www.everyplate.com Open in urlscan Pro
2606:4700::6811:6822 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://click.info.everyplate.com/wf/click?upn=7fFIK0u9iu6MzAoszaX0lgBdDBrPGORRfhqzeBJZSWh1O-2Ba9PO8oXpHkWQyNZZcMuZ60jNZiWB50bALWr...
Effective URL:
https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
Submission: On September 26 via api (September 26th 2020, 11:15:10 am UTC) from US

Summary HTTP 64 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 37 IPs in 7 countries across 29 domains to perform 64 HTTP transactions. The main IP is 2606:4700::6811:6822, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.everyplate.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 3rd 2020. Valid for: a year.

This is the only time www.everyplate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	143.204.201.14 143.204.201.14	16509 (AMAZON-02) (AMAZON-02)
9	2606:4700::68... 2606:4700::6811:6822	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	104.108.58.15 104.108.58.15	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	147.75.102.233 147.75.102.233	54825 (PACKET) (PACKET)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	67.225.220.126 67.225.220.126	32244 (LIQUIDWEB) (LIQUIDWEB)
1	2600:9000:206... 2600:9000:206e:6200:1c:9484:cec0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	99.86.243.91 99.86.243.91	16509 (AMAZON-02) (AMAZON-02)
1 2	34.249.60.11 34.249.60.11	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	147.75.84.91 147.75.84.91	54825 (PACKET) (PACKET)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	99.86.243.27 99.86.243.27	16509 (AMAZON-02) (AMAZON-02)
1	99.86.7.69 99.86.7.69	16509 (AMAZON-02) (AMAZON-02)
1 4	35.227.244.1 35.227.244.1	15169 (GOOGLE) (GOOGLE)
3	99.86.243.32 99.86.243.32	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:340... 2a02:26f0:3400::1703:5829	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2.16.186.123 2.16.186.123	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	147.75.102.203 147.75.102.203	54825 (PACKET) (PACKET)
1	54.77.20.174 54.77.20.174	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
1	34.241.56.227 34.241.56.227	16509 (AMAZON-02) (AMAZON-02)
1 2	185.33.221.87 185.33.221.87	29990 (ASN-APPNEX) (ASN-APPNEX)
2	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
2	23.22.3.88 23.22.3.88	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2600:1f18:730... 2600:1f18:730:b110:b216:4622:d058:b1a9	14618 (AMAZON-AES) (AMAZON-AES)
1	52.86.196.188 52.86.196.188	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY)
1 2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	99.86.245.129 99.86.245.129	16509 (AMAZON-02) (AMAZON-02)
1	52.219.104.56 52.219.104.56	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f01... 2a03:2880:f01c:8004:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
1	35.190.54.17 35.190.54.17	15169 (GOOGLE) (GOOGLE)
1	99.83.128.14 99.83.128.14	16509 (AMAZON-02) (AMAZON-02)
64	37

2 143.204.201.14 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-14.fra53.r.cloudfront.net

click.info.everyplate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6811:6822 (United States)

ASN13335 (CLOUDFLARENET, US)

www.everyplate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.58.15 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-58-15.deploy.static.akamaitechnologies.com

cdn3.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.102.233 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress17

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.225.220.126 (Lansing, United States)

ASN32244 (LIQUIDWEB, US)
PTR: host.rtb123.com

www.rtb123.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:6200:1c:9484:cec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.attn.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.243.91 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-91.vie50.r.cloudfront.net

pixel.pointmediatracker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.249.60.11 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-60-11.eu-west-1.compute.amazonaws.com

cnv.event.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:824::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.84.91 (Parsippany, United States)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress13

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.243.27 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-27.vie50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.7.69 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-69.fra6.r.cloudfront.net

pixel.snapsmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.244.1 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 1.244.227.35.bc.googleusercontent.com

shop.pe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.243.32 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-243-32.vie50.r.cloudfront.net

d3rr3d0n31t48m.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3400::1703:5829 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.186.123 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-123.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.102.203 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress15

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.20.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-20-174.eu-west-1.compute.amazonaws.com

w.usabilla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.56.227 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-56-227.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.87 (Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.226.184 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.22.3.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-3-88.compute-1.amazonaws.com

snapsmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b110:b216:4622:d058:b1a9 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.196.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-196-188.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

sf19-scmcdn-va.ibytedtos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.245.129 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-245-129.vie50.r.cloudfront.net

d6tizftlrpuof.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.104.56 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com

us-webchat-cdn.s3.us-east-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8004:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK, US)

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.54.17 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 17.54.190.35.bc.googleusercontent.com

shopper.shop.pe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.83.128.14 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a954c1fc80b8251dc.awsglobalaccelerator.com

pixel.voltn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	everyplate.com 2 redirects click.info.everyplate.com www.everyplate.com	742 KB
5	shop.pe 1 redirects shop.pe shopper.shop.pe	26 KB
5	google-analytics.com www.google-analytics.com	21 KB
4	cloudfront.net d3rr3d0n31t48m.cloudfront.net d6tizftlrpuof.cloudfront.net	52 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	73 KB
3	liadm.com 1 redirects b-code.liadm.com rp.liadm.com rp4.liadm.com	11 KB
3	snapsmedia.io pixel.snapsmedia.io snapsmedia.io	22 KB
3	google.de www.google.de	731 B
3	google.com www.google.com	731 B
3	bing.com bat.bing.com	8 KB
3	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
2	facebook.com 1 redirects www.facebook.com	694 B
2	snapchat.com tr.snapchat.com
2	adnxs.com 1 redirects secure.adnxs.com	2 KB
2	tiktok.com analytics.tiktok.com	21 KB
2	facebook.net connect.facebook.net	167 KB
2	bidr.io 1 redirects cnv.event.prod.bidr.io	1 KB
2	googletagmanager.com www.googletagmanager.com	105 KB
1	voltn.com pixel.voltn.com
1	atdmt.com cx.atdmt.com	424 B
1	amazonaws.com us-webchat-cdn.s3.us-east-2.amazonaws.com	62 KB
1	ibytedtos.com sf19-scmcdn-va.ibytedtos.com	8 KB
1	usabilla.com w.usabilla.com	13 KB
1	sc-static.net sc-static.net	6 KB
1	pointmediatracker.com 1 redirects pixel.pointmediatracker.com	590 B
1	attn.tv cdn.attn.tv	375 B
1	rtb123.com www.rtb123.com	832 B
1	googleadservices.com www.googleadservices.com	12 KB
1	optimizely.com cdn3.optimizely.com	696 B
64	29

	Domain	Requested by
9	www.everyplate.com	www.everyplate.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.everyplate.com
4	shop.pe	1 redirects d3rr3d0n31t48m.cloudfront.net www.everyplate.com
3	d3rr3d0n31t48m.cloudfront.net	www.everyplate.com shop.pe
3	www.google.de	www.everyplate.com
3	www.google.com	www.everyplate.com
3	bat.bing.com	www.everyplate.com
2	www.facebook.com	1 redirects www.everyplate.com
2	snapsmedia.io	www.everyplate.com pixel.snapsmedia.io
2	tr.snapchat.com	www.everyplate.com
2	secure.adnxs.com	1 redirects www.everyplate.com
2	analytics.tiktok.com	www.everyplate.com sf19-scmcdn-va.ibytedtos.com
2	connect.facebook.net	www.everyplate.com connect.facebook.net
2	cnv.event.prod.bidr.io	1 redirects www.everyplate.com
2	stats.g.doubleclick.net	www.google-analytics.com www.everyplate.com
2	www.googletagmanager.com	www.everyplate.com www.googletagmanager.com
2	click.info.everyplate.com	2 redirects
1	pixel.voltn.com	d3rr3d0n31t48m.cloudfront.net
1	shopper.shop.pe	shop.pe
1	cx.atdmt.com
1	us-webchat-cdn.s3.us-east-2.amazonaws.com	www.googletagmanager.com
1	d6tizftlrpuof.cloudfront.net	www.everyplate.com
1	sf19-scmcdn-va.ibytedtos.com	analytics.tiktok.com
1	rp4.liadm.com	www.everyplate.com
1	rp.liadm.com	1 redirects
1	in.hotjar.com	www.everyplate.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	w.usabilla.com	www.everyplate.com
1	vars.hotjar.com	static.hotjar.com
1	b-code.liadm.com	www.googletagmanager.com
1	pixel.snapsmedia.io	www.everyplate.com
1	sc-static.net	www.everyplate.com
1	script.hotjar.com	static.hotjar.com
1	pixel.pointmediatracker.com	1 redirects
1	cdn.attn.tv	www.googletagmanager.com
1	www.rtb123.com	www.everyplate.com
1	static.hotjar.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	cdn3.optimizely.com	www.everyplate.com
64	39

This site contains links to these domains. Also see Links.

Domain
get.everyplate.com
www.facebook.com
www.instagram.com

Subject Issuer	Validity	Valid
everyplate.com Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.optimizely.com DigiCert SHA2 Secure Server CA	`2020-01-20` - `2021-03-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-08-16` - `2020-11-14`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
www.rtb123.com GlobalSign RSA DV SSL CA 2018	`2020-05-28` - `2022-05-31`	2 years	crt.sh
*.attn.tv Amazon	`2020-03-02` - `2021-04-02`	a year	crt.sh
*.event.prod.bidr.io Amazon	`2020-03-26` - `2021-04-26`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-08-17` - `2020-11-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
sc-static.net DigiCert SHA2 Secure Server CA	`2019-03-11` - `2021-03-15`	2 years	crt.sh
snapsmedia.io Amazon	`2020-04-29` - `2021-05-29`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
b-code.liadm.com DigiCert Secure Site ECC CA-1	`2020-06-23` - `2021-09-22`	a year	crt.sh
*.tiktok.com RapidSSL RSA CA 2018	`2019-11-14` - `2022-01-12`	2 years	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-08-15` - `2020-11-13`	3 months	crt.sh
w.usabilla.com Amazon	`2020-04-10` - `2021-05-10`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.hotjar.com Amazon	`2020-08-29` - `2021-09-28`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
tr.snapchat.com DigiCert SHA2 Secure Server CA	`2019-02-19` - `2021-02-23`	2 years	crt.sh
*.liadm.com Amazon	`2020-01-17` - `2021-02-17`	a year	crt.sh
*.ibytedtos.com RapidSSL RSA CA 2018	`2020-05-12` - `2022-05-12`	2 years	crt.sh
*.shop.pe RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-08-03` - `2021-10-02`	a year	crt.sh
*.s3.us-east-2.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-07-24` - `2021-05-27`	10 months	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2020-08-12` - `2020-11-10`	3 months	crt.sh
*.voltn.com Amazon	`2020-07-04` - `2021-08-04`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
Frame ID: 526457BE5F9F753B314104E46AF7EBD0
Requests: 58 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 682183B6D92A834F4A2D28D27C3B854A
Requests: 1 HTTP requests in this frame

Frame: https://w.usabilla.com/6349bf73fcae.js?lv=1
Frame ID: 62546896ABF513AC3F225D6AC006BAD3
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=7c8dd902-b87b-41e0-9ff7-04b1e7385e83
Frame ID: 2D99ED3E3C7CEEC7A9ABFBFE5FAA1D9C
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: E5847AD1B52FECA0993213135107AF09
Requests: 1 HTTP requests in this frame

Frame: https://d6tizftlrpuof.cloudfront.net/themes/production/hellofresh-button-e43a26541055ffe8644286114c4c9d3c.png
Frame ID: B256F8AC8F3CE2EF6F9580D160C0707A
Requests: 1 HTTP requests in this frame

Frame: https://pixel.voltn.com/iframe?vcp=4dd5h0np&as_id=e6cb1ca6024744d0bd066d531ce2cf6a
Frame ID: C31BB4CEE72F8777E14350AF9B4FE8CE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://click.info.everyplate.com/wf/click?upn=7fFIK0u9iu6MzAoszaX0lgBdDBrPGORRfhqzeBJZSWh1O-2Ba9PO8oXpHkWQyNZ... HTTP 301
https://click.info.everyplate.com/wf/click?upn=7fFIK0u9iu6MzAoszaX0lgBdDBrPGORRfhqzeBJZSWh1O-2Ba9PO8oXpHkWQyNZ... HTTP 302
https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

64
Requests

100 %
HTTPS

38 %
IPv6

29
Domains

39
Subdomains

37
IPs

7
Countries

1354 kB
Transfer

4805 kB
Size

20
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://get.everyplate.com/students
Title: Students

Search URL Search Domain Scan URL

URL: https://www.facebook.com/EveryPlate/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/everyplate/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click.info.everyplate.com/wf/click?upn=7fFIK0u9iu6MzAoszaX0lgBdDBrPGORRfhqzeBJZSWh1O-2Ba9PO8oXpHkWQyNZZcMuZ60jNZiWB50bALWrwQJxnIu-2BbrIyYsNuII-2Fi-2BwwW0sodwhlyPqy-2B65Pr0aYSYd6-2F-2Ba4NbVYw62bZuq7Hk-2Bjtg-3D-3D_ELtZRSiLEYSCWPf1ETZTXuIoqolvc0ioMpz8RcrNd0P-2BkCrKNvzzYSxMbWRQ4aYJb7cxA1AHPqglCbe7qDHhQ7pV-2FjYaVg1BhfmVwU-2BZOr2Tmk5fZmXsyzsMS3tg2GkjvFpVlQqXTYHik1TcScveFLpf9YpvJAGiFD8FeuQB89pQg4QfMMnHRKlnTL-2B5icfnFEtHvIA7QlPLdTUmia29kEa9-2F-2FpA5AU6bfdAcLsbYZfnATdaYfKnikVxi04Ti0IrEvhVxumBWwEfC3EOm1b8u0cQj6IeGhj1OOZQS67twlA-3D HTTP 301
https://click.info.everyplate.com/wf/click?upn=7fFIK0u9iu6MzAoszaX0lgBdDBrPGORRfhqzeBJZSWh1O-2Ba9PO8oXpHkWQyNZZcMuZ60jNZiWB50bALWrwQJxnIu-2BbrIyYsNuII-2Fi-2BwwW0sodwhlyPqy-2B65Pr0aYSYd6-2F-2Ba4NbVYw62bZuq7Hk-2Bjtg-3D-3D_ELtZRSiLEYSCWPf1ETZTXuIoqolvc0ioMpz8RcrNd0P-2BkCrKNvzzYSxMbWRQ4aYJb7cxA1AHPqglCbe7qDHhQ7pV-2FjYaVg1BhfmVwU-2BZOr2Tmk5fZmXsyzsMS3tg2GkjvFpVlQqXTYHik1TcScveFLpf9YpvJAGiFD8FeuQB89pQg4QfMMnHRKlnTL-2B5icfnFEtHvIA7QlPLdTUmia29kEa9-2F-2FpA5AU6bfdAcLsbYZfnATdaYfKnikVxi04Ti0IrEvhVxumBWwEfC3EOm1b8u0cQj6IeGhj1OOZQS67twlA-3D HTTP 302
https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://pixel.pointmediatracker.com/kpi?c=everyplate&kpi=visit&tag_id=80&user_id=undefined&fpc=ad453da8-2a48-4c76-a114-73cfa73f1427&gtmcb=1352970228 HTTP 302
https://cnv.event.prod.bidr.io/log/cnv?tag_id=80&buzz_key=blisspoint&value=everyplate&segment_key=&order=41705ca3-b1c5-419f-a5c2-060c81a3748a.undefined&ord=2381167008831670294 HTTP 303
https://cnv.event.prod.bidr.io/log/cnv?tag_id=80&buzz_key=blisspoint&value=everyplate&segment_key=&order=41705ca3-b1c5-419f-a5c2-060c81a3748a.undefined&ord=2381167008831670294&_bee_ppp=1

Request Chain 30

https://shop.pe/widget/widget_async.js HTTP 301
https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js

Request Chain 40

https://secure.adnxs.com/seg?add=16759946&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D16759946%26t%3D2

Request Chain 45

https://rp.liadm.com/p?tna=v1.1.10&aid=a-049p&wpn=lc-bundle&pu=https%3A%2F%2Fwww.everyplate.com%2Fresetpass%2F4658uS5VbOfnsmWf_tCZULnK_E2XhiHq%3Femail%3Dsminyard%40cavalierford.com&duid=23306e48e205--01ek51yvtxfb82c4b7zxna6zjj&se=e30&dtstmp=1601118891985 HTTP 302
https://rp4.liadm.com/p?tna=v1.1.10&aid=a-049p&wpn=lc-bundle&pu=https%3A%2F%2Fwww.everyplate.com%2Fresetpass%2F4658uS5VbOfnsmWf_tCZULnK_E2XhiHq%3Femail%3Dsminyard%40cavalierford.com&duid=23306e48e205--01ek51yvtxfb82c4b7zxna6zjj&se=e30&dtstmp=1601118891985&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true

Request Chain 54

https://www.facebook.com/tr/?id=165937010776457&ev=Microdata&dl=https%3A%2F%2Fwww.everyplate.com%2Fresetpass%2F4658uS5VbOfnsmWf_tCZULnK_E2XhiHq%3Femail%3Dsminyard%40cavalierford.com&rl=&if=false&ts=1601118892731&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22EveryPlate%3A%20The%20Affordable%20Meal%20Kit%20for%20Everyone%22%2C%22meta%3Adescription%22%3A%22America%27s%20best%20value%20meal%20kit%20delivering%20filling%2C%20familiar%2C%20pre-measured%20ingredients%20with%20simple%20recipes%2C%20at%20only%20%244.99%2Fmeal.%20Flexible%20menus%2C%20plans%20and%20deliveries%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22product%22%2C%22og%3Atitle%22%3A%22EveryPlate%22%2C%22og%3Adescription%22%3A%22America%27s%20best%20value%20meal%20kit%20delivering%20filling%2C%20familiar%2C%20pre-measured%20ingredients%20with%20simple%20recipes%2C%20at%20only%20%244.99%2Fmeal.%20Flexible%20menus%2C%20plans%20and%20deliveries%22%2C%22og%3Aimage%22%3A%22%2Fassets%2Feveryplate%2Ffavicon%2Fshare.jpg%22%2C%22og%3Alocale%22%3A%22en-US%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.everyplate.com%2Fresetpass%2F4658uS5VbOfnsmWf_tCZULnK_E2XhiHq%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.24&r=stable&ec=1&o=30&fbp=fb.1.1601118892227.1531484806&it=1601118891766&coo=false&es=automatic&tm=3&rqm=GET HTTP 302
https://cx.atdmt.com/?c=15326663929564540174&f=AYyiLd6aVcwKSQOpFBN40AqkgXSR2VZguKnZUAP86CTPYCrrsbGE2loGm3Bp_crNpDQPLQxb9P-hINCTVpWVEjY-&id=165937010776457&l=3&v=0

64 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 4658uS5VbOfnsmWf_tCZULnK_E2XhiHq Show response
www.everyplate.com/resetpass/
Redirect Chain

http://click.info.everyplate.com/wf/click?upn=7fFIK0u9iu6MzAoszaX0lgBdDBrPGORRfhqzeBJZSWh1O-2Ba9PO8oXpHkWQyNZZcMuZ60jNZiWB50bALWrwQJxnIu-2BbrIyYsNuII-2Fi-2BwwW0sodwhlyPqy-2B65Pr0aYSYd6-2F-2Ba4NbVYw...
https://click.info.everyplate.com/wf/click?upn=7fFIK0u9iu6MzAoszaX0lgBdDBrPGORRfhqzeBJZSWh1O-2Ba9PO8oXpHkWQyNZZcMuZ60jNZiWB50bALWrwQJxnIu-2BbrIyYsNuII-2Fi-2BwwW0sodwhlyPqy-2B65Pr0aYSYd6-2F-2Ba4NbVY...
https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com

309 KB
89 KB

494ms
460ms

Document
text/html

2606:4700::6811:6822
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:6822 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a2f89428fe9295988cc0a99616db75910afc30b70fc204de493fa246545840a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.everyplate.com
:scheme: https
:path: /resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sat, 26 Sep 2020 11:14:51 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d2a62a49706c29b8381e53673a91554fe1601118890; expires=Mon, 26-Oct-20 11:14:50 GMT; path=/; domain=.everyplate.com; HttpOnly; SameSite=Lax; Secure wl_public_id=90649762-1f64-4805-9ac5-ecfb19480bc1; Max-Age=31536000; Path=/; Expires=Sun, 26 Sep 2021 11:14:51 GMT apiV2Auth=%7B%22access_token%22%3A%22eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MDM3NDc4MTMsImp0aSI6IjA5ZWQ4Yzc0LTc2MzEtNGNlZi1hM2VmLTIxYzYxZDBmNGU3NyIsImlhdCI6MTYwMTExODA3MCwiaXNzIjoiZWZiNjZjNmMtODFmMy00NDUyLTljODQtZWY1NGU4NmRhMTU3In0.MK861fLrObPibC5CsTWvRwTdz26x9zvAijGCw07VTcM%22%2C%22expires_in%22%3A2629743%2C%22scope%22%3A%22public%22%2C%22token_type%22%3A%22Bearer%22%7D; Max-Age=2629743; Path=/; Expires=Mon, 26 Oct 2020 21:43:54 GMT; Secure
cf-ray: 5d8c904aaeb61f2d-FRA
access-control-allow-origin: *
cache-control: public, no-cache, no-store, must-revalidate
expires: 0
vary: Accept-Encoding, User-Agent, X-Locale, X-Country, X-User
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: Origin, Host, Accept, Content-Type, Authorization, X-Requested-With
access-control-allow-methods: GET,POST,PUT,OPTIONS,DELETE,PATCH
cf-request-id: 056bb882a600001f2d50265200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pragma: no-cache
x-content-type-options: nosniff
x-country: ER
x-env: live
x-envoy-decorator-operation: everyplate-frontend-k8s.discovery.svc.cluster.local:80/*
x-envoy-upstream-service-time: 24
x-frame-options: SAMEORIGIN
x-locale: en-US
x-user-journey: everyplate
x-xss-protection: 1; mode=block
server: cloudflare
content-encoding: br

Redirect headers

status: 302
content-type: text/html; charset=utf-8
content-length: 124
location: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
server: nginx
date: Sat, 26 Sep 2020 11:14:50 GMT
x-robots-tag: noindex, nofollow
x-cache: Miss from cloudfront
via: 1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: M2LCdTeu5saRGW26VfnLFFNgp3C-zQy-gfU6RM13o45HY_G8gbo1HQ==

GET
H2 200 OpenSans-Regular.woff2
www.everyplate.com/assets/everyplate/fonts/opensans/ 14 KB
14 KB 28ms
26ms Font
binary/octet-stream 2606:4700::6811:6822
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.everyplate.com/assets/everyplate/fonts/opensans/OpenSans-Regular.woff2

Requested by

Host: www.everyplate.com
URL: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:6822 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.everyplate.com
Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 11:14:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6808
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: 359B82E26D931BDC
x-amz-id-2: Dh1rs22ezVZwPJ5RsSKYYOTuUg9pYzBqtVtOo/SpCoGaK0U/+01+JjjheL6+ddewvEvHLPlAQrc=
accept-ranges: bytes
last-modified: Tue, 10 Mar 2020 13:18:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "33543c5cc5d88f5695dd08c87d280dfd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET,POST,PUT,OPTIONS,DELETE,PATCH
content-type: binary/octet-stream
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-request-id: 056bb8848200001f2d50286200000001
content-length: 14380
cf-ray: 5d8c904d9d481f2d-FRA
access-control-allow-headers: Origin, Host, Accept, Content-Type, Authorization, X-Requested-With
expires: Sat, 26 Sep 2020 15:14:51 GMT

GET
H2 200 OpenSans-SemiBold.woff2
www.everyplate.com/assets/everyplate/fonts/opensans/ 15 KB
15 KB 31ms
29ms Font
binary/octet-stream 2606:4700::6811:6822
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.everyplate.com/assets/everyplate/fonts/opensans/OpenSans-SemiBold.woff2

Requested by

Host: www.everyplate.com
URL: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:6822 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.everyplate.com
Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 11:14:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6808
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: B2893421F33F4C41
x-amz-id-2: 8bngQWUwoiwU6n9R0BV0xvjN+3JTIQpmXftPtMPvqItmyO9vHH6K0m4qpjII27I9QO5nh5PdZjY=
accept-ranges: bytes
last-modified: Tue, 10 Mar 2020 13:18:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "819af3d3abdc9f135d49b80a91e2ff4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET,POST,PUT,OPTIONS,DELETE,PATCH
content-type: binary/octet-stream
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-request-id: 056bb8848300001f2d50287200000001
content-length: 14880
cf-ray: 5d8c904d9d4b1f2d-FRA
access-control-allow-headers: Origin, Host, Accept, Content-Type, Authorization, X-Requested-With
expires: Sat, 26 Sep 2020 15:14:51 GMT

GET
H2 200 cond_black.woff2
www.everyplate.com/assets/everyplate/fonts/wfoundry_sonny/ 18 KB
19 KB 30ms
28ms Font
binary/octet-stream 2606:4700::6811:6822
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.everyplate.com/assets/everyplate/fonts/wfoundry_sonny/cond_black.woff2

Requested by

Host: www.everyplate.com
URL: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:6822 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a01f4f5ca76e16ec853687c534d4a13e4ef136ed34e2e4db60e52163e8987c70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.everyplate.com
Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 11:14:51 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 79386
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: 09A37CF563735BED
x-amz-id-2: Rbca7uV+VTfoJ22Mdtj3YXoSWG9u+v7B/WcY3hevQjy9szWUI0939gnYfFEm1roPcUNIyilsBz8=
accept-ranges: bytes
last-modified: Tue, 15 Oct 2019 07:26:25 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "3cb76c8b40fc5109bc0dcab1e9859be0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET,POST,PUT,OPTIONS,DELETE,PATCH
content-type: binary/octet-stream
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-request-id: 056bb8848300001f2d50288200000001
content-length: 18748
cf-ray: 5d8c904d9d4d1f2d-FRA
access-control-allow-headers: Origin, Host, Accept, Content-Type, Authorization, X-Requested-With
expires: Sun, 26 Sep 2021 11:14:51 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 156 KB
49 KB 30ms
28ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P2Q9ZFQ

Requested by

Host: www.everyplate.com
URL: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

587560c9ba4ee02592bcdb23b06067a92f2fa2dea435dc0fc21d19ad542f86fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 11:14:51 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50422
x-xss-protection: 0
last-modified: Sat, 26 Sep 2020 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 26 Sep 2020 11:14:51 GMT

GET
H/1.1 200
OK geo2.js Show response
cdn3.optimizely.com/js/ 289 B
696 B 183ms
66ms Script
application/javascript 104.108.58.15
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.optimizely.com/js/geo2.js
Requested by: Host: www.everyplate.com
URL: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.58.15 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-58-15.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 0f255df1fd228ff75a6d121b530d53cb4f85a154d9245c49c2d2da2b21087ff9

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: Y1BKPK.c9lIaZx2uYj8JMWZye_vJfrh9
Server: AmazonS3
x-amz-request-id: 58F91F709437393D
ETag: "adadfc5d7afd13e353d9d52cec1c7827"
Content-Type: application/javascript
Cache-Control: max-age=81955
Date: Sat, 26 Sep 2020 11:14:51 GMT
Connection: keep-alive
Content-Length: 289
x-amz-id-2: Phn5k+QjLByfMD8t9FT8zSNZWClJ3+nxhXLTY5wx/QecmQtaAvbMffypFSTaQAElH17cGsDf1yg=

GET
H2 200 vendor.0ffe40ee1382.js Show response
www.everyplate.com/assets/everyplate/main/releases/ 1 MB
399 KB 71ms
69ms Script
application/javascript 2606:4700::6811:6822
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.everyplate.com/assets/everyplate/main/releases/vendor.0ffe40ee1382.js

Requested by

Host: www.everyplate.com
URL: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:6822 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91ee75ffa56241b9ce89062489d58d62e040020dedd48906db916cbd00dd1f0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 11:14:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 515637
status: 200
x-amz-request-id: 5823C2E94F795D06
x-amz-id-2: 0VIYyEtXFPQIRKm/zGpcbJzltWryjoZ9+3gHlp1hG9nKk81RWJQopaqKsfwGQQwIZZlUwtRX+/U=
last-modified: Fri, 18 Sep 2020 18:10:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"f5ac0511d35dcf554615f03960dcb923"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,OPTIONS,DELETE,PATCH
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-request-id: 056bb884c800001f2d5028c200000001
cf-ray: 5d8c904e0e531f2d-FRA
access-control-allow-headers: Origin, Host, Accept, Content-Type, Authorization, X-Requested-With
expires: Sun, 26 Sep 2021 11:14:51 GMT

GET
H2 200 main-client.ff5582c68a85.js Show response
www.everyplate.com/assets/everyplate/main/releases/ 843 KB
180 KB 56ms
55ms Script
application/javascript 2606:4700::6811:6822
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.everyplate.com/assets/everyplate/main/releases/main-client.ff5582c68a85.js

Requested by

Host: www.everyplate.com
URL: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:6822 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbf985e2314c76a056c1043b511dc835172e04e0667f3fb5c0f99b64f4ceb0af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 11:14:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 79386
status: 200
x-amz-request-id: DX9S9X9YBY4VDKEJ
x-amz-id-2: uhpsgHz2K72PomnRPGRSU5FiWd3+FrTduBXehI4Aux3TZHipShqZeklB6RBY1ZHPD/7S2e5cpK4=
last-modified: Fri, 25 Sep 2020 12:56:29 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"879f2de8bf6f946df704d0346178e0cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,OPTIONS,DELETE,PATCH
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-request-id: 056bb884c800001f2d5028d200000001
cf-ray: 5d8c904e0e541f2d-FRA
access-control-allow-headers: Origin, Host, Accept, Content-Type, Authorization, X-Requested-With
expires: Sun, 26 Sep 2021 11:14:51 GMT

GET
H2 200 login.898cd7072f8a.js Show response
www.everyplate.com/assets/everyplate/main/releases/@ep/ 31 KB
7 KB 25ms
24ms Script
application/javascript 2606:4700::6811:6822
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.everyplate.com/assets/everyplate/main/releases/@ep/login.898cd7072f8a.js

Requested by

Host: www.everyplate.com
URL: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:6822 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7b9367aaff6411a857989b583559285c3ca5f5f7ae525d4fe193af25e9da774

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 11:14:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 29789
status: 200
x-amz-request-id: B6064C9CAB19C297
x-amz-id-2: cyMITX3tFxAiMfdmEGDahWkpsg5+VEQcPrOex2XtiIl4u952ACk7TE6ssTFrl4mzvkoP+N8vX40=
last-modified: Fri, 25 Sep 2020 13:18:04 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"e7901eadf6fb561136f410e4b64c3941"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,OPTIONS,DELETE,PATCH
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-request-id: 056bb884c800001f2d5028e200000001
cf-ray: 5d8c904e0e581f2d-FRA
access-control-allow-headers: Origin, Host, Accept, Content-Type, Authorization, X-Requested-With
expires: Sun, 26 Sep 2021 11:14:51 GMT

GET
H2 200 header.aff3fec12c58.js Show response
www.everyplate.com/assets/everyplate/main/releases/@ep/ 89 KB
17 KB 28ms
27ms Script
application/javascript 2606:4700::6811:6822
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.everyplate.com/assets/everyplate/main/releases/@ep/header.aff3fec12c58.js

Requested by

Host: www.everyplate.com
URL: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:6822 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fa3a712cd29710e2662e5447424ea8dd0f0942aa175bd9f44fab948809f6fc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 11:14:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 79727
status: 200
x-amz-request-id: 9862A6E70CECF205
x-amz-id-2: Esfg5qV8r+7RlWHYhWPSh3k+96jN1UxUL5LzBE+t/K6P9JQrIOhUCYNj7h/d1ph4VHlOiF8mMnA=
last-modified: Fri, 25 Sep 2020 12:56:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"0acd074ad852660bae5778d32e01bce3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,OPTIONS,DELETE,PATCH
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-request-id: 056bb884c800001f2d5028f200000001
cf-ray: 5d8c904e0e591f2d-FRA
access-control-allow-headers: Origin, Host, Accept, Content-Type, Authorization, X-Requested-With
expires: Sun, 26 Sep 2021 11:14:51 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P2Q9ZFQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 7151
date: Sat, 26 Sep 2020 09:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Sat, 26 Sep 2020 11:15:40 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 186 KB
55 KB 48ms
34ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NB97G8H&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P2Q9ZFQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a9e8c67713e74ff7521ef94e500c4ea161e1e131619e614619e7e17ccfcac6f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 11:14:51 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56114
x-xss-protection: 0
last-modified: Sat, 26 Sep 2020 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 26 Sep 2020 11:14:51 GMT

GET
H3-Q050 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
937 B 28ms
13ms Script
text/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 10:37:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2222
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Sat, 26 Sep 2020 11:37:49 GMT

GET
H3-Q050 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
2 KB 27ms
13ms Script
text/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 10:49:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1528
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Sat, 26 Sep 2020 11:49:23 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
456 B 43ms
16ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-115749411-1&cid=296164191.1601118891&jid=1645245456&gjid=92432320&_gid=1349748796.1601118891&_u=aGBAgEArAAAAAE~&z=1081619279

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 26 Sep 2020 11:14:51 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.everyplate.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
189 B 9ms
5ms Image
image/gif 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&aip=1&a=945998835&t=pageview&_s=1&dl=https%3A%2F%2Fwww.everyplate.com%2Fresetpass%2F4658uS5VbOfnsmWf_tCZULnK_E2XhiHq%3Femail%3Dsminyard%40cavalierford.com&dp=%2Fresetpass%2F4658uS5VbOfnsmWf_tCZULnK_E2XhiHq%3Femail%3Dsminyard%40cavalierford.com&ul=en-us&de=UTF-8&dt=EveryPlate%3A%20The%20Affordable%20Meal%20Kit%20for%20Everyone&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAr~&jid=1645245456&gjid=92432320&cid=296164191.1601118891&tid=UA-115749411-1&_gid=1349748796.1601118891&gtm=2wg9g1P2Q9ZFQ&cd42=US&z=1393260564

Requested by

Host: www.everyplate.com
URL: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Sep 2020 07:46:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 12531
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 29 KB
12 KB 166ms
59ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB97G8H&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 11:14:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11311
x-xss-protection: 0
server: cafe
etag: 12833363978352728442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 26 Sep 2020 11:14:51 GMT

GET
H2 200 hotjar-919432.js Show response
static.hotjar.com/c/ 4 KB
2 KB 52ms
52ms Script
application/javascript 147.75.102.233
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-919432.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB97G8H&l=dataLayer

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.102.233 Central, Hong Kong, ASN54825 (PACKET, US),

Reverse DNS

pkt-ams-k2-shared-ingress17

Software

Resource Hash

7770979ac3beba8a2c476a42198eb48b0bcbb3cbbc358b64afbbf42793f252fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 11:14:51 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjarjs
age: 14
status: 200
section-io-cache: Hit
vary: Accept-Encoding
content-length: 1667
cache-control: max-age=60
etag: W/580cabefd96f077cd69a209a4a706e20
access-control-max-age: 600
section-io-origin-status: 304
access-control-allow-origin: *
x-cache-hit: 1
section-io-origin-time-seconds: 0.020
accept-ranges: bytes
section-io-id: f6520637ad34b0dd61f6cd7daf563a85
section-origin-responded: true

GET
H2 200 bat.js Show response
bat.bing.com/ 26 KB
8 KB 47ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.everyplate.com
URL: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 11:14:50 GMT
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 20:00:00 GMT
x-msedge-ref: Ref A: 1958652FBB1C48E18E5548A13ED2FD01 Ref B: FRAEDGE1421 Ref C: 2020-09-26T11:14:51Z
status: 200
etag: "0e0bdafab5bd61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8022

GET
H2 200 btp.js Show response
www.rtb123.com/tags/9764C4AD-CCE6-4199-B777-B1965789DE76/ 1 KB
832 B 472ms
153ms Script
application/javascript 67.225.220.126
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rtb123.com/tags/9764C4AD-CCE6-4199-B777-B1965789DE76/btp.js
Requested by: Host: www.everyplate.com
URL: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.225.220.126 Lansing, United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.rtb123.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ffa3ed1ab7768d88d8932ca633b3f1611e19863cc93664bd1101d80de20222c7

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Sat, 26 Sep 2020 11:14:51 GMT
content-encoding: gzip
etag: "1efc7b1668c5d41:0"
last-modified: Fri, 15 Feb 2019 19:53:14 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 633

GET
H2 200 dtag.js Show response
cdn.attn.tv/everyplate/ 0
375 B 79ms
35ms Script
text/javascript 2600:9000:206e:6200:1c:9484:cec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.attn.tv/everyplate/dtag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB97G8H&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:6200:1c:9484:cec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: kGJjc2HxNgGNuk_7UqP1h9o.liqWLb8I
content-encoding
last-modified: Mon, 17 Dec 2018 20:59:49 GMT
server: AmazonS3
age: 56215
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Error from cloudfront
content-type: text/javascript
status: 200
date: Sat, 26 Sep 2020 00:51:33 GMT
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
content-length: 0
via: 1.1 87459a7837f980cdc57ba8a2c23a55ae.cloudfront.net (CloudFront)
x-amz-cf-id: EonAZImXKh2L50KfBtZZGZ8ogykrHczxztYFgLWTjUzzpomi51vagQ==

GET
H/1.1

200
OK

cnv
cnv.event.prod.bidr.io/log/
Redirect Chain

https://pixel.pointmediatracker.com/kpi?c=everyplate&kpi=visit&tag_id=80&user_id=undefined&fpc=ad453da8-2a48-4c76-a114-73cfa73f1427&gtmcb=1352970228
https://cnv.event.prod.bidr.io/log/cnv?tag_id=80&buzz_key=blisspoint&value=everyplate&segment_key=&order=41705ca3-b1c5-419f-a5c2-060c81a3748a.undefined&ord=2381167008831670294
https://cnv.event.prod.bidr.io/log/cnv?tag_id=80&buzz_key=blisspoint&value=everyplate&segment_key=&order=41705ca3-b1c5-419f-a5c2-060c81a3748a.undefined&ord=2381167008831670294&_bee_ppp=1

43 B
793 B

81ms
81ms

Image
image/gif

34.249.60.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cnv.event.prod.bidr.io/log/cnv?tag_id=80&buzz_key=blisspoint&value=everyplate&segment_key=&order=41705ca3-b1c5-419f-a5c2-060c81a3748a.undefined&ord=2381167008831670294&_bee_ppp=1

Requested by

Host: www.everyplate.com
URL: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.249.60.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-60-11.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
Date: Sat, 26 Sep 2020 11:14:52 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cnv.event.prod.bidr.io/log/cnv?tag_id=80&buzz_key=blisspoint&value=everyplate&segment_key=&order=41705ca3-b1c5-419f-a5c2-060c81a3748a.undefined&ord=2381167008831670294&_bee_ppp=1
Date: Sat, 26 Sep 2020 11:14:52 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
106 B 30ms
29ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-115749411-1&cid=296164191.1601118891&jid=1645245456&_u=aGBAgEArAAAAAE~&z=1997803877

Requested by

Host: www.everyplate.com
URL: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Sep 2020 11:14:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 29ms
29ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-115749411-1&cid=296164191.1601118891&jid=1645245456&_u=aGBAgEArAAAAAE~&z=1997803877

Requested by

Host: www.everyplate.com
URL: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Sep 2020 11:14:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
93 B 30ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=26018772&Ver=2&mid=31cf9ef8-7941-440e-1e9b-ff285f72be16&sid=3d1d04665cb5195e97b82966a65da6e6&vid=6d3faf3fec3512dffff65f89772e4a88&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=EveryPlate%3A%20The%20Affordable%20Meal%20Kit%20for%20Everyone&p=https%3A%2F%2Fwww.everyplate.com%2Fresetpass%2F4658uS5VbOfnsmWf_tCZULnK_E2XhiHq%3Femail%3Dsminyard%40cavalierford.com&r=&evt=pageLoad&msclkid=N&sv=1&rn=558627
Requested by: Host: www.everyplate.com
URL: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Sat, 26 Sep 2020 11:14:50 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: C9036646DD384EC8B8774B7C6FA20C46 Ref B: FRAEDGE1421 Ref C: 2020-09-26T11:14:51Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
148 B 29ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=26018772&Ver=2&mid=31cf9ef8-7941-440e-1e9b-ff285f72be16&sid=3d1d04665cb5195e97b82966a65da6e6&vid=6d3faf3fec3512dffff65f89772e4a88&vids=0&ea=PageView&en=Y&evt=custom&msclkid=N&rn=500314
Requested by: Host: www.everyplate.com
URL: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Sat, 26 Sep 2020 11:14:50 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 05B0B72CB4F94B8BB17705336339AED4 Ref B: FRAEDGE1421 Ref C: 2020-09-26T11:14:51Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.94fbf54e63238ed34ad8.js Show response
script.hotjar.com/ 360 KB
70 KB 54ms
54ms Script
application/javascript 147.75.84.91
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.94fbf54e63238ed34ad8.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-919432.js?sv=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.84.91 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress13
Software: /
Resource Hash: a5e260f8d1d46595c71cf35eb09243ef8ee32453ff9fe49ea9c5ac6d3919f721

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 11:14:51 GMT
content-encoding: br
age: 19495
status: 200
section-io-cache: Hit
content-length: 71526
last-modified: Fri, 25 Sep 2020 16:37:13 GMT
etag: "80af45ee8f7a76b874d609a70491a556"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.115
section-io-id: 65b3e239499060851af2f04dc176a7c5
accept-ranges: bytes
content-type: application/javascript
section-origin-responded: true

GET
H2 200 RS-K9TJK Show response
www.everyplate.com/gw/voucher/vouchers/ 1 KB
653 B 167ms
167ms XHR
application/json 2606:4700::6811:6822
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.everyplate.com/gw/voucher/vouchers/RS-K9TJK?country=ER&locale=en-US

Requested by

Host: www.everyplate.com
URL: https://www.everyplate.com/assets/everyplate/main/releases/vendor.0ffe40ee1382.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:6822 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

159293ce9cbdae5d2868eab27166aae18f3a1184f073a729527c3afa6c73721e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MDM3NDc4MTMsImp0aSI6IjA5ZWQ4Yzc0LTc2MzEtNGNlZi1hM2VmLTIxYzYxZDBmNGU3NyIsImlhdCI6MTYwMTExODA3MCwiaXNzIjoiZWZiNjZjNmMtODFmMy00NDUyLTljODQtZWY1NGU4NmRhMTU3In0.MK861fLrObPibC5CsTWvRwTdz26x9zvAijGCw07VTcM

Response headers

date: Sat, 26 Sep 2020 11:14:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
x-envoy-upstream-service-time: 24
cf-request-id: 056bb8869f00001f2d502a8200000001
x-request-id: bb9e0753-a363-4b1d-9e7a-da3f18e9d74d,63b6a360-095f-459b-b662-a065e61c7310
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,OPTIONS,DELETE,PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
access-control-allow-credentials: true
cf-ray: 5d8c9050fd691f2d-FRA
access-control-allow-headers: Origin, Host, Accept, Content-Type, Authorization, X-Requested-With

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 135 KB
34 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.everyplate.com
URL: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34302
x-xss-protection: 0
pragma: public
x-fb-debug: ulwaSfmWBwKs/KciyJPk4URYMHbCHp4SfqYMWdYH1AsH0LzoyeuyXmWbATZBKpluwtVbz8uX2mgdRkNCO9DpYg==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Sat, 26 Sep 2020 11:14:51 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 13 KB
6 KB 209ms
90ms Script
application/javascript 99.86.243.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.everyplate.com
URL: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.27 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-27.vie50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 4548c412ce3bd15ddf652328dd58fad638a41fbd5c08473a1ab485e5a12076c9

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 11:14:51 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: VIE50-C1
status: 200
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 5415
via: 1.1 ff42f0c276df6efb8ccff2182e6cfe91.cloudfront.net (CloudFront)
x-amz-cf-id: soAtTB3JLsTWv_YZXvyHXPH3E6rTlEspdf2KZMplf_K1g_7gkO0bWQ==

GET
H2 200 sp.js Show response
pixel.snapsmedia.io/ 61 KB
21 KB 201ms
81ms Script
application/javascript 99.86.7.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.snapsmedia.io/sp.js
Requested by: Host: www.everyplate.com
URL: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.69 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-69.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a1697da6b03a3df9f61cfa37038778fcbd99bd431f1d5882d8181d032443f044

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 11:14:10 GMT
content-encoding: gzip
age: 42
x-cache: Hit from cloudfront
status: 200
x-amz-request-id: 87096E5C17763EC2
x-amz-id-2: B17DEEBw7OakxxRE0bBt2JuaMQ7YzlIHrcJXqsbteriWocHEFnM3KpZjmcGh0SNWyp0LSs3Tp4M=
last-modified: Mon, 21 Sep 2020 20:17:21 GMT
server: AmazonS3
etag: W/"cf3aa09348a6c59721795324f0874564"
vary: Accept-Encoding
x-amz-version-id: jk_ZkfV5aE9fdcC20lqAp_yXmcCUe_oZ
via: 1.1 c26b8e74df43cd99786e716221463d0c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: 36PasLKjvgo5mbhKgUq9MpcYAdnFNs9eyOQGDJqfR39Lm2Klf3itzQ==

GET
H2

200

widget_async.js Show response
d3rr3d0n31t48m.cloudfront.net/widget/
Redirect Chain

https://shop.pe/widget/widget_async.js
https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js

2 KB
1 KB

184ms
58ms

Script
application/javascript

99.86.243.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
Requested by: Host: www.everyplate.com
URL: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.32 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-32.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b4a76d07019f81f7f549a16badc0c7730a237a712643d8b20a0d926e3a325c4

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 10:21:20 GMT
content-encoding: gzip
age: 3213
x-cache: Hit from cloudfront
status: 200
content-length: 899
last-modified: Mon, 31 Aug 2020 21:13:10 GMT
server: AmazonS3
etag: "4f77298eaa2e4b0bbf3ad4ddf83bd251"
content-type: application/javascript; charset=utf-8
via: 1.1 c2756f406c0dc2bb176f6e2181d7607e.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
x-amz-cf-id: gfJX0nJB1IrXaYNLDZf435jsSb4WjWmVnjLPQ7lqBhRmnYtDps1a0g==
x-amz-meta-mtime: 1598908388.46

Redirect headers

content-security-policy: frame-ancestors none;
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
server: nginx
status: 301
date: Sat, 26 Sep 2020 11:14:51 GMT
x-frame-options: deny
content-type: text/html
location: https://d3rr3d0n31t48m.cloudfront.net/widget/widget_async.js
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: clear
content-length: 178

GET
H2 200 a-049p.min.js Show response
b-code.liadm.com/ 27 KB
10 KB 142ms
119ms Script
application/javascript 2a02:26f0:3400::1703:5829
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-049p.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB97G8H&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3400::1703:5829 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: d7bae87a282a4ea36ff2e8245e12f6aad3a7954dbb72fecf135252d5dd76d6a8

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 11:14:51 GMT
content-encoding: gzip
last-modified: Fri, 18 Sep 2020 11:34:45 GMT
etag: "787b687ff72158c769ba11fee3717822"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
content-length: 10408

GET
H/1.1 200
OK sdk.js Show response
analytics.tiktok.com/i18n/pixel/ 57 KB
21 KB 413ms
298ms Script
application/javascript 2.16.186.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BR24M2QQD5KMHEJ9I5U0
Requested by: Host: www.everyplate.com
URL: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.123 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-123.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cf032b0e5e963e662531dc31c355dbd7ac2fe6e52808493e33151e8307407de4

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Akamai-Request-ID: 3389d96.15528287
Date: Sat, 26 Sep 2020 11:14:52 GMT
Content-Encoding: gzip
Upstream-Caught: 1601118891980292
Transfer-Encoding: chunked
X-Cache: TCP_MISS from a2-16-186-119.deploy.akamaitechnologies.com (AkamaiGHost/10.1.5-30889964) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
X-Parent-Response-Time: 240,2.16.186.119
server-timing: cdn-cache; desc=MISS, edge; dur=191, origin; dur=50, inner; dur=8
Cache-Control: max-age=0, no-cache, no-store
Server: nginx
Pragma: no-cache
X-Cache-Remote: TCP_MISS from a23-200-142-78.deploy.akamaitechnologies.com (AkamaiGHost/10.1.5-30889964) (-)
X-Tt-Logid: 202009261114510101151531880D7D7FA0
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Connection: keep-alive, Transfer-Encoding
X-Origin-Response-Time: 50,23.200.142.78
Expires: Sat, 26 Sep 2020 11:14:52 GMT

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 6821 0
0 57ms
56ms Document
text/html 147.75.102.203
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-919432.js?sv=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.203 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress15
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com

Response headers

status: 200
date: Sat, 26 Sep 2020 11:14:51 GMT
content-type: text/html
content-length: 851
last-modified: Fri, 25 Sep 2020 16:36:58 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.125
section-origin-responded: true
age: 14455
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: 32f10d5fc2f7bcbf98eaa6085e34da44

GET
H2 200 6349bf73fcae.js Show response
w.usabilla.com/ Frame 6254 60 KB
13 KB 235ms
77ms Script
text/javascript 54.77.20.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://w.usabilla.com/6349bf73fcae.js?lv=1
Requested by: Host: www.everyplate.com
URL: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.20.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-20-174.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 71fa396ea79d00478666d43d6075625e0f53823893b90cc30e7cc3d38ad7856e

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Sep 2020 11:14:51 GMT
content-encoding: gzip
x-widget-server: 2.1
etag: "57488b20aa3321f1397e3668023efa8c"
content-type: text/javascript
status: 200
cache-control: public,max-age=0
content-length: 12718

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/812248422/ 2 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/812248422/?random=1601118891740&cv=9&fst=1601118891740&num=1&label=EveryPlate%20AdWords%20-%20Remarketing&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9g1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.everyplate.com%2Fresetpass%2F4658uS5VbOfnsmWf_tCZULnK_E2XhiHq%3Femail%3Dsminyard%40cavalierford.com&tiba=EveryPlate%3A%20The%20Affordable%20Meal%20Kit%20for%20Everyone&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

629e2996d169c479511554194882d8acd3519365deca1e7db0c658483c9bbf98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Sep 2020 11:14:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1152
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 165937010776457 Show response
connect.facebook.net/signals/config/ 524 KB
132 KB 420ms
420ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/165937010776457?v=2.9.24&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d9454ed159e04b4e03ec0596a65313741191bf7d3ae3c2d037aad60863ced1f3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 6dFdu8AgAjqTDhNbMxCNHXwCMCMrjwwWfmAsVIId6tHcXA5arIHxzlc9NPH9WMGrkK+BV71wTMbhZnPnT44ASQ==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Sat, 26 Sep 2020 11:14:52 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/812248422/ 42 B
538 B 61ms
46ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/812248422/?random=1601118891740&cv=9&fst=1601118000000&num=1&label=EveryPlate%20AdWords%20-%20Remarketing&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9g1&sendb=1&frm=0&url=https%3A%2F%2Fwww.everyplate.com%2Fresetpass%2F4658uS5VbOfnsmWf_tCZULnK_E2XhiHq%3Femail%3Dsminyard%40cavalierford.com&tiba=EveryPlate%3A%20The%20Affordable%20Meal%20Kit%20for%20Everyone&async=1&fmt=3&is_vtc=1&random=3151685153&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.everyplate.com
URL: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Sep 2020 11:14:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/812248422/ 42 B
538 B 42ms
27ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/812248422/?random=1601118891740&cv=9&fst=1601118000000&num=1&label=EveryPlate%20AdWords%20-%20Remarketing&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9g1&sendb=1&frm=0&url=https%3A%2F%2Fwww.everyplate.com%2Fresetpass%2F4658uS5VbOfnsmWf_tCZULnK_E2XhiHq%3Femail%3Dsminyard%40cavalierford.com&tiba=EveryPlate%3A%20The%20Affordable%20Meal%20Kit%20for%20Everyone&async=1&fmt=3&is_vtc=1&random=3151685153&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.everyplate.com
URL: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Sep 2020 11:14:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/919432/ 178 B
320 B 79ms
79ms XHR
application/json 34.241.56.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/919432/visit-data?sv=7
Requested by: Host: www.everyplate.com
URL: https://www.everyplate.com/assets/everyplate/main/releases/vendor.0ffe40ee1382.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.56.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-241-56-227.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Sat, 26 Sep 2020 11:14:51 GMT
content-encoding: br
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=16759946&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D16759946%26t%3D2

43 B
1 KB

52ms
52ms

Image
image/gif

185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D16759946%26t%3D2

Requested by

Host: www.everyplate.com
URL: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 26 Sep 2020 11:14:51 GMT
X-Proxy-Origin: 37.120.211.172; 37.120.211.172; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.142:80
AN-X-Request-Uuid: f5e69ce9-a292-44a4-bff6-5b28a26090f6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 26 Sep 2020 11:14:51 GMT
X-Proxy-Origin: 37.120.211.172; 37.120.211.172; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.144:80
AN-X-Request-Uuid: ac93a3b9-1f1b-4b9f-8642-ee1a94f0ad18
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D16759946%26t%3D2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 i
tr.snapchat.com/cm/ Frame 2D99 0
0 174ms
66ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=7c8dd902-b87b-41e0-9ff7-04b1e7385e83

Requested by

Host: www.everyplate.com
URL: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: tr.snapchat.com
:scheme: https
:path: /cm/i?pid=7c8dd902-b87b-41e0-9ff7-04b1e7385e83
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com

Response headers

status: 200
server: nginx/1.17.3
date: Sat, 26 Sep 2020 11:14:52 GMT
content-type: text/html
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixels Show response
snapsmedia.io/api/ 212 B
517 B 442ms
150ms Fetch
application/json 23.22.3.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://snapsmedia.io/api/pixels?code=URS3L3NQ
Requested by: Host: www.everyplate.com
URL: https://www.everyplate.com/assets/everyplate/main/releases/vendor.0ffe40ee1382.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.3.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-3-88.compute-1.amazonaws.com
Software: openresty/1.15.8.2 / Snaps Media
Resource Hash: 3022549d5aa4e4de0dfe3f9fc5adb786781d985d46199964bfd0d0cda3883c7e

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 11:14:52 GMT
content-encoding: gzip
status: 200
x-snaps-upstream: antares_api
server: openresty/1.15.8.2
x-powered-by: Snaps Media
etag: W/"d4-cGx7lv7dZj9LnXy3QBL5oQ"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.everyplate.com
access-control-expose-headers
x-get-total: 1
access-control-allow-credentials: true
x-snaps-request-id: dd0813c5c29a38ab0feab7d14c0e0b79

POST
H2 201 pixelEvent
snapsmedia.io/api/events/ 0
272 B 494ms
202ms Other
text/plain 23.22.3.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://snapsmedia.io/api/events/pixelEvent
Requested by: Host: pixel.snapsmedia.io
URL: https://pixel.snapsmedia.io/sp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.3.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-3-88.compute-1.amazonaws.com
Software: openresty/1.15.8.2 / Snaps Media
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 26 Sep 2020 11:14:52 GMT
x-snaps-upstream: antares_pixel_events
server: openresty/1.15.8.2
status: 201
x-powered-by: Snaps Media
vary: X-HTTP-Method-Override
access-control-allow-origin: https://www.everyplate.com
access-control-expose-headers
access-control-allow-credentials: true
x-snaps-request-id: 9f03ac17c32d615cbe6e6f95887c2f48

POST
H2 200 p
tr.snapchat.com/ Frame E584 0
0 163ms
75ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: www.everyplate.com
URL: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: tr.snapchat.com
:scheme: https
:path: /p
content-length: 301
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.everyplate.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://www.everyplate.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com

Response headers

status: 200
server: nginx/1.17.3
date: Sat, 26 Sep 2020 11:14:52 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBgQ3AMAgDsIuQSMdKOCebyhUcXzureQq0R19ahJexQ5Y475Lyl2MG2wGQtcYv8x1PuDIAAAA=;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
alt-svc: h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

p
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/p?tna=v1.1.10&aid=a-049p&wpn=lc-bundle&pu=https%3A%2F%2Fwww.everyplate.com%2Fresetpass%2F4658uS5VbOfnsmWf_tCZULnK_E2XhiHq%3Femail%3Dsminyard%40cavalierford.com&duid=23306e48e20...
https://rp4.liadm.com/p?tna=v1.1.10&aid=a-049p&wpn=lc-bundle&pu=https%3A%2F%2Fwww.everyplate.com%2Fresetpass%2F4658uS5VbOfnsmWf_tCZULnK_E2XhiHq%3Femail%3Dsminyard%40cavalierford.com&duid=23306e48e2...

43 B
500 B

426ms
138ms

Image
image/gif

52.86.196.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rp4.liadm.com/p?tna=v1.1.10&aid=a-049p&wpn=lc-bundle&pu=https%3A%2F%2Fwww.everyplate.com%2Fresetpass%2F4658uS5VbOfnsmWf_tCZULnK_E2XhiHq%3Femail%3Dsminyard%40cavalierford.com&duid=23306e48e205--01ek51yvtxfb82c4b7zxna6zjj&se=e30&dtstmp=1601118891985&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true

Requested by

Host: www.everyplate.com
URL: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.86.196.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-86-196-188.compute-1.amazonaws.com

Software

nginx/1.16.1 /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.everyplate.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 11:14:52 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.16.1
x-frame-options: DENY
vary: Origin
content-type: image/gif
status: 200
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 84b787b5e32bcfa6
request-time: 1
content-length: 43
x-content-type-options: nosniff

Redirect headers

x-frame-options: DENY
date: Sat, 26 Sep 2020 11:14:52 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.16.1
status: 302
request-time: 0
location: https://rp4.liadm.com/p?tna=v1.1.10&aid=a-049p&wpn=lc-bundle&pu=https%3A%2F%2Fwww.everyplate.com%2Fresetpass%2F4658uS5VbOfnsmWf_tCZULnK_E2XhiHq%3Femail%3Dsminyard%40cavalierford.com&duid=23306e48e205--01ek51yvtxfb82c4b7zxna6zjj&se=e30&dtstmp=1601118891985&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: d2486465751fb454
vary: Origin
content-length: 0
x-content-type-options: nosniff

GET
H2 200 triggerRunner.js Show response
d3rr3d0n31t48m.cloudfront.net/widget/ 8 KB
4 KB 61ms
61ms Script
application/javascript 99.86.243.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rr3d0n31t48m.cloudfront.net/widget/triggerRunner.js?v=7105cbc
Requested by: Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.32 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-32.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5b7b3f8343d2c7b01205d4c0b729f096b68d54162521400c80d418199ce7222d

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 22:15:18 GMT
content-encoding: gzip
age: 46775
x-cache: Hit from cloudfront
status: 200
content-length: 3232
last-modified: Mon, 31 Aug 2020 21:13:11 GMT
server: AmazonS3
etag: "fcdd74f4de3c4055611f026b5c4fe1e6"
content-type: application/javascript; charset=utf-8
via: 1.1 c2756f406c0dc2bb176f6e2181d7607e.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
x-amz-cf-id: NDbKHEChvorOf2tw53DE-zIWGmTuulfvnBYm4U8jT780ck4BJSqSrw==
x-amz-meta-mtime: 1598908388.39

GET
H2 200 track-log.js Show response
sf19-scmcdn-va.ibytedtos.com/obj/goofy-va/track-log-international/ad/business/v3/ 21 KB
8 KB 150ms
50ms Script
application/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sf19-scmcdn-va.ibytedtos.com/obj/goofy-va/track-log-international/ad/business/v3/track-log.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BR24M2QQD5KMHEJ9I5U0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b753db3a8f1b9d5cb485a956aa39dc3a0ec06771c6a37539da2f0846ba1699fb

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 11:14:52 GMT
content-encoding: gzip
x-tt-trace-tag: id=00;cdn-cache=miss
content-md5: nsYR9dFHFPixw9WYtLQn9g==
age: 264770
x-cache: HIT
status: 200
x-bdcdn-cache-status: TCP_MISS
server-timing: inner; dur=12
content-length: 7688
via: 1.1 varnish
x-tos-request-id: 7855776b186a99e4-abc24eb
x-tos-response-time: Wed, 23 Sep 2020 09:42:02 GMT
last-modified: Wed, 23 Sep 2020 09:37:07 GMT
server: nginx
x-timer: S1601118892.288393,VS0,VE0
x-served-by: cache-hhn4081-HHN
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-tt-trace-host: 01996b1fda62eedffc95679e01bcbd752ab2eff2274c3de3d14f3285330f0555a71f3c8d8404534707a4d3e57c6dd991590d48cd014812af1dbd76d3687d77117522af646a4f9511ab7ad8298d7b063c6f
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 303456

GET
H2 200 widget.js Show response
d3rr3d0n31t48m.cloudfront.net/widget/ 172 KB
45 KB 71ms
71ms Script
application/javascript 99.86.243.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=12b8755
Requested by: Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.243.32 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-243-32.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 101bf1cc8266258dcf9cdfab24b8937bb61f65cc0adc015414c96753fbaa7e14

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 20:11:26 GMT
content-encoding: gzip
age: 54206
x-cache: Hit from cloudfront
status: 200
content-length: 45159
last-modified: Mon, 31 Aug 2020 21:13:10 GMT
server: AmazonS3
etag: "e463c285897a56f3a5709d344c83eea5"
content-type: application/javascript; charset=utf-8
via: 1.1 c2756f406c0dc2bb176f6e2181d7607e.cloudfront.net (CloudFront)
cache-control: max-age=2592000, public
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
x-amz-cf-id: 6ORbJpXWASkLUaNhd-iiQ4JJ5tKcz9J_VJTb2kb4fHZbEw_3qcbxKw==
x-amz-meta-mtime: 1598908383.05

GET
H2 200 /
www.facebook.com/tr/ 44 B
376 B 20ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=165937010776457&ev=PageView&dl=https%3A%2F%2Fwww.everyplate.com%2Fresetpass%2F4658uS5VbOfnsmWf_tCZULnK_E2XhiHq%3Femail%3Dsminyard%40cavalierford.com&rl=&if=false&ts=1601118892228&sw=1600&sh=1200&v=2.9.24&r=stable&ec=0&o=30&fbp=fb.1.1601118892227.1531484806&it=1601118891766&coo=false&rqm=GET

Requested by

Host: www.everyplate.com
URL: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 11:14:52 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 26 Sep 2020 11:14:52 GMT

POST
H/1.1 200
OK track
analytics.tiktok.com/api/v1/ 0
0 296ms
296ms Other
application/json 2.16.186.123
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v1/track
Requested by: Host: sf19-scmcdn-va.ibytedtos.com
URL: https://sf19-scmcdn-va.ibytedtos.com/obj/goofy-va/track-log-international/ad/business/v3/track-log.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.123 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-123.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.everyplate.com
Access-Control-Expose-Headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization, Content-Length, X-CSRF-Token, Token,session
Access-Control-Max-Age: 172800
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE,UPDATE

GET
H/1.1 200
OK hellofresh-button-e43a26541055ffe8644286114c4c9d3c.png
d6tizftlrpuof.cloudfront.net/themes/production/ Frame B256 2 KB
2 KB 177ms
58ms Image
image/png 99.86.245.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d6tizftlrpuof.cloudfront.net/themes/production/hellofresh-button-e43a26541055ffe8644286114c4c9d3c.png
Requested by: Host: www.everyplate.com
URL: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.245.129 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-245-129.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae023d69b1633912960a55720c9d3d94e6c22fae5d30a9a9a59ed3e908c05483

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 21 Jun 2020 05:12:26 GMT
Via: 1.1 7b574fc6db5d0840d90b97dd76cc56ec.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 11 Sep 2018 14:13:18 GMT
Server: AmazonS3
Age: 8402547
ETag: "e43a26541055ffe8644286114c4c9d3c"
X-Cache: Hit from cloudfront
x-amz-version-id: Lqf1EAdAKTfQxfeWY77naff5qlmASary
Cache-Control: max-age=315360000, no-transform, public
X-Amz-Cf-Pop: VIE50-C1
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1662
X-Amz-Cf-Id: eeIj5YLG3juiiy2ABaykGEzGE7vlWIoAn4m2UUItmHOx6o7SoFeTbA==

GET
H2 200 params Show response
shop.pe/widget/main/init/ 239 B
741 B 156ms
156ms Script
text/javascript 35.227.244.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.pe/widget/main/init/params?siteid=5e583961e694aa04a4e32b17&product=EveryPlate&product_url=https%3A%2F%2Fwww.everyplate.com%2Fresetpass%2F4658uS5VbOfnsmWf_tCZULnK_E2XhiHq&image=https%3A%2F%2Fwww.everyplate.com%2Fassets%2Feveryplate%2Ffavicon%2Fshare.jpg&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=https%3A%2F%2Fwww.everyplate.com%2Fresetpass%2F4658uS5VbOfnsmWf_tCZULnK_E2XhiHq%3Femail%3Dsminyard%40cavalierford.com&callback=AddShoppersWidget.load_widget&no_cookie_callback=AddShoppersWidget.load_no_cookie&rand=67220&cookie=&referer=

Requested by

Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=12b8755

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.244.1 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

1.244.227.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

094f00d8ad38e71886dec3cac1866c6be3d9156a7f24f15cd0fc7b184619825e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 11:14:52 GMT
content-encoding: gzip
access-control-allow-origin: https://my.addshoppers.com
p3p: policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
status: 200
backend-version: 47
alt-svc: clear
data-regulation-gdpr-enforced: true
referrer-policy: no-referrer-when-downgrade
server: nginx
x-frame-options: deny
etag: W/"5e53b05ad032a38e823d053d9956d13ba8d7c173"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH
content-type: text/javascript
via: 1.1 google
access-control-allow-credentials: true
content-security-policy: frame-ancestors none;
access-control-allow-headers: X-Requested-With, Content-Type, X-XSRFToken

GET
H/1.1 200
OK chat-tag.js.gz Show response
us-webchat-cdn.s3.us-east-2.amazonaws.com/ 222 KB
62 KB 608ms
160ms Script
text/javascript 52.219.104.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://us-webchat-cdn.s3.us-east-2.amazonaws.com/chat-tag.js.gz
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB97G8H&l=dataLayer
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.104.56 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.us-east-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7f9a9c2c35fd5d9c956915665aee94e788350345ddbd0587ba88ec7d43d3850f

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 26 Sep 2020 11:14:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Jun 2020 09:54:10 GMT
Server: AmazonS3
x-amz-request-id: ER6X0K4MEP9ZEPDW
ETag: "981f0f6a4ecf7681e9f7d9119d7117c3"
x-amz-version-id: wo.qTjd8yvEFYIGKSANa1bHiN7sGjqoD
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 62690
x-amz-id-2: 9q8r1Z8Ou2+YOIHIcvgtJ71VDItqMtWKB4Gk5gnR/lnyOCGnP5zwpb8O3qtJ2EVlivJxHzGSU6A=

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=165937010776457&ev=Microdata&dl=https%3A%2F%2Fwww.everyplate.com%2Fresetpass%2F4658uS5VbOfnsmWf_tCZULnK_E2XhiHq%3Femail%3Dsminyard%40cavalierford.com&rl=&if=false&ts...
https://cx.atdmt.com/?c=15326663929564540174&f=AYyiLd6aVcwKSQOpFBN40AqkgXSR2VZguKnZUAP86CTPYCrrsbGE2loGm3Bp_crNpDQPLQxb9P-hINCTVpWVEjY-&id=165937010776457&l=3&v=0

43 B
424 B

48ms
34ms

Image
image/gif

2a03:2880:f01c:8004:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cx.atdmt.com/?c=15326663929564540174&f=AYyiLd6aVcwKSQOpFBN40AqkgXSR2VZguKnZUAP86CTPYCrrsbGE2loGm3Bp_crNpDQPLQxb9P-hINCTVpWVEjY-&id=165937010776457&l=3&v=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8004:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
x-fb-debug: 5lrsXajzgGJGRBXnqi4p+NAskoIFVRLGKB1UlpJI/xtq2u9rmKF8C4TJwnmDbxVdlnLhbstjYqu/V54DBGwcNA==
content-encoding: br
x-content-type-options: nosniff
x-frame-options: DENY
date: Sat, 26 Sep 2020 04:14:52 PDT
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: public, max-age=0
expires: Sat, 26 Sep 2020 04:14:52 PDT

Redirect headers

pragma: no-cache
date: Sat, 26 Sep 2020 11:14:52 GMT
server: proxygen-bolt
status: 302
content-type: text/plain
location: https://cx.atdmt.com/?c=15326663929564540174&f=AYyiLd6aVcwKSQOpFBN40AqkgXSR2VZguKnZUAP86CTPYCrrsbGE2loGm3Bp_crNpDQPLQxb9P-hINCTVpWVEjY-&id=165937010776457&l=3&v=0
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
expires: 0

GET
H2 200 params Show response
shop.pe/widget/main/init/ 878 B
785 B 171ms
170ms Script
text/javascript 35.227.244.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.pe/widget/main/init/params?siteid=5e583961e694aa04a4e32b17&product=EveryPlate&product_url=https%3A%2F%2Fwww.everyplate.com%2Fresetpass%2F4658uS5VbOfnsmWf_tCZULnK_E2XhiHq&image=https%3A%2F%2Fwww.everyplate.com%2Fassets%2Feveryplate%2Ffavicon%2Fshare.jpg&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=https%3A%2F%2Fwww.everyplate.com%2Fresetpass%2F4658uS5VbOfnsmWf_tCZULnK_E2XhiHq%3Femail%3Dsminyard%40cavalierford.com&callback=AddShoppersWidget.load_widget&rand=14503&cookie=2%7C1%3A0%7C10%3A1601118892%7C15%3Aaddshoppers.com%7C44%3AZTZjYjFjYTYwMjQ3NDRkMGJkMDY2ZDUzMWNlMmNmNmE%3D%7C489ce0559e6f8d04dcf528de8eac19e235ffa3541de64ffc271cfd2e4b35c85f&referer=

Requested by

Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=12b8755

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.244.1 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

1.244.227.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

9d6e7d49e2bed2e2d0e135a078c312db46f051a638c8a776c311c13e3f88d123

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 11:14:52 GMT
content-encoding: gzip
access-control-allow-origin: https://my.addshoppers.com
p3p: policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
status: 200
backend-version: 47
alt-svc: clear
data-regulation-gdpr-enforced: true
referrer-policy: no-referrer-when-downgrade
server: nginx
x-frame-options: deny
etag: W/"b5424ce96daa9d2b83a3e39ca4ca2fe2b4e968d7"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PATCH
content-type: text/javascript
via: 1.1 google
access-control-allow-credentials: true
content-security-policy: frame-ancestors none;
access-control-allow-headers: X-Requested-With, Content-Type, X-XSRFToken

GET
H2 200 input.js Show response
shopper.shop.pe/ 23 KB
24 KB 140ms
46ms Script
text/javascript 35.190.54.17
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://shopper.shop.pe/input.js
Requested by: Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.54.17 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 17.54.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0a91f7cf777ed986216313f29f443456315f50bf1428eb17ba275df87c468280

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 10:33:44 GMT
age: 2469
x-guploader-uploadid: ABg5-UwrBiVWcAVjYkETZ3Qo4nD3TaNSI10bpmBrngxmwiCSk8yb2V3mltMQsYiK1fz6-Q_k9-VgQIhP7PoMo7R8_X32mXyccA
x-goog-storage-class: STANDARD
status: 200
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 23672
last-modified: Wed, 27 Nov 2019 19:23:40 GMT
server: UploadServer
etag: "f960052c25dea0d4308c30fe905fc391"
x-goog-hash: crc32c=xBt02w==, md5=+WAFLCXeoNQwjDD+kF/DkQ==
x-goog-generation: 1574882620474968
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=3600
x-goog-stored-content-length: 23672
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 26 Sep 2020 11:33:44 GMT

GET
H2 200 iframe
pixel.voltn.com/ Frame C31B 0
0 580ms
204ms Document
text/html 99.83.128.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.voltn.com/iframe?vcp=4dd5h0np&as_id=e6cb1ca6024744d0bd066d531ce2cf6a
Requested by: Host: d3rr3d0n31t48m.cloudfront.net
URL: https://d3rr3d0n31t48m.cloudfront.net/widget/widget.js?v=12b8755
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.128.14 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a954c1fc80b8251dc.awsglobalaccelerator.com
Software: gunicorn/19.9.0 /
Resource Hash

Request headers

:method: GET
:authority: pixel.voltn.com
:scheme: https
:path: /iframe?vcp=4dd5h0np&as_id=e6cb1ca6024744d0bd066d531ce2cf6a
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com

Response headers

status: 200
date: Sat, 26 Sep 2020 11:14:53 GMT
content-type: text/html; charset=utf-8
content-length: 222
server: gunicorn/19.9.0
set-cookie: vcnpxid=d2ad8ff4c752810068aaf08f77e0851a; expires=Thu, 25 Mar 2021 11:14:53 GMT; Path=/; Secure; SameSite=None vcnpxst=w5p4w5XDlcOmw4HDk8Kfw5LCu8OUw5rClsKIf3HClcKGwqDCncKlwobCl3nCksKCwo_CjsOgwq_DksK0wr7DicOjw43DqMODw5Jiwpl2wpHCusOZw4V_woHDjcOFw53DpcOhwr3DlMKzwoHCgsKPwo7DosODw4zCosOEw4jDjsObw5rCrcOSwqXDhMOEwpHCpsKUf8Oc; expires=Thu, 25 Mar 2021 11:14:53 GMT; Path=/; Secure; SameSite=None vcnpxsn=w5p4w5LDm8Oiw4HDlMKtw4TDiMOiwo7Crm7DmsK9wot2wpHDlcOYwrPDjcK0w4jCvMOYw5HDpsOBwoF6f8ORwpHDgMK8wqDCj8KUwqvCicKfwo7Crm7CkHbCj8KHwqDCncKswobCmHPDnMOT; expires=Thu, 25 Mar 2021 11:14:53 GMT; Path=/; Secure; SameSite=None
p3p: CP="NOI OUR BUS UNI COM NAV"
cache-control: no-cache
expires: Sat, 26 Sep 2020 11:14:54 GMT

HEAD
H2 200 consent Show response
shop.pe/query/datareg/ 0
647 B 256ms
156ms XHR
text/html 35.227.244.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://shop.pe/query/datareg/consent

Requested by

Host: www.everyplate.com
URL: https://www.everyplate.com/assets/everyplate/main/releases/vendor.0ffe40ee1382.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.244.1 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

1.244.227.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	deny

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 26 Sep 2020 11:14:53 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
status: 200
backend-version: 47
alt-svc: clear
content-length: 0
data-regulation-gdpr-enforced: true
referrer-policy: no-referrer-when-downgrade
server: nginx
x-frame-options: deny
etag: "da39a3ee5e6b4b0d3255bfef95601890afd80709"
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: HEAD, GET, POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: Data-Regulation-Gdpr-Enforced
content-security-policy: frame-ancestors none;
access-control-allow-headers: X-Requested-With, Content-Type, Data-Regulation-Gdpr-Enforced

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
127 B 13ms
13ms XHR
text/plain 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&aip=1&a=945998835&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.everyplate.com%2Fresetpass%2F4658uS5VbOfnsmWf_tCZULnK_E2XhiHq%3Femail%3Dsminyard%40cavalierford.com&dp=%2Fresetpass%2F4658uS5VbOfnsmWf_tCZULnK_E2XhiHq%3Femail%3Dsminyard%40cavalierford.com&ul=en-us&de=UTF-8&dt=EveryPlate%3A%20The%20Affordable%20Meal%20Kit%20for%20Everyone&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=entryOffer&ea=impression%20%7C%20resetpassword%20%7C%20new&ev=0&_u=aGDAAEArAAAAAG~&jid=807708766&gjid=869552693&cid=296164191.1601118891&tid=UA-115749411-1&_gid=1349748796.1601118891&_r=1&gtm=2wg9g1P2Q9ZFQ&cd42=US&cd38=0&cd39=0&cd40=0&cd41=0&cd43=0&z=553273325

Requested by

Host: www.everyplate.com
URL: https://www.everyplate.com/assets/everyplate/main/releases/vendor.0ffe40ee1382.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 26 Sep 2020 11:14:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.everyplate.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
434 B 40ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-115749411-1&cid=296164191.1601118891&jid=807708766&gjid=869552693&_gid=1349748796.1601118891&_u=aGDAAEArAAAAAG~&z=298025252

Requested by

Host: www.everyplate.com
URL: https://www.everyplate.com/assets/everyplate/main/releases/vendor.0ffe40ee1382.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 26 Sep 2020 11:14:56 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.everyplate.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
87 B 28ms
28ms Image
image/gif 2a00:1450:4001:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-115749411-1&cid=296164191.1601118891&jid=807708766&_u=aGDAAEArAAAAAG~&z=349727085

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Sep 2020 11:14:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
87 B 29ms
29ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-115749411-1&cid=296164191.1601118891&jid=807708766&_u=aGDAAEArAAAAAG~&z=349727085

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.everyplate.com/resetpass/4658uS5VbOfnsmWf_tCZULnK_E2XhiHq?email=sminyard@cavalierford.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 26 Sep 2020 11:14:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.everyplate.com/	1970-01-19 14:54:54	Name: _fbp Value: fb.1.1601118892227.1531484806
.everyplate.com/	1970-01-19 22:15:05	Name: _scid Value: 0f47510f-d3dd-47c4-926e-f0d0b414edd7
.everyplate.com/	1970-01-20 06:16:30	Name: _lc2_fpi Value: 23306e48e205--01ek51yvtxfb82c4b7zxna6zjj
.everyplate.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .everyplate.com
www.everyplate.com/	1970-01-19 12:45:19	Name: _hjIncludedInPageviewSample Value: 1
.everyplate.com/	1970-01-19 21:30:54	Name: _hjid Value: 91b1f5b6-2425-4c2e-b92c-bb2fb89af73e
.everyplate.com/	1969-12-31 23:59:59	Name: _hjTLDTest Value: 1
www.everyplate.com/	1970-01-19 21:30:54	Name: wl_public_id Value: 90649762-1f64-4805-9ac5-ecfb19480bc1
.everyplate.com/	1970-01-19 12:46:45	Name: _uetsid Value: 3d1d04665cb5195e97b82966a65da6e6
.everyplate.com/	1970-01-19 12:46:45	Name: _gid Value: GA1.2.1349748796.1601118891
www.everyplate.com/	1970-01-19 12:55:23	Name: pp_fpc Value: ad453da8-2a48-4c76-a114-73cfa73f1427
.everyplate.com/	1970-01-19 12:45:18	Name: _dc_gtm_UA-115749411-1 Value: 1
.everyplate.com/	1970-01-20 06:16:30	Name: _ga Value: GA1.2.296164191.1601118891
www.everyplate.com/	1969-12-31 23:59:59	Name: wl_origin_metadata Value: {}
.everyplate.com/	1970-01-19 12:45:20	Name: _hjAbsoluteSessionInProgress Value: 0
.everyplate.com/	1970-01-19 13:28:30	Name: __cfduid Value: d2a62a49706c29b8381e53673a91554fe1601118890
.everyplate.com/	1970-01-19 13:08:42	Name: _uetvid Value: 6d3faf3fec3512dffff65f89772e4a88
.everyplate.com/	1970-01-19 14:54:54	Name: _gcl_au Value: 1.1.1455420960.1601118891
.snapchat.com/	1970-01-19 22:06:54	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ3AMAgDsIuQSMdKOCebyhUcXzureQq0R19ahJexQ5Y475Lyl2MG2wGQtcYv8x1PuDIAAAA=
www.everyplate.com/	1970-01-19 13:29:08	Name: apiV2Auth Value: %7B%22access_token%22%3A%22eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MDM3NDc4MTMsImp0aSI6IjA5ZWQ4Yzc0LTc2MzEtNGNlZi1hM2VmLTIxYzYxZDBmNGU3NyIsImlhdCI6MTYwMTExODA3MCwiaXNzIjoiZWZiNjZjNmMtODFmMy00NDUyLTljODQtZWY1NGU4NmRhMTU3In0.MK861fLrObPibC5CsTWvRwTdz26x9zvAijGCw07VTcM%22%2C%22expires_in%22%3A2629743%2C%22scope%22%3A%22public%22%2C%22token_type%22%3A%22Bearer%22%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
b-code.liadm.com
bat.bing.com
cdn.attn.tv
cdn3.optimizely.com
click.info.everyplate.com
cnv.event.prod.bidr.io
connect.facebook.net
cx.atdmt.com
d3rr3d0n31t48m.cloudfront.net
d6tizftlrpuof.cloudfront.net
googleads.g.doubleclick.net
in.hotjar.com
pixel.pointmediatracker.com
pixel.snapsmedia.io
pixel.voltn.com
rp.liadm.com
rp4.liadm.com
sc-static.net
script.hotjar.com
secure.adnxs.com
sf19-scmcdn-va.ibytedtos.com
shop.pe
shopper.shop.pe
snapsmedia.io
static.hotjar.com
stats.g.doubleclick.net
tr.snapchat.com
us-webchat-cdn.s3.us-east-2.amazonaws.com
vars.hotjar.com
w.usabilla.com
www.everyplate.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.rtb123.com
104.108.58.15
143.204.201.14
147.75.102.203
147.75.102.233
147.75.84.91
151.101.114.133
185.33.221.87
2.16.186.123
216.58.212.162
23.22.3.88
2600:1f18:730:b110:b216:4622:d058:b1a9
2600:9000:206e:6200:1c:9484:cec0:93a1
2606:4700::6811:6822
2620:1ec:c11::200
2a00:1450:4001:808::2003
2a00:1450:4001:809::2008
2a00:1450:4001:81a::200e
2a00:1450:4001:820::2002
2a00:1450:4001:821::200e
2a00:1450:4001:824::2004
2a00:1450:400c:c0c::9a
2a02:26f0:3400::1703:5829
2a03:2880:f01c:8004:face:b00c:0:8c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.241.56.227
34.249.60.11
35.186.226.184
35.190.54.17
35.227.244.1
52.219.104.56
52.86.196.188
54.77.20.174
67.225.220.126
99.83.128.14
99.86.243.27
99.86.243.32
99.86.243.91
99.86.245.129
99.86.7.69
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
094f00d8ad38e71886dec3cac1866c6be3d9156a7f24f15cd0fc7b184619825e
097afea517679d2e0b986d77cb3fe7808026882b52ca074a050e03e7a4a6996b
0a91f7cf777ed986216313f29f443456315f50bf1428eb17ba275df87c468280
0f255df1fd228ff75a6d121b530d53cb4f85a154d9245c49c2d2da2b21087ff9
101bf1cc8266258dcf9cdfab24b8937bb61f65cc0adc015414c96753fbaa7e14
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
159293ce9cbdae5d2868eab27166aae18f3a1184f073a729527c3afa6c73721e
2b4a76d07019f81f7f549a16badc0c7730a237a712643d8b20a0d926e3a325c4
3022549d5aa4e4de0dfe3f9fc5adb786781d985d46199964bfd0d0cda3883c7e
4548c412ce3bd15ddf652328dd58fad638a41fbd5c08473a1ab485e5a12076c9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
587560c9ba4ee02592bcdb23b06067a92f2fa2dea435dc0fc21d19ad542f86fa
5b7b3f8343d2c7b01205d4c0b729f096b68d54162521400c80d418199ce7222d
5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
629e2996d169c479511554194882d8acd3519365deca1e7db0c658483c9bbf98
6a2f89428fe9295988cc0a99616db75910afc30b70fc204de493fa246545840a
6c9459a6400a8cf7ef815379f9316dc26aeec43bcc48da1d1bd58d99a6109f7b
71fa396ea79d00478666d43d6075625e0f53823893b90cc30e7cc3d38ad7856e
7770979ac3beba8a2c476a42198eb48b0bcbb3cbbc358b64afbbf42793f252fc
7f9a9c2c35fd5d9c956915665aee94e788350345ddbd0587ba88ec7d43d3850f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
91ee75ffa56241b9ce89062489d58d62e040020dedd48906db916cbd00dd1f0b
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9d6e7d49e2bed2e2d0e135a078c312db46f051a638c8a776c311c13e3f88d123
9fa3a712cd29710e2662e5447424ea8dd0f0942aa175bd9f44fab948809f6fc0
a01f4f5ca76e16ec853687c534d4a13e4ef136ed34e2e4db60e52163e8987c70
a1697da6b03a3df9f61cfa37038778fcbd99bd431f1d5882d8181d032443f044
a5e260f8d1d46595c71cf35eb09243ef8ee32453ff9fe49ea9c5ac6d3919f721
a9e8c67713e74ff7521ef94e500c4ea161e1e131619e614619e7e17ccfcac6f6
ae023d69b1633912960a55720c9d3d94e6c22fae5d30a9a9a59ed3e908c05483
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b753db3a8f1b9d5cb485a956aa39dc3a0ec06771c6a37539da2f0846ba1699fb
cf032b0e5e963e662531dc31c355dbd7ac2fe6e52808493e33151e8307407de4
d7b9367aaff6411a857989b583559285c3ca5f5f7ae525d4fe193af25e9da774
d7bae87a282a4ea36ff2e8245e12f6aad3a7954dbb72fecf135252d5dd76d6a8
d9454ed159e04b4e03ec0596a65313741191bf7d3ae3c2d037aad60863ced1f3
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fbf985e2314c76a056c1043b511dc835172e04e0667f3fb5c0f99b64f4ceb0af
ffa3ed1ab7768d88d8932ca633b3f1611e19863cc93664bd1101d80de20222c7

www.everyplate.com Open in urlscan Pro 2606:4700::6811:6822 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

64 Requests

100 %HTTPS

38 %IPv6

29 Domains

39 Subdomains

37 IPs

7 Countries

1354 kBTransfer

4805 kBSize

20 Cookies

3 Outgoing links

Page URL History

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.everyplate.com Open in urlscan Pro
2606:4700::6811:6822 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

100 %
HTTPS

38 %
IPv6

29
Domains

39
Subdomains

37
IPs

7
Countries

1354 kB
Transfer

4805 kB
Size

20
Cookies

64 HTTP transactions
0 data transactions