4c51347c55d4b274232ee8f2ed4874cb1a40b
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
58de561fcc864609a62c98bee82fe6aef095c6bc94ddf2188d50b04c88b0c99e
5a50d0dfe8a5bfb016f0bbf4c4904fd2db476b297adb9b9e276f1072ab2369bd
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5d6ac652a4a210d983f1b2fe05578b97b8827e1b3ea643f222aad941c4b64def
5e21bd4a76b279be3122a2123b95ee9e0cd9d882c42dedf3a50ec61e3df17be3
62dab0a425fa55beca1cbe8619c4e59609b1b4ff5df6573618bd72b62413a1b0
69b9acf28aa23de86049ef99df499b5144735d8f65a86e962a5542f6fb3ce9ab
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b732c62da0c88a9c0df625a48b1907f2c13ed2a195977c150dca1a4b24e1b6d
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
74532987edcac4535c03dfa2b00c5b5c8c2b643813fb06b7bb3bef02228060f2
77a8e2edfb8db214cd35015990c97a6e9ab427ff2c01068dd499fd17322dbb78
7aa59e703f46064ff5d8940a07a57e33bc7279f04f7ae7ac448d12bded7b46a9
7d42fd2cf7adef6e2ca9b9b706eef67e44e0f120c1435ea233807b8eda62fc55
815263ac174311e55cf1711c6d05cb8a52c2468d86a2805f98028d5ed0f986b8
81dff483fdac22b45e404c729c8cf593a995840478f4101cd8e97e09b47ae96e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b07e1d528d93b0e554d1b56931867db7607da5360a2fec9f767d65cc50f40fb
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
9e87c14a38296bdf92c4f9a1cd41ad9077a3cbe2d33d51eb4fb54f4706c9ebe2
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b2c284b4c02d16a0bc516e913ec156c0718ace31fd3bafdd193ec318e18de112
b6ea6f6ffd11032e3de58ba4cac137bd5faa5f1b6852e1c903cb6a47f98924c3
bd11898cf0cce178b7c5d95575fa989ad02736e3fe60f5e60460500a94083ac4
c2e75d255424af9b8f68217d7e6a455b43e518520e2e26dd0e68ac6f7b4e1d55
c5b1ef448841c8a0f34532d4be5f5656d9eb4eea66e04755c0b64f2662d35eed
d0487d96f10445cb3793a83224fff89d64bd60206f6e75da0c847f634c883d78
d7755ce4fd92cc8b48b365e938a7335a046d1f5485b30ce90993a712b676997f
d9f14f79d6695318d80e6a5f118dd7c703cfbc4aec4fc629c3e317cf166d1fbe
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e36e16bc8aeb207a606735f8bea1a85d8ed5765349a34a5b57d60df42be626d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e400b1a0912d862a2aca75343d99518a4d8a617cc4a3fda8738ee55f02468b3e
e6c098f1491055376679ccfc0d46cd0a512e1beec85f7e00038404885ba742f9
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ee66c5d7cd068e6e36db90b67b20e3c758dbbc51b844ebfc34d20f482633b448
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4ae8a2c83e0a851fd331bbf34d7a6f9184b3e31b6f2e681e8377fb8a8edc10f
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
f8c536428d9dd97a5a91bcebdedd6d7d00cd75ad2da9059e5c87f8ac9175bf5f