urlscan.io logo urlscan.io
SecurityTrails logo

www.airmilesshops.ca Open in urlscan Pro
13.225.84.66  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.airmilesshops.ca/
Submission: On February 17 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 5 countries across 14 domains to perform 23 HTTP transactions. The main IP is 13.225.84.66, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is www.airmilesshops.ca.
This is the only time www.airmilesshops.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 13.225.84.66 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 95.100.67.201 16625 (AKAMAI-AS)
1 2.16.186.105 20940 (AKAMAI-ASN1)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.224.196.30 16509 (AMAZON-02)
1 2 23.111.9.38 33438 (HIGHWINDS2)
2 13.225.77.37 16509 (AMAZON-02)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 52.213.34.91 16509 (AMAZON-02)
23 14
4    13.225.84.66 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-66.fra2.r.cloudfront.net
www.airmilesshops.ca
1    2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    95.100.67.201 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-67-201.deploy.static.akamaitechnologies.com
se.monetate.net
1    2.16.186.105 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-105.deploy.static.akamaitechnologies.com
e.monetate.net
4    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    13.224.196.30 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-196-30.fra2.r.cloudfront.net
pattern-library.airmiles.ca
2    23.111.9.38 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)
cdn.mouseflow.com
2    13.225.77.37 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-77-37.fra2.r.cloudfront.net
api.loyalty.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:820::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    52.213.34.91 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-34-91.eu-west-1.compute.amazonaws.com
f.monetate.net
Domain Requested by
4 www.google-analytics.com 1 redirects www.airmilesshops.ca
www.google-analytics.com
4 www.airmilesshops.ca www.airmilesshops.ca
2 www.facebook.com www.airmilesshops.ca
2 www.google.de www.airmilesshops.ca
2 www.google.com 2 redirects
2 stats.g.doubleclick.net 2 redirects
2 connect.facebook.net www.airmilesshops.ca
connect.facebook.net
2 api.loyalty.com www.airmilesshops.ca
2 cdn.mouseflow.com 1 redirects www.airmilesshops.ca
1 f.monetate.net e.monetate.net
1 pattern-library.airmiles.ca www.airmilesshops.ca
1 www.googletagmanager.com www.airmilesshops.ca
1 e.monetate.net se.monetate.net
1 se.monetate.net www.airmilesshops.ca
1 cdnjs.cloudflare.com www.airmilesshops.ca
0 zn87dzksw80et234h-loyalty.siteintercept.qualtrics.com Failed www.airmilesshops.ca
23 16

This site contains no links.

Subject Issuer Validity Valid
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
*.airmiles.ca
DigiCert SHA2 High Assurance Server CA		 2018-11-29 -
2021-02-19		 2 years crt.sh
*.mouseflow.com
COMODO RSA Domain Validation Secure Server CA		 2017-04-25 -
2020-05-09		 3 years crt.sh
*.api.loyalty.com
DigiCert SHA2 High Assurance Server CA		 2019-01-20 -
2021-01-27		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-01-16 -
2020-04-15		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://www.airmilesshops.ca/
Frame ID: 76A0145790557711BEBEC1217AF6E229
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<[^>]+data-react/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • script /cdn\.mouseflow\.com/i

Page Statistics

23
Requests

65 %
HTTPS

53 %
IPv6

14
Domains

16
Subdomains

14
IPs

5
Countries

1691 kB
Transfer

2386 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • http://cdn.mouseflow.com/projects/ced9f610-a44a-439a-b541-071e603bc57a.js HTTP 301
  • https://cdn.mouseflow.com/projects/ced9f610-a44a-439a-b541-071e603bc57a_eu.js
Request Chain 15
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-76333024-2&cid=1965736146.1581917646&jid=794015970&gjid=234102627&_gid=252832000.1581917646&_u=aGDAgEADQ~&z=1262001875 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-76333024-2&cid=1965736146.1581917646&jid=794015970&_v=j81&z=1262001875 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-76333024-2&cid=1965736146.1581917646&jid=794015970&_v=j81&z=1262001875&slf_rd=1&random=2184275372
Request Chain 16
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=548998069&t=event&_s=1&dl=http%3A%2F%2Fwww.airmilesshops.ca%2F&ul=en-us&de=UTF-8&dt=Page%20404%20EU%20%7C%20airmilesshops.ca&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=CookieBanner&ea=show&el=0&_u=aGDAAEADQ~&jid=1363714402&gjid=134047805&cid=1965736146.1581917646&tid=UA-76333024-2&_gid=252832000.1581917646&_r=1&z=281305509 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-76333024-2&cid=1965736146.1581917646&jid=1363714402&_gid=252832000.1581917646&gjid=134047805&_v=j81&z=281305509 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-76333024-2&cid=1965736146.1581917646&jid=1363714402&_v=j81&z=281305509 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-76333024-2&cid=1965736146.1581917646&jid=1363714402&_v=j81&z=281305509&slf_rd=1&random=2306015878

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.airmilesshops.ca/ 		38 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.airmilesshops.ca/
Protocol
HTTP/1.1
Server
13.225.84.66 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-66.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
22ce62883750df7c5bf5684e0adb9b8a41d2d240ec2cd6ba408d63d4b559b8bc

Request headers

Host
www.airmilesshops.ca
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36

Response headers

Content-Type
text/html
Content-Length
38663
Connection
keep-alive
Date
Mon, 17 Feb 2020 03:57:42 GMT
Last-Modified
Wed, 14 Nov 2018 18:18:51 GMT
ETag
"4c078dbc676e97f9dd6291ac97894856"
Server
AmazonS3
X-Cache
Hit from cloudfront
Via
1.1 590590f04f79f692591f9db0e720a31d.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C2
X-Amz-Cf-Id
S_pcSNrd3TRRq6400Fgu4qWUYFSey8HOghZtJHirx0LL1q0ZUHhkIQ==
Age
5784
index.js
www.airmilesshops.ca/_next/cf0f556a-4f4f-47aa-9114-b3d363073c9e/page/404-eu/ 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.airmilesshops.ca/_next/cf0f556a-4f4f-47aa-9114-b3d363073c9e/page/404-eu/index.js
Requested by
Host: www.airmilesshops.ca
URL: http://www.airmilesshops.ca/
Protocol
HTTP/1.1
Server
13.225.84.66 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-66.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cceb3ebbcfb6455fb29f883e07d180bf5946906f9ea392f82912d8b125f9ec19

Request headers

Referer
http://www.airmilesshops.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36

Response headers

Date
Sun, 16 Feb 2020 06:48:38 GMT
Via
1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
Last-Modified
Wed, 14 Nov 2018 18:18:51 GMT
Server
AmazonS3
Age
81928
ETag
"3fa85c5859256ccead0e3b260e88c953"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C2
Content-Length
7344
X-Amz-Cf-Id
0Ddsvbr1atXjOvmbquWVkQiB0YE8apTOvKgJVq34dUxE-2--11q-gQ==
index.js
www.airmilesshops.ca/_next/cf0f556a-4f4f-47aa-9114-b3d363073c9e/page/_error/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.airmilesshops.ca/_next/cf0f556a-4f4f-47aa-9114-b3d363073c9e/page/_error/index.js
Requested by
Host: www.airmilesshops.ca
URL: http://www.airmilesshops.ca/
Protocol
HTTP/1.1
Server
13.225.84.66 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-66.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
874424337dc02d6119055bae243deb0205a04bf1b55d884120fd0cc6d490f7e7

Request headers

Referer
http://www.airmilesshops.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36

Response headers

Date
Sun, 16 Feb 2020 10:22:19 GMT
Via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
Last-Modified
Wed, 14 Nov 2018 18:18:51 GMT
Server
AmazonS3
Age
69107
ETag
"3f18f414706499f89bf91b7adc4d1f97"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C2
Content-Length
13259
X-Amz-Cf-Id
L1XVXwS532mo40GzfeRqzWKMiV_GdrRjeUMWYYG3ohhSY8yvXjcGAg==
app.js
www.airmilesshops.ca/_next/e708c5e971c0db9fb2a46303d6e16275/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.airmilesshops.ca/_next/e708c5e971c0db9fb2a46303d6e16275/app.js
Requested by
Host: www.airmilesshops.ca
URL: http://www.airmilesshops.ca/
Protocol
HTTP/1.1
Server
13.225.84.66 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-66.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90608a710884719203d2e1ff6e2d79275534e318adb7d9890ac8e6d1d8540c0b

Request headers

Referer
http://www.airmilesshops.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36

Response headers

Date
Sun, 16 Feb 2020 10:22:19 GMT
Via
1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
Last-Modified
Wed, 14 Nov 2018 18:18:51 GMT
Server
AmazonS3
Age
69107
ETag
"e708c5e971c0db9fb2a46303d6e16275"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C2
Content-Length
1354731
X-Amz-Cf-Id
7TW3UexHW4j7FWQfVqdGlLMAWtkIgbRW48OEeipjaTrBC7DrbHLvZg==
aes.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js
Requested by
Host: www.airmilesshops.ca
URL: http://www.airmilesshops.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
http://www.airmilesshops.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 05:34:05 GMT
content-encoding
br
cf-cache-status
HIT
age
9498988
cf-ray
566563e3fa77177a-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:18:35 GMT
server
cloudflare
etag
W/"5afd48eb-3430"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 06 Feb 2021 05:34:05 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.001
entry.js
se.monetate.net/js/2/a-2d036ac5/p/airmilesshops.ca/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://se.monetate.net/js/2/a-2d036ac5/p/airmilesshops.ca/entry.js
Requested by
Host: www.airmilesshops.ca
URL: http://www.airmilesshops.ca/
Protocol
HTTP/1.1
Server
95.100.67.201 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-67-201.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8c0cf5dd344b8506ecf14c89bd0905136f09fc0ef387117f7609bc5eddc3c5ea

Request headers

Referer
http://www.airmilesshops.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36

Response headers

Date
Mon, 17 Feb 2020 05:34:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Feb 2020 14:13:29 GMT
Server
AkamaiNetStorage
ETag
"798ec0df33cf021a53955ccc118a6006:1581430409"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
2874
custom.js
e.monetate.net/js/3/a-2d036ac5/p/airmilesshops.ca/t1484745711/76f45944ebdbd99a/ 		134 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://e.monetate.net/js/3/a-2d036ac5/p/airmilesshops.ca/t1484745711/76f45944ebdbd99a/custom.js
Requested by
Host: se.monetate.net
URL: http://se.monetate.net/js/2/a-2d036ac5/p/airmilesshops.ca/entry.js
Protocol
HTTP/1.1
Server
2.16.186.105 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-105.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f23f1b082da5f27219b57651f96cb6b140a7ede9dd9284c8aee82971abdf0cc3

Request headers

Referer
http://www.airmilesshops.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36

Response headers

Date
Mon, 17 Feb 2020 05:34:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Feb 2020 14:13:28 GMT
Server
AkamaiNetStorage
ETag
"1339abc0e049323cf0bb435aef09d4fd:1581430408"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Timing-Allow-Origin
*
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.airmilesshops.ca
URL: http://www.airmilesshops.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.airmilesshops.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
3633
date
Mon, 17 Feb 2020 04:33:32 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Mon, 17 Feb 2020 06:33:32 GMT
gtm.js
www.googletagmanager.com/ 		142 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W228VX
Requested by
Host: www.airmilesshops.ca
URL: http://www.airmilesshops.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1b0089f8c27f8d6ed8de5dc0b25ef7c3b889bc5d71d184bd3a097e72054e47c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://www.airmilesshops.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 05:34:05 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35903
x-xss-protection
0
last-modified
Mon, 17 Feb 2020 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Feb 2020 05:34:05 GMT
omnes-regular-webfont.woff
pattern-library.airmiles.ca/latest/fonts/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pattern-library.airmiles.ca/latest/fonts/omnes-regular-webfont.woff
Requested by
Host: www.airmilesshops.ca
URL: http://www.airmilesshops.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.196.30 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-196-30.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3390025f2372a4727c22965f51c63dc74f67e21f946836f91230fbae077b9296

Request headers

Referer
http://www.airmilesshops.ca/
Origin
http://www.airmilesshops.ca
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36

Response headers

date
Sun, 16 Feb 2020 17:14:10 GMT
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
age
44396
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
content-length
30224
last-modified
Tue, 23 Apr 2019 20:44:41 GMT
server
AmazonS3
etag
"4f9e09175e30e1fbd02a947e7d3978db"
vary
Origin
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
fLKw0JLW9J7XfnlulkL5-EFkn-necxNR6DiOE6QAV7KGSyQH1DtYZg==
js
www.google-analytics.com/gtm/ 		63 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-PX8MQ43&cid=1965736146.1581917646
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6fc95d903807b79aa07521a6e9c5c16d34e4a515ff47f3179408bc2236510680
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://www.airmilesshops.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 05:34:05 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
24140
x-xss-protection
0
last-modified
Mon, 17 Feb 2020 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Feb 2020 05:34:05 GMT
ced9f610-a44a-439a-b541-071e603bc57a_eu.js
cdn.mouseflow.com/projects/
Redirect Chain
  • http://cdn.mouseflow.com/projects/ced9f610-a44a-439a-b541-071e603bc57a.js
  • https://cdn.mouseflow.com/projects/ced9f610-a44a-439a-b541-071e603bc57a_eu.js
764 B
660 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mouseflow.com/projects/ced9f610-a44a-439a-b541-071e603bc57a_eu.js
Requested by
Host: www.airmilesshops.ca
URL: http://www.airmilesshops.ca/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.38 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
f943eacfc483576eb7ca68a1fc5a4251614669e60ff2de262c16a2fd5ca9ce12

Request headers

Referer
http://www.airmilesshops.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36

Response headers

date
Mon, 17 Feb 2020 05:34:05 GMT
content-encoding
gzip
last-modified
Sun, 02 Feb 2020 10:41:51 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"8c5b9e60b5d9d51:0"
x-cache
HIT
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=86400

Redirect headers

Location
https://cdn.mouseflow.com/projects/ced9f610-a44a-439a-b541-071e603bc57a_eu.js
Date
Mon, 17 Feb 2020 05:34:05 GMT
Server
NetDNA-cache/2.2
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
178
Content-Type
text/html
clickstream-amca
api.loyalty.com/v2/dh-spine/streams/ 		0
786 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.loyalty.com/v2/dh-spine/streams/clickstream-amca
Requested by
Host: www.airmilesshops.ca
URL: http://www.airmilesshops.ca/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.77.37 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-77-37.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
http://www.airmilesshops.ca
Referer
http://www.airmilesshops.ca/
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36
Access-Control-Request-Headers
content-type,ptoken

Response headers

Date
Mon, 17 Feb 2020 05:34:06 GMT
Via
kong/0.11.1, 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C2
X-Kong-Proxy-Latency
0
X-Cache
Miss from cloudfront
X-Kong-Upstream-Latency
3
Connection
keep-alive
Content-Length
0
X-Request-ID
81632e24-12c7-457e-9a9e-e503bd75fc31
Server
nginx/1.12.1
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, POST, OPTIONS, PUT
Content-Type
text/plain charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-Forwarded-Base,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,ptoken
X-Amz-Cf-Id
D9w-YEU5-ALfDB4dqLhzSTw5lAeONocivhfnkFbyUrJm8aH05ao7FA==
fbevents.js
connect.facebook.net/en_US/ 		126 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.airmilesshops.ca
URL: http://www.airmilesshops.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://www.airmilesshops.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
U8avpa9duRVsnZNHNhKq31SQikGmvodP081GB15hyi9DwHMFcD02gA15RDx1Y+MUYGl+5YpCV4wfSD97+q61Xw==
x-fb-trip-id
1850256238
date
Mon, 17 Feb 2020 05:34:05 GMT, Mon, 17 Feb 2020 05:34:05 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
1876645655954142
connect.facebook.net/signals/config/ 		447 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1876645655954142?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
055b0c07fc2afe5273ee7d0b460f94a8c7cca7258be7ec2c675a8fe5860648b3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://www.airmilesshops.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
tXcdZdD+rf6KmJAkkCQekz2ZQeOVXDdhwggSX5E2XaJVVB/SY4a5mnodysrp2x2DYDuTuRKaHPgG50+l/LofSw==
x-fb-trip-id
1850256238
date
Mon, 17 Feb 2020 05:34:05 GMT, Mon, 17 Feb 2020 05:34:05 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=548998069&t=pageview&_s=1&dl=http%3A%2F%2Fwww.airmilesshops.ca%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Page%20404%20EU%20%7C%20airmilesshops.ca&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEADQ~&jid=794015970&gjid=234102627&cid=1965736146.1581917646&uid=&tid=UA-76333024-2&_gid=252832000.1581917646&gtm=2wg250W228VX&cd1=na&cd2=ANON&cd3=Level-1&cd4=TBD&cd5=prod&cd6=1965736146.1581917646&cd8=http%3A%2F%2Fwww.airmilesshops.ca%2F&cd9=TBD&cd10=1581917645607&cd11=1581917645607.q3e3usx&cd13=&cd22=&cd23=&z=1037920523
Requested by
Host: www.airmilesshops.ca
URL: http://www.airmilesshops.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.airmilesshops.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Sat, 01 Feb 2020 08:35:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1371545
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-76333024-2&cid=1965736146.1581917646&jid=794015970&gjid=234102627&_gid=252832000.1581917646&_u=aGDAgEADQ~&z=1262001875
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-76333024-2&cid=1965736146.1581917646&jid=794015970&_v=j81&z=1262001875
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-76333024-2&cid=1965736146.1581917646&jid=794015970&_v=j81&z=1262001875&slf_rd=1&random=2184275372
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-76333024-2&cid=1965736146.1581917646&jid=794015970&_v=j81&z=1262001875&slf_rd=1&random=2184275372
Requested by
Host: www.airmilesshops.ca
URL: http://www.airmilesshops.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.airmilesshops.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 05:34:05 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Feb 2020 05:34:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-76333024-2&cid=1965736146.1581917646&jid=794015970&_v=j81&z=1262001875&slf_rd=1&random=2184275372
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=548998069&t=event&_s=1&dl=http%3A%2F%2Fwww.airmilesshops.ca%2F&ul=en-us&de=UTF-8&dt=Page%20404%20EU%20%7C%20airmilesshops.ca&sd=24-bit&sr=160...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-76333024-2&cid=1965736146.1581917646&jid=1363714402&_gid=252832000.1581917646&gjid=134047805&_v=j81&z=281305509
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-76333024-2&cid=1965736146.1581917646&jid=1363714402&_v=j81&z=281305509
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-76333024-2&cid=1965736146.1581917646&jid=1363714402&_v=j81&z=281305509&slf_rd=1&random=2306015878
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-76333024-2&cid=1965736146.1581917646&jid=1363714402&_v=j81&z=281305509&slf_rd=1&random=2306015878
Requested by
Host: www.airmilesshops.ca
URL: http://www.airmilesshops.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.airmilesshops.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 05:34:05 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 17 Feb 2020 05:34:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-76333024-2&cid=1965736146.1581917646&jid=1363714402&_v=j81&z=281305509&slf_rd=1&random=2306015878
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1876645655954142&ev=PageView&dl=http%3A%2F%2Fwww.airmilesshops.ca%2F&rl=&if=false&ts=1581917645806&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=29&fbp=fb.1.1581917645805.2105351445&it=1581917645642&coo=false&rqm=GET
Requested by
Host: www.airmilesshops.ca
URL: http://www.airmilesshops.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://www.airmilesshops.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 05:34:05 GMT, Mon, 17 Feb 2020 05:34:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Mon, 17 Feb 2020 05:34:05 GMT
/
www.facebook.com/tr/ 		44 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1876645655954142&ev=CustomPageView&dl=http%3A%2F%2Fwww.airmilesshops.ca%2F&rl=&if=false&ts=1581917645807&cd[pageName]=%2F&cd[url]=http%3A%2F%2Fwww.airmilesshops.ca%2F&cd[env]=prod&cd[campaign]=undefined&cd[collectorTier]=ANON&cd[shopCategories]=na&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=29&fbp=fb.1.1581917645805.2105351445&it=1581917645642&coo=false&rqm=GET
Requested by
Host: www.airmilesshops.ca
URL: http://www.airmilesshops.ca/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://www.airmilesshops.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 05:34:05 GMT, Mon, 17 Feb 2020 05:34:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Mon, 17 Feb 2020 05:34:05 GMT
/
zn87dzksw80et234h-loyalty.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		0
0
46380459-0
f.monetate.net/trk/4/s/a-2d036ac5/p/airmilesshops.ca/ 		61 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
http://f.monetate.net/trk/4/s/a-2d036ac5/p/airmilesshops.ca/46380459-0?mr=t1484745711&mi=%272.652962567.1581917645521%27&mt=!n&cs=!t&e=!(viewPage,gt)&pt=unknown&r=%27%27&sw=1600&sh=1200&sc=24&j=!f&u=%27http://www.airmilesshops.ca/%27&fl=!f&hvc=!t&eoq=!t
Requested by
Host: e.monetate.net
URL: http://e.monetate.net/js/3/a-2d036ac5/p/airmilesshops.ca/t1484745711/76f45944ebdbd99a/custom.js
Protocol
HTTP/1.1
Server
52.213.34.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-34-91.eu-west-1.compute.amazonaws.com
Software
Monetate /
Resource Hash
f4861993fe1dadecf4db947332eea2d361b2002367ac4f0897910e339d9031db

Request headers

Referer
http://www.airmilesshops.ca/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36

Response headers

Date
Mon, 17 Feb 2020 05:34:05 GMT
Content-Encoding
gzip
Server
Monetate
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-cache
Server-Timing
total;dur=41.6
Timing-Allow-Origin
*
Content-Length
81
Expires
Sun, 17 Feb 2019 05:34:05 GMT
clickstream-amca
api.loyalty.com/v2/dh-spine/streams/ 		0
792 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.loyalty.com/v2/dh-spine/streams/clickstream-amca
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.77.37 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-77-37.fra2.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

ptoken
VSrYdKT9CQd7Hecy4Z0CqNt6
Referer
http://www.airmilesshops.ca/
Origin
http://www.airmilesshops.ca
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.95 Safari/537.36
Content-type
text/html

Response headers

Date
Mon, 17 Feb 2020 05:34:06 GMT
Via
kong/0.11.1, 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C2
X-Kong-Proxy-Latency
0
X-Cache
Miss from cloudfront
X-Kong-Upstream-Latency
13
Server
nginx/1.12.1
Connection
keep-alive
Content-Length
0
X-Application-Context
application:prod:5000
X-Request-ID
c831d494-0930-40ed-b384-bc24fb91c850
Access-Control-Allow-Methods
GET, POST, OPTIONS, PUT
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-Forwarded-Base,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,ptoken
X-Amz-Cf-Id
Hasmhn795bYjI4mpkGXFGbFkXB9tTThYH1VFwX9fVxoTkpJO3vCiPQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
zn87dzksw80et234h-loyalty.siteintercept.qualtrics.com
URL
https://zn87dzksw80et234h-loyalty.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_SIID=SI_3BHfANuH47Q5Cm1&Q_LOC=http%3A%2F%2Fwww.airmilesshops.ca%2F&t=1581917645843

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| canUseDom function| getCookieMap function| getPageInfo object| dataLayer object| CryptoJS number| monetateT object| monetate string| GoogleAnalyticsObject function| ga object| __NEXT_DATA__ object| module function| __NEXT_REGISTER_PAGE function| __NEXT_REGISTER_CHUNK object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| $CICS string| dataPacket object| httpRequest function| fbq function| _fbq object| monetateQ object| google_optimize function| webpackJsonp object| __core-js_shared__ function| Swiper object| __algolia object| mouseflow object| _mfq

6 Cookies

Domain/Path Name / Value
.airmilesshops.ca/ Name: _gat
Value: 1
.airmilesshops.ca/ Name: _dc_gtm_UA-76333024-2
Value: 1
.airmilesshops.ca/ Name: _gid
Value: GA1.2.252832000.1581917646
.airmilesshops.ca/ Name: _ga
Value: GA1.2.1965736146.1581917646
.airmilesshops.ca/ Name: _fbp
Value: fb.1.1581917645805.2105351445
.airmilesshops.ca/ Name: mt.v
Value: 2.652962567.1581917645521

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.loyalty.com
cdn.mouseflow.com
cdnjs.cloudflare.com
connect.facebook.net
e.monetate.net
f.monetate.net
pattern-library.airmiles.ca
se.monetate.net
stats.g.doubleclick.net
www.airmilesshops.ca
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
zn87dzksw80et234h-loyalty.siteintercept.qualtrics.com
zn87dzksw80et234h-loyalty.siteintercept.qualtrics.com
13.224.196.30
13.225.77.37
13.225.84.66
2.16.186.105
23.111.9.38
2606:4700::6811:4004
2a00:1450:4001:806::200e
2a00:1450:4001:818::2008
2a00:1450:4001:820::2003
2a00:1450:4001:820::2004
2a00:1450:400c:c00::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
52.213.34.91
95.100.67.201
055b0c07fc2afe5273ee7d0b460f94a8c7cca7258be7ec2c675a8fe5860648b3
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1b0089f8c27f8d6ed8de5dc0b25ef7c3b889bc5d71d184bd3a097e72054e47c3
22ce62883750df7c5bf5684e0adb9b8a41d2d240ec2cd6ba408d63d4b559b8bc
3390025f2372a4727c22965f51c63dc74f67e21f946836f91230fbae077b9296
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
6fc95d903807b79aa07521a6e9c5c16d34e4a515ff47f3179408bc2236510680
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
874424337dc02d6119055bae243deb0205a04bf1b55d884120fd0cc6d490f7e7
8c0cf5dd344b8506ecf14c89bd0905136f09fc0ef387117f7609bc5eddc3c5ea
90608a710884719203d2e1ff6e2d79275534e318adb7d9890ac8e6d1d8540c0b
cceb3ebbcfb6455fb29f883e07d180bf5946906f9ea392f82912d8b125f9ec19
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f23f1b082da5f27219b57651f96cb6b140a7ede9dd9284c8aee82971abdf0cc3
f4861993fe1dadecf4db947332eea2d361b2002367ac4f0897910e339d9031db
f943eacfc483576eb7ca68a1fc5a4251614669e60ff2de262c16a2fd5ca9ce12
fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a