urlscan.io logo urlscan.io
SecurityTrails logo

apple-cart.trybandoo.com Open in urlscan Pro
2606:4700:3108::ac42:2bd5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://apple-cart.trybandoo.com/
Effective URL: https://apple-cart.trybandoo.com/?utm_auid=afcb6460-6eab-11ef-b409-835dcc8c3560
Submission: On September 09 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 1 countries across 19 domains to perform 58 HTTP transactions. The main IP is 2606:4700:3108::ac42:2bd5, located in United States and belongs to CLOUDFLARENET, US. The main domain is apple-cart.trybandoo.com.
TLS certificate: Issued by WE1 on July 17th 2024. Valid for: 3 months.
This is the only time apple-cart.trybandoo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 2606:4700:310... 13335 (CLOUDFLAR...)
4 2606:4700:440... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
4 34.96.102.137 396982 (GOOGLE-CL...)
1 34.144.207.37 396982 (GOOGLE-CL...)
1 18.238.59.19 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
9 151.101.66.133 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 34.120.195.249 396982 (GOOGLE-CL...)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 151.101.194.133 54113 (FASTLY)
3 2620:1ec:33:2... 8075 (MICROSOFT...)
5 23.44.111.60 20940 (AKAMAI-ASN1)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 151.101.2.133 54113 (FASTLY)
1 151.101.130.133 54113 (FASTLY)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2a03:2880:f11... 32934 (FACEBOOK)
2 2001:4860:480... 15169 (GOOGLE)
58 25
3    2606:4700:3108::ac42:2bd5 (United States)

ASN13335 (CLOUDFLARENET, US)
apple-cart.trybandoo.com
4    2606:4700:4400::ac40:991d (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.prod.website-files.com
1    2607:f8b0:4006:821::200a (United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
4    34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com
1    34.144.207.37 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 37.207.144.34.bc.googleusercontent.com
cdn.node33.ai
1    18.238.59.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-59-19.jfk52.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net
2    2606:4700::6811:f9cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
9    151.101.66.133 (San Francisco, United States)

ASN54113 (FASTLY, US)
static.klaviyo.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o4504479358124032.ingest.sentry.io
2    2607:f8b0:4006:816::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2607:f8b0:4006:816::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    151.101.194.133 (San Francisco, United States)

ASN54113 (FASTLY, US)
static-tracking.klaviyo.com
3    2620:1ec:33:2::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
5    23.44.111.60 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-111-60.deploy.static.akamaitechnologies.com
analytics.tiktok.com
2    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    151.101.2.133 (San Francisco, United States)

ASN54113 (FASTLY, US)
fast.a.klaviyo.com
1    151.101.130.133 (San Francisco, United States)

ASN54113 (FASTLY, US)
static-forms.klaviyo.com
2    2607:f8b0:4006:80a::200e (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c1f::9b (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4006:817::2002 (United States)

ASN15169 (GOOGLE, US)
td.doubleclick.net
4    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2001:4860:4802:36::35 (United States)

ASN15169 (GOOGLE, US)
timetoloadv2-f2ow6o2dfq-uc.a.run.app
Apex Domain
Subdomains		 Transfer
13 klaviyo.com
static.klaviyo.com — Cisco Umbrella Rank: 4027
static-tracking.klaviyo.com — Cisco Umbrella Rank: 4898
fast.a.klaviyo.com — Cisco Umbrella Rank: 5294
static-forms.klaviyo.com — Cisco Umbrella Rank: 5083
78 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 963
137 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
5 KB
4 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4988
67 KB
4 website-files.com
cdn.prod.website-files.com — Cisco Umbrella Rank: 11800
118 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 534
15 KB
3 gstatic.com
fonts.gstatic.com
114 KB
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 641
fonts.googleapis.com — Cisco Umbrella Rank: 110
9 KB
3 trybandoo.com
apple-cart.trybandoo.com
3 KB
2 run.app
timetoloadv2-f2ow6o2dfq-uc.a.run.app
123 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
td.doubleclick.net — Cisco Umbrella Rank: 481
260 B
2 google.com
analytics.google.com — Cisco Umbrella Rank: 238
296 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
71 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
215 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1314
144 KB
1 sentry.io
o4504479358124032.ingest.sentry.io
300 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1223
7 KB
1 cloudfront.net
d3e54v103j8qbb.cloudfront.net
32 KB
1 node33.ai
cdn.node33.ai
551 KB
58 19
Domain Requested by
9 static.klaviyo.com apple-cart.trybandoo.com
static.klaviyo.com
www.googletagmanager.com
5 analytics.tiktok.com apple-cart.trybandoo.com
analytics.tiktok.com
4 www.facebook.com apple-cart.trybandoo.com
4 dev.visualwebsiteoptimizer.com apple-cart.trybandoo.com
dev.visualwebsiteoptimizer.com
4 cdn.prod.website-files.com apple-cart.trybandoo.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
apple-cart.trybandoo.com
3 fonts.gstatic.com fonts.googleapis.com
3 apple-cart.trybandoo.com 1 redirects cdn.node33.ai
2 timetoloadv2-f2ow6o2dfq-uc.a.run.app cdn.node33.ai
2 analytics.google.com cdn.node33.ai
2 connect.facebook.net apple-cart.trybandoo.com
connect.facebook.net
2 static-tracking.klaviyo.com static.klaviyo.com
2 www.googletagmanager.com apple-cart.trybandoo.com
www.googletagmanager.com
2 fonts.googleapis.com ajax.googleapis.com
client
2 unpkg.com apple-cart.trybandoo.com
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 static-forms.klaviyo.com cdn.node33.ai
1 fast.a.klaviyo.com cdn.node33.ai
1 o4504479358124032.ingest.sentry.io cdn.node33.ai
1 static.cloudflareinsights.com apple-cart.trybandoo.com
1 d3e54v103j8qbb.cloudfront.net apple-cart.trybandoo.com
1 cdn.node33.ai apple-cart.trybandoo.com
1 ajax.googleapis.com apple-cart.trybandoo.com
58 24

This site contains no links.

Subject Issuer Validity Valid
trybandoo.com
WE1		 2024-07-17 -
2024-10-15		 3 months crt.sh
prod.website-files.com
WE1		 2024-08-23 -
2024-11-21		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2		 2024-06-29 -
2025-07-31		 a year crt.sh
cdn.node33.ai
WR3		 2024-07-18 -
2024-10-16		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
unpkg.com
WE1		 2024-07-28 -
2024-10-26		 3 months crt.sh
static.klaviyo.com
R11		 2024-09-09 -
2024-12-08		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-09-03 -
2024-12-02		 3 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-02 -
2024-12-02		 a year crt.sh
*.google-analytics.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
static-tracking.klaviyo.com
R11		 2024-07-19 -
2024-10-17		 3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-06-19 -
2024-12-16		 6 months crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1		 2024-07-15 -
2025-07-15		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-06-18 -
2024-09-16		 3 months crt.sh
fast.a.klaviyo.com
R10		 2024-09-09 -
2024-12-08		 3 months crt.sh
static-forms.klaviyo.com
R10		 2024-08-18 -
2024-11-16		 3 months crt.sh
*.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.doubleclick.net
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.a.run.app
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://apple-cart.trybandoo.com/?utm_auid=afcb6460-6eab-11ef-b409-835dcc8c3560
Frame ID: 4776CF83236300463E4A274D2D3867D5
Requests: 57 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-M1BVHWVHCN&gacid=2126607529.1725886916&gtm=45je4940v886639480z8849249172za200zb849249172&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1102962052
Frame ID: ED2BE0A0CC9180184AFCF72FA1641A44
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bandoo - Cleansing Foot Patches

Page URL History Show full URLs

  1. https://apple-cart.trybandoo.com/ HTTP 302
    https://apple-cart.trybandoo.com/?utm_auid=afcb6460-6eab-11ef-b409-835dcc8c3560 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • klaviyo\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

58
Requests

98 %
HTTPS

63 %
IPv6

19
Domains

24
Subdomains

25
IPs

1
Countries

1566 kB
Transfer

3640 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://apple-cart.trybandoo.com/ HTTP 302
    https://apple-cart.trybandoo.com/?utm_auid=afcb6460-6eab-11ef-b409-835dcc8c3560 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
apple-cart.trybandoo.com/
Redirect Chain
  • https://apple-cart.trybandoo.com/
  • https://apple-cart.trybandoo.com/?utm_auid=afcb6460-6eab-11ef-b409-835dcc8c3560
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apple-cart.trybandoo.com/?utm_auid=afcb6460-6eab-11ef-b409-835dcc8c3560
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60ef12152a760f67f98139bb4fe9c6a227921dad0302777c328c66ff32dfbced
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age
0
cf-cache-status
DYNAMIC
cf-ray
8c075e9c9a9017bd-EWR
content-encoding
br
content-type
text/html
date
Mon, 09 Sep 2024 13:01:54 GMT
server
cloudflare
strict-transport-security
max-age=31536000
vary
x-wf-forwarded-proto, Accept-Encoding
x-cache
MISS
x-cache-hits
0
x-cluster-name
us-east-1-prod-hosting-red
x-lambda-id
fd5ef10a-87e8-4e51-957c-7acbae15d4a4
x-served-by
cache-iad-kjyo7100027-IAD
x-timer
S1725886914.071572,VS0,VE161

Redirect headers

cf-ray
8c075e9c3a2417bd-EWR
content-length
0
date
Mon, 09 Sep 2024 13:01:53 GMT
location
https://apple-cart.trybandoo.com/?utm_auid=afcb6460-6eab-11ef-b409-835dcc8c3560
server
cloudflare
vary
Accept-Encoding
bandoo-cart-staging-155b08a65b801f1e8b6.d2de516a9.min.css
cdn.prod.website-files.com/66daa3f7bd5bb57572ccb7fb/css/ 		280 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/66daa3f7bd5bb57572ccb7fb/css/bandoo-cart-staging-155b08a65b801f1e8b6.d2de516a9.min.css
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=afcb6460-6eab-11ef-b409-835dcc8c3560
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:991d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecabf396531beef7f6c20e533a26edb5ef5bb12879d30d191035ad2524191d4c

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 13:01:54 GMT
content-encoding
gzip
x-amz-version-id
Cvaeqrngmu0HgxHYqRl21B2Jfuvlr07p
cf-cache-status
HIT
x-amz-request-id
AYSA8W13NVXH9FZS
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
42717
x-amz-id-2
JdcY9/sYR6CIPBqM1qB7shySEWkAo8wnd9QZbARtIYA8xGgFWwfhxE3mk5VKnvWp3f2dAyxEKxZfDIyVUEEVQA==
last-modified
Fri, 06 Sep 2024 07:07:30 GMT
server
cloudflare
etag
"363db4af7f464647de735b5c9d29b6df"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
8c075e9f5ef36991-PHL
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=afcb6460-6eab-11ef-b409-835dcc8c3560
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 12:32:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1747
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 09 Sep 2025 12:32:47 GMT
581801.js
dev.visualwebsiteoptimizer.com/lib/ 		200 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/lib/581801.js
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=afcb6460-6eab-11ef-b409-835dcc8c3560
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1 /
Resource Hash
169cfd4e6de67ba6ea3cc3489b8efe63fd3969732356db8534c94dc3eed1ef9d

Request headers

Referer
https://apple-cart.trybandoo.com/?utm_auid=afcb6460-6eab-11ef-b409-835dcc8c3560
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-computed
true
date
Mon, 09 Sep 2024 13:01:54 GMT
content-encoding
gzip
via
1.1 google
server
gnv1
etag
W/"1725874042"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
no-cache,max-age=0, public, max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ptime
0.0015309999998863
main.js
cdn.node33.ai/elements-54c6a43-1718805070-0.4.01/main/ 		551 KB
551 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.node33.ai/elements-54c6a43-1718805070-0.4.01/main/main.js
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=afcb6460-6eab-11ef-b409-835dcc8c3560
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.144.207.37 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
37.207.144.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d41ac0e18c3aacf5c39976ab50fd877ff0fec9720f022d7d082a1527333116cf

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 12:31:17 GMT
via
1.1 google
age
1837
x-guploader-uploadid
AD-8ljuhwr53QJEZG1DCCZrhqSpcAiMxt52SRRXhlliRt0wZD5EkJ3ZRnjeQDNOBCdbbn8kG5xvytxPHQA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
563717
last-modified
Wed, 19 Jun 2024 13:51:28 GMT
server
UploadServer
etag
"80f0e73f2f0150bfcc207d12e965498d"
x-goog-generation
1718805088182657
x-goog-hash
crc32c=QtPX/g==, md5=gPDnPy8BUL/MIH0S6WVJjQ==
content-type
text/javascript
access-control-allow-origin
*
cache-control
public,max-age=3600
x-goog-stored-content-length
563717
accept-ranges
bytes
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=66daa3f7bd5bb57572ccb7fb
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=afcb6460-6eab-11ef-b409-835dcc8c3560
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.59.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-59-19.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://apple-cart.trybandoo.com/
Origin
https://apple-cart.trybandoo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sun, 08 Sep 2024 22:17:00 GMT
content-encoding
br
via
1.1 2c8fc98e914dd92124c9f02bae44cffc.cloudfront.net (CloudFront)
age
53095
x-amz-cf-pop
JFK52-P4
x-cache
Hit from cloudfront
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
server
AmazonS3
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
vary
accept-encoding
x-amz-cf-id
5Z5gbt3TF2vwrabVTbbJHYmE7dzXvcKaD9_G-lL55PkA8FXQhC0CKw==
bandoo-cart-staging-155b08a65b801f1e8b6.70762bab8.js
cdn.prod.website-files.com/66daa3f7bd5bb57572ccb7fb/js/ 		185 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/66daa3f7bd5bb57572ccb7fb/js/bandoo-cart-staging-155b08a65b801f1e8b6.70762bab8.js
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=afcb6460-6eab-11ef-b409-835dcc8c3560
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:991d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ff195308ce8f053eadb9e349138626e617a4af7f1795bca0001c651850d5551

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 13:01:54 GMT
content-encoding
gzip
x-amz-version-id
BlR8ApuV48HpHmDhcj7t_PE4ROl3gCCD
cf-cache-status
HIT
x-amz-request-id
AYS6AGAME75JCX9X
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
65330
x-amz-id-2
ho7sfzKh6NmO3NTh7ExDWW4SuiQVicY0WulLF6HiUJIrQj/x9kiuxs7NKFH8xa9l2syHHYfaqvVdFuqX+M9HIA==
last-modified
Fri, 06 Sep 2024 07:07:30 GMT
server
cloudflare
etag
"abda26e116557014f979deadd3e5cd33"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
8c075e9f5ef46991-PHL
polyfills.js
unpkg.com/webp-hero@0.0.2/dist-cjs/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/webp-hero@0.0.2/dist-cjs/polyfills.js
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=afcb6460-6eab-11ef-b409-835dcc8c3560
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f9cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99e971227d19899f22600856ab962b99eb2be1bd48c094cb48edf01120bd15f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 13:01:54 GMT
content-encoding
gzip
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
15542885
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HRW75BJPM7Q0X8EAXPRF512H-lga
server
cloudflare
etag
"1c77-yaBs1pA5mveNzFBZf3vjHoLZaT8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8c075ea1aec419eb-EWR
webp-hero.bundle.js
unpkg.com/webp-hero@0.0.2/dist-cjs/ 		339 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/webp-hero@0.0.2/dist-cjs/webp-hero.bundle.js
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=afcb6460-6eab-11ef-b409-835dcc8c3560
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f9cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eefeb3811e0512c505a4c5ddd9e743dd178375fa655c4884321679c4d4094c7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 13:01:54 GMT
content-encoding
gzip
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
15538695
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HRWB5BN99CNEEPS4Q9A5BMN1-lga
server
cloudflare
etag
"54c96-JAu9sYDENEw/mFuwU6fwQcWfMM0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8c075ea20f0d19eb-EWR
klaviyo.js
static.klaviyo.com/onsite/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SDA3si
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=afcb6460-6eab-11ef-b409-835dcc8c3560
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f9aa8502a2f013aa7fc217782391b928399fb8d1cfaa43cfd24df23f9125fa2e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; object-src 'none'; base-uri 'none'; report-uri /csp/

Request headers

Referer
https://apple-cart.trybandoo.com/
Origin
https://apple-cart.trybandoo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; object-src 'none'; base-uri 'none'; report-uri /csp/
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Mon, 09 Sep 2024 13:01:55 GMT
age
168841
x-cache
HIT, HIT
content-length
2266
x-served-by
cache-lga21929-LGA, cache-ewr-kewr1740037-EWR
server
nginx
x-timer
S1725886915.185635,VS0,VE1
etag
"a68e662ebfdb4df634b45693bd38350b"
allow
OPTIONS, GET
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
content-language
en-us
cache-control
max-age=1, stale-while-revalidate=10800, stale-if-error=86400
access-control-allow-credentials
true
content-type
application/javascript
vary
Accept-Encoding
x-resp-is-stale
true
accept-ranges
bytes
access-control-allow-headers
x-cache-hits
6, 0
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=afcb6460-6eab-11ef-b409-835dcc8c3560
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer
https://apple-cart.trybandoo.com/
Origin
https://apple-cart.trybandoo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 13:01:55 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
server
cloudflare
etag
W/"2024.6.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8c075ea3af944276-EWR
css
fonts.googleapis.com/ 		35 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CInter:regular,700
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7dfd5d14d564cd53f9fda6b3abb2d89f8b935c327cbe4a23c3b182d22e8d28ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 09 Sep 2024 13:01:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 09 Sep 2024 13:01:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 09 Sep 2024 13:01:54 GMT
gv.gif
dev.visualwebsiteoptimizer.com/ 		767 B
582 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/gv.gif?a=581801&u=https%3A%2F%2Fapple-cart.trybandoo.com%2F%3Futm_auid%3Dafcb6460-6eab-11ef-b409-835dcc8c3560
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/lib/581801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1 /
Resource Hash
5585a981dbe7ae2173b9af112d572c9f60e48c7d54b1e72e55a70daa4c24cd9d

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 13:01:54 GMT
content-encoding
gzip
via
1.1 google
server
gnv1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/javascript; charset=UTF-8
settings.js
dev.visualwebsiteoptimizer.com/ 		951 B
657 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=581801&settings_type=2&vn=7.0&u=https%3A%2F%2Fapple-cart.trybandoo.com%2F%3Futm_auid%3Dafcb6460-6eab-11ef-b409-835dcc8c3560
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/lib/581801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1 /
Resource Hash
c5cd7408d41d10fea3123f010476c40cc15add1979a42193c1437b2c97da2c10

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 13:01:55 GMT
content-encoding
gzip
via
1.1 google
server
gnv1
etag
W/"1725874042"
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
o4504479358124032.ingest.sentry.io/api/4505713674485760/envelope/ 		2 B
300 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o4504479358124032.ingest.sentry.io/api/4505713674485760/envelope/?sentry_key=135a4f701a55187598a73518350aee23&sentry_version=7&sentry_client=sentry.javascript.browser%2F8.9.2
Requested by
Host: cdn.node33.ai
URL: https://cdn.node33.ai/elements-54c6a43-1718805070-0.4.01/main/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 09 Sep 2024 13:01:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin, access-control-request-method, access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
92e7918d-a3f2-4a53-a0fb-7e6204bd103a
https://apple-cart.trybandoo.com/ Frame 		0
0
gtm.js
www.googletagmanager.com/ 		374 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K8L4768
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=afcb6460-6eab-11ef-b409-835dcc8c3560
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4e32f4cffc1ab97bf43db9c6e4e85604f189415c305448cf6691150485312cd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 13:01:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113914
x-xss-protection
0
last-modified
Mon, 09 Sep 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 09 Sep 2024 13:01:55 GMT
66daa3f7bd5bb57572ccb87e_footer_logo.webp
cdn.prod.website-files.com/66daa3f7bd5bb57572ccb7fb/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/66daa3f7bd5bb57572ccb7fb/66daa3f7bd5bb57572ccb87e_footer_logo.webp
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=afcb6460-6eab-11ef-b409-835dcc8c3560
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:991d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d776af740fa7a0e7c0cb158bf32142169b1dc7fc9fb0f5e6e75e2d14865e727e

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 13:01:55 GMT
x-amz-version-id
Cfkw1gss85JZ2jDPxOUSninfiFFt_nPU
cf-cache-status
HIT
x-amz-request-id
P7C7C7TTFC4BEXW3
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
8770
x-amz-id-2
bRomRbfuqiOaexs84AtrcKhqMJUtNGQp5RgyVG7V6tsMuU2lh7+2pHgJcFRmzxcDiiSl9Sf4DSwHU8jNZgH7kLOkpUjesVS22dI+kSLPgyE=
last-modified
Fri, 06 Sep 2024 06:40:57 GMT
server
cloudflare
etag
"c26af85ca2c27f58fd47e4517720ef70"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
accept-ranges
bytes
cf-ray
8c075ea33b636991-PHL
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CInter:regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://apple-cart.trybandoo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 04:20:13 GMT
x-content-type-options
nosniff
age
290502
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Sep 2025 04:20:13 GMT
JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v26/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CInter:regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://apple-cart.trybandoo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 08:46:09 GMT
x-content-type-options
nosniff
age
274546
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34288
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:52:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Sep 2025 08:46:09 GMT
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CInter:regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://apple-cart.trybandoo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 02 Sep 2024 23:13:47 GMT
x-content-type-options
nosniff
age
568088
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48444
x-xss-protection
0
last-modified
Mon, 29 Jul 2024 22:51:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 02 Sep 2025 23:13:47 GMT
truncated
/ 		58 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fef5a41be1b827a1729f19bcd123a57ee3f2cb8dc9074fffa4ab5b807f503514

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
v.gif
dev.visualwebsiteoptimizer.com/ 		35 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=581801&d=apple-cart.trybandoo.com&u=D72F992C0A4BB3F4E2FFFC5FC649EDD93&h=a8eac7bdee18bf98a11597054993fa16
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=afcb6460-6eab-11ef-b409-835dcc8c3560
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv03c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 13:01:54 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv03c
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=43200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
fender_analytics.8d21d049ace5ab4dbeef.js
static-tracking.klaviyo.com/onsite/js/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-tracking.klaviyo.com/onsite/js/fender_analytics.8d21d049ace5ab4dbeef.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SDA3si
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da90484142079a67f8609c50324de041125ee49ca7eff1dff04527f393b082c9

Request headers

Referer
https://apple-cart.trybandoo.com/
Origin
https://apple-cart.trybandoo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
nBhF5b72CCHSTD22re6nc.gWaBsK_b7t
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Mon, 09 Sep 2024 13:01:55 GMT
x-amz-request-id
2MWJNP74RTTF50AJ
age
150
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
11823
x-amz-id-2
W8eXvsBBQzMZ8GpPgLMTVLEUOwWSS6seyVfKj33lLZyOEttzH0rH4UxoS9/0dXNczrOPQyywUyc=
x-served-by
cache-lga21952-LGA, cache-ewr-kewr1740055-EWR
last-modified
Wed, 04 Sep 2024 19:04:52 GMT
server
AmazonS3
etag
"d80bb8baa3ca6cf2a6045d35a5769751"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
a45f8024c0890c50311d19cc2cd58cb4dfd1f41e
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
5, 74
static.8d136cd44b74e8189276.js
static-tracking.klaviyo.com/onsite/js/ 		495 B
563 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static-tracking.klaviyo.com/onsite/js/static.8d136cd44b74e8189276.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SDA3si
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6eaa7d84867f4a3f58d1cff2d44b4d4adfcc58072a48d761fe092b7e6172b253

Request headers

Referer
https://apple-cart.trybandoo.com/
Origin
https://apple-cart.trybandoo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
4KLghXmoKzxmxRmHqvY8k7J3bAhO2tFr
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Mon, 09 Sep 2024 13:01:55 GMT
x-amz-request-id
B96K4MH5WFX663W7
age
150
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
280
x-amz-id-2
HTOOkNpAp5m1eDXE+yDil50RTwzhEvBQRxoeA9QW0GZtPWspwcnpaW2VJXRr8DUvfvDltZ+w5FQ=
x-served-by
cache-lga21941-LGA, cache-ewr-kewr1740055-EWR
last-modified
Tue, 06 Aug 2024 22:25:31 GMT
server
AmazonS3
etag
"264b8a3f80d7760ba761881fd76641fb"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
d3b3f85cc1f9ce1fb6cc09b481f74e156d3a02d5
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
1446798, 74
runtime.2603ab1a6542398d663d.js
static.klaviyo.com/onsite/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/runtime.2603ab1a6542398d663d.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SDA3si
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa6084278cb3128ab9992a5a4243414904f82bacd8c460b8415dfd6b0506ff73

Request headers

Referer
https://apple-cart.trybandoo.com/
Origin
https://apple-cart.trybandoo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
WQS0f21h8l3YB97zjqZwh4CcV9tUxXha
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Mon, 09 Sep 2024 13:01:55 GMT
x-amz-request-id
AFGAZVXB3GDAT48X
age
151
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
7793
x-amz-id-2
3FipjrjUxRtc+CTK8upApvePYy28iZ1brnpYGOPEVysFuDHy7ZYFZpeXxEScXqmu/DPoW9xLMMk=
x-served-by
cache-lga21945-LGA, cache-ewr-kewr1740037-EWR
last-modified
Fri, 06 Sep 2024 20:40:33 GMT
server
AmazonS3
etag
"00cda1c50a3b311d4dc7b104d589dc21"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
56b66e7eea064fbd7a1e7d3b6fdc0635536c0d81
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
102, 75
sharedUtils.ba0b75a01c0a473bc31f.js
static.klaviyo.com/onsite/js/ 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/sharedUtils.ba0b75a01c0a473bc31f.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SDA3si
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
444507389fc233fde7de5a50461db2a61d6762a752a30ca4fa978b01ed39b8a0

Request headers

Referer
https://apple-cart.trybandoo.com/
Origin
https://apple-cart.trybandoo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
2QcabBflqir2cend8ghZ5lpuNMC6gcRM
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Mon, 09 Sep 2024 13:01:55 GMT
x-amz-request-id
0VE3TB4WY36N5DXA
age
151
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
17928
x-amz-id-2
ANanA4TtfLyQji6xUou3FuSMF1OSkDDISFg7/f72tcCfCm2p+dnmj/qV5feHC6WqrxpRlUy1Q9k=
x-served-by
cache-lga21938-LGA, cache-ewr-kewr1740037-EWR
last-modified
Tue, 03 Sep 2024 21:31:50 GMT
server
AmazonS3
etag
"07e3175fb5e733cc149284cfc69cf79b"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
df2b7a81dd7a2fb2ff7fceb46bd3d0692fb4e9eb
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
34, 69
vendors~signup_forms~post_identification_sync~onsite-triggering~customerHubRoot.8c45a4643eee76f6e5c9.js
static.klaviyo.com/onsite/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/vendors~signup_forms~post_identification_sync~onsite-triggering~customerHubRoot.8c45a4643eee76f6e5c9.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SDA3si
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d2586e045767a0379e2072dc2fd04a86e9b2514620ffab62af46318aa20e2f01

Request headers

Referer
https://apple-cart.trybandoo.com/
Origin
https://apple-cart.trybandoo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
cHoM9xljXdqi6EmlHdKdf7UMlvt9PeV2
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Mon, 09 Sep 2024 13:01:55 GMT
x-amz-request-id
JWGDH57SCFCWX9NF
age
150
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
4100
x-amz-id-2
zZJqBx1nxApC6I8Yb5Xge9RluGiBR4QQiMh7MG5bT9lF3uZppv0l6IuAbtlGrVJCQjonH9KkLKfDTvhInvMq1OWQP9Msz5hPsa4UHI8MIqw=
x-served-by
cache-lga21968-LGA, cache-ewr-kewr1740037-EWR
last-modified
Fri, 16 Aug 2024 16:04:38 GMT
server
AmazonS3
etag
"bcbe97b98d6018eab1657c41ede222ec"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
52d81ab39149060c3e8a6dd52d312f6d0a8d838d
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
15, 50
vendors~signup_forms~onsite-triggering.f88945af9a706719d64b.js
static.klaviyo.com/onsite/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/vendors~signup_forms~onsite-triggering.f88945af9a706719d64b.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SDA3si
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f73c578afd4839c471623755979976453bc91f26c0cf24a9f302e0024bf30a7f

Request headers

Referer
https://apple-cart.trybandoo.com/
Origin
https://apple-cart.trybandoo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
TRe.Ma.RA.f_Hrh_dLuFmFXUoAUkn5ie
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Mon, 09 Sep 2024 13:01:55 GMT
x-amz-request-id
ZJATDMCAAV0AHMKP
age
151
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
3282
x-amz-id-2
syehCADDPmX5FFolUcmmm4XdLJOd1Q314sOp32VWq/wN+Ei2aFy/HX817eN2UXhYBbdRH47O2ffzxHAjJ1HatOjX79LrtcGm
x-served-by
cache-lga21967-LGA, cache-ewr-kewr1740037-EWR
last-modified
Tue, 13 Aug 2024 10:51:58 GMT
server
AmazonS3
etag
"b9d594ec8a92f26146977ada9530f2b0"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
d682cf6b66add4bca41f2fb7cb88b63f39926c55
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
124466, 50
vendors~signup_forms.0a55af0707af13bd6205.js
static.klaviyo.com/onsite/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/vendors~signup_forms.0a55af0707af13bd6205.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SDA3si
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54a95e5381069af1c1ffe30d039643382c05ebd59d587161b142d5f29290c909

Request headers

Referer
https://apple-cart.trybandoo.com/
Origin
https://apple-cart.trybandoo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
S3Y24YL1T4e5lFPuvVVYRw4k4ncHsIiD
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Mon, 09 Sep 2024 13:01:55 GMT
x-amz-request-id
B96V1J83DKXPGY85
age
151
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
3986
x-amz-id-2
oZka/5CajNfHJcGTO7jNJy/13KSVf0eqJB6iZhyvWlefim5uTUQPV+JUkerci8wI4jgX8JBnfc0=
x-served-by
cache-lga21961-LGA, cache-ewr-kewr1740037-EWR
last-modified
Tue, 06 Aug 2024 22:25:31 GMT
server
AmazonS3
etag
"dc2fa375024745e4a07f0ad3e81ba109"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
d3b3f85cc1f9ce1fb6cc09b481f74e156d3a02d5
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
530380, 49
default~signup_forms~onsite-triggering.c8f9e1cf499bdab782a9.js
static.klaviyo.com/onsite/js/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/default~signup_forms~onsite-triggering.c8f9e1cf499bdab782a9.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SDA3si
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c853e00afaed8f5bc00f96b24ea685eeb960433abf7dd98a79df91e591301231

Request headers

Referer
https://apple-cart.trybandoo.com/
Origin
https://apple-cart.trybandoo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
j5JFaCZIuGrzfgh0VhcZJkrGzYvy_Ar.
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Mon, 09 Sep 2024 13:01:55 GMT
x-amz-request-id
J3KVXJZ162GJDJ6Z
age
151
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
9350
x-amz-id-2
c1FGDgGnakXJPeSrWk2KTdqxE6F4wYSaj/MLDaVl0FFeaCTyOO+DajzFAoEs7YgAuXyhlSfQSYE=
x-served-by
cache-lga21937-LGA, cache-ewr-kewr1740037-EWR
last-modified
Tue, 03 Sep 2024 14:44:50 GMT
server
AmazonS3
etag
"8374708fe1a13fb0eb1fffbe8a55a579"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
5138fb2ed66c438d18b1193d40ae53a8ddcad717
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
14, 49
signup_forms.e2975bd004ae76425ab0.js
static.klaviyo.com/onsite/js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/signup_forms.e2975bd004ae76425ab0.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SDA3si
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e94705644664e6036e52702eb19f8ce574212059de5fec82dbaf6724a82fd558

Request headers

Referer
https://apple-cart.trybandoo.com/
Origin
https://apple-cart.trybandoo.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
Q4PgaoOni1dtTrgl5qsViFVSEToPo_9e
content-encoding
br
via
1.1 varnish, 1.1 varnish
date
Mon, 09 Sep 2024 13:01:55 GMT
x-amz-request-id
6E610J8WXAN5XXKP
age
151
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset
content-length
5792
x-amz-id-2
myG+yvMhqY/BltJg5C8jDOn6AhDg6X3rWdCgi94pz8pLX7fP1Cn+ZMK/z6auDkp9i6wZ6v2Lr6A=
x-served-by
cache-lga21992-LGA, cache-ewr-kewr1740037-EWR
last-modified
Sat, 31 Aug 2024 07:45:51 GMT
server
AmazonS3
etag
"f356f13975d95f719de2993679609d32"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
0cbc528086c3cc0442adedce6a660b6797851a9d
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
17, 51
js
www.googletagmanager.com/gtag/ 		316 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-M1BVHWVHCN&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8L4768
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
12704621bdf400dfcadd0b42f71de279c06f2cf1f41ceb27130612f66b6d3ce6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 13:01:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
105850
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 09 Sep 2024 13:01:55 GMT
bat.js
bat.bing.com/ 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8L4768
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:2::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
60ed45fe20ede817f77c4e774e77fd9a9a4f4046c67456f1442eac2095918438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Mon, 09 Sep 2024 13:01:55 GMT
last-modified
Fri, 06 Sep 2024 21:17:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8E074F3BCE7940BEB54A0BDF8874FF9B Ref B: BL2AA2030101037 Ref C: 2024-09-09T13:01:55Z
etag
"016326a20db1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
14305
events.js
analytics.tiktok.com/i18n/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CI8L7B3C77U2H86MCB2G&lib=ttq
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=afcb6460-6eab-11ef-b409-835dcc8c3560
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.111.60 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-111-60.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e80fbf3dd536ed249086f82860876aba98a5e9eb40cd5ef0a24102799b21e570

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id
7a9215eb.84b7b49
date
Mon, 09 Sep 2024 13:01:55 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240909130155C80828AA77A2045EFB50-681836FA61EBD576-00
x-cache
TCP_MISS from a23-44-200-194.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
x-parent-response-time
32,23.44.200.194
server-timing
cdn-cache; desc=MISS, edge; dur=23, origin; dur=9, inner; dur=4
content-length
2000
pragma
no-cache
server
nginx
x-tt-logid
20240909130155C80828AA77A2045EFB50
x-cache-remote
TCP_MISS from a23-48-100-146.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
9,23.48.100.146
x-tt-trace-host
01d117add43ae78441590e872ad04f28e7cc7c108ba40a39f0f634f6d87676a848e7eae0dab4958be6d4d1c0dfe0a0861aea0e027f1a2a4695f278fe22cbaf84f2ed3295e72a6abb171f46f3935111224c4244229483d8e3066c469ed2fac1cbefddf04ffa1e78a945eb46df5b1b95db93
expires
Mon, 09 Sep 2024 13:01:55 GMT
klaviyo.js
static.klaviyo.com/onsite/js/ 		7 KB
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=SDA3si
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8L4768
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f9aa8502a2f013aa7fc217782391b928399fb8d1cfaa43cfd24df23f9125fa2e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; object-src 'none'; base-uri 'none'; report-uri /csp/

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 13:01:55 GMT
via
1.1 varnish
content-encoding
br
content-security-policy
frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; object-src 'none'; base-uri 'none'; report-uri /csp/
age
146
x-cache
HIT
content-length
2266
x-served-by
cache-ewr-kewr1740063-EWR
server
nginx
x-timer
S1725886916.612500,VS0,VE1
etag
"a68e662ebfdb4df634b45693bd38350b"
vary
Accept-Encoding
access-control-allow-methods
GET
content-language
en-us
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=1, stale-while-revalidate=10800, stale-if-error=86400
access-control-allow-credentials
true
access-control-max-age
86400
x-resp-is-stale
true
accept-ranges
bytes
access-control-allow-headers
allow
OPTIONS, GET
x-cache-hits
1
fbevents.js
connect.facebook.net/en_US/ 		225 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=afcb6460-6eab-11ef-b409-835dcc8c3560
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 09 Sep 2024 13:01:55 GMT
document-policy
force-load-at-top
x-fb-server-load
43
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58953
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=0, c=23, mss=1232, tbw=5544, tp=10, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
QUOM02XPOVu1UmWsQ3tlKUP+tXb5B2aBMGu2iBxbsJV8ZNDsZbmx1oRu8STlQ5iy+RTWRVZLQI/JE7GMlumffA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
onsite
fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fast.a.klaviyo.com/custom-fonts/api/v1/company-fonts/onsite?company_id=SDA3si
Requested by
Host: cdn.node33.ai
URL: https://cdn.node33.ai/elements-54c6a43-1718805070-0.4.01/main/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
01b5440b23341e3d74b51e853f3f48f18763d7aff604839d93ca2b470daeacec
Security Headers
Name Value
Content-Security-Policy object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; report-uri /csp/
Strict-Transport-Security max-age=900

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; report-uri /csp/
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Mon, 09 Sep 2024 13:01:55 GMT
strict-transport-security
max-age=900
age
2355272
x-cache
HIT, HIT
content-length
490
x-served-by
cache-bos4680-BOS, cache-ewr-kewr1740063-EWR
server
nginx
allow
GET, HEAD, OPTIONS
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
content-language
en-us
cache-control
max-age=10
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Accept-Language, Cookie
accept-ranges
bytes
access-control-allow-headers
x-cache-hits
162, 0
full-forms
static-forms.klaviyo.com/forms/api/v7/SDA3si/ 		57 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static-forms.klaviyo.com/forms/api/v7/SDA3si/full-forms
Requested by
Host: cdn.node33.ai
URL: https://cdn.node33.ai/elements-54c6a43-1718805070-0.4.01/main/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eb632bd4998fdfaafd2f19f6af5665ad7ee8bfa7b25a3099319b821fad6d766a

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id
BVKrDVKaUKtpkn8o_gek3E4iAS8dtCrg
content-encoding
gzip
via
1.1 varnish
date
Mon, 09 Sep 2024 13:01:55 GMT
x-amz-request-id
C75HRHKC0S0N0P36
age
1055464
x-amz-server-side-encryption
AES256
x-cache
HIT
client-geo-continent
NA
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
full-forms/shared full-forms/SDA3si custom-fonts/SDA3si
content-length
7010
x-amz-id-2
4qjNcqfLrUvX5X+bX0PaYKz+LaK9ezIbbUcRaasavQPfIeL+IjKLeUsqXOvVEPP55cYMjP6/BEs=
x-served-by
cache-ewr-kewr1740043-EWR
client-geo-country
US
last-modified
Fri, 23 Aug 2024 13:21:42 GMT
server
AmazonS3
x-timer
S1725886916.694313,VS0,VE1
etag
"3f195ae15895174be60a3109532d93d5"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
client-geo-continent, client-geo-country
cache-control
max-age=5
accept-ranges
bytes
x-cache-hits
0
collect
analytics.google.com/g/ 		0
251 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-M1BVHWVHCN&gtm=45je4940v886639480z8849249172za200zb849249172&_p=1725886915014&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=2126607529.1725886916&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AAAACA&_s=1&uid=afcb6460-6eab-11ef-b409-835dcc8c3560&sid=1725886915&sct=1&seg=0&dl=https%3A%2F%2Fapple-cart.trybandoo.com%2F%3Futm_auid%3Dafcb6460-6eab-11ef-b409-835dcc8c3560&dt=Bandoo%20-%20Cleansing%20Foot%20Patches&en=page_view&_fv=1&_nsi=1&_ss=1&ep.full_url=https%3A%2F%2Fapple-cart.trybandoo.com%2F%3Futm_auid%3Dafcb6460-6eab-11ef-b409-835dcc8c3560&ep.resolution=1600x1200&tfd=1936
Requested by
Host: cdn.node33.ai
URL: https://cdn.node33.ai/elements-54c6a43-1718805070-0.4.01/main/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Sep 2024 13:01:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://apple-cart.trybandoo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-M1BVHWVHCN&cid=2126607529.1725886916&gtm=45je4940v886639480z8849249172za200zb849249172&aip=1&uid=afcb6460-6eab-11ef-b409-835dcc8c3560&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M1BVHWVHCN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1f::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Sep 2024 13:01:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://apple-cart.trybandoo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rul
td.doubleclick.net/td/ga/ Frame ED2B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-M1BVHWVHCN&gacid=2126607529.1725886916&gtm=45je4940v886639480z8849249172za200zb849249172&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=1102962052
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M1BVHWVHCN&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://apple-cart.trybandoo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 Sep 2024 13:01:55 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ 		24 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Kanit:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900&family=Roboto:ital,wght@0,400&family=Roboto+Serif:ital,wght@0,400&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d042d309992540196e92e04e48a759623bc72aa733231ce1e5fd1c44eb0f8690
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 09 Sep 2024 13:01:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 09 Sep 2024 13:01:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 09 Sep 2024 13:01:55 GMT
163538869183395
connect.facebook.net/signals/config/ 		64 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/163538869183395?v=2.9.167&r=stable&domain=apple-cart.trybandoo.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d4531db231c59749a8109e4aca32270b3882f3cc922b336efeb9df3f91469f18
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 09 Sep 2024 13:01:56 GMT
document-policy
force-load-at-top
x-fb-server-load
58
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=30, rtx=0, c=74, mss=1232, tbw=68214, tp=64, tpl=0, uplat=85, ullat=0
pragma
public
x-fb-debug
Iqw4fJdnBEN2I2+nEkEXF7dKYafPtljEZNs+DN36uZfNPoS5+Xte1caO8L0iH+Qv9slkirEuE/vkVEUzKgWcCw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
main.MTZlYmMyNjliMA.js
analytics.tiktok.com/i18n/pixel/static/ 		334 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTZlYmMyNjliMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CI8L7B3C77U2H86MCB2G&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.111.60 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-111-60.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
97cb5582858b04ad514c84f116de94e931849838034ef1f324beda5f60514c06

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id
84b7d0e
date
Mon, 09 Sep 2024 13:01:56 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20240830022526FF55A66B8A4EE08A01A2
x-tt-trace-id
00-240830022526FF55A66B8A4EE08A01A2-3966C97784E9156F-00
vary
Accept-Encoding
x-cache
TCP_HIT from a23-44-200-194.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01779986cde6c0791af4ed4c40c4ad3aa9dd643b3e5f965ee8663718667c639920dcc7abdf492924e045b3a7d1bdd4a127736f94cfab0577ea4defaa30f059f0b7eebe42c44ac93aee9163a4fa8aefed53cb87842b4d7abf472d79deddb2881899
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length
94828
97038584.js
bat.bing.com/p/action/ 		371 B
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/97038584.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:2::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0e0c8cedb72a7e5a3080203509132486e267e5d1b0c5c6eae78ac16f7928ff01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Mon, 09 Sep 2024 13:01:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9B8858362F1042009D8BD22B979B9F1A Ref B: BL2AA2030101037 Ref C: 2024-09-09T13:01:56Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=1800
0
bat.bing.com/action/ 		0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=97038584&tm=gtm002&Ver=2&mid=85dc7c14-8832-4ac1-8479-97298b37c0d9&sid=b114c7106eab11ef8ab0995836229f35&vid=b1162f306eab11ef9bf5c968efc1e261&vids=1&msclkid=N&gtm_tag_source=1&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=Bandoo%20-%20Cleansing%20Foot%20Patches&p=https%3A%2F%2Fapple-cart.trybandoo.com%2F%3Futm_auid%3Dafcb6460-6eab-11ef-b409-835dcc8c3560&r=&lt=1512&evt=pageLoad&sv=1&cdb=AQAQ&rn=229166
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=afcb6460-6eab-11ef-b409-835dcc8c3560
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:2::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 09 Sep 2024 13:01:55 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 31EA1299FFBE4FE6A230F3D841A4BED2 Ref B: BL2AA2030101037 Ref C: 2024-09-09T13:01:56Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=163538869183395&ev=PageView&dl=https%3A%2F%2Fapple-cart.trybandoo.com%2F%3Futm_auid%3Dafcb6460-6eab-11ef-b409-835dcc8c3560&rl=&if=false&ts=1725886916172&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1725886916163.284823365593745099&ler=empty&cdl=API_unavailable&it=1725886916007&coo=false&rqm=GET
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=afcb6460-6eab-11ef-b409-835dcc8c3560
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=0, c=10, mss=1392, tbw=2798, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 09 Sep 2024 13:01:56 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
862 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=163538869183395&ev=PageView&dl=https%3A%2F%2Fapple-cart.trybandoo.com%2F%3Futm_auid%3Dafcb6460-6eab-11ef-b409-835dcc8c3560&rl=&if=false&ts=1725886916172&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1725886916163.284823365593745099&ler=empty&cdl=API_unavailable&it=1725886916007&coo=false&rqm=FGET
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=afcb6460-6eab-11ef-b409-835dcc8c3560
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Mon, 09 Sep 2024 13:01:56 GMT
document-policy
force-load-at-top
x-fb-server-load
41
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7412627861292977312", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=10, rtx=0, c=10, mss=1392, tbw=6792, tp=-1, tpl=-1, uplat=40, ullat=1
pragma
no-cache
x-fb-debug
Ck62VpF3NfOoxH8sXkt0MGEjQoNqryNCPERrF9UPBUMq8T/QRHzbofSEKr6XBvFnZbN4QpFXBNIN3cPLZEizXA==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7412627861292977312"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=163538869183395&ev=ViewContent&dl=https%3A%2F%2Fapple-cart.trybandoo.com%2F%3Futm_auid%3Dafcb6460-6eab-11ef-b409-835dcc8c3560&rl=&if=false&ts=1725886916183&sw=1600&sh=1200&v=2.9.167&r=stable&ec=1&o=4126&fbp=fb.1.1725886916163.284823365593745099&ler=empty&cdl=API_unavailable&it=1725886916007&coo=false&rqm=GET
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=afcb6460-6eab-11ef-b409-835dcc8c3560
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=0, c=10, mss=1392, tbw=2798, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 09 Sep 2024 13:01:56 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=163538869183395&ev=ViewContent&dl=https%3A%2F%2Fapple-cart.trybandoo.com%2F%3Futm_auid%3Dafcb6460-6eab-11ef-b409-835dcc8c3560&rl=&if=false&ts=1725886916183&sw=1600&sh=1200&v=2.9.167&r=stable&ec=1&o=4126&fbp=fb.1.1725886916163.284823365593745099&ler=empty&cdl=API_unavailable&it=1725886916007&coo=false&rqm=FGET
Requested by
Host: apple-cart.trybandoo.com
URL: https://apple-cart.trybandoo.com/?utm_auid=afcb6460-6eab-11ef-b409-835dcc8c3560
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x957b07cb2c6e52a5","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["14:4244189262336025","7834:4244189262336025","564:4244189262336025","10196:4244189262336025","10853:4244189262336025","31:4244189262336025","8053:4244189262336025","617:4244189262336025"]},"debug_reporting":true,"debug_key":"3310360881833078429"}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Mon, 09 Sep 2024 13:01:56 GMT
x-fb-server-load
33
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7412627862477716576", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=10, rtx=0, c=10, mss=1392, tbw=3147, tp=-1, tpl=-1, uplat=36, ullat=1
pragma
no-cache
x-fb-debug
4Cg7+xqtl34krXhGmKZK3lpXlhBeTKxP1vjy2vGHavuTX4NvlVxtt9WwAfGxGVTbug6hCZloiamzF4z1652vkg==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7412627862477716576"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
identify_7bf75739.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZlYmMyNjliMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.111.60 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-111-60.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id
84b7e3e
date
Mon, 09 Sep 2024 13:01:56 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
2024083002252667B2AFF60668D8848B5C
x-tt-trace-id
00-24083002252667B2AFF60668D8848B5C-70C862117F52435C-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-44-200-194.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01592650e253ccbddaf9de0384ae8def16a7820e2aea0707b91e036b389ad4aa97e74bde155d0159c4a14f159efe6eacd5934c8d91ab89ec56cc7653d2202ba696dd2c9dc5ea03dd9ccbc742c713cafb769157c109890207b371e9a1660229e41c
server-timing
cdn-cache; desc=HIT, edge; dur=8, origin; dur=0, inner; dur=11
content-length
39837
pixel
analytics.tiktok.com/api/v2/ 		0
859 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZlYmMyNjliMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.111.60 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-111-60.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
1a9a64fd.84b7e88
date
Mon, 09 Sep 2024 13:01:56 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2409091301565A7042FF39E7265211CE-613381AC650C7C57-00
x-cache
TCP_MISS from a23-44-200-194.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
x-parent-response-time
52,23.44.200.194
server-timing
cdn-cache; desc=MISS, edge; dur=22, origin; dur=38, inner; dur=34
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202409091301565A7042FF39E7265211CE
x-cache-remote
TCP_MISS from a23-220-105-80.deploy.akamaitechnologies.com (AkamaiGHost/11.6.2.1-58447958) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
38,23.220.105.80
x-tt-trace-host
01d117add43ae78441590e872ad04f28e7cc7c108ba40a39f0f634f6d87676a848db4cc4f4a34fd75b0857554e1af01aeee688b111a74ad3f5a02d924ea0e70297049f4a9f257c405c4c19b1940f29a17eab0289167db9e8af5a20bc12a5e2039755457140ddac83775a21194cd3402fbb
access-control-allow-headers
Authorization,*
expires
Mon, 09 Sep 2024 13:01:56 GMT
/
timetoloadv2-f2ow6o2dfq-uc.a.run.app/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://timetoloadv2-f2ow6o2dfq-uc.a.run.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://apple-cart.trybandoo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://apple-cart.trybandoo.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 09 Sep 2024 13:01:56 GMT
server
Google Frontend
vary
Origin, Access-Control-Request-Headers
x-cloud-trace-context
05b3f848535feed9cd301066bdbb4b1e
/
timetoloadv2-f2ow6o2dfq-uc.a.run.app/ 		15 B
123 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://timetoloadv2-f2ow6o2dfq-uc.a.run.app/
Requested by
Host: cdn.node33.ai
URL: https://cdn.node33.ai/elements-54c6a43-1718805070-0.4.01/main/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 09 Sep 2024 13:01:56 GMT
server
Google Frontend
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://apple-cart.trybandoo.com
x-cloud-trace-context
f677936bd84952669b18cf6ceba9c180
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
rum
apple-cart.trybandoo.com/cdn-cgi/ 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apple-cart.trybandoo.com/cdn-cgi/rum?
Requested by
Host: cdn.node33.ai
URL: https://cdn.node33.ai/elements-54c6a43-1718805070-0.4.01/main/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2bd5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://apple-cart.trybandoo.com/?utm_auid=afcb6460-6eab-11ef-b409-835dcc8c3560
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Mon, 09 Sep 2024 13:01:56 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://apple-cart.trybandoo.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
8c075eab98b717bd-EWR
652e99399279323219230549_favicon-32x32.png
cdn.prod.website-files.com/6523b9e503029a11dfd90b3a/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/6523b9e503029a11dfd90b3a/652e99399279323219230549_favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:991d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f2d887c39d033ccf5055bec6432e013d3ef1a6fc512a2ac2dfcd997a0d65183

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 13:01:56 GMT
x-amz-version-id
1whbsvf2j75RzJ3rvjb.hA21KY2mV9FR
cf-cache-status
HIT
x-amz-request-id
55Q3BF56S0SSFFGK
age
1713759
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
2047
x-amz-id-2
3Pif4zvwd+vpaUzCLH/QLG1j9ODu2Urj11+/BS7KizsxwFTcXS58pKbaispM6l6aAzK96Lok9Pk=
last-modified
Tue, 17 Oct 2023 14:24:58 GMT
server
cloudflare
etag
"818614e02f1a27143ec8cd5c00316bed"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
8c075eabad7e6991-PHL
act
analytics.tiktok.com/api/v2/pixel/ 		0
877 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZlYmMyNjliMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.111.60 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-111-60.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
c091454f.84b8004
date
Mon, 09 Sep 2024 13:01:56 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-24090913015623E0A8678F169D577186-6266EA258D8ED111-00
x-cache
TCP_MISS from a23-44-200-194.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
x-parent-response-time
342,23.44.200.194
server-timing
cdn-cache; desc=MISS, edge; dur=132, origin; dur=222, inner; dur=16
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2024090913015623E0A8678F169D577186
x-cache-remote
TCP_MISS from a23-48-200-168.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
222,23.48.200.168
x-tt-trace-host
01d117add43ae78441590e872ad04f28e7cc7c108ba40a39f0f634f6d87676a8489767aa2af33e9d214d1d067dd7466aacbe2fc686a5dd0dae423932a095241cd82a8bad2080a190964ee9ee76603011fc5efc0969d18726b2aafaa2614c39f3defa55557e6bde1c6fae0278e9737560ee
access-control-allow-headers
Authorization,*
expires
Mon, 09 Sep 2024 13:01:56 GMT
collect
analytics.google.com/g/ 		0
45 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-M1BVHWVHCN&gtm=45je4940v886639480z8849249172za200zb849249172&_p=1725886915014&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=2126607529.1725886916&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=2&uid=afcb6460-6eab-11ef-b409-835dcc8c3560&sid=1725886915&sct=1&seg=0&dl=https%3A%2F%2Fapple-cart.trybandoo.com%2F%3Futm_auid%3Dafcb6460-6eab-11ef-b409-835dcc8c3560&dt=Bandoo%20-%20Cleansing%20Foot%20Patches&en=page_view_homepage&ep.full_url=https%3A%2F%2Fapple-cart.trybandoo.com%2F%3Futm_auid%3Dafcb6460-6eab-11ef-b409-835dcc8c3560&ep.resolution=1600x1200&_et=45&tfd=7007
Requested by
Host: cdn.node33.ai
URL: https://cdn.node33.ai/elements-54c6a43-1718805070-0.4.01/main/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://apple-cart.trybandoo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Sep 2024 13:02:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://apple-cart.trybandoo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
apple-cart.trybandoo.com
URL
blob:https://apple-cart.trybandoo.com/92e7918d-a3f2-4a53-a0fb-7e6204bd103a

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| WebFont string| _vwo_cookieDomain function| gcpfb function| _vwo_err object| _VWO string| _vwo_mt object| VWO number| _vwo_acc_id string| _vwo_cdn function| vwo_$ string| _vis_opt_file_name object| _vwo_exp_ids object| _vwo_exp string| _vwo_server_url object| _vis_opt_queue object| _vis_opt_check_segment object| _vwo_evq function| _vwo_ev boolean| DISABLE_NATIVE_CONSTANTS object| _vwo_t object| _vwo_editorOperationTracker function| _vwo_handleMutations object| _vwo_api_section_callback object| _vis_opt_comb_name function| _vwo_s object| _vwo_campaignData function| _vis_opt_top_initialize function| _vis_opt_bottom_initialize function| _vis_opt_goal_conversion function| _vis_opt_revenue_conversion function| _vis_opt_pause function| _vis_opt_readCookie function| _vis_opt_createCookie function| _vis_opt_element_loaded function| _vis_opt_GA_track function| _vis_opt_register_conversion function| _vis_opt_get_campaign_xPath object| _sentryDebugIds function| get function| sleep function| waitFor function| loadScript function| waitForCondition object| pageProducts object| pageSubscriptions string| BRAND string| _FALLBACK_VERSION object| __SENTRY__ function| Errors object| dataLayer object| __WEBFLOW_CURRENCY_SETTINGS function| $ function| jQuery function| tram object| Webflow function| ES6Promise object| webpHero object| vwo_iehack_queue object| __cfBeacon function| _typeof function| ownKeys function| _objectSpread function| _defineProperty function| _toPropertyKey function| _toPrimitive object| KLAVIYO_JS_REGEX function| logFailedKlaviyoJsLoad object| _learnq string| __klKey object| google_tag_manager object| google_tag_data string| TiktokAnalyticsObject object| ttq function| fbq function| _fbq object| webpackChunk_klaviyo_onsite_modules object| _klOnsite object| klaviyo function| onYouTubeIframeAPIReady object| gaGlobal function| UET function| UET_init function| UET_push object| ueto_caa311a839 object| uetq object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| __sentry_instrumentation_handlers__ object| _jelly_sdks

19 Cookies

Domain/Path Name / Value
.trybandoo.com/ Name: _vis_opt_s
Value: 1%7C
.trybandoo.com/ Name: _vis_opt_test_cookie
Value: 1
apple-cart.trybandoo.com/ Name: initialJsTimestamp
Value: 1725886914790
apple-cart.trybandoo.com/ Name: vwoLoadedTimestamp
Value: 1725886915055
.apple-cart.trybandoo.com/ Name: _vwo_uuid_v2
Value: D72F992C0A4BB3F4E2FFFC5FC649EDD93|a8eac7bdee18bf98a11597054993fa16
.trybandoo.com/ Name: _gcl_au
Value: 1.1.411008722.1725886915
.tiktok.com/ Name: _ttp
Value: 2lppXxkLk2cyh0Rjnk4H5GnxjuJ
.trybandoo.com/ Name: _ga
Value: GA1.1.2126607529.1725886916
.trybandoo.com/ Name: _ga_M1BVHWVHCN
Value: GS1.1.1725886915.1.0.1725886915.60.0.0
apple-cart.trybandoo.com/ Name: __kla_id
Value: eyJjaWQiOiJPV0k0T1dJME1UQXROREE0T0MwMFpHWmxMV0l3TmpFdE1tRmpPR05tWmpreE1tVm0iLCIkcmVmZXJyZXIiOnsidHMiOjE3MjU4ODY5MTYsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vYXBwbGUtY2FydC50cnliYW5kb28uY29tLz91dG1fYXVpZD1hZmNiNjQ2MC02ZWFiLTExZWYtYjQwOS04MzVkY2M4YzM1NjAifSwiJGxhc3RfcmVmZXJyZXIiOnsidHMiOjE3MjU4ODY5MTYsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vYXBwbGUtY2FydC50cnliYW5kb28uY29tLz91dG1fYXVpZD1hZmNiNjQ2MC02ZWFiLTExZWYtYjQwOS04MzVkY2M4YzM1NjAifX0=
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.trybandoo.com/ Name: _uetsid
Value: b114c7106eab11ef8ab0995836229f35
.trybandoo.com/ Name: _uetvid
Value: b1162f306eab11ef9bf5c968efc1e261
.bing.com/ Name: MUID
Value: 25CE05E4733D60151D56111172A96165
.bat.bing.com/ Name: MR
Value: 0
.trybandoo.com/ Name: _fbp
Value: fb.1.1725886916163.284823365593745099
.trybandoo.com/ Name: _tt_enable_cookie
Value: 1
.trybandoo.com/ Name: _ttp
Value: -b828Y_VfELfvKpMD-9PjsKI3Lt
apple-cart.trybandoo.com/ Name: pageInteractiveTimestamp
Value: 1725886916365

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.google.com
analytics.tiktok.com
apple-cart.trybandoo.com
bat.bing.com
cdn.node33.ai
cdn.prod.website-files.com
connect.facebook.net
d3e54v103j8qbb.cloudfront.net
dev.visualwebsiteoptimizer.com
fast.a.klaviyo.com
fonts.googleapis.com
fonts.gstatic.com
o4504479358124032.ingest.sentry.io
static-forms.klaviyo.com
static-tracking.klaviyo.com
static.cloudflareinsights.com
static.klaviyo.com
stats.g.doubleclick.net
td.doubleclick.net
timetoloadv2-f2ow6o2dfq-uc.a.run.app
unpkg.com
www.facebook.com
www.googletagmanager.com
apple-cart.trybandoo.com
151.101.130.133
151.101.194.133
151.101.2.133
151.101.66.133
18.238.59.19
2001:4860:4802:36::35
23.44.111.60
2606:4700:3108::ac42:2bd5
2606:4700:4400::ac40:991d
2606:4700::6810:5049
2606:4700::6811:f9cb
2607:f8b0:4004:c1f::9b
2607:f8b0:4006:80a::200e
2607:f8b0:4006:816::2003
2607:f8b0:4006:816::2008
2607:f8b0:4006:817::2002
2607:f8b0:4006:81c::200a
2607:f8b0:4006:821::200a
2620:1ec:33:2::10
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
34.120.195.249
34.144.207.37
34.96.102.137
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
01b5440b23341e3d74b51e853f3f48f18763d7aff604839d93ca2b470daeacec
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
0e0c8cedb72a7e5a3080203509132486e267e5d1b0c5c6eae78ac16f7928ff01
0ff195308ce8f053eadb9e349138626e617a4af7f1795bca0001c651850d5551
12704621bdf400dfcadd0b42f71de279c06f2cf1f41ceb27130612f66b6d3ce6
169cfd4e6de67ba6ea3cc3489b8efe63fd3969732356db8534c94dc3eed1ef9d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
444507389fc233fde7de5a50461db2a61d6762a752a30ca4fa978b01ed39b8a0
4e32f4cffc1ab97bf43db9c6e4e85604f189415c305448cf6691150485312cd6
54a95e5381069af1c1ffe30d039643382c05ebd59d587161b142d5f29290c909
5585a981dbe7ae2173b9af112d572c9f60e48c7d54b1e72e55a70daa4c24cd9d
60ed45fe20ede817f77c4e774e77fd9a9a4f4046c67456f1442eac2095918438
60ef12152a760f67f98139bb4fe9c6a227921dad0302777c328c66ff32dfbced
6eaa7d84867f4a3f58d1cff2d44b4d4adfcc58072a48d761fe092b7e6172b253
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4
7dfd5d14d564cd53f9fda6b3abb2d89f8b935c327cbe4a23c3b182d22e8d28ea
7f2d887c39d033ccf5055bec6432e013d3ef1a6fc512a2ac2dfcd997a0d65183
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
97cb5582858b04ad514c84f116de94e931849838034ef1f324beda5f60514c06
99e971227d19899f22600856ab962b99eb2be1bd48c094cb48edf01120bd15f4
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c5cd7408d41d10fea3123f010476c40cc15add1979a42193c1437b2c97da2c10
c853e00afaed8f5bc00f96b24ea685eeb960433abf7dd98a79df91e591301231
d042d309992540196e92e04e48a759623bc72aa733231ce1e5fd1c44eb0f8690
d2586e045767a0379e2072dc2fd04a86e9b2514620ffab62af46318aa20e2f01
d41ac0e18c3aacf5c39976ab50fd877ff0fec9720f022d7d082a1527333116cf
d4531db231c59749a8109e4aca32270b3882f3cc922b336efeb9df3f91469f18
d776af740fa7a0e7c0cb158bf32142169b1dc7fc9fb0f5e6e75e2d14865e727e
da90484142079a67f8609c50324de041125ee49ca7eff1dff04527f393b082c9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e80fbf3dd536ed249086f82860876aba98a5e9eb40cd5ef0a24102799b21e570
e94705644664e6036e52702eb19f8ce574212059de5fec82dbaf6724a82fd558
eb632bd4998fdfaafd2f19f6af5665ad7ee8bfa7b25a3099319b821fad6d766a
ecabf396531beef7f6c20e533a26edb5ef5bb12879d30d191035ad2524191d4c
eefeb3811e0512c505a4c5ddd9e743dd178375fa655c4884321679c4d4094c7f
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f73c578afd4839c471623755979976453bc91f26c0cf24a9f302e0024bf30a7f
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9aa8502a2f013aa7fc217782391b928399fb8d1cfaa43cfd24df23f9125fa2e
fa6084278cb3128ab9992a5a4243414904f82bacd8c460b8415dfd6b0506ff73
fef5a41be1b827a1729f19bcd123a57ee3f2cb8dc9074fffa4ab5b807f503514