deals.hwy40skidelivery.com Open in urlscan Pro
151.101.130.159 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://deals.hwy40skidelivery.com/
Submission: On April 15 via automatic, source certstream-suspicious (April 15th 2021, 1:08:38 am UTC)

Summary HTTP 84 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 17 domains to perform 84 HTTP transactions. The main IP is 151.101.130.159, located in United States and belongs to FASTLY, US. The main domain is deals.hwy40skidelivery.com.
TLS certificate: Issued by R3 on February 14th 2021. Valid for: 3 months.

This is the only time deals.hwy40skidelivery.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	151.101.130.159 151.101.130.159	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
5	54.215.176.10 54.215.176.10	16509 (AMAZON-02) (AMAZON-02)
9	2600:9000:20e... 2600:9000:20e8:8e00:1a:3af:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f013:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f113:81:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 3	2a02:26f0:710... 2a02:26f0:7100::687e:2490	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	34.208.168.54 34.208.168.54	16509 (AMAZON-02) (AMAZON-02)
4	99.84.155.174 99.84.155.174	16509 (AMAZON-02) (AMAZON-02)
1 2	3.248.28.111 3.248.28.111	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:1b:... 2a04:4e42:1b::720	54113 (FASTLY) (FASTLY)
1	2600:9000:215... 2600:9000:2156:5200:1f:7c97:a480:93a1	16509 (AMAZON-02) (AMAZON-02)
84	21

27 151.101.130.159 (United States)

ASN54113 (FASTLY, US)

deals.hwy40skidelivery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.215.176.10 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-215-176-10.us-west-1.compute.amazonaws.com

fareharbor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:20e8:8e00:1a:3af:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

connect.podium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f013:d:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f113:81:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:7100::687e:2490 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.208.168.54 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-168-54.us-west-2.compute.amazonaws.com

mind-flayer.podium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.84.155.174 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-155-174.txl52.r.cloudfront.net

dp58aslhmbcib.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.248.28.111 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com

d.adroll.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::720 (United States)

ASN54113 (FASTLY, US)

fh-sites.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:5200:1f:7c97:a480:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.podium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	hwy40skidelivery.com deals.hwy40skidelivery.com	2 MB
18	podium.com connect.podium.com mind-flayer.podium.com assets.podium.com	286 KB
5	fareharbor.com fareharbor.com	61 KB
4	cloudfront.net dp58aslhmbcib.cloudfront.net	363 KB
4	adroll.com 1 redirects s.adroll.com d.adroll.com	16 KB
4	facebook.com www.facebook.com	542 B
4	gstatic.com fonts.gstatic.com	76 KB
4	facebook.net connect.facebook.net	101 KB
4	google-analytics.com www.google-analytics.com	40 KB
2	google.de www.google.de	637 B
2	google.com www.google.com	196 B
2	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	1 KB
2	googletagmanager.com www.googletagmanager.com	74 KB
1	imgix.net fh-sites.imgix.net	50 KB
1	consensu.org 1 redirects d.adroll.mgr.consensu.org	137 B
1	googleadservices.com www.googleadservices.com	14 KB
1	googleapis.com fonts.googleapis.com	756 B
84	17

	Domain	Requested by
27	deals.hwy40skidelivery.com	deals.hwy40skidelivery.com
9	connect.podium.com	deals.hwy40skidelivery.com connect.podium.com
8	mind-flayer.podium.com	connect.podium.com
5	fareharbor.com	deals.hwy40skidelivery.com fareharbor.com dp58aslhmbcib.cloudfront.net
4	dp58aslhmbcib.cloudfront.net	fareharbor.com
4	www.facebook.com	deals.hwy40skidelivery.com connect.facebook.net
4	fonts.gstatic.com	fonts.googleapis.com
4	connect.facebook.net	deals.hwy40skidelivery.com connect.facebook.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com fareharbor.com
3	s.adroll.com	1 redirects deals.hwy40skidelivery.com
2	www.google.de	deals.hwy40skidelivery.com
2	www.google.com	deals.hwy40skidelivery.com
2	www.googletagmanager.com	deals.hwy40skidelivery.com www.googletagmanager.com
1	assets.podium.com	deals.hwy40skidelivery.com
1	fh-sites.imgix.net	dp58aslhmbcib.cloudfront.net
1	d.adroll.com	deals.hwy40skidelivery.com
1	d.adroll.mgr.consensu.org	1 redirects
1	googleads.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googleadservices.com	www.googletagmanager.com
1	fonts.googleapis.com	deals.hwy40skidelivery.com
84	21

This site contains links to these domains. Also see Links.

Domain
hwy40skidelivery.com

Subject Issuer	Validity	Valid
deals.hwy40skidelivery.com R3	`2021-02-14` - `2021-05-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
fareharbor.com Amazon	`2020-09-25` - `2021-10-25`	a year	crt.sh
*.podium.com Amazon	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
adroll.com R3	`2021-03-30` - `2021-06-28`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2020-10-08` - `2021-11-07`	a year	crt.sh
imgix.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-08-06` - `2021-08-07`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://deals.hwy40skidelivery.com/
Frame ID: 8219D0D7E9534206119B6B9F257E67C2
Requests: 63 HTTP requests in this frame

Frame: https://fareharbor.com/embeds/cart/?u=e30fa792-8363-4db6-a1d7-13a70c229699&from-ssl=yes&ga=UA-185560379-1,1584552995.1618448869%3B
Frame ID: E7DC5A6085097E1F39845E5396A3D000
Requests: 10 HTTP requests in this frame

Frame: https://connect.podium.com/styles.css
Frame ID: 6BC53BBAB0D6D7D90106240C6D912D69
Requests: 1 HTTP requests in this frame

Frame: https://connect.podium.com/styles.css
Frame ID: D545249659C10BEE8BAE9F9AE7280E8A
Requests: 2 HTTP requests in this frame

Frame: https://connect.podium.com/styles.css
Frame ID: BCC5D6C37FD75AEA0C3A8DDE4AA5120E
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:a|s)\.adroll\.com/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

84
Requests

100 %
HTTPS

71 %
IPv6

17
Domains

21
Subdomains

21
IPs

4
Countries

2863 kB
Transfer

5561 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://hwy40skidelivery.com/all-package-deals/

Search URL Search Domain Scan URL

URL: https://hwy40skidelivery.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://s.adroll.com/j/exp/5INAR7XDEBH63EH7G4MDGT/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 59

https://d.adroll.mgr.consensu.org/consent/iabcheck/5INAR7XDEBH63EH7G4MDGT?_s=48673914146efb7a9fea259ac8aa024b&_b=2 HTTP 302
https://d.adroll.com/consent/check/5INAR7XDEBH63EH7G4MDGT/?_s=48673914146efb7a9fea259ac8aa024b&_b=2

84 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
deals.hwy40skidelivery.com/ 55 KB
13 KB 1168ms
1123ms Document
text/html 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://deals.hwy40skidelivery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

48ee674f255348046074c1f34d0251426130e6aca26c178d3c89b0ae93b9a5db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

:method: GET
:authority: deals.hwy40skidelivery.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
link: <https://deals.hwy40skidelivery.com/wp-json/>; rel="https://api.w.org/" <https://deals.hwy40skidelivery.com/wp-json/wp/v2/pages/15>; rel="alternate"; type="application/json" <https://deals.hwy40skidelivery.com/>; rel=shortlink
x-xss-protection: 1
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-fw-server: Flywheel/5.1.0
x-fw-dynamic: TRUE
x-fw-hash: bjos6efn7m
content-encoding: gzip
x-fw-version: 5.0.0
server: Flywheel/5.1.0
x-cacheable: YES
fastly-restarts: 1
accept-ranges: bytes
date: Thu, 15 Apr 2021 01:07:47 GMT
x-served-by: cache-cph20625-CPH
x-cache: MISS
x-cache-hits: 0
x-timer: S1618448866.492567,VS0,VE1101
vary: Accept-Encoding
x-fw-serve: TRUE
x-fw-static: NO
x-fw-type: VISIT
content-length: 12698

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 36ms
33ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-185560379-1

Requested by

Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

48b17fe7922c9cc33ff467f7e0d682e188c57c03b613704373dac8d2ee7a88c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 01:07:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39181
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Apr 2021 01:07:47 GMT

GET
H2 200 autoptimize_102c27827e2633205a7b16844c34f8e5.css
deals.hwy40skidelivery.com/wp-content/cache/autoptimize/css/ 230 KB
46 KB 839ms
837ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://deals.hwy40skidelivery.com/wp-content/cache/autoptimize/css/autoptimize_102c27827e2633205a7b16844c34f8e5.css

Requested by

Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

19507c1e5f205eeed189f274fb165f450a194a58d7f4bd0fa20826ad693896b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Thu, 15 Apr 2021 01:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
content-length: 47374
x-xss-protection: 1
x-served-by: cache-cph20625-CPH
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Feb 2021 02:41:30 GMT
server: Flywheel/5.1.0
x-timer: S1618448868.621131,VS0,VE818
etag: W/"60370e5a-3961f"
x-fw-hash: bjos6efn7m
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: text/css
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 css
fonts.googleapis.com/ 7 KB
756 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A400%2C500%2C700%2C900&display=fallback&ver=2.6.2

Requested by

Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5f89bfaf8549e0d619bae068feade1a151442f4eaed2e13b3a5b28a019aec5bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 01:07:47 GMT
server: ESF
date: Thu, 15 Apr 2021 01:07:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Apr 2021 01:07:47 GMT

GET
H2 200 autoptimize_single_aae4dee1b917e632dc32458ab0ad943f.css
deals.hwy40skidelivery.com/wp-content/cache/autoptimize/css/ 119 KB
17 KB 747ms
746ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://deals.hwy40skidelivery.com/wp-content/cache/autoptimize/css/autoptimize_single_aae4dee1b917e632dc32458ab0ad943f.css?ver=aae4dee1b917e632dc32458ab0ad943f

Requested by

Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

0d67a62af11f3cfd27e2937ab24ab50792a776560b7827f5e5c457e17a3bb387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Thu, 15 Apr 2021 01:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
content-length: 17152
x-xss-protection: 1
x-served-by: cache-cph20625-CPH
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 15 Feb 2021 22:40:51 GMT
server: Flywheel/5.1.0
x-timer: S1618448868.621124,VS0,VE728
etag: W/"602af873-1dc08"
x-fw-hash: bjos6efn7m
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: text/css
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 autoptimize_single_816016c27d3336cc0ce42a598a13b63b.css
deals.hwy40skidelivery.com/wp-content/cache/autoptimize/css/ 10 KB
2 KB 636ms
635ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://deals.hwy40skidelivery.com/wp-content/cache/autoptimize/css/autoptimize_single_816016c27d3336cc0ce42a598a13b63b.css?ver=2.7.2

Requested by

Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

f50478628d72e24adc6cd635158e67a409882102104d02254ec5b2206c1f806f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Thu, 15 Apr 2021 01:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
content-length: 1900
x-xss-protection: 1
x-served-by: cache-cph20625-CPH
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 15 Feb 2021 22:40:51 GMT
server: Flywheel/5.1.0
x-timer: S1618448868.621102,VS0,VE617
etag: W/"602af873-2877"
x-fw-hash: bjos6efn7m
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: text/css
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 autoptimize_single_ab22ecde50b2ef48c9a632d7e20636bb.css
deals.hwy40skidelivery.com/wp-content/cache/autoptimize/css/ 35 KB
5 KB 604ms
603ms Stylesheet
text/css 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://deals.hwy40skidelivery.com/wp-content/cache/autoptimize/css/autoptimize_single_ab22ecde50b2ef48c9a632d7e20636bb.css?ver=119092986b65038b6281223c5c691abc

Requested by

Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

ed8dcdd1cd70f20753227a723f3c57ba9c1e7f17552ce8050c74b5679e9c918d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Thu, 15 Apr 2021 01:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
content-length: 5372
x-xss-protection: 1
x-served-by: cache-cph20625-CPH
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 15 Feb 2021 22:40:51 GMT
server: Flywheel/5.1.0
x-timer: S1618448868.621270,VS0,VE585
etag: W/"602af873-8a54"
x-fw-hash: bjos6efn7m
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: text/css
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 jquery.min.js Show response
deals.hwy40skidelivery.com/wp-includes/js/jquery/ 87 KB
34 KB 669ms
668ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://deals.hwy40skidelivery.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Requested by

Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Thu, 15 Apr 2021 01:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
content-length: 34077
x-xss-protection: 1
x-served-by: cache-cph20625-CPH
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 22 Feb 2021 16:07:35 GMT
server: Flywheel/5.1.0
x-timer: S1618448868.621250,VS0,VE650
etag: W/"6033d6c7-15d98"
x-fw-hash: bjos6efn7m
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: application/javascript
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 HWY40_Lockup_Shield_Red-350x93.jpg
deals.hwy40skidelivery.com/wp-content/uploads/2020/12/ 8 KB
8 KB 588ms
586ms Image
image/jpeg 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://deals.hwy40skidelivery.com/wp-content/uploads/2020/12/HWY40_Lockup_Shield_Red-350x93.jpg

Requested by

Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

b94abbf688f7ac259b400e6b6c13b04d7a579740383be9c1d66bd33e0aecc8b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Thu, 15 Apr 2021 01:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
content-length: 7701
x-xss-protection: 1
x-served-by: cache-cph20625-CPH
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Feb 2021 22:09:41 GMT
server: Flywheel/5.1.0
x-timer: S1618448869.537430,VS0,VE568
etag: W/"601b1f25-1e37"
x-fw-hash: bjos6efn7m
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 / Show response
fareharbor.com/embeds/api/v1/ 21 KB
7 KB 672ms
322ms Script
text/javascript 54.215.176.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fareharbor.com/embeds/api/v1/?autolightframe=yes

Requested by

Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.215.176.10 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-215-176-10.us-west-1.compute.amazonaws.com

Software

Resource Hash

72118b158ad6ea27153ed0f3f693a5026cecaf39d6ca13c0f36a1dc08dd9ff16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 01:07:48 GMT
content-encoding: gzip
content-security-policy-report-only: default-src 'none'; block-all-mixed-content; script-src *.fareharbor.com fareharbor.com content.fareharbor.me *.cloudfront.net *.stripe.com *.adyen.com *.mxpnl.com cdn.mxpnl.com *.filestackapi.com *.pusher.com *.optimizely.com cdn.optimizely.com *.google.com *.googleapis.com *.google-analytics.com https://www.google-analytics.com *.adroll.com *.adroll.mgr.consensu.org *.facebook.net *.facebook.com *.cloudflare.com *.hotjar.com *.googletagmanager.com *.doubleclick.net *.googleadservices.com *.gstatic.com *.paypal.com 'unsafe-eval' 'unsafe-inline'; img-src * data: image/svg+xml image/png; style-src *.fareharbor.com fareharbor.com content.fareharbor.me *.cloudfront.net *.googleapis.com 'unsafe-inline'; connect-src https: wss:; form-action 'self' https:; base-uri 'self'; font-src fh-sites.imgix.net data: 'self'; frame-src *.stripe.com *.adyen.com *.filestackapi.com *.googletagmanager.com *.hotjar.com www.google.com airtable.com player.vimeo.com facebook.com fareharbor.com *.paypal.com; object-src 'none'; report-uri /csp-report/
x-fh-loadbalancer: production-appservers_docker-a-0
p3p: CP="This is not a P3P policy."
x-amzn-trace-id: Root=1-607791e4-3e502b502b57d5fe7a9b3f93
vary: Accept-Encoding, Cookie
content-language: en-us
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-type: text/javascript; charset=utf-8
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 widget.js Show response
connect.podium.com/ 441 KB
128 KB 44ms
15ms Script
application/javascript 2600:9000:20e8:8e00:1a:3af:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.podium.com/widget.js
Requested by: Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:8e00:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a67e8d3a07ef646f98cbdae2c872f6e1abe3924e7c60811cb6ebf3fc1d18f20b

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 00:19:31 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 18:16:32 GMT
server: AmazonS3
age: 3072
etag: "f513622f7fbedd0e5e8960dc4d8a6693"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8e2919534da029bb37f64b265b219373.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: TXL52-C1
content-length: 130295
x-amz-cf-id: k2ggs_cR-Wd1K1z5bnf8D4DbM4Jnq8246xG3FScLJDqkhUTc3iTeqg==

GET
H2 200 / Show response
fareharbor.com/embeds/api/v1/ 21 KB
7 KB 429ms
178ms Script
text/javascript 54.215.176.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fareharbor.com/embeds/api/v1/

Requested by

Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.215.176.10 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-215-176-10.us-west-1.compute.amazonaws.com

Software

Resource Hash

70f9cffc659aea8222b277ddc4c454c8d35130f712e609c294876cee27df8265

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 01:07:48 GMT
content-encoding: gzip
content-security-policy-report-only: default-src 'none'; block-all-mixed-content; script-src *.fareharbor.com fareharbor.com content.fareharbor.me *.cloudfront.net *.stripe.com *.adyen.com *.mxpnl.com cdn.mxpnl.com *.filestackapi.com *.pusher.com *.optimizely.com cdn.optimizely.com *.google.com *.googleapis.com *.google-analytics.com https://www.google-analytics.com *.adroll.com *.adroll.mgr.consensu.org *.facebook.net *.facebook.com *.cloudflare.com *.hotjar.com *.googletagmanager.com *.doubleclick.net *.googleadservices.com *.gstatic.com *.paypal.com 'unsafe-eval' 'unsafe-inline'; img-src * data: image/svg+xml image/png; style-src *.fareharbor.com fareharbor.com content.fareharbor.me *.cloudfront.net *.googleapis.com 'unsafe-inline'; connect-src https: wss:; form-action 'self' https:; base-uri 'self'; font-src fh-sites.imgix.net data: 'self'; frame-src *.stripe.com *.adyen.com *.filestackapi.com *.googletagmanager.com *.hotjar.com www.google.com airtable.com player.vimeo.com facebook.com fareharbor.com *.paypal.com; object-src 'none'; report-uri /csp-report/
x-fh-loadbalancer: production-appservers_docker-a-12
p3p: CP="This is not a P3P policy."
x-amzn-trace-id: Root=1-607791e4-236d0dde74e525f5711341d7
vary: Accept-Encoding, Cookie
content-language: en-us
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-type: text/javascript; charset=utf-8
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 typed.js Show response
deals.hwy40skidelivery.com/wp-content/plugins/bb-ultimate-addon/modules/fancy-text/js/ 12 KB
4 KB 647ms
644ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://deals.hwy40skidelivery.com/wp-content/plugins/bb-ultimate-addon/modules/fancy-text/js/typed.js?ver=5.6.2

Requested by

Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

d9d936400543739cf32316a9c65eba4a0f37d69c5d0bf5dd0866b4a24b4a9214

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Thu, 15 Apr 2021 01:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
content-length: 3877
x-xss-protection: 1
x-served-by: cache-cph20625-CPH
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Dec 2020 23:04:29 GMT
server: Flywheel/5.1.0
x-timer: S1618448869.537450,VS0,VE626
etag: W/"5fd2a97d-30dd"
x-fw-hash: bjos6efn7m
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: application/javascript
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 autoptimize_8e1c3fc238327deccffe1fe425d10f41.js Show response
deals.hwy40skidelivery.com/wp-content/cache/autoptimize/js/ 163 KB
48 KB 807ms
805ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://deals.hwy40skidelivery.com/wp-content/cache/autoptimize/js/autoptimize_8e1c3fc238327deccffe1fe425d10f41.js

Requested by

Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

9341e80abd3917d1560f1ffdd6428451cdde0c6c4d0e96635de83315ec14b5ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Thu, 15 Apr 2021 01:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
content-length: 48854
x-xss-protection: 1
x-served-by: cache-cph20625-CPH
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 15 Feb 2021 22:40:51 GMT
server: Flywheel/5.1.0
x-timer: S1618448869.537511,VS0,VE786
etag: W/"602af873-28c6a"
x-fw-hash: bjos6efn7m
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: application/javascript
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-185560379-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 4570
date: Wed, 14 Apr 2021 23:51:38 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Thu, 15 Apr 2021 01:51:38 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 81ms
64ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-457542357&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-185560379-1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7a9236a0b7f6e429d100ef06c2f3728b7c486c6b2d319f5a1bfa656fbab72730

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 01:07:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35814
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Apr 2021 01:07:48 GMT

GET
H2 200 wp-emoji-release.min.js Show response
deals.hwy40skidelivery.com/wp-includes/js/ 14 KB
5 KB 579ms
578ms Script
application/javascript 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://deals.hwy40skidelivery.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6.2

Requested by

Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Thu, 15 Apr 2021 01:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
content-length: 5092
x-xss-protection: 1
x-served-by: cache-cph20625-CPH
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 22 Feb 2021 16:07:35 GMT
server: Flywheel/5.1.0
x-timer: S1618448869.537555,VS0,VE560
etag: W/"6033d6c7-3795"
x-fw-hash: bjos6efn7m
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: application/javascript
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 33ms
32ms Script
application/x-javascript 2a03:2880:f013:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f013:d:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9ddca568ff519cd935a816baec6f7bfce459656ec5022ec2ba6a6225891022eb

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23960
x-fb-rlafr: 0
pragma: public
x-fb-debug: chuNqwsvOjIuCvZ3Wz0DXu2BJ2wQJtzv//LYySOtpFXkzMc/As8SsXBhFTMvAUgsQ8ncATCjo19pgOW98eWjlQ==
x-fb-trip-id: 1679558926
x-frame-options: DENY
date: Thu, 15 Apr 2021 01:07:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hwy40-hero.jpg
deals.hwy40skidelivery.com/wp-content/uploads/2020/12/ 559 KB
555 KB 1182ms
1181ms Image
image/jpeg 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://deals.hwy40skidelivery.com/wp-content/uploads/2020/12/hwy40-hero.jpg

Requested by

Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/wp-content/cache/autoptimize/css/autoptimize_single_aae4dee1b917e632dc32458ab0ad943f.css?ver=aae4dee1b917e632dc32458ab0ad943f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

0c60c89b9a89bdcd18f911d77efcafad43a3873a4777e91137045d58d94c1888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://deals.hwy40skidelivery.com/wp-content/cache/autoptimize/css/autoptimize_single_aae4dee1b917e632dc32458ab0ad943f.css?ver=aae4dee1b917e632dc32458ab0ad943f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Thu, 15 Apr 2021 01:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
content-length: 567463
x-xss-protection: 1
x-served-by: cache-cph20625-CPH
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 Dec 2020 01:14:24 GMT
server: Flywheel/5.1.0
x-timer: S1618448869.541325,VS0,VE1162
etag: W/"5fd95f70-8bc88"
x-fw-hash: bjos6efn7m
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 fastest-widest-bg-square.jpg
deals.hwy40skidelivery.com/wp-content/uploads/2020/12/ 76 KB
74 KB 878ms
877ms Image
image/jpeg 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://deals.hwy40skidelivery.com/wp-content/uploads/2020/12/fastest-widest-bg-square.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

b4ea97ac568ffd12baafd28061b021282bbf1107a8c0f1059492ef5c85b7d2d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://deals.hwy40skidelivery.com/wp-content/cache/autoptimize/css/autoptimize_single_aae4dee1b917e632dc32458ab0ad943f.css?ver=aae4dee1b917e632dc32458ab0ad943f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Thu, 15 Apr 2021 01:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
content-length: 75574
x-xss-protection: 1
x-served-by: cache-cph20625-CPH
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 Dec 2020 01:14:54 GMT
server: Flywheel/5.1.0
x-timer: S1618448869.546567,VS0,VE858
etag: W/"5fd95f8e-1315c"
x-fw-hash: bjos6efn7m
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 ski-cabin.jpg
deals.hwy40skidelivery.com/wp-content/uploads/2020/12/ 364 KB
359 KB 1207ms
1206ms Image
image/jpeg 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://deals.hwy40skidelivery.com/wp-content/uploads/2020/12/ski-cabin.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

89e56a31a32ce2a3892038a9b1bd6949941708aa4c899818c2010680dab4379b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://deals.hwy40skidelivery.com/wp-content/cache/autoptimize/css/autoptimize_single_aae4dee1b917e632dc32458ab0ad943f.css?ver=aae4dee1b917e632dc32458ab0ad943f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Thu, 15 Apr 2021 01:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
content-length: 367315
x-xss-protection: 1
x-served-by: cache-cph20625-CPH
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 Dec 2020 01:15:05 GMT
server: Flywheel/5.1.0
x-timer: S1618448869.546554,VS0,VE1167
etag: W/"5fd95f99-5af42"
x-fw-hash: bjos6efn7m
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 vacation-time-bg.jpg
deals.hwy40skidelivery.com/wp-content/uploads/2020/12/ 126 KB
121 KB 1020ms
1020ms Image
image/jpeg 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://deals.hwy40skidelivery.com/wp-content/uploads/2020/12/vacation-time-bg.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

1168028dc55b1fc2d086d0d7a830e1f96eba228e93761153ecdecff2ea02d138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://deals.hwy40skidelivery.com/wp-content/cache/autoptimize/css/autoptimize_single_aae4dee1b917e632dc32458ab0ad943f.css?ver=aae4dee1b917e632dc32458ab0ad943f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Thu, 15 Apr 2021 01:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
content-length: 123983
x-xss-protection: 1
x-served-by: cache-cph20625-CPH
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 Dec 2020 01:15:25 GMT
server: Flywheel/5.1.0
x-timer: S1618448869.546940,VS0,VE1001
etag: W/"5fd95fad-1f79f"
x-fw-hash: bjos6efn7m
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 not-bowling.jpg
deals.hwy40skidelivery.com/wp-content/uploads/2020/12/ 74 KB
72 KB 830ms
830ms Image
image/jpeg 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://deals.hwy40skidelivery.com/wp-content/uploads/2020/12/not-bowling.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

8bdd2b7bd714f6e4162b5973036380d0b0203ec7f06cd748e462c14117d75f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://deals.hwy40skidelivery.com/wp-content/cache/autoptimize/css/autoptimize_single_aae4dee1b917e632dc32458ab0ad943f.css?ver=aae4dee1b917e632dc32458ab0ad943f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Thu, 15 Apr 2021 01:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
content-length: 73782
x-xss-protection: 1
x-served-by: cache-cph20625-CPH
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 Dec 2020 01:15:48 GMT
server: Flywheel/5.1.0
x-timer: S1618448869.548493,VS0,VE812
etag: W/"5fd95fc4-12616"
x-fw-hash: bjos6efn7m
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 first-chair.jpg
deals.hwy40skidelivery.com/wp-content/uploads/2020/12/ 73 KB
71 KB 817ms
817ms Image
image/jpeg 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://deals.hwy40skidelivery.com/wp-content/uploads/2020/12/first-chair.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

5d866c5e7b93cd699319550c70bed6aa3b51093da2837f4cedbaf14f353940d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://deals.hwy40skidelivery.com/wp-content/cache/autoptimize/css/autoptimize_single_aae4dee1b917e632dc32458ab0ad943f.css?ver=aae4dee1b917e632dc32458ab0ad943f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Thu, 15 Apr 2021 01:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
content-length: 72272
x-xss-protection: 1
x-served-by: cache-cph20625-CPH
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 Dec 2020 01:15:41 GMT
server: Flywheel/5.1.0
x-timer: S1618448869.548979,VS0,VE798
etag: W/"5fd95fbd-12286"
x-fw-hash: bjos6efn7m
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 skivangelists-hero.jpg
deals.hwy40skidelivery.com/wp-content/uploads/2020/12/ 192 KB
186 KB 439ms
438ms Image
image/jpeg 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://deals.hwy40skidelivery.com/wp-content/uploads/2020/12/skivangelists-hero.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

4b373aaaf53a3091d40d0944f3ab7a795b5c4e195464610a79df5d7ca79157c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://deals.hwy40skidelivery.com/wp-content/cache/autoptimize/css/autoptimize_single_aae4dee1b917e632dc32458ab0ad943f.css?ver=aae4dee1b917e632dc32458ab0ad943f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Thu, 15 Apr 2021 01:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
content-length: 190003
x-xss-protection: 1
x-served-by: cache-cph20625-CPH
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 Dec 2020 01:15:56 GMT
server: Flywheel/5.1.0
x-timer: S1618448869.554297,VS0,VE414
etag: W/"5fd95fcc-2ff32"
x-fw-hash: bjos6efn7m
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: image/jpeg
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 10ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C500%2C700%2C900&display=fallback&ver=2.6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://deals.hwy40skidelivery.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 313450
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19480
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C500%2C700%2C900&display=fallback&ver=2.6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://deals.hwy40skidelivery.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:52 GMT
server: sffe
age: 313450
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19172
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_epG3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 10ms
8ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_epG3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C500%2C700%2C900&display=fallback&ver=2.6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2fca2ae6ff4ffea8690cb747cfb9237c873b227c4ad3425a1d84598c8bd0148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://deals.hwy40skidelivery.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:21 GMT
server: sffe
age: 313450
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19240
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 10ms
8ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C500%2C700%2C900&display=fallback&ver=2.6.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://deals.hwy40skidelivery.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 23:37:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:03 GMT
server: sffe
age: 5407
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19272
x-xss-protection: 0
expires: Thu, 14 Apr 2022 23:37:41 GMT

GET
H2 200 fa-solid-900.woff2
deals.hwy40skidelivery.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.1/webfonts/ 78 KB
79 KB 330ms
328ms Font
application/octet-stream 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://deals.hwy40skidelivery.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.1/webfonts/fa-solid-900.woff2

Requested by

Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/wp-content/cache/autoptimize/css/autoptimize_102c27827e2633205a7b16844c34f8e5.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Origin: https://deals.hwy40skidelivery.com
Referer: https://deals.hwy40skidelivery.com/wp-content/cache/autoptimize/css/autoptimize_102c27827e2633205a7b16844c34f8e5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Thu, 15 Apr 2021 01:07:48 GMT
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
content-length: 80300
x-xss-protection: 1
x-served-by: cache-cph20625-CPH
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Dec 2020 23:03:31 GMT
server: Flywheel/5.1.0
x-timer: S1618448869.554291,VS0,VE309
etag: "5fd2a943-139ac"
x-fw-hash: bjos6efn7m
vary: Authorization
x-fw-version: 5.0.0
content-type: application/octet-stream
access-control-allow-origin: *
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 fa-regular-400.woff2
deals.hwy40skidelivery.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.1/webfonts/ 13 KB
13 KB 707ms
706ms Font
application/octet-stream 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://deals.hwy40skidelivery.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.1/webfonts/fa-regular-400.woff2

Requested by

Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/wp-content/cache/autoptimize/css/autoptimize_102c27827e2633205a7b16844c34f8e5.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Origin: https://deals.hwy40skidelivery.com
Referer: https://deals.hwy40skidelivery.com/wp-content/cache/autoptimize/css/autoptimize_102c27827e2633205a7b16844c34f8e5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Thu, 15 Apr 2021 01:07:49 GMT
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
content-length: 13548
x-xss-protection: 1
x-served-by: cache-cph20625-CPH
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Dec 2020 23:03:31 GMT
server: Flywheel/5.1.0
x-timer: S1618448869.554274,VS0,VE687
etag: "5fd2a943-34ec"
x-fw-hash: bjos6efn7m
vary: Authorization
x-fw-version: 5.0.0
content-type: application/octet-stream
access-control-allow-origin: *
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 attention-here.png
deals.hwy40skidelivery.com/wp-content/uploads/2020/12/ 3 KB
3 KB 545ms
542ms Image
image/png 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://deals.hwy40skidelivery.com/wp-content/uploads/2020/12/attention-here.png

Requested by

Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

c0a0421e37fceb43b93540660271c9aeaf8ce0649a5cc3b8757b64edaba2b614

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Thu, 15 Apr 2021 01:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
content-length: 2478
x-xss-protection: 1
x-served-by: cache-cph20625-CPH
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 22 Dec 2020 17:10:58 GMT
server: Flywheel/5.1.0
x-timer: S1618448869.700620,VS0,VE524
etag: W/"5fe228a2-d3a"
x-fw-hash: bjos6efn7m
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: image/png
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 hwy40-vertical-logo.png
deals.hwy40skidelivery.com/wp-content/uploads/2020/12/ 6 KB
5 KB 563ms
559ms Image
image/png 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://deals.hwy40skidelivery.com/wp-content/uploads/2020/12/hwy40-vertical-logo.png

Requested by

Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

8fc3c57856526d39585a9e795b4bc417e25d6d0aba5edd72f56f7b14358e53f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Thu, 15 Apr 2021 01:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
content-length: 5260
x-xss-protection: 1
x-served-by: cache-cph20625-CPH
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 Dec 2020 01:14:33 GMT
server: Flywheel/5.1.0
x-timer: S1618448869.701315,VS0,VE541
etag: W/"5fd95f79-1895"
x-fw-hash: bjos6efn7m
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: image/png
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 step-1.png
deals.hwy40skidelivery.com/wp-content/uploads/2020/12/ 9 KB
9 KB 540ms
537ms Image
image/png 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://deals.hwy40skidelivery.com/wp-content/uploads/2020/12/step-1.png

Requested by

Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

4cc656b5f431e88cabfbd316941e523dd566cc921051e744aa66303c8a167fca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Thu, 15 Apr 2021 01:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
content-length: 9326
x-xss-protection: 1
x-served-by: cache-cph20625-CPH
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 Dec 2020 01:14:36 GMT
server: Flywheel/5.1.0
x-timer: S1618448869.701264,VS0,VE518
etag: W/"5fd95f7c-25e6"
x-fw-hash: bjos6efn7m
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: image/png
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 step-2.png
deals.hwy40skidelivery.com/wp-content/uploads/2020/12/ 12 KB
12 KB 158ms
155ms Image
image/png 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://deals.hwy40skidelivery.com/wp-content/uploads/2020/12/step-2.png

Requested by

Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

3886b0cdeaade1f877f0406269731739832883965f473b9f0f4e2f526331e23b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Thu, 15 Apr 2021 01:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
content-length: 12491
x-xss-protection: 1
x-served-by: cache-cph20625-CPH
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 Dec 2020 01:14:41 GMT
server: Flywheel/5.1.0
x-timer: S1618448869.701431,VS0,VE137
etag: W/"5fd95f81-31da"
x-fw-hash: bjos6efn7m
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: image/png
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 step-3.png
deals.hwy40skidelivery.com/wp-content/uploads/2020/12/ 8 KB
7 KB 558ms
556ms Image
image/png 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://deals.hwy40skidelivery.com/wp-content/uploads/2020/12/step-3.png

Requested by

Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

265085a517a19a13b1f665e3afcba801b341ecc346299cb22e61548b381aa422

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Thu, 15 Apr 2021 01:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
content-length: 7441
x-xss-protection: 1
x-served-by: cache-cph20625-CPH
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 Dec 2020 01:14:38 GMT
server: Flywheel/5.1.0
x-timer: S1618448869.701417,VS0,VE537
etag: W/"5fd95f7e-1e8c"
x-fw-hash: bjos6efn7m
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: image/png
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 contactless-delivery.png
deals.hwy40skidelivery.com/wp-content/uploads/2020/12/ 7 KB
7 KB 589ms
587ms Image
image/png 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://deals.hwy40skidelivery.com/wp-content/uploads/2020/12/contactless-delivery.png

Requested by

Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

2bac437a8827e7abb555566cde57e6b110593e53457090057ae0b465b18b9b70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Thu, 15 Apr 2021 01:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
content-length: 7074
x-xss-protection: 1
x-served-by: cache-cph20625-CPH
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 Dec 2020 01:14:59 GMT
server: Flywheel/5.1.0
x-timer: S1618448869.701409,VS0,VE569
etag: W/"5fd95f93-1c97"
x-fw-hash: bjos6efn7m
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: image/png
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 widest-delivery-range.png
deals.hwy40skidelivery.com/wp-content/uploads/2020/12/ 12 KB
12 KB 551ms
550ms Image
image/png 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://deals.hwy40skidelivery.com/wp-content/uploads/2020/12/widest-delivery-range.png

Requested by

Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

ce12c5d89505d25b9189e6309fdb515fcdac9660aadac3cb5791b1a8793083d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Thu, 15 Apr 2021 01:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
content-length: 11613
x-xss-protection: 1
x-served-by: cache-cph20625-CPH
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Dec 2020 19:50:48 GMT
server: Flywheel/5.1.0
x-timer: S1618448869.701520,VS0,VE531
etag: W/"5fdd0818-3159"
x-fw-hash: bjos6efn7m
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: image/png
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 hwy-40-badge.png
deals.hwy40skidelivery.com/wp-content/uploads/2020/12/ 13 KB
12 KB 571ms
570ms Image
image/png 151.101.130.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://deals.hwy40skidelivery.com/wp-content/uploads/2020/12/hwy-40-badge.png

Requested by

Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

508593b2458f85189569ce35027e0da7340f41645fe693bb0f784d63d3d2b39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fw-static: YES
date: Thu, 15 Apr 2021 01:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
content-length: 11949
x-xss-protection: 1
x-served-by: cache-cph20625-CPH
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 Dec 2020 01:15:15 GMT
server: Flywheel/5.1.0
x-timer: S1618448869.701526,VS0,VE551
etag: W/"5fd95fa3-336f"
x-fw-hash: bjos6efn7m
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: image/png
x-fw-serve: TRUE
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
74 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1346137408&t=pageview&_s=1&dl=https%3A%2F%2Fdeals.hwy40skidelivery.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20Hwy%2040%20Ski%20Delivery&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1941136130&gjid=411916150&cid=1584552995.1618448869&tid=UA-185560379-1&_gid=785064983.1618448869&_r=1&gtm=2ou3v0&z=1453854706

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 01:07:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://deals.hwy40skidelivery.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 11 KB
5 KB 32ms
32ms Script
application/x-javascript 2a03:2880:f013:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.39

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f013:d:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 4673
x-fb-rlafr: 0
pragma: public
x-fb-debug: 9wydC7BHluFIuKwZZ5mzM31tQ7dFM8fB8LIOwK57HlAFq3AZAcT5yeUKWhD9ZQ2TXFt7FOvY3cqqJNceRuUJtg==
x-fb-trip-id: 1679558926
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 15 Apr 2021 01:07:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 323835918663933 Show response
connect.facebook.net/signals/config/ 254 KB
73 KB 118ms
118ms Script
application/x-javascript 2a03:2880:f013:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/323835918663933?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f013:d:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

feb1b60a7fe413e851ec2e07e3726d1c61d77e0605d811da1123188536ad1ff5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: raTH6oo+XGaBIbkujN8/sER/Y4Y37PkvTBrumfIBs+bn0umsd0Cce1p9RPNIXczf43e9KUc5DfWPOORiz3Kpmw==
x-fb-trip-id: 1679558926
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 15 Apr 2021 01:07:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 46ms
45ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-457542357&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

bc9d705ee6c02fde87c2069b74221c2172f27d659282a53756f9b3634fab4f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 01:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13879
x-xss-protection: 0
server: cafe
etag: 4168474919333271250
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 15 Apr 2021 01:07:48 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
96 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-185560379-1&cid=1584552995.1618448869&jid=1941136130&gjid=411916150&_gid=785064983.1618448869&_u=IEBAAUAAAAAAAC~&z=1675958033

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 15 Apr 2021 01:07:48 GMT
content-type: text/plain
access-control-allow-origin: https://deals.hwy40skidelivery.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-185560379-1&cid=1584552995.1618448869&jid=1941136130&_u=IEBAAUAAAAAAAC~&z=135558119

Requested by

Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 01:07:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-185560379-1&cid=1584552995.1618448869&jid=1941136130&_u=IEBAAUAAAAAAAC~&z=135558119

Requested by

Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 01:07:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/457542357/ 2 KB
1 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/457542357/?random=1618448868868&cv=9&fst=1618448868868&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3v0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdeals.hwy40skidelivery.com%2F&tiba=Home%20-%20Hwy%2040%20Ski%20Delivery&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de46e17652d2145529e3a36d2641551b4439f48ca4368a86b8ef4fdde110b757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 01:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1044
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/457542357/ 42 B
89 B 19ms
19ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/457542357/?random=1618448868868&cv=9&fst=1618448400000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdeals.hwy40skidelivery.com%2F&tiba=Home%20-%20Hwy%2040%20Ski%20Delivery&async=1&fmt=3&is_vtc=1&random=2373493212&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 01:07:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/457542357/ 42 B
530 B 46ms
32ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/457542357/?random=1618448868868&cv=9&fst=1618448400000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdeals.hwy40skidelivery.com%2F&tiba=Home%20-%20Hwy%2040%20Ski%20Delivery&async=1&fmt=3&is_vtc=1&random=2373493212&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 01:07:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 error
connect.facebook.net//log/ 0
0 85ms
85ms Image
text/html 2a03:2880:f013:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connect.facebook.net//log/error?p=pixel&v=2.9.39&e=Error%3A%20cookie%20not%20stored%20properly&s=Error%3A%20cookie%20not%20stored%20properly%0A%20%20%20%20at%20C%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F323835918663933%3Fv%3D2.9.39%26r%3Dstable%3A25%3A5431)%0A%20%20%20%20at%20E%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F323835918663933%3Fv%3D2.9.39%26r%3Dstable%3A25%3A5786)%0A%20%20%20%20at%20H%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F323835918663933%3Fv%3D2.9.39%26r%3Dstable%3A25%3A6228)%0A%20%20%20%20at%20Object.%3Canonymous%3E%20(https%3A%2F%2Fconnect.facebook.net%2Fsignals%2Fconfig%2F323835918663933%3Fv%3D2.9.39%26r%3Dstable%3A25%3A6905)%0A%20%20%20%20at%20https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A23%3A6282%0A%20%20%20%20at%20v%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A23%3A65495)%0A%20%20%20%20at%20a.value%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A23%3A6209)%0A%20%20%20%20at%20pa%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A26%3A9351)%0A%20%20%20%20at%20%24%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A26%3A9989)%0A%20%20%20%20at%20Function.Z%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A26%3A8768)&ue=0&rs=stable&rqm=FGET
Requested by: Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f013:d:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 /
www.facebook.com/tr/ 44 B
267 B 33ms
32ms Image
image/gif 2a03:2880:f113:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=323835918663933&ev=PageView&dl=https%3A%2F%2Fdeals.hwy40skidelivery.com%2F&rl=&if=false&ts=1618448869045&cd[userAgent]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&cd[language]=en-US&cd[referrer]=&sw=1600&sh=1200&v=2.9.39&r=stable&a=dvpixelcaffeinewordpress&ec=0&o=30&fbp=fb.1.1618448869041.1892923696&it=1618448868804&coo=false&rqm=GET

Requested by

Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f113:81:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 01:07:49 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 15 Apr 2021 01:07:49 GMT

GET
H2 200 / Show response
fareharbor.com/embeds/cart/ Frame E7DC 291 KB
44 KB 240ms
237ms Document
text/html 54.215.176.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fareharbor.com/embeds/cart/?u=e30fa792-8363-4db6-a1d7-13a70c229699&from-ssl=yes&ga=UA-185560379-1,1584552995.1618448869%3B

Requested by

Host: fareharbor.com
URL: https://fareharbor.com/embeds/api/v1/?autolightframe=yes

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.215.176.10 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-215-176-10.us-west-1.compute.amazonaws.com

Software

Resource Hash

88eacf1acaed5233c532d30905f2bf547a2c6dcc7e292ca585517dae946e471d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: fareharbor.com
:scheme: https
:path: /embeds/cart/?u=e30fa792-8363-4db6-a1d7-13a70c229699&from-ssl=yes&ga=UA-185560379-1,1584552995.1618448869%3B
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://deals.hwy40skidelivery.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://deals.hwy40skidelivery.com/

Response headers

date: Thu, 15 Apr 2021 01:07:49 GMT
content-type: text/html; charset=utf-8
content-encoding: gzip
content-language: en-us
content-security-policy-report-only: default-src 'none'; block-all-mixed-content; script-src *.fareharbor.com fareharbor.com content.fareharbor.me *.cloudfront.net *.stripe.com *.adyen.com *.mxpnl.com cdn.mxpnl.com *.filestackapi.com *.pusher.com *.optimizely.com cdn.optimizely.com *.google.com *.googleapis.com *.google-analytics.com https://www.google-analytics.com *.adroll.com *.adroll.mgr.consensu.org *.facebook.net *.facebook.com *.cloudflare.com *.hotjar.com *.googletagmanager.com *.doubleclick.net *.googleadservices.com *.gstatic.com *.paypal.com 'unsafe-eval' 'unsafe-inline'; img-src * data: image/svg+xml image/png; style-src *.fareharbor.com fareharbor.com content.fareharbor.me *.cloudfront.net *.googleapis.com 'unsafe-inline'; connect-src https: wss:; form-action 'self' https:; base-uri 'self'; font-src fh-sites.imgix.net data: 'self'; frame-src *.stripe.com *.adyen.com *.filestackapi.com *.googletagmanager.com *.hotjar.com www.google.com airtable.com player.vimeo.com facebook.com fareharbor.com *.paypal.com; object-src 'none'; report-uri /csp-report/
p3p: CP="This is not a P3P policy."
set-cookie: csrftoken=ACO69LuOSloEiDmolX0gmMjdI7BE33XnDevqhTjFvae4AAym1utDQWegMpOOOSut; expires=Thu, 14-Apr-2022 01:07:49 GMT; Max-Age=31449600; Path=/; SameSite=Strict; secure
strict-transport-security: max-age=31536000
vary: Accept-Encoding Cookie
x-amzn-trace-id: Root=1-607791e5-0e7067bd6a17f0d4637aeb01
x-content-type-options: nosniff
x-fh-loadbalancer: production-appservers_docker-b-11
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/5INAR7XDEBH63EH7G4MDGT/ 45 KB
14 KB 358ms
344ms Script
text/javascript 2a02:26f0:7100::687e:2490
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/5INAR7XDEBH63EH7G4MDGT/roundtrip.js
Requested by: Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::687e:2490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b048aab915cff21770ab59d41db086910dcae6112762e281d863023850c911ac

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 1i7Bc_Ro3kRbP8s.2lgoacqb8N4k4ftK
Content-Encoding: gzip
ETag: "2030d7c51c7680807f491fd4d4d54a98"
x-amz-request-id: 70TH02DHPSM96F70
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 13568
x-amz-id-2: V91ZPp3BN9+r5UF8CZNYHWXAElIHyffQ8sDtWf0Zfo2VB/c5sjjIgjJnx6blU6O48E8gcB2IR+I=
Last-Modified: Wed, 14 Apr 2021 04:25:09 GMT
Server: AmazonS3
Date: Thu, 15 Apr 2021 01:07:49 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

OPTIONS
H/1.1 200
OK graphql
mind-flayer.podium.com// Frame 0
0 755ms
192ms Preflight 34.208.168.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mind-flayer.podium.com//graphql
Protocol: HTTP/1.1
Server: 34.208.168.54 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-208-168-54.us-west-2.compute.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://deals.hwy40skidelivery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: accept, content-type, authorization, socket-id, origin
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin: https://deals.hwy40skidelivery.com
cache-control: max-age=0, private, must-revalidate
date: Thu, 15 Apr 2021 01:07:49 GMT
server: Cowboy
vary: origin
x-request-id: FnXirBldhBtgfPkD6dkD
Content-Length: 0
Connection: keep-alive

POST
H/1.1 200
OK graphql Show response
mind-flayer.podium.com// 1 KB
1 KB 208ms
207ms XHR
application/json 34.208.168.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mind-flayer.podium.com//graphql
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.208.168.54 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-208-168-54.us-west-2.compute.amazonaws.com
Software: Cowboy /
Resource Hash: 1b8c3bb44be9cf2b93fb8aff31f0d34dd9b0c1895eff3b63a2b6745ab3f96b82

Request headers

Accept: application/json
Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Apr 2021 01:07:49 GMT
server: Cowboy
vary: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://deals.hwy40skidelivery.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 1152
x-request-id: FnXirCTjfT-gjDAEBhei

GET
H2 200 output.73a5cab438cd.css
dp58aslhmbcib.cloudfront.net/static/cache/css/ Frame E7DC 161 KB
28 KB 161ms
51ms Stylesheet
text/css 99.84.155.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dp58aslhmbcib.cloudfront.net/static/cache/css/output.73a5cab438cd.css

Requested by

Host: fareharbor.com
URL: https://fareharbor.com/embeds/cart/?u=e30fa792-8363-4db6-a1d7-13a70c229699&from-ssl=yes&ga=UA-185560379-1,1584552995.1618448869%3B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.155.174 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-155-174.txl52.r.cloudfront.net

Software

nginx/1.19.5 /

Resource Hash

73a5cab438cd0ca647e2a738cee91e65d1e329e2262bd1a52f30be601e687368

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fareharbor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 10:50:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-fh-loadbalancer: production-appservers_docker-b-1
age: 2384246
content-security-policy-report-only: default-src 'none'; block-all-mixed-content; script-src *.fareharbor.com fareharbor.com content.fareharbor.me *.cloudfront.net *.stripe.com *.adyen.com *.mxpnl.com cdn.mxpnl.com *.filestackapi.com *.pusher.com *.optimizely.com cdn.optimizely.com *.google.com *.googleapis.com *.google-analytics.com https://www.google-analytics.com *.adroll.com *.adroll.mgr.consensu.org *.facebook.net *.facebook.com *.cloudflare.com *.hotjar.com *.googletagmanager.com *.doubleclick.net *.googleadservices.com *.gstatic.com *.paypal.com 'unsafe-eval' 'unsafe-inline'; img-src * data: image/svg+xml image/png; style-src *.fareharbor.com fareharbor.com content.fareharbor.me *.cloudfront.net *.googleapis.com 'unsafe-inline'; connect-src https: wss:; form-action 'self' https:; base-uri 'self'; font-src fh-sites.imgix.net data: 'self'; frame-src *.stripe.com *.adyen.com *.filestackapi.com *.googletagmanager.com *.hotjar.com www.google.com airtable.com player.vimeo.com facebook.com fareharbor.com *.paypal.com; object-src 'none'; report-uri /csp-report/
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Mar 2021 10:26:18 GMT
server: nginx/1.19.5
etag: "60532aca-28412"
vary: Accept-Encoding
content-type: text/css
via: 1.1 5cf5bc69324ade55eebb5e539fa6c2fa.cloudfront.net (CloudFront)
cache-control: public
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
x-amz-cf-id: gXT2XiTDdgLEIXrR0Sx_Lh8sDCK8yFvLY1eUQlo88uOfKkMgxeMRzg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 output.34846959e9a8.css
dp58aslhmbcib.cloudfront.net/static/cache/css/ Frame E7DC 2 KB
2 KB 159ms
52ms Stylesheet
text/css 99.84.155.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dp58aslhmbcib.cloudfront.net/static/cache/css/output.34846959e9a8.css

Requested by

Host: fareharbor.com
URL: https://fareharbor.com/embeds/cart/?u=e30fa792-8363-4db6-a1d7-13a70c229699&from-ssl=yes&ga=UA-185560379-1,1584552995.1618448869%3B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.155.174 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-155-174.txl52.r.cloudfront.net

Software

nginx/1.19.3 /

Resource Hash

34846959e9a847bbadfeabffaaee9394efbebf1cc4d5045ea1100e28ff19cfb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fareharbor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 07:42:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-fh-loadbalancer: production-appservers_docker-a-3
age: 6369928
content-security-policy-report-only: default-src 'none'; block-all-mixed-content; script-src *.fareharbor.com fareharbor.com content.fareharbor.me *.cloudfront.net *.stripe.com *.adyen.com *.mxpnl.com cdn.mxpnl.com *.filestackapi.com *.pusher.com *.optimizely.com cdn.optimizely.com *.google.com *.googleapis.com *.google-analytics.com https://www.google-analytics.com *.adroll.com *.adroll.mgr.consensu.org *.facebook.net *.facebook.com *.cloudflare.com *.hotjar.com *.googletagmanager.com *.doubleclick.net *.googleadservices.com *.gstatic.com *.paypal.com 'unsafe-eval' 'unsafe-inline'; img-src * data: image/svg+xml image/png; style-src *.fareharbor.com fareharbor.com content.fareharbor.me *.cloudfront.net *.googleapis.com 'unsafe-inline'; connect-src https: wss:; form-action 'self' https:; base-uri 'self'; font-src fh-sites.imgix.net data: 'self'; frame-src *.stripe.com *.adyen.com *.filestackapi.com *.googletagmanager.com *.hotjar.com www.google.com airtable.com player.vimeo.com facebook.com fareharbor.com *.paypal.com; object-src 'none'; report-uri /csp-report/
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000
content-length: 330
x-xss-protection: 1; mode=block
last-modified: Fri, 29 Jan 2021 10:01:10 GMT
server: nginx/1.19.3
etag: "6013dce6-9da"
vary: Accept-Encoding
content-type: text/css
via: 1.1 5cf5bc69324ade55eebb5e539fa6c2fa.cloudfront.net (CloudFront)
cache-control: public
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
x-amz-cf-id: iKerZWBboUEbBMCAAXFAvCntrEs0Wvlwf-DGgKvpvUYLhGz9cYPDRw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
107 B 33ms
32ms Image
image/gif 2a03:2880:f113:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=323835918663933&ev=ViewContent&dl=https%3A%2F%2Fdeals.hwy40skidelivery.com%2F&rl=&if=false&ts=1618448869397&cd[userAgent]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&cd[language]=en-US&cd[referrer]=&sw=1600&sh=1200&v=2.9.39&r=stable&a=dvpixelcaffeinewordpress&ec=1&o=30&fbp=fb.1.1618448869041.1892923696&it=1618448868804&coo=false&rqm=GET

Requested by

Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f113:81:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 01:07:49 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 15 Apr 2021 01:07:49 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
107 B 33ms
33ms Image
image/gif 2a03:2880:f113:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=323835918663933&ev=AdvancedEvents&dl=https%3A%2F%2Fdeals.hwy40skidelivery.com%2F&rl=&if=false&ts=1618448869398&cd[login_status]=not_logged_in&cd[post_type]=page&cd[object_id]=15&cd[object_type]=home&cd[userAgent]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&cd[language]=en-US&cd[referrer]=&sw=1600&sh=1200&v=2.9.39&r=stable&a=dvpixelcaffeinewordpress&ec=2&o=30&fbp=fb.1.1618448869041.1892923696&it=1618448868804&coo=false&rqm=GET

Requested by

Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f113:81:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 01:07:49 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 15 Apr 2021 01:07:49 GMT

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/5INAR7XDEBH63EH7G4MDGT/index.js
https://s.adroll.com/j/exp/index.js

28 B
747 B

6ms
6ms

Script
application/javascript

2a02:26f0:7100::687e:2490
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100::687e:2490 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 8C_4p5S6NLuKOM2fXKpm7asomxwPn3IL
Content-Encoding: gzip
ETag: "5816cced8568d223aa09d889f300692b"
x-amz-request-id: A6E4D842C4F3666B
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 48
x-amz-id-2: 1Pslf+Y9QwUHIZmwUo95w2CKA8MTrgZpbGBRFLUwAevxRDJ3euWTGuAJ2AJ78njOjdUd48ZsKSg=
Last-Modified: Tue, 19 Jan 2021 16:25:36 GMT
Server: AmazonS3
Date: Thu, 15 Apr 2021 01:07:49 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Thu, 15 Apr 2021 01:07:49 GMT
Server: AkamaiGHost
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 0

GET
H2

200

/ Show response
d.adroll.com/consent/check/5INAR7XDEBH63EH7G4MDGT/
Redirect Chain

https://d.adroll.mgr.consensu.org/consent/iabcheck/5INAR7XDEBH63EH7G4MDGT?_s=48673914146efb7a9fea259ac8aa024b&_b=2
https://d.adroll.com/consent/check/5INAR7XDEBH63EH7G4MDGT/?_s=48673914146efb7a9fea259ac8aa024b&_b=2

395 B
487 B

52ms
51ms

Script
application/javascript

3.248.28.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/5INAR7XDEBH63EH7G4MDGT/?_s=48673914146efb7a9fea259ac8aa024b&_b=2
Requested by: Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 9b381f94c33492332e71cfd331ab491cf56253c02a39784d30b67229665bdcfe

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 01:07:49 GMT
server: nginx/1.18.0
content-length: 395
content-type: application/javascript

Redirect headers

location: https://d.adroll.com/consent/check/5INAR7XDEBH63EH7G4MDGT/?_s=48673914146efb7a9fea259ac8aa024b&_b=2
date: Thu, 15 Apr 2021 01:07:49 GMT
server: nginx/1.18.0
content-length: 105

GET
H2 200 output.b464baf81170.js Show response
dp58aslhmbcib.cloudfront.net/static/cache/js/ Frame E7DC 582 KB
198 KB 58ms
57ms Script
application/javascript 99.84.155.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dp58aslhmbcib.cloudfront.net/static/cache/js/output.b464baf81170.js

Requested by

Host: fareharbor.com
URL: https://fareharbor.com/embeds/cart/?u=e30fa792-8363-4db6-a1d7-13a70c229699&from-ssl=yes&ga=UA-185560379-1,1584552995.1618448869%3B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.155.174 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-155-174.txl52.r.cloudfront.net

Software

nginx/1.19.3 /

Resource Hash

b464baf81170c8e0bdf96671bea3b3246237fb654d2aca38c84ede04c4bc0a19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fareharbor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 31 Mar 2021 23:56:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-fh-loadbalancer: production-appservers_docker-a-12
age: 1213889
content-security-policy-report-only: default-src 'none'; block-all-mixed-content; script-src *.fareharbor.com fareharbor.com content.fareharbor.me *.cloudfront.net *.stripe.com *.adyen.com *.mxpnl.com cdn.mxpnl.com *.filestackapi.com *.pusher.com *.optimizely.com cdn.optimizely.com *.google.com *.googleapis.com *.google-analytics.com https://www.google-analytics.com *.adroll.com *.adroll.mgr.consensu.org *.facebook.net *.facebook.com *.cloudflare.com *.hotjar.com *.googletagmanager.com *.doubleclick.net *.googleadservices.com *.gstatic.com *.paypal.com 'unsafe-eval' 'unsafe-inline'; img-src * data: image/svg+xml image/png; style-src *.fareharbor.com fareharbor.com content.fareharbor.me *.cloudfront.net *.googleapis.com 'unsafe-inline'; connect-src https: wss:; form-action 'self' https:; base-uri 'self'; font-src fh-sites.imgix.net data: 'self'; frame-src *.stripe.com *.adyen.com *.filestackapi.com *.googletagmanager.com *.hotjar.com www.google.com airtable.com player.vimeo.com facebook.com fareharbor.com *.paypal.com; object-src 'none'; report-uri /csp-report/
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
last-modified: Wed, 31 Mar 2021 23:40:40 GMT
server: nginx/1.19.3
etag: "60650878-919f4"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 5cf5bc69324ade55eebb5e539fa6c2fa.cloudfront.net (CloudFront)
cache-control: public
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
x-amz-cf-id: v1bK18AOasNqY-itZ3glIAMlN-t_VHab3gQAaPxvB4aGuBTd7Fcxrw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 djangojs.js Show response
fareharbor.com/static/jstranslation/en-us/ Frame E7DC 3 KB
2 KB 173ms
172ms Script
application/javascript 54.215.176.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fareharbor.com/static/jstranslation/en-us/djangojs.js

Requested by

Host: fareharbor.com
URL: https://fareharbor.com/embeds/cart/?u=e30fa792-8363-4db6-a1d7-13a70c229699&from-ssl=yes&ga=UA-185560379-1,1584552995.1618448869%3B

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.215.176.10 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-215-176-10.us-west-1.compute.amazonaws.com

Software

nginx/1.19.4 /

Resource Hash

461ce1b8ab723b7b90f1a48e968233fe8ee197cf9e5729d4bfa41ef6ab3d3270

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fareharbor.com/embeds/cart/?u=e30fa792-8363-4db6-a1d7-13a70c229699&from-ssl=yes&ga=UA-185560379-1,1584552995.1618448869%3B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 01:07:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-fh-loadbalancer: production-appservers_docker-a-12
content-security-policy-report-only: default-src 'none'; block-all-mixed-content; script-src *.fareharbor.com fareharbor.com content.fareharbor.me *.cloudfront.net *.stripe.com *.adyen.com *.mxpnl.com cdn.mxpnl.com *.filestackapi.com *.pusher.com *.optimizely.com cdn.optimizely.com *.google.com *.googleapis.com *.google-analytics.com https://www.google-analytics.com *.adroll.com *.adroll.mgr.consensu.org *.facebook.net *.facebook.com *.cloudflare.com *.hotjar.com *.googletagmanager.com *.doubleclick.net *.googleadservices.com *.gstatic.com *.paypal.com 'unsafe-eval' 'unsafe-inline'; img-src * data: image/svg+xml image/png; style-src *.fareharbor.com fareharbor.com content.fareharbor.me *.cloudfront.net *.googleapis.com 'unsafe-inline'; connect-src https: wss:; form-action 'self' https:; base-uri 'self'; font-src fh-sites.imgix.net data: 'self'; frame-src *.stripe.com *.adyen.com *.filestackapi.com *.googletagmanager.com *.hotjar.com www.google.com airtable.com player.vimeo.com facebook.com fareharbor.com *.paypal.com; object-src 'none'; report-uri /csp-report/
vary: Accept-Encoding
content-length: 944
x-xss-protection: 1; mode=block
last-modified: Tue, 13 Apr 2021 08:48:45 GMT
server: nginx/1.19.4
etag: "60755aed-d2d"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: public
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 output.07edb04eb792.js Show response
dp58aslhmbcib.cloudfront.net/static/cache/js/ Frame E7DC 524 KB
136 KB 58ms
57ms Script
application/javascript 99.84.155.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dp58aslhmbcib.cloudfront.net/static/cache/js/output.07edb04eb792.js

Requested by

Host: fareharbor.com
URL: https://fareharbor.com/embeds/cart/?u=e30fa792-8363-4db6-a1d7-13a70c229699&from-ssl=yes&ga=UA-185560379-1,1584552995.1618448869%3B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.155.174 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-155-174.txl52.r.cloudfront.net

Software

nginx/1.19.5 /

Resource Hash

07edb04eb792e0cafdb0e1d366702613840206b99ad5f767892bb32aad0325b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fareharbor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 08:35:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-fh-loadbalancer: production-appservers_docker-b-11
age: 232339
content-security-policy-report-only: default-src 'none'; block-all-mixed-content; script-src *.fareharbor.com fareharbor.com content.fareharbor.me *.cloudfront.net *.stripe.com *.adyen.com *.mxpnl.com cdn.mxpnl.com *.filestackapi.com *.pusher.com *.optimizely.com cdn.optimizely.com *.google.com *.googleapis.com *.google-analytics.com https://www.google-analytics.com *.adroll.com *.adroll.mgr.consensu.org *.facebook.net *.facebook.com *.cloudflare.com *.hotjar.com *.googletagmanager.com *.doubleclick.net *.googleadservices.com *.gstatic.com *.paypal.com 'unsafe-eval' 'unsafe-inline'; img-src * data: image/svg+xml image/png; style-src *.fareharbor.com fareharbor.com content.fareharbor.me *.cloudfront.net *.googleapis.com 'unsafe-inline'; connect-src https: wss:; form-action 'self' https:; base-uri 'self'; font-src fh-sites.imgix.net data: 'self'; frame-src *.stripe.com *.adyen.com *.filestackapi.com *.googletagmanager.com *.hotjar.com www.google.com airtable.com player.vimeo.com facebook.com fareharbor.com *.paypal.com; object-src 'none'; report-uri /csp-report/
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
last-modified: Mon, 12 Apr 2021 07:39:52 GMT
server: nginx/1.19.5
etag: "6073f948-83083"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 5cf5bc69324ade55eebb5e539fa6c2fa.cloudfront.net (CloudFront)
cache-control: public
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
x-amz-cf-id: X9CDJzzAki7XpCZwgKdhkeVxmzwmYoj5X7SZChUB0lkW033YiBLUbg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
61 B 32ms
32ms Other
text/plain 2a03:2880:f113:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f113:81:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary8BXI4znYRIogNpS3

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 15 Apr 2021 01:07:49 GMT
content-type: text/plain
access-control-allow-origin: https://deals.hwy40skidelivery.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame E7DC 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: fareharbor.com
URL: https://fareharbor.com/embeds/cart/?u=e30fa792-8363-4db6-a1d7-13a70c229699&from-ssl=yes&ga=UA-185560379-1,1584552995.1618448869%3B

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fareharbor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 4571
date: Wed, 14 Apr 2021 23:51:38 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Thu, 15 Apr 2021 01:51:38 GMT

GET
H2 200 roboto-v20-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2
fh-sites.imgix.net/fonts/roboto/ Frame E7DC 50 KB
50 KB 22ms
6ms Font
application/octet-stream 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fh-sites.imgix.net/fonts/roboto/roboto-v20-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2

Requested by

Host: dp58aslhmbcib.cloudfront.net
URL: https://dp58aslhmbcib.cloudfront.net/static/cache/css/output.34846959e9a8.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

a7bf1f115e60e0c8f3b335df66d4d77baaae4eb11d2cea2cf7c5b4693403a46f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://fareharbor.com
Referer: https://dp58aslhmbcib.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 01:07:49 GMT
x-content-type-options: nosniff
last-modified: Mon, 21 Sep 2020 20:42:25 GMT
server: imgix
age: 17441672
x-cache: MISS, HIT, HIT, HIT, HIT, HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-imgix-id: ec0954bfe003f3a829c2895af0e956c048d7a17f
accept-ranges: bytes
content-length: 51116
x-served-by: cache-sjc10026-SJC, cache-sjc10081-SJC, cache-sjc10039-SJC, cache-sjc10067-SJC, cache-sjc10039-SJC, cache-hhn4039-HHN

GET
H2 200 / Show response
fareharbor.com/api/v1/persistence/e30fa792-8363-4db6-a1d7-13a70c229699/ Frame E7DC 24 B
1 KB 184ms
183ms XHR
application/json 54.215.176.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fareharbor.com/api/v1/persistence/e30fa792-8363-4db6-a1d7-13a70c229699/

Requested by

Host: dp58aslhmbcib.cloudfront.net
URL: https://dp58aslhmbcib.cloudfront.net/static/cache/js/output.b464baf81170.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.215.176.10 San Jose, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-215-176-10.us-west-1.compute.amazonaws.com

Software

Resource Hash

665dfdc1859f43c9f0626d980a4efe4647c5a5d42c12020ac8d136e42c1b0fb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://fareharbor.com/embeds/cart/?u=e30fa792-8363-4db6-a1d7-13a70c229699&from-ssl=yes&ga=UA-185560379-1,1584552995.1618448869;
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-CSRFToken: 5EJO3GkS68v8mUgWwb62nLN5rAAxwoPT8gq8bO9JJXlyERsUcIzpRVI8vSNHhdmZ

Response headers

date: Thu, 15 Apr 2021 01:07:49 GMT
vary: Accept-Encoding, Cookie
p3p: CP="This is not a P3P policy."
x-fh-loadbalancer: production-appservers_docker-a-3
x-frame-options: SAMEORIGIN
x-amzn-trace-id: Root=1-607791e5-53359e782a22c41169fa8a26
content-security-policy-report-only: default-src 'none'; block-all-mixed-content; script-src *.fareharbor.com fareharbor.com content.fareharbor.me *.cloudfront.net *.stripe.com *.adyen.com *.mxpnl.com cdn.mxpnl.com *.filestackapi.com *.pusher.com *.optimizely.com cdn.optimizely.com *.google.com *.googleapis.com *.google-analytics.com https://www.google-analytics.com *.adroll.com *.adroll.mgr.consensu.org *.facebook.net *.facebook.com *.cloudflare.com *.hotjar.com *.googletagmanager.com *.doubleclick.net *.googleadservices.com *.gstatic.com *.paypal.com 'unsafe-eval' 'unsafe-inline'; img-src * data: image/svg+xml image/png; style-src *.fareharbor.com fareharbor.com content.fareharbor.me *.cloudfront.net *.googleapis.com 'unsafe-inline'; connect-src https: wss:; form-action 'self' https:; base-uri 'self'; font-src fh-sites.imgix.net data: 'self'; frame-src *.stripe.com *.adyen.com *.filestackapi.com *.googletagmanager.com *.hotjar.com www.google.com airtable.com player.vimeo.com facebook.com fareharbor.com *.paypal.com; object-src 'none'; report-uri /csp-report/
content-language: en-us
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
content-type: application/json
content-length: 24
x-xss-protection: 1; mode=block

GET
H3-Q050 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ Frame E7DC 1 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fareharbor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 00:22:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2719
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1403
x-xss-protection: 0
expires: Thu, 15 Apr 2021 01:22:30 GMT

OPTIONS
H/1.1 200
OK graphql
mind-flayer.podium.com// Frame 0
0 188ms
188ms Preflight 34.208.168.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mind-flayer.podium.com//graphql
Protocol: HTTP/1.1
Server: 34.208.168.54 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-208-168-54.us-west-2.compute.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://deals.hwy40skidelivery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: accept, content-type, authorization, socket-id, origin
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin: https://deals.hwy40skidelivery.com
cache-control: max-age=0, private, must-revalidate
date: Thu, 15 Apr 2021 01:07:49 GMT
server: Cowboy
vary: origin
x-request-id: FnXirDGKEm2JxYAD2VPD
Content-Length: 0
Connection: keep-alive

POST
H/1.1 200
OK graphql Show response
mind-flayer.podium.com// 60 B
430 B 393ms
203ms XHR
application/json 34.208.168.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mind-flayer.podium.com//graphql
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.208.168.54 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-208-168-54.us-west-2.compute.amazonaws.com
Software: Cowboy /
Resource Hash: 9ce1be1b080ca90258b4b8da7cc45c6900f709dbadce077757f07c6ba3d1aea5

Request headers

Accept: application/json
Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Apr 2021 01:07:50 GMT
server: Cowboy
vary: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://deals.hwy40skidelivery.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 60
x-request-id: FnXirEgV-2-2gQcD6elD

GET
H2 200 styles.css
connect.podium.com/ Frame 6BC5 48 KB
9 KB 15ms
14ms Stylesheet
text/css 2600:9000:20e8:8e00:1a:3af:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.podium.com/styles.css
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:8e00:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 770fb23b5a263a4c504cd394455324517aa7a5ca4e0087b5d2805b7a15e7152c

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 00:19:34 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 18:16:32 GMT
server: AmazonS3
age: 3076
etag: "9ee91e5e00bfb7dd01bae2fb4f42b044"
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 8e2919534da029bb37f64b265b219373.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: TXL52-C1
content-length: 8733
x-amz-cf-id: TF1UrZ25oEr1NkEsxM7-nNW3_4bHyM9msKNrZtnVK6xiJKD85duI1A==

GET
H2 200 styles.css
connect.podium.com/ Frame D545 48 KB
9 KB 14ms
14ms Stylesheet
text/css 2600:9000:20e8:8e00:1a:3af:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.podium.com/styles.css
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:8e00:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 770fb23b5a263a4c504cd394455324517aa7a5ca4e0087b5d2805b7a15e7152c

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 00:19:34 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 18:16:32 GMT
server: AmazonS3
age: 3076
etag: "9ee91e5e00bfb7dd01bae2fb4f42b044"
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 8e2919534da029bb37f64b265b219373.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: TXL52-C1
content-length: 8733
x-amz-cf-id: KdPiZ1x2nUh8ZN9zYO0IEmty9iVpKqFLKvoCAfKVfqcbyT0xLLTLBQ==

POST
H/1.1 200
OK graphql Show response
mind-flayer.podium.com// 36 B
406 B 198ms
187ms XHR
application/json 34.208.168.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mind-flayer.podium.com//graphql
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.208.168.54 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-208-168-54.us-west-2.compute.amazonaws.com
Software: Cowboy /
Resource Hash: 8ac8e82aec8374261b897cd87b3c4110ea7d23e0839aed51b36f3ace1b6b931c

Request headers

Accept: application/json
Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Apr 2021 01:07:50 GMT
server: Cowboy
vary: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://deals.hwy40skidelivery.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 36
x-request-id: FnXirEiiDCg7tZADx4Gj

OPTIONS
H/1.1 200
OK graphql
mind-flayer.podium.com// Frame 0
0 355ms
188ms Preflight 34.208.168.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mind-flayer.podium.com//graphql
Protocol: HTTP/1.1
Server: 34.208.168.54 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-208-168-54.us-west-2.compute.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://deals.hwy40skidelivery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: accept, content-type, authorization, socket-id, origin
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin: https://deals.hwy40skidelivery.com
cache-control: max-age=0, private, must-revalidate
date: Thu, 15 Apr 2021 01:07:50 GMT
server: Cowboy
vary: origin
x-request-id: FnXirDzPhD0FQUED6ecD
Content-Length: 0
Connection: keep-alive

GET
H2 200 503.13b8203714464e1ba2ed.js Show response
connect.podium.com/ 37 KB
11 KB 13ms
12ms Script
application/javascript 2600:9000:20e8:8e00:1a:3af:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.podium.com/503.13b8203714464e1ba2ed.js
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:8e00:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fbe3f947454d290f1ddb83afe676b4f2da956d8b33816133bcafdaf1b47a9ebd

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 18:18:33 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 18:16:30 GMT
server: AmazonS3
age: 24557
etag: "332875ec9d17616d2ef58f8b24732ff9"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8e2919534da029bb37f64b265b219373.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: TXL52-C1
content-length: 11033
x-amz-cf-id: C1QNTT7Hzgi8eaDNgB046Dke1PV8hyEuDHxs9NSKjU6MnpVqMM-uTg==

GET
H2 200 192.97a8673221ef8a39178e.js
connect.podium.com/ 0
0 13ms
13ms Script
application/javascript 2600:9000:20e8:8e00:1a:3af:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.podium.com/192.97a8673221ef8a39178e.js
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:8e00:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 18:18:34 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 18:16:30 GMT
server: AmazonS3
age: 24557
etag: "4b63e60526890461116f81b9b84ef9eb"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8e2919534da029bb37f64b265b219373.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: TXL52-C1
content-length: 347
x-amz-cf-id: q48mbZTZW0WLOzKGRYpwBe2MhpZbRWw1x1Q-KL-QEhnJuztFcO_BbQ==

GET
H2 200 434b2574637d4adc6a5a30864e8c6b3e.woff2
connect.podium.com/ Frame D545 30 KB
30 KB 240ms
209ms Font
binary/octet-stream 2600:9000:20e8:8e00:1a:3af:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.podium.com/434b2574637d4adc6a5a30864e8c6b3e.woff2
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:8e00:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1edbab3b32d1748ab14e6dfb9f30128ae7ea1e8188ff2afb35c0f6e225bb3a62

Request headers

Origin: https://deals.hwy40skidelivery.com
Referer: https://connect.podium.com/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 01:07:51 GMT
via: 1.1 c6649c9545bbfa66bc79c9ba552d7a4a.cloudfront.net (CloudFront)
last-modified: Wed, 14 Apr 2021 18:16:31 GMT
server: AmazonS3
x-amz-cf-pop: TXL52-C1
etag: "c28f8beb02447597a13d138680f42e65"
vary: Origin,Access-Control-Request-Headers
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 30548
x-amz-cf-id: skb15HZQ3zVrg8ixJGiwVSx3PcxilsWZUJdq0h3R1zmBSg9rvFrE8w==

OPTIONS
H/1.1 200
OK graphql
mind-flayer.podium.com// Frame 0
0 188ms
187ms Preflight 34.208.168.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mind-flayer.podium.com//graphql
Protocol: HTTP/1.1
Server: 34.208.168.54 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-208-168-54.us-west-2.compute.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://deals.hwy40skidelivery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: accept, content-type, authorization, socket-id, origin
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE
access-control-allow-origin: https://deals.hwy40skidelivery.com
cache-control: max-age=0, private, must-revalidate
date: Thu, 15 Apr 2021 01:07:52 GMT
server: Cowboy
vary: origin
x-request-id: FnXirKns7sAfkyQDx71D
Content-Length: 0
Connection: keep-alive

POST
H/1.1 200
OK graphql Show response
mind-flayer.podium.com// 36 B
406 B 191ms
191ms XHR
application/json 34.208.168.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mind-flayer.podium.com//graphql
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.208.168.54 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-208-168-54.us-west-2.compute.amazonaws.com
Software: Cowboy /
Resource Hash: 8ac8e82aec8374261b897cd87b3c4110ea7d23e0839aed51b36f3ace1b6b931c

Request headers

Accept: application/json
Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Apr 2021 01:07:52 GMT
server: Cowboy
vary: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://deals.hwy40skidelivery.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 36
x-request-id: FnXirLU3IaCW8M4EDKvi

GET
H2 200 styles.css
connect.podium.com/ Frame BCC5 48 KB
9 KB 12ms
12ms Stylesheet
text/css 2600:9000:20e8:8e00:1a:3af:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.podium.com/styles.css
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:8e00:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 770fb23b5a263a4c504cd394455324517aa7a5ca4e0087b5d2805b7a15e7152c

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 00:19:34 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 18:16:32 GMT
server: AmazonS3
age: 3078
etag: "9ee91e5e00bfb7dd01bae2fb4f42b044"
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 8e2919534da029bb37f64b265b219373.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: TXL52-C1
content-length: 8733
x-amz-cf-id: I4Z8op7emtgZ8zKsez_cDYp_0PO_lMQngFBjVKPt3KMES5ZO2o6pYg==

GET
H2 200 defaultWebchatAvatar.png
assets.podium.com/images/ Frame BCC5 22 KB
23 KB 42ms
11ms Image
image/png 2600:9000:2156:5200:1f:7c97:a480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.podium.com/images/defaultWebchatAvatar.png
Requested by: Host: deals.hwy40skidelivery.com
URL: https://deals.hwy40skidelivery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5200:1f:7c97:a480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: db585eb5c801b8b204ecfe784e0e88909c9d7b786eda2da3a241626a0ddab3ab

Request headers

Referer: https://deals.hwy40skidelivery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: jM1McgwshToFSgklAtoTVvNVAuBAF0yb
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
last-modified: Fri, 13 Nov 2020 23:37:08 GMT
server: AmazonS3
age: 32816
etag: "8895c7d45471a375920d103559b27722"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
date: Wed, 14 Apr 2021 16:00:58 GMT
x-amz-cf-pop: FRA50-C1
content-length: 23003
x-amz-cf-id: TcRFyVS6OQZNPWW_h_7Rg_miHVZ6wBseUo6ca30LQIYxNdVf190KCw==

GET
H2 200 d2271df8467ecc4941f02087d61c1c1e.woff2
connect.podium.com/ Frame BCC5 34 KB
34 KB 326ms
325ms Font
binary/octet-stream 2600:9000:20e8:8e00:1a:3af:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.podium.com/d2271df8467ecc4941f02087d61c1c1e.woff2
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:8e00:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac6e8dbcf906b5d78b6538eea0df8d50e34fdd4ba6a3932bfbf38d4a085e2797

Request headers

Origin: https://deals.hwy40skidelivery.com
Referer: https://connect.podium.com/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 01:07:53 GMT
via: 1.1 c6649c9545bbfa66bc79c9ba552d7a4a.cloudfront.net (CloudFront)
last-modified: Wed, 14 Apr 2021 18:16:31 GMT
server: AmazonS3
x-amz-cf-pop: TXL52-C1
etag: "1d077eb2f892e7f968f043b40b6ae557"
vary: Origin,Access-Control-Request-Headers
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31536000
x-cache: Miss from cloudfront
content-length: 34640
x-amz-cf-id: zvY-hubZtKw_R4shIescK4nLju1yewvZ5QsNkBmPHbzGc44tdjv6Aw==

GET
H2 200 434b2574637d4adc6a5a30864e8c6b3e.woff2
connect.podium.com/ Frame BCC5 30 KB
30 KB 29ms
28ms Font
binary/octet-stream 2600:9000:20e8:8e00:1a:3af:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://connect.podium.com/434b2574637d4adc6a5a30864e8c6b3e.woff2
Requested by: Host: connect.podium.com
URL: https://connect.podium.com/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:8e00:1a:3af:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1edbab3b32d1748ab14e6dfb9f30128ae7ea1e8188ff2afb35c0f6e225bb3a62

Request headers

Origin: https://deals.hwy40skidelivery.com
Referer: https://connect.podium.com/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 01:07:51 GMT
via: 1.1 c6649c9545bbfa66bc79c9ba552d7a4a.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers
age: 2
x-cache: Hit from cloudfront
content-length: 30548
last-modified: Wed, 14 Apr 2021 18:16:31 GMT
server: AmazonS3
etag: "c28f8beb02447597a13d138680f42e65"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: ggsYoI1GdH97Ii97KPHoewgq75rMuofqFl7rosrztHAoOVhVIXCj5Q==

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://deals.hwy40skidelivery.com/wp-content/cache/autoptimize/js/autoptimize_8e1c3fc238327deccffe1fe425d10f41.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.podium.com
connect.facebook.net
connect.podium.com
d.adroll.com
d.adroll.mgr.consensu.org
deals.hwy40skidelivery.com
dp58aslhmbcib.cloudfront.net
fareharbor.com
fh-sites.imgix.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mind-flayer.podium.com
s.adroll.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
142.250.185.194
151.101.130.159
2600:9000:20e8:8e00:1a:3af:f5c0:93a1
2600:9000:2156:5200:1f:7c97:a480:93a1
2a00:1450:4001:800::200a
2a00:1450:4001:801::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:82a::2008
2a00:1450:400c:c04::9d
2a02:26f0:7100::687e:2490
2a03:2880:f013:d:face:b00c:0:3
2a03:2880:f113:81:face:b00c:0:25de
2a04:4e42:1b::720
3.248.28.111
34.208.168.54
54.215.176.10
99.84.155.174
07edb04eb792e0cafdb0e1d366702613840206b99ad5f767892bb32aad0325b6
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0c60c89b9a89bdcd18f911d77efcafad43a3873a4777e91137045d58d94c1888
0d67a62af11f3cfd27e2937ab24ab50792a776560b7827f5e5c457e17a3bb387
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1168028dc55b1fc2d086d0d7a830e1f96eba228e93761153ecdecff2ea02d138
19507c1e5f205eeed189f274fb165f450a194a58d7f4bd0fa20826ad693896b4
1b8c3bb44be9cf2b93fb8aff31f0d34dd9b0c1895eff3b63a2b6745ab3f96b82
1edbab3b32d1748ab14e6dfb9f30128ae7ea1e8188ff2afb35c0f6e225bb3a62
265085a517a19a13b1f665e3afcba801b341ecc346299cb22e61548b381aa422
2bac437a8827e7abb555566cde57e6b110593e53457090057ae0b465b18b9b70
34846959e9a847bbadfeabffaaee9394efbebf1cc4d5045ea1100e28ff19cfb4
3886b0cdeaade1f877f0406269731739832883965f473b9f0f4e2f526331e23b
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
461ce1b8ab723b7b90f1a48e968233fe8ee197cf9e5729d4bfa41ef6ab3d3270
48b17fe7922c9cc33ff467f7e0d682e188c57c03b613704373dac8d2ee7a88c9
48ee674f255348046074c1f34d0251426130e6aca26c178d3c89b0ae93b9a5db
4b373aaaf53a3091d40d0944f3ab7a795b5c4e195464610a79df5d7ca79157c7
4cc656b5f431e88cabfbd316941e523dd566cc921051e744aa66303c8a167fca
508593b2458f85189569ce35027e0da7340f41645fe693bb0f784d63d3d2b39d
5d866c5e7b93cd699319550c70bed6aa3b51093da2837f4cedbaf14f353940d0
5f89bfaf8549e0d619bae068feade1a151442f4eaed2e13b3a5b28a019aec5bc
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
665dfdc1859f43c9f0626d980a4efe4647c5a5d42c12020ac8d136e42c1b0fb7
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
70f9cffc659aea8222b277ddc4c454c8d35130f712e609c294876cee27df8265
72118b158ad6ea27153ed0f3f693a5026cecaf39d6ca13c0f36a1dc08dd9ff16
73a5cab438cd0ca647e2a738cee91e65d1e329e2262bd1a52f30be601e687368
770fb23b5a263a4c504cd394455324517aa7a5ca4e0087b5d2805b7a15e7152c
7a9236a0b7f6e429d100ef06c2f3728b7c486c6b2d319f5a1bfa656fbab72730
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
88eacf1acaed5233c532d30905f2bf547a2c6dcc7e292ca585517dae946e471d
89e56a31a32ce2a3892038a9b1bd6949941708aa4c899818c2010680dab4379b
8ac8e82aec8374261b897cd87b3c4110ea7d23e0839aed51b36f3ace1b6b931c
8bdd2b7bd714f6e4162b5973036380d0b0203ec7f06cd748e462c14117d75f39
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8fc3c57856526d39585a9e795b4bc417e25d6d0aba5edd72f56f7b14358e53f1
9341e80abd3917d1560f1ffdd6428451cdde0c6c4d0e96635de83315ec14b5ef
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
9b381f94c33492332e71cfd331ab491cf56253c02a39784d30b67229665bdcfe
9ce1be1b080ca90258b4b8da7cc45c6900f709dbadce077757f07c6ba3d1aea5
9ddca568ff519cd935a816baec6f7bfce459656ec5022ec2ba6a6225891022eb
a67e8d3a07ef646f98cbdae2c872f6e1abe3924e7c60811cb6ebf3fc1d18f20b
a7bf1f115e60e0c8f3b335df66d4d77baaae4eb11d2cea2cf7c5b4693403a46f
ac6e8dbcf906b5d78b6538eea0df8d50e34fdd4ba6a3932bfbf38d4a085e2797
b048aab915cff21770ab59d41db086910dcae6112762e281d863023850c911ac
b464baf81170c8e0bdf96671bea3b3246237fb654d2aca38c84ede04c4bc0a19
b4ea97ac568ffd12baafd28061b021282bbf1107a8c0f1059492ef5c85b7d2d6
b94abbf688f7ac259b400e6b6c13b04d7a579740383be9c1d66bd33e0aecc8b5
bc9d705ee6c02fde87c2069b74221c2172f27d659282a53756f9b3634fab4f27
c0a0421e37fceb43b93540660271c9aeaf8ce0649a5cc3b8757b64edaba2b614
ce12c5d89505d25b9189e6309fdb515fcdac9660aadac3cb5791b1a8793083d8
ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d
d2fca2ae6ff4ffea8690cb747cfb9237c873b227c4ad3425a1d84598c8bd0148
d9d936400543739cf32316a9c65eba4a0f37d69c5d0bf5dd0866b4a24b4a9214
db585eb5c801b8b204ecfe784e0e88909c9d7b786eda2da3a241626a0ddab3ab
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de46e17652d2145529e3a36d2641551b4439f48ca4368a86b8ef4fdde110b757
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed8dcdd1cd70f20753227a723f3c57ba9c1e7f17552ce8050c74b5679e9c918d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50478628d72e24adc6cd635158e67a409882102104d02254ec5b2206c1f806f
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
fbe3f947454d290f1ddb83afe676b4f2da956d8b33816133bcafdaf1b47a9ebd
feb1b60a7fe413e851ec2e07e3726d1c61d77e0605d811da1123188536ad1ff5

deals.hwy40skidelivery.com Open in urlscan Pro 151.101.130.159 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

84 Requests

100 %HTTPS

71 %IPv6

17 Domains

21 Subdomains

21 IPs

4 Countries

2863 kBTransfer

5561 kBSize

0 Cookies

2 Outgoing links

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

deals.hwy40skidelivery.com Open in urlscan Pro
151.101.130.159 Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

100 %
HTTPS

71 %
IPv6

17
Domains

21
Subdomains

21
IPs

4
Countries

2863 kB
Transfer

5561 kB
Size

0
Cookies

84 HTTP transactions
0 data transactions