urlscan.io logo urlscan.io
SecurityTrails logo

awsmp.appdirect.ca Open in urlscan Pro
104.18.42.99  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cloudflarepoc.byappdirect.com/
Effective URL: https://awsmp.appdirect.ca/en-US/home
Submission: On August 26 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 24 HTTP transactions. The main IP is 104.18.42.99, located in and belongs to CLOUDFLARENET, US. The main domain is awsmp.appdirect.ca.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 24th 2023. Valid for: a year.
This is the only time awsmp.appdirect.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    104.18.42.99 (None, )

ASN13335 (CLOUDFLARENET, US)
cloudflarepoc.byappdirect.com
awsmp.appdirect.ca
3    108.138.2.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-2-106.fra56.r.cloudfront.net
d3bql97l1ytoxn.cloudfront.net
2    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    18.66.92.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-92-56.fra56.r.cloudfront.net
d33na3ni6eqf5j.cloudfront.net
2    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    13.225.83.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-83-103.fra2.r.cloudfront.net
www.datadoghq-browser-agent.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2600:1f18:24e6:b900:8bed:8c7b:5c3c:73fa (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
session-replay.browser-intake-datadoghq.com
Apex Domain
Subdomains		 Transfer
9 appdirect.ca
awsmp.appdirect.ca
511 KB
5 cloudfront.net
d3bql97l1ytoxn.cloudfront.net
d33na3ni6eqf5j.cloudfront.net
226 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
region1.google-analytics.com — Cisco Umbrella Rank: 2412
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
162 KB
2 gstatic.com
fonts.gstatic.com
53 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45
2 KB
1 browser-intake-datadoghq.com
session-replay.browser-intake-datadoghq.com — Cisco Umbrella Rank: 7656
305 B
1 datadoghq-browser-agent.com
www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1724
46 KB
1 byappdirect.com
cloudflarepoc.byappdirect.com
429 B
24 9
Domain Requested by
9 awsmp.appdirect.ca 2 redirects awsmp.appdirect.ca
3 d3bql97l1ytoxn.cloudfront.net awsmp.appdirect.ca
2 www.googletagmanager.com awsmp.appdirect.ca
www.google-analytics.com
2 www.google-analytics.com awsmp.appdirect.ca
www.google-analytics.com
2 d33na3ni6eqf5j.cloudfront.net awsmp.appdirect.ca
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com awsmp.appdirect.ca
1 session-replay.browser-intake-datadoghq.com www.datadoghq-browser-agent.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.datadoghq-browser-agent.com awsmp.appdirect.ca
1 cloudflarepoc.byappdirect.com 1 redirects
24 11
Subject Issuer Validity Valid
awsmp.appdirect.ca
Cloudflare Inc ECC CA-3		 2023-04-24 -
2024-04-23		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.datadoghq-browser-agent.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-14 -
2024-01-16		 a year crt.sh
*.browser-intake-datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-17 -
2024-06-18		 a year crt.sh

This page contains 1 frames:

Primary Page: https://awsmp.appdirect.ca/en-US/home
Frame ID: 178D8A4AFB8DD5BC628C944ED802DD46
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

cloudflarepoc | Cloudflarepoc

Page URL History Show full URLs

  1. https://cloudflarepoc.byappdirect.com/ HTTP 302
    https://awsmp.appdirect.ca/ HTTP 301
    https://awsmp.appdirect.ca/home HTTP 301
    https://awsmp.appdirect.ca/en-US/home Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

24
Requests

96 %
HTTPS

60 %
IPv6

9
Domains

11
Subdomains

11
IPs

3
Countries

1020 kB
Transfer

3025 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cloudflarepoc.byappdirect.com/ HTTP 302
    https://awsmp.appdirect.ca/ HTTP 301
    https://awsmp.appdirect.ca/home HTTP 301
    https://awsmp.appdirect.ca/en-US/home Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request home
awsmp.appdirect.ca/en-US/
Redirect Chain
  • https://cloudflarepoc.byappdirect.com/
  • https://awsmp.appdirect.ca/
  • https://awsmp.appdirect.ca/home
  • https://awsmp.appdirect.ca/en-US/home
82 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://awsmp.appdirect.ca/en-US/home
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.42.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
52430851eb2cc0c211758ccfbf80aee02fc8ce2c5aeb4bd76d9c47d94f22e256
Security Headers
Name Value
Content-Security-Policy
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

ad-trace-id
138778194934101583
cf-cache-status
DYNAMIC
cf-ray
7fc87c9e09359bbc-FRA
content-encoding
gzip
content-security-policy
content-type
text/html; charset=utf-8
date
Sat, 26 Aug 2023 02:01:25 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-envoy-upstream-service-time
91
x-powered-by
Express

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate,no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7fc87c9d485f9bbc-FRA
content-length
0
date
Sat, 26 Aug 2023 02:01:25 GMT
expires
0
location
/en-US/home
pragma
no-cache no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-envoy-upstream-service-time
5
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=Edge
x-xss-protection
1; mode=block
454aa208-cf10-4f7e-ab0d-f1c5a478057a.woff
d3bql97l1ytoxn.cloudfront.net/36219d0b-d1af-4532-b5ae-e4e97e92261e/ 		1 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3bql97l1ytoxn.cloudfront.net/36219d0b-d1af-4532-b5ae-e4e97e92261e/454aa208-cf10-4f7e-ab0d-f1c5a478057a.woff
Requested by
Host: awsmp.appdirect.ca
URL: https://awsmp.appdirect.ca/en-US/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.2.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-2-106.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Request headers

Referer
https://awsmp.appdirect.ca/
Origin
https://awsmp.appdirect.ca
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 02:01:27 GMT
x-amz-version-id
EDqhT2GC4NCccLdHTzkV785J7HGSP1JO
via
1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
content-length
1380
last-modified
Mon, 04 Apr 2022 18:20:48 GMT
server
AmazonS3
etag
"b7c9e1e479de3b53f1e4e30ebac2403a"
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=473040000
accept-ranges
bytes
x-amz-cf-id
Pac7b71Y7hVZQM_enQuKUqb6AUF1kItsrEp9Bq7ZTScKPi5sBcYozQ==
sfb-components.css
awsmp.appdirect.ca/sfb-theme-components@0/ 		355 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://awsmp.appdirect.ca/sfb-theme-components@0/sfb-components.css
Requested by
Host: awsmp.appdirect.ca
URL: https://awsmp.appdirect.ca/en-US/home
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.42.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd51a2caa21520ae197eaf73aaebd26b28e30015c3fd0307e052e9104718359b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://awsmp.appdirect.ca/en-US/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 02:01:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 13:51:58 GMT
server
cloudflare
x-amz-request-id
DX654A7TKAVXQFJA
etag
W/"804e2c3dc1d1df51b936a35e162d6d13"
vary
Accept-Encoding
content-type
text/css
x-envoy-upstream-service-time
68
ad-trace-id
6039078626561951413
cf-ray
7fc87c9ffa669bbc-FRA
x-amz-id-2
Zft0ZgXgSOzqmdGoFtMITkIzpWEjL+Ijw6CnWwRlUBsrbcv5ZyAtaM1Y8nBuDuylX6mYphSz/iw=
d595b96e-a1f5-480f-b38b-39f6d96a9b06.css
d3bql97l1ytoxn.cloudfront.net/651d8718-30a5-4c77-902a-3b7216c033cd/ 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3bql97l1ytoxn.cloudfront.net/651d8718-30a5-4c77-902a-3b7216c033cd/d595b96e-a1f5-480f-b38b-39f6d96a9b06.css
Requested by
Host: awsmp.appdirect.ca
URL: https://awsmp.appdirect.ca/en-US/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.2.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-2-106.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
88a2c062cc9dbdc1b2664d030e92b13dd3fd418c95b604b354b0f10ac4ac703c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://awsmp.appdirect.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 02:01:27 GMT
x-amz-version-id
hsVzh0Lo0OBvI.iOMs1HgS9s.vHWotof
content-encoding
gzip
last-modified
Mon, 04 Apr 2022 18:20:51 GMT
server
AmazonS3
via
1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
etag
W/"29475b6cd32816568ad586c53491b17e"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
cache-control
max-age=473040000
x-amz-replication-status
COMPLETED
x-amz-cf-id
5ixryJXrxRwNsC-L4zMHhgSwBux2k_rQ0iuMwerG5u09bwmhy6cBLw==
sfb-components.js
awsmp.appdirect.ca/sfb-theme-components@0/ 		1 MB
414 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://awsmp.appdirect.ca/sfb-theme-components@0/sfb-components.js
Requested by
Host: awsmp.appdirect.ca
URL: https://awsmp.appdirect.ca/en-US/home
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.42.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d949bd0d363fcb8c7ff4052a474ac243e2da5c469b23f361d93f868b79336a41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://awsmp.appdirect.ca/en-US/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 02:01:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 17 Aug 2023 13:51:58 GMT
server
cloudflare
x-amz-request-id
DX6B9B5ANHZA9PSN
etag
W/"0f2e6dbd82a158acb1771c30e25bd88b"
vary
Accept-Encoding
content-type
application/javascript
x-envoy-upstream-service-time
151
ad-trace-id
72886091691261007
cf-ray
7fc87c9ffa699bbc-FRA
x-amz-id-2
0Ct/ZUFhCTq0dpQ0v+IoBYc2xk586WDJv1nyLyYh+AYCmDmW9lrOR/m5dQRjqXSUQSjW/crzbf8=
589482fa-99ff-433b-8773-ad6c9f070755.js
d3bql97l1ytoxn.cloudfront.net/9d7245bb-ad50-4481-a8db-1efc4a6550ce/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3bql97l1ytoxn.cloudfront.net/9d7245bb-ad50-4481-a8db-1efc4a6550ce/589482fa-99ff-433b-8773-ad6c9f070755.js
Requested by
Host: awsmp.appdirect.ca
URL: https://awsmp.appdirect.ca/en-US/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.2.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-2-106.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://awsmp.appdirect.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 02:01:27 GMT
x-amz-version-id
Tvy3fnzI4TCsLjaA7aa7.X33uP5yWboR
content-encoding
gzip
last-modified
Mon, 04 Apr 2022 18:21:01 GMT
server
AmazonS3
via
1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
etag
W/"d9b11ca4d877c327889805b73bb79edd"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=473040000
x-amz-replication-status
COMPLETED
x-amz-cf-id
H2RQ9vzEAjqDgPkjxgUi1OL5ZDNgaPHLksIE3aS880dZK7tnVUcngg==
css
fonts.googleapis.com/ 		2 KB
561 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:wght@400;700&display=block
Requested by
Host: awsmp.appdirect.ca
URL: https://awsmp.appdirect.ca/en-US/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
60bb9b971ecb5af957f4eff4b66ce4fd71ef5ef09e7737c10b672b08d9043c60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://awsmp.appdirect.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 26 Aug 2023 02:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 26 Aug 2023 02:01:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 26 Aug 2023 02:01:25 GMT
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans:wght@400;700&display=block
Requested by
Host: awsmp.appdirect.ca
URL: https://awsmp.appdirect.ca/en-US/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dac35d2f723e71398cefbc47faab1a2863bfb2b50ebb6ccf9c9b029ed27a565
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://awsmp.appdirect.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 26 Aug 2023 02:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 26 Aug 2023 02:01:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 26 Aug 2023 02:01:25 GMT
/
awsmp.appdirect.ca/hermes/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://awsmp.appdirect.ca/hermes/
Requested by
Host: awsmp.appdirect.ca
URL: https://awsmp.appdirect.ca/en-US/home
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.42.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
760b19c4a499d64c71b2a07bce61867e171b663d4462ead6c01453aba481827f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://awsmp.appdirect.ca/en-US/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 02:01:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Wed, 09 Aug 2023 18:03:51 GMT
server
cloudflare
x-amz-request-id
4JN13HWCMTZ8H7GB
etag
W/"33f3b4700c93499562078ea74ad1bf37"
content-type
application/javascript
x-envoy-upstream-service-time
36
ad-trace-id
1193742634128534873
cf-ray
7fc87c9ffa6b9bbc-FRA
x-amz-id-2
pDvCn7eP5AMP8qw5dhFvmIW9D6lWL2Xq2mWs/T5YbOcOeD6rd487olNQhkXhTTy98qAyNJxQvBo=
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v35/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:wght@400;700&display=block
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://awsmp.appdirect.ca
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 05:03:04 GMT
x-content-type-options
nosniff
age
593903
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18664
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:19:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 Aug 2024 05:03:04 GMT
preview
awsmp.appdirect.ca/api/checkout/v1/cart/ 		0
81 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://awsmp.appdirect.ca/api/checkout/v1/cart/preview?locale=en_US
Requested by
Host: awsmp.appdirect.ca
URL: https://awsmp.appdirect.ca/sfb-theme-components@0/sfb-components.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.42.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://awsmp.appdirect.ca/en-US/home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 02:01:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7fc87cac5a5d9bbc-FRA
content-length
0
ad-tenant
CLOUDFLAREPOC
05da8a68-5d65-40d3-a68e-a043e800989e.jpg
d33na3ni6eqf5j.cloudfront.net/5dd60cb8-8d15-4cec-b6bd-1a85ae666f76/ 		184 KB
185 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d33na3ni6eqf5j.cloudfront.net/5dd60cb8-8d15-4cec-b6bd-1a85ae666f76/05da8a68-5d65-40d3-a68e-a043e800989e.jpg
Requested by
Host: awsmp.appdirect.ca
URL: https://awsmp.appdirect.ca/sfb-theme-components@0/sfb-components.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.92.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-92-56.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e80ee290ef4ff790d757c4a908dbde8354b3f38c1268302f800f755e00cf3607

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://awsmp.appdirect.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 09:32:52 GMT
x-amz-version-id
bsUh8FsbQmv1UUpg4r_dd7NfbzaFzNDL
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
last-modified
Tue, 13 Oct 2020 20:44:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
59315
etag
"e5981cf7f5db7888293fb632351f0878"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
188837
x-amz-cf-id
E_CfWwBte_xVva7mP1WohVU0QMa28s2tJV2rGVNJCixR0Qf8zacNWQ==
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:wght@400;700&display=block
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://awsmp.appdirect.ca
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 19:14:59 GMT
x-content-type-options
nosniff
age
24388
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34852
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:31:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 24 Aug 2024 19:14:59 GMT
2923ad77-25ec-4eb6-8360-c3fdff436dd4.png
d33na3ni6eqf5j.cloudfront.net/73199857-53b9-4c85-bed7-b1fdab531130/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d33na3ni6eqf5j.cloudfront.net/73199857-53b9-4c85-bed7-b1fdab531130/2923ad77-25ec-4eb6-8360-c3fdff436dd4.png
Requested by
Host: awsmp.appdirect.ca
URL: https://awsmp.appdirect.ca/en-US/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.92.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-92-56.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d1db35baa6331f9f31ce3bcb4cae9409120ed08bb2ddec3a7cbe2f517c8dfa98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://awsmp.appdirect.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 17 Oct 2022 03:01:28 GMT
x-amz-version-id
EB53LoCFFGf39nL18XXflKgaAzrBhcB9
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
last-modified
Tue, 30 Nov 2021 00:30:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
27039600
etag
"d4231969d6968b19da9745c3eb5fddf3"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=473040000
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
8749
x-amz-cf-id
STzLhjT7EVc_Y6r0vRVHCbL17OZMhmY5VDi5Qj9cxpuSjDFTz86Ndw==
truncated
/ 		961 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77c765f98e9efc318b7ae4978acd0fb158f9221b3a215ee3b5ce9c0a6091369e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
events
awsmp.appdirect.ca/api/hermes/v2/ 		2 B
104 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://awsmp.appdirect.ca/api/hermes/v2/events
Requested by
Host: awsmp.appdirect.ca
URL: https://awsmp.appdirect.ca/hermes/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.42.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept
application/json
Referer
https://awsmp.appdirect.ca/en-US/home
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type
application/json

Response headers

date
Sat, 26 Aug 2023 02:01:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
x-envoy-upstream-service-time
6
ad-trace-id
7298863626934122728
cf-ray
7fc87cad8b229bbc-FRA
content-length
2
flag
awsmp.appdirect.ca/api/appconfigr/v1/evaluation/ 		215 B
390 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://awsmp.appdirect.ca/api/appconfigr/v1/evaluation/flag
Requested by
Host: awsmp.appdirect.ca
URL: https://awsmp.appdirect.ca/hermes/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.42.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b87565d663e512b31a3a148b565c8b4fe19512f120fde3970dd6e3702f8eb956
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json
Referer
https://awsmp.appdirect.ca/en-US/home
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 26 Aug 2023 02:01:28 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin,Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Www-Authenticate
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
ad-trace-id
6746376490972149941
cf-ray
7fc87cad8b249bbc-FRA
content-length
193
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: awsmp.appdirect.ca
URL: https://awsmp.appdirect.ca/hermes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://awsmp.appdirect.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 26 Aug 2023 01:44:23 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1025
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 26 Aug 2023 03:44:23 GMT
js
www.googletagmanager.com/gtag/ 		230 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YKC2E8SZZN
Requested by
Host: awsmp.appdirect.ca
URL: https://awsmp.appdirect.ca/hermes/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8bbf93296c204dd3ed40355ef41026ac22a2d8d179c1b6bbdbea331c028aa060
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://awsmp.appdirect.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 02:01:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81852
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 26 Aug 2023 02:01:28 GMT
collect
www.google-analytics.com/j/ 		15 B
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1920743726&t=pageview&_s=1&dl=https%3A%2F%2Fawsmp.appdirect.ca%2Fen-US%2Fhome&dp=%2Fen-US%2Fhome&ul=en-us&de=UTF-8&dt=cloudflarepoc%20%7C%20Cloudflarepoc&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=565621103&gjid=125192361&cid=229402948.1693015288&tid=UA-19401247-67&_gid=1753168556.1693015288&_r=1&_slc=1&cd1=CLOUDFLAREPOC&cm1=0&cd2=NONE&z=1723340046
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8e79508ce4b3e6b23473f7881354832f81d5e30e40e9c03f44e4fc5bc256787c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://awsmp.appdirect.ca/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Aug 2023 02:01:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://awsmp.appdirect.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
datadog-rum-v4.js
www.datadoghq-browser-agent.com/ 		144 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Requested by
Host: awsmp.appdirect.ca
URL: https://awsmp.appdirect.ca/en-US/home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.83.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-83-103.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2013a6392ba54319e556095644b6b1757ee3f46d676f6cab3ae0d2239ed979f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://awsmp.appdirect.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 02:00:46 GMT
content-encoding
br
via
1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
last-modified
Wed, 16 Aug 2023 13:41:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
44
x-amz-server-side-encryption
AES256
etag
W/"438ba620187f3819e2dcd4f56fc76dcb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=14400, s-maxage=60
timing-allow-origin
*
x-amz-cf-id
5QxyUwH_L5Gq-K3TTra0ezWWxuzBXgfAX_mAzN0iki9k6FbCfvUIkg==
js
www.googletagmanager.com/gtag/ 		234 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YKC2E8SZZN&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ab8a64bad510f44a2de0361a50dd98a2184cda628673c319862a818acdd143e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://awsmp.appdirect.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 02:01:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83547
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 26 Aug 2023 02:01:28 GMT
6352a22f-9c8e-44ca-a442-4039275f4d21
https://awsmp.appdirect.ca/ 		25 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://awsmp.appdirect.ca/6352a22f-9c8e-44ca-a442-4039275f4d21
Requested by
Host: awsmp.appdirect.ca
URL: https://awsmp.appdirect.ca/en-US/home
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5de67b2587aedcef6daeb53ecdebc126801eaf822f8676238590816f5760a44

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length
25814
Content-Type
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-YKC2E8SZZN&gtm=45je38n0&_p=1920743726&cid=229402948.1693015288&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&dt=cloudflarepoc%20%7C%20Cloudflarepoc&dl=%2Fen-US%2Fhome&dp=%2Fen-US%2Fhome&sid=1693015288&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.anonymize_ip=true&ep.transport_type=beacon&ep.partner=CLOUDFLAREPOC
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YKC2E8SZZN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://awsmp.appdirect.ca/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Aug 2023 02:01:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://awsmp.appdirect.ca
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
replay
session-replay.browser-intake-datadoghq.com/api/v2/ 		53 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://session-replay.browser-intake-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A4.47.0%2Capi%3Axhr%2Cservice%3Astorefront&dd-api-key=pub827411a26ff69a61e82fb3b1f37ff263&dd-evp-origin-version=4.47.0&dd-evp-origin=browser&dd-request-id=1e784ef8-816a-4f34-8073-361f40f311fa
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-v4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:8bed:8c7b:5c3c:73fa Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
4d1a091d966433cc2e8a1132360ca3175d8dc6e78d88dde614836e974573ab8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://awsmp.appdirect.ca/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryujfVfCAAHdY76VIB

Response headers

date
Sat, 26 Aug 2023 02:01:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
53

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| __ADComponents object| regeneratorRuntime function| $ function| jQuery object| themeSettings object| I18N object| dataStore object| SFB_UI_RENDER function| LazyLoad function| getXSRFcookie function| xhrPostFactory function| getProductPath function| handleRedirect function| getCartItems function| getCartItemsV2 function| generateUID function| redirectToLogin function| AD_add function| AD_addV2 function| AD_remove function| AD_openCartPreviewOnLoad function| AD_addToCart function| AD_replaceEditionInCart function| AD_updateAddonsNonStackableInCart boolean| adIsLoggedIn string| hermesVersion function| Hermes function| ga function| gtag object| dataLayer object| hermes object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| DD_RUM object| google_tag_manager

11 Cookies

Domain/Path Name / Value
cloudflarepoc.byappdirect.com/ Name: STATK8SADSVC
Value: "68ccafcccbcf7c8c"
.byappdirect.com/ Name: __cf_bm
Value: xii5xaS6gcDomqBwtaMKnGpgjWqgNIEFs7GWBgToJAA-1693015284-0-AW6x27nekQcfyym5oRXphTpQ8x+GlPqjxiidr5AC5xcxjusolyLYFDEXB81PWqcldBfimGdgiLZ3yq47xciGPaw=
awsmp.appdirect.ca/ Name: XSRF-TOKEN
Value: e0cb4f2d-b5b2-425f-b182-caca68fc0b59
awsmp.appdirect.ca/ Name: JSESSIONID
Value: 89F21FCE89756CA5F756D097B23BC700-n3
awsmp.appdirect.ca/ Name: STATK8SADSVC
Value: "441e6bbb45b81750"
.awsmp.appdirect.ca/ Name: __cf_bm
Value: W6eSV4WMwjp9GX8omJs4UW1Ca5.7P9PtabHyX9ZyiSI-1693015285-0-ARUn0WI+m3IDfxWUYW58frBEpjx0MXWKIRBGBgwCBcynT2m6YRFI+Hmqxg6FUuTN4zrFxhL5a007BFQh7UJnhWY=
.appdirect.ca/ Name: _gid
Value: GA1.2.1753168556.1693015288
.appdirect.ca/ Name: _gat_792171167
Value: 1
.appdirect.ca/ Name: _ga_YKC2E8SZZN
Value: GS1.1.1693015288.1.0.1693015288.0.0.0
.appdirect.ca/ Name: _ga
Value: GA1.1.229402948.1693015288
awsmp.appdirect.ca/ Name: _dd_s
Value: rum=1&id=cb8265f5-15a4-401d-9cc7-82b3238de157&created=1693015288116&expire=1693016188116

2 Console Messages

Source Level URL
Text
network error URL: https://awsmp.appdirect.ca/api/checkout/v1/cart/preview?locale=en_US
Message:
Failed to load resource: the server responded with a status of 401 ()
javascript warning URL: https://awsmp.appdirect.ca/en-US/home
Message:
The resource https://d3bql97l1ytoxn.cloudfront.net/36219d0b-d1af-4532-b5ae-e4e97e92261e/454aa208-cf10-4f7e-ab0d-f1c5a478057a.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy
Strict-Transport-Security max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

awsmp.appdirect.ca
cloudflarepoc.byappdirect.com
d33na3ni6eqf5j.cloudfront.net
d3bql97l1ytoxn.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
session-replay.browser-intake-datadoghq.com
www.datadoghq-browser-agent.com
www.google-analytics.com
www.googletagmanager.com
104.18.42.99
108.138.2.106
13.225.83.103
18.66.92.56
2001:4860:4802:34::36
2600:1f18:24e6:b900:8bed:8c7b:5c3c:73fa
2a00:1450:4001:800::200e
2a00:1450:4001:806::200a
2a00:1450:4001:810::2003
2a00:1450:4001:810::2008
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
2dac35d2f723e71398cefbc47faab1a2863bfb2b50ebb6ccf9c9b029ed27a565
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
4d1a091d966433cc2e8a1132360ca3175d8dc6e78d88dde614836e974573ab8f
52430851eb2cc0c211758ccfbf80aee02fc8ce2c5aeb4bd76d9c47d94f22e256
60bb9b971ecb5af957f4eff4b66ce4fd71ef5ef09e7737c10b672b08d9043c60
760b19c4a499d64c71b2a07bce61867e171b663d4462ead6c01453aba481827f
77c765f98e9efc318b7ae4978acd0fb158f9221b3a215ee3b5ce9c0a6091369e
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
88a2c062cc9dbdc1b2664d030e92b13dd3fd418c95b604b354b0f10ac4ac703c
8bbf93296c204dd3ed40355ef41026ac22a2d8d179c1b6bbdbea331c028aa060
8e79508ce4b3e6b23473f7881354832f81d5e30e40e9c03f44e4fc5bc256787c
a2013a6392ba54319e556095644b6b1757ee3f46d676f6cab3ae0d2239ed979f
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f
a5de67b2587aedcef6daeb53ecdebc126801eaf822f8676238590816f5760a44
ab8a64bad510f44a2de0361a50dd98a2184cda628673c319862a818acdd143e5
b87565d663e512b31a3a148b565c8b4fe19512f120fde3970dd6e3702f8eb956
d1db35baa6331f9f31ce3bcb4cae9409120ed08bb2ddec3a7cbe2f517c8dfa98
d949bd0d363fcb8c7ff4052a474ac243e2da5c469b23f361d93f868b79336a41
dd51a2caa21520ae197eaf73aaebd26b28e30015c3fd0307e052e9104718359b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e80ee290ef4ff790d757c4a908dbde8354b3f38c1268302f800f755e00cf3607