www.thriftshaq.com Open in urlscan Pro
54.148.81.178 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.thriftshaq.com/thecanadianmug
Submission: On October 29 via manual (October 29th 2021, 11:51:35 am UTC) from IE — Scanned from DE

Summary HTTP 33 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 20 domains to perform 33 HTTP transactions. The main IP is 54.148.81.178, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is www.thriftshaq.com.
TLS certificate: Issued by GlobalSign CloudSSL CA - SHA256 - G3 on October 29th 2021. Valid for: 9 months.

This is the only time www.thriftshaq.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	54.148.81.178 54.148.81.178	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
7	2606:4700:303... 2606:4700:3032::ac43:8bc0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:170... 2a02:26f0:1700:788::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
1	52.217.87.204 52.217.87.204	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:170... 2a02:26f0:1700:793::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.0.65 151.101.0.65	54113 (FASTLY) (FASTLY)
6 9	34.246.96.178 34.246.96.178	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 2	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
1	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	162.247.243.147 162.247.243.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
33	20

1 54.148.81.178 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-81-178.us-west-2.compute.amazonaws.com

www.thriftshaq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3032::ac43:8bc0 (United States)

ASN13335 (CLOUDFLARENET, US)

www.gearbubble-assets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:788::1931 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

static.klaviyo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.87.204 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

gearbubble-assets.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:793::13b8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.0.65 (United States)

ASN54113 (FASTLY, US)

tag.marinsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.246.96.178 (Dublin, Ireland) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-96-178.eu-west-1.compute.amazonaws.com

pixel-geo.prfct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.91 (Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.0.84 (United States)

ASN54113 (FASTLY, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.147 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	prfct.co 6 redirects pixel-geo.prfct.co	4 KB
7	gearbubble-assets.com www.gearbubble-assets.com	722 KB
4	klaviyo.com static.klaviyo.com	23 KB
3	pinterest.com assets.pinterest.com log.pinterest.com	19 KB
2	adnxs.com 1 redirects secure.adnxs.com	2 KB
2	doubleclick.net 2 redirects cm.g.doubleclick.net	959 B
2	openx.net 1 redirects us-u.openx.net	472 B
2	yahoo.com 1 redirects ups.analytics.yahoo.com	1 KB
2	facebook.net connect.facebook.net	79 KB
1	nr-data.net bam-cell.nr-data.net	725 B
1	facebook.com www.facebook.com	3 KB
1	newrelic.com js-agent.newrelic.com	13 KB
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	twitter.com analytics.twitter.com	597 B
1	marinsm.com tag.marinsm.com	4 KB
1	optimizely.com cdn.optimizely.com	61 KB
1	amazonaws.com gearbubble-assets.s3.amazonaws.com	5 KB
1	google.com apis.google.com	21 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	thriftshaq.com www.thriftshaq.com	25 KB
33	20

	Domain	Requested by
9	pixel-geo.prfct.co	6 redirects www.thriftshaq.com
7	www.gearbubble-assets.com	www.thriftshaq.com www.gearbubble-assets.com
4	static.klaviyo.com	www.thriftshaq.com static.klaviyo.com
2	secure.adnxs.com	1 redirects www.thriftshaq.com
2	cm.g.doubleclick.net	2 redirects
2	us-u.openx.net	1 redirects www.thriftshaq.com
2	ups.analytics.yahoo.com	1 redirects www.thriftshaq.com
2	connect.facebook.net	www.thriftshaq.com connect.facebook.net
2	assets.pinterest.com	www.thriftshaq.com assets.pinterest.com
1	bam-cell.nr-data.net	js-agent.newrelic.com
1	www.facebook.com	connect.facebook.net
1	js-agent.newrelic.com	www.thriftshaq.com
1	log.pinterest.com	www.thriftshaq.com
1	pixel.rubiconproject.com	www.thriftshaq.com
1	analytics.twitter.com	www.thriftshaq.com
1	tag.marinsm.com	www.thriftshaq.com
1	cdn.optimizely.com	www.thriftshaq.com
1	gearbubble-assets.s3.amazonaws.com	www.thriftshaq.com
1	apis.google.com	www.thriftshaq.com
1	fonts.googleapis.com	www.thriftshaq.com
1	www.thriftshaq.com
33	21

This site contains no links.

Subject Issuer	Validity	Valid
www.gearbubble.com GlobalSign CloudSSL CA - SHA256 - G3	`2021-10-29` - `2022-08-01`	9 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
static.klaviyo.com R3	`2021-09-25` - `2021-12-24`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-02-17` - `2022-02-21`	a year	crt.sh
tag.marinsm.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-07` - `2021-11-05`	3 months	crt.sh
*.prfct.co DigiCert SHA2 Secure Server CA	`2019-09-03` - `2021-10-27`	2 years	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://www.thriftshaq.com/thecanadianmug
Frame ID: 245982AAE485331ECE054488991B8D30
Requests: 32 HTTP requests in this frame

Frame: https://www.facebook.com/v2.3/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df332526ca93fe3%26domain%3Dwww.thriftshaq.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.thriftshaq.com%252Ffd9d8c7f504e6c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fhttps%3A%2F%2Fwww.facebook.com%2Fabrram20%2F%3Fref%3Daymt_homepage_panel%26eid%3DARA6knDLfHV71NXJt9mRCosJp0v9GalUzgaS__hDG3Ph0prv5p0tH_eVzRriEID3VhBnZXIdOxcd2CiI&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false
Frame ID: 9358B5BC9FB5FDC7D9BDD91FA1B48F02
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Thriftshaq

Page Statistics

33
Requests

76 %
HTTPS

33 %
IPv6

20
Domains

21
Subdomains

20
IPs

5
Countries

979 kB
Transfer

2983 kB
Size

21
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://pixel-geo.prfct.co/tagjs?a_id=44883&source=js_tag HTTP 302
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=44883&source=js_tag

Request Chain 21

https://pixel-geo.prfct.co/cs/?partnerId=twtr HTTP 302
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_Ihs8yy3sKGizfwNFO

Request Chain 22

https://pixel-geo.prfct.co/cs/?partnerId=yah HTTP 302
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_Ihs8yy3sKGizfwNFO&_origin=1 HTTP 302
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_Ihs8yy3sKGizfwNFO&_origin=1&verify=true

Request Chain 23

https://pixel-geo.prfct.co/cs/?partnerId=opx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_Ihs8yy3sKGizfwNFO HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_Ihs8yy3sKGizfwNFO

Request Chain 24

https://pixel-geo.prfct.co/cs/?partnerId=rbcn HTTP 302
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_Ihs8yy3sKGizfwNFO

Request Chain 25

https://pixel-geo.prfct.co/cs/?partnerId=goo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfSWhzOHl5M3NLR2l6ZndORk8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfSWhzOHl5M3NLR2l6ZndORk8&google_tc= HTTP 302
https://pixel-geo.prfct.co/cb?partnerId=goo

Request Chain 27

https://secure.adnxs.com/seg?t=2&add=2833632 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D2833632

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request thecanadianmug Show response
www.thriftshaq.com/ 24 KB
25 KB 806ms
244ms Document
text/html 54.148.81.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thriftshaq.com/thecanadianmug

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.148.81.178 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-81-178.us-west-2.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

aa1c6d7f02424f8bb2f6de5a4d828cc856ba176f37f9e3083f9fc2ba820ae997

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 29 Oct 2021 11:51:30 GMT
content-type: text/html; charset=utf-8
content-length: 24426
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
etag: W/"1f5ba74ff54e92634720a406ffceafd0"
cache-control: max-age=0, private, must-revalidate
x-request-id: aa606447-7d6d-4b5b-a462-c7a325df4797
x-runtime: 0.056975
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains;

GET
H2 200 css
fonts.googleapis.com/ 695 B
1 KB 60ms
24ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Courgette

Requested by

Host: www.thriftshaq.com
URL: https://www.thriftshaq.com/thecanadianmug

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fed29432df642109fbb60b82fa10c9241275c4d34ed7b6887df6206f1dad4cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thriftshaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 11:20:25 GMT
server: ESF
date: Fri, 29 Oct 2021 11:51:30 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Fri, 29 Oct 2021 11:51:30 GMT

GET
H2 200 application-ec83f449fdf66c8b040a236387937aec3d0510b78a7745e4e439a32a509cf603.css
www.gearbubble-assets.com/assets/ 529 KB
148 KB 62ms
30ms Stylesheet
text/css 2606:4700:3032::ac43:8bc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gearbubble-assets.com/assets/application-ec83f449fdf66c8b040a236387937aec3d0510b78a7745e4e439a32a509cf603.css

Requested by

Host: www.thriftshaq.com
URL: https://www.thriftshaq.com/thecanadianmug

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:8bc0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7e0fb1db111da66fc02869cafcdb0e9d4f961aab2413553d65874532716a3c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thriftshaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 11:51:30 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4137
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 21 Oct 2021 11:04:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JcDCk35DVnK2zU0i3WUZeBL6%2Bt8szHXByka4lwSBwfB40kab%2FC%2BLcMzxEjx2YUCaVa6EohYdn0pWPjLrjiuAj94yykmLM9zUgitE9gAsSJW%2BN2zXY9IaNjt5L37%2FsN7eWYNqCCj9qIq4r0lQQqCOfPfOL3IUgLRD"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6a5c31409a69440d-FRA

GET
H2 200 gearbubble_sales_header-f83cbc7c9bf32cb532420d48fb6407ac7ab72b1a2e301aa21d11a433d2988eb4.js Show response
www.gearbubble-assets.com/assets/ 977 KB
277 KB 83ms
51ms Script
application/javascript 2606:4700:3032::ac43:8bc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gearbubble-assets.com/assets/gearbubble_sales_header-f83cbc7c9bf32cb532420d48fb6407ac7ab72b1a2e301aa21d11a433d2988eb4.js

Requested by

Host: www.thriftshaq.com
URL: https://www.thriftshaq.com/thecanadianmug

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:8bc0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcd9fa46e03495727fe6b85695f28d9097dbb4656d3d5f6f23d0c200b5113815

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thriftshaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 11:51:30 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1180
cf-polished: origSize=1000668
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 21 Oct 2021 11:04:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rhIvXwthQ2ntUlU0UU9Jvvz%2FlwGYiQADZAzkurc%2FoMTU77qMd3yHJI%2Bp4oHyzdz%2B%2Faxfyqj6G%2FC6Qp1C9IV7sbD%2FBHrJubyzNcpvV7zLdpwZB0uHYXz0fO02Yp2oRqNa2YHhqN1tVl8mDWJTi09EpvnUSrdIuzjP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6a5c31409a6d440d-FRA
cf-bgj: minify

GET
H2 200 rails.validations-0241b7e43899c58ab11a45339a26fe7b1a541209cbdcda47bf68a74a18e0d518.js Show response
www.gearbubble-assets.com/assets/ 13 KB
4 KB 54ms
22ms Script
application/javascript 2606:4700:3032::ac43:8bc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gearbubble-assets.com/assets/rails.validations-0241b7e43899c58ab11a45339a26fe7b1a541209cbdcda47bf68a74a18e0d518.js

Requested by

Host: www.thriftshaq.com
URL: https://www.thriftshaq.com/thecanadianmug

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:8bc0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0241b7e43899c58ab11a45339a26fe7b1a541209cbdcda47bf68a74a18e0d518

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thriftshaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 11:51:30 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6897
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 21 Oct 2021 11:03:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucCpa8ixUz97gCoUn08EWWLa02GX7mzkpVhxdkT3ZkpSgDmCVj4h4rPb1l5bzEGZNrtV2uhT0ctKO7bSCVVuDqht9PXuCd%2Bjr2gvDGwUTQGI5CQOChoK%2FvOMZUI2M%2BEpOJLyJvCwcJ3uBC02jJ0J8Ljex3VeWucs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6a5c31409a70440d-FRA
cf-bgj: minify

GET
H2 200 platform.js Show response
apis.google.com/js/ 52 KB
21 KB 100ms
63ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.thriftshaq.com
URL: https://www.thriftshaq.com/thecanadianmug

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e21aa289818ac270e2647b8f04a0b04a78716f57797940f6fea477c6d03b7e56

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0aIFe2MVz+/ZCvsK4+GcOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thriftshaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 11:51:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "b25f111da50a2c91d2f1bce5d2447ba4"
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-0aIFe2MVz+/ZCvsK4+GcOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdcxyaoTJMYdhC5b1IVX_h4UhkFjYl5miMVZgqtCo-gS"
expires: Fri, 29 Oct 2021 11:51:30 GMT

GET
H2 200 pinit.js Show response
assets.pinterest.com/js/ 361 B
431 B 112ms
18ms Script
application/javascript 2a02:26f0:1700:788::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js
Requested by: Host: www.thriftshaq.com
URL: https://www.thriftshaq.com/thecanadianmug
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:788::1931 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thriftshaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-encoding: br
x-cdn: akamai
etag: "62d32c28f14783b94192cd8d35bc010d"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=162
accept-ranges: bytes
content-length: 203
access-control-expose-headers: X-CDN

GET
H2 200 klaviyo.js Show response
static.klaviyo.com/onsite/js/ 2 KB
1 KB 65ms
16ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=Y3Wigm
Requested by: Host: www.thriftshaq.com
URL: https://www.thriftshaq.com/thecanadianmug
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: feb707e85bcab302a236ecb4f0c97fc946de083abc782478ede38f8649d861b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thriftshaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 11:51:30 GMT
content-encoding: gzip
age: 51202
x-cache: HIT, HIT
access-control-max-age: 86400
content-length: 852
x-served-by: cache-lga21983-LGA, cache-cdg20783-CDG
access-control-allow-origin: *
allow: GET, OPTIONS
server: nginx
x-timer: S1635508291.861103,VS0,VE1
etag: W/"84b5c5565f48e685b269207c38252519"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=1, stale-while-revalidate=10800
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers
x-cache-hits: 1, 1

GET
H/1.1 200
OK thriftshaq_abestherthiessen_gmail.com.png
gearbubble-assets.s3.amazonaws.com/domains/logos/2559/original/ 4 KB
5 KB 599ms
271ms Image
image/png 52.217.87.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gearbubble-assets.s3.amazonaws.com/domains/logos/2559/original/thriftshaq_abestherthiessen_gmail.com.png
Requested by: Host: www.thriftshaq.com
URL: https://www.thriftshaq.com/thecanadianmug
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.87.204 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1286c1a557a698462276bbf96a51ff121fdead42fa1be4f24e39d1e532dbc7eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thriftshaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 11:51:32 GMT
Last-Modified: Fri, 17 Apr 2020 23:08:33 GMT
Server: AmazonS3
x-amz-request-id: 07JNBA2N8Y5T28Y4
ETag: "8564f179f4740695852a6dff0662d140"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4330
x-amz-id-2: RK2jqeTYz7j1xRRxK4k2inx19CWPbCLWD6MsrDSYXWE5AFNicfkHy/GSBLPNLk6qTLDswN1Kfug=

GET
H2 200 gearbubble_footer-b3069419d427cabefd046ef74f68f0b4ff0394ad6b994a663b5cdf122837ae01.js Show response
www.gearbubble-assets.com/assets/ 611 KB
141 KB 25ms
25ms Script
application/javascript 2606:4700:3032::ac43:8bc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gearbubble-assets.com/assets/gearbubble_footer-b3069419d427cabefd046ef74f68f0b4ff0394ad6b994a663b5cdf122837ae01.js

Requested by

Host: www.thriftshaq.com
URL: https://www.thriftshaq.com/thecanadianmug

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:8bc0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64ae61891e66c0462b8f23896798b9776e9af4265b7351f0a9dba4b3697e4cf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thriftshaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 11:51:30 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4137
cf-polished: origSize=626043
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 21 Oct 2021 10:35:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5l4fhDg7TFgEnK58v5oMe0HV9wddEq%2F%2FdBHXSpOfSy%2FuVjm7elgg9XvVXuT%2Fs9ZDY%2BAju2lZI%2FY4RAscnvU%2FcNJSOl2b8PPq5YvMTc1%2BEuCSrmMoBVqNj2Ln3TIPIbRk1zJdHSJHhA3dcdKSZB2zJzpLSo3T1KI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6a5c3140eb5f440d-FRA
cf-bgj: minify

GET
H2 200 2918080069.js Show response
cdn.optimizely.com/js/ 168 KB
61 KB 191ms
128ms Script
text/javascript 2a02:26f0:1700:793::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/2918080069.js

Requested by

Host: www.thriftshaq.com
URL: https://www.thriftshaq.com/thecanadianmug

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:793::13b8 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b8bcfe08e31485cff86f9a405dd8a014a3c3d35c33fe65af3273edd178652a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thriftshaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: cu7g9tz2bKNhC7Xx.BI9oTqzJztwih6M
content-encoding: gzip
etag: "a69684c97412888bc8fec1e85a2c6a68"
x-amz-request-id: FFDCA44C0A164E57
x-amz-meta-revision: 7
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="12";dur=0,cdnip;desc="2a02:26f0:1700:793::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 61507
x-amz-id-2: XbArHv0y4oLOQ38b1WHC9lUDY83a+V1fdoozNp5j8aLOLCAuERvszUiDLSM2UPNngsTfzgT2MGk=
last-modified: Sat, 29 Oct 2016 00:41:43 GMT
server: AmazonS3
date: Fri, 29 Oct 2021 11:51:30 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 bootstrap-formhelpers-countries.flags.png
www.gearbubble-assets.com/assets/ 20 KB
20 KB 15ms
15ms Image
image/png 2606:4700:3032::ac43:8bc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gearbubble-assets.com/assets/bootstrap-formhelpers-countries.flags.png

Requested by

Host: www.gearbubble-assets.com
URL: https://www.gearbubble-assets.com/assets/application-ec83f449fdf66c8b040a236387937aec3d0510b78a7745e4e439a32a509cf603.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:8bc0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5138977b782b178fe822902757eca630acb66a4bd7050ace749753246b86481

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gearbubble-assets.com/assets/application-ec83f449fdf66c8b040a236387937aec3d0510b78a7745e4e439a32a509cf603.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 11:51:30 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3326
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 20507
last-modified: Thu, 21 Oct 2021 11:02:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n1zMevtnOnlU0J8n8cSNmYAvhPt4JX4J0fnaH0JUaHLhQ2%2F4sYKZ%2BYyqKi7XFyq61Z3FtY6eajW64TulEVfwDRljaNp%2BoIu3cr1LzfPcYO0Pyjs4XIeWelcevlBx6vY4W%2BzwY3Fw116YScwY5gIb%2FqqMyXFQJT9C"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6a5c31418cf8440d-FRA

GET
H2 200 fontawesome-webfont.woff2
www.gearbubble-assets.com/assets/ 75 KB
76 KB 1131ms
1092ms Font
application/font-woff2 2606:4700:3032::ac43:8bc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gearbubble-assets.com/assets/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: www.gearbubble-assets.com
URL: https://www.gearbubble-assets.com/assets/application-ec83f449fdf66c8b040a236387937aec3d0510b78a7745e4e439a32a509cf603.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:8bc0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.gearbubble-assets.com/assets/application-ec83f449fdf66c8b040a236387937aec3d0510b78a7745e4e439a32a509cf603.css
Origin: https://www.thriftshaq.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 11:51:31 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77160
last-modified: Thu, 21 Oct 2021 10:32:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5FLvG1yEBlsTqugSytKs8UTG2C86j68TMsVwGzpe6G6K40%2BO9OKQ%2BXEhitWic1WMaphcjachTXm8wd%2BS1ew%2F%2BjzqN8i%2BDxWwVBUVPeMaCXU9OXEVxhla7nVLROkd33Og7IAloP0lsrSfI4Q7Q3tA6nnO6q8fyX8l"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6a5c3141dd08e8f3-MXP

GET
H2 200 verdana.woff2
www.gearbubble-assets.com/assets/fonts/woff2/ 55 KB
55 KB 1173ms
1135ms Font
application/font-woff2 2606:4700:3032::ac43:8bc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gearbubble-assets.com/assets/fonts/woff2/verdana.woff2

Requested by

Host: www.gearbubble-assets.com
URL: https://www.gearbubble-assets.com/assets/application-ec83f449fdf66c8b040a236387937aec3d0510b78a7745e4e439a32a509cf603.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:8bc0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f37244be83bc4185a1b1fd284af93ad0bda8a524f161dc6190eca7d560ac5da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.gearbubble-assets.com/assets/application-ec83f449fdf66c8b040a236387937aec3d0510b78a7745e4e439a32a509cf603.css
Origin: https://www.thriftshaq.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 11:51:31 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 56228
last-modified: Thu, 21 Oct 2021 11:02:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains;
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kjJ31HlQ%2ByQzYpAvK2lJglkjxwS5AJFf7K%2FqvHgcZl9g0S91e%2FN3fYIK86Gi8lS%2BL%2FWQ%2FLTfTHN3RolXjtUjac%2B6CbdWTtlfn7svoY%2FQZEpXHswJqFrvo0zIzapcxwblBJk5785OLtnZ7m3w3TDmBNDga8Z9s6q5"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6a5c3141dd0ce8f3-MXP

GET
H/1.1 200
OK 555926ce7e51eda14100005f.js Show response
tag.marinsm.com/serve/ 12 KB
4 KB 39ms
8ms Script
text/javascript 151.101.0.65
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.marinsm.com/serve/555926ce7e51eda14100005f.js

Requested by

Host: www.thriftshaq.com
URL: https://www.thriftshaq.com/thecanadianmug

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.65 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

17673d978351245ba2d84d4f0727302bbd1df871b669d2a276c5dccc6acaefb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thriftshaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 11:51:30 GMT
Via: 1.1 vegur, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 1315
X-Cache: HIT
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3901
X-Served-By: cache-hhn4054-HHN
Server: Cowboy
X-Timer: S1635508291.886156,VS0,VE1
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=1800
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H2 200 fender_analytics.c7f694e88653ffd4f12f.js Show response
static.klaviyo.com/onsite/js/ 20 KB
7 KB 16ms
16ms Script
application/x-javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/fender_analytics.c7f694e88653ffd4f12f.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=Y3Wigm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87a7eedfc669fa9f3b9c7a48d3312673c6932ec7d7c246a7031c963290ff5f33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thriftshaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: O4gT_9AxnhAmSMcpZoDLd_zEcS3Vcz1x
content-encoding: gzip
age: 51204
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 6806
x-amz-id-2: duw8pmIRlSyWC+u94N2u7hO57REu8BfagKUlRJchUjsicx1F6eEGA9S+7fyLZgXojdssrceNybg=
x-served-by: cache-lga21921-LGA, cache-cdg20783-CDG
last-modified: Thu, 28 Oct 2021 21:37:17 GMT
server: AmazonS3
etag: "b3174d5a67cfbbf5e1fef7b499dc33ed"
vary: Accept-Encoding
x-amz-request-id: SMT21EK6XC1B2Y0C
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=2592000, stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/x-javascript
date: Fri, 29 Oct 2021 11:51:30 GMT
x-cache-hits: 1, 18836

GET
H2 200 sharedUtils.dd98b94b5c4d56c81873.js Show response
static.klaviyo.com/onsite/js/ 35 KB
9 KB 16ms
16ms Script
application/x-javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/sharedUtils.dd98b94b5c4d56c81873.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=Y3Wigm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa8acd00075832e1c7630e10baac1c2ab95c373d8a6eacd889a732d06c333c5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thriftshaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: FClJQJTc8x4FjLA73z6dFbE1.BpeK1pm
content-encoding: gzip
age: 51205
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 9323
x-amz-id-2: mj4jUwXzud7L6QbHw5lr9U4L/gz69P4/aPOEueFJX+Utg0nFcR57D8MWxEndAoP+gtkKMGi3TFk=
x-served-by: cache-lga21922-LGA, cache-cdg20783-CDG
last-modified: Sat, 23 Oct 2021 15:01:59 GMT
server: AmazonS3
etag: "125de9f415c6978bdad2edb46666e0a0"
vary: Accept-Encoding
x-amz-request-id: 2F829EP4QM40SVVV
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=2592000, stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/x-javascript
date: Fri, 29 Oct 2021 11:51:30 GMT
x-cache-hits: 1, 21274

GET
H2 200 static.28e2cf0dd323d58db2c7.js Show response
static.klaviyo.com/onsite/js/ 11 KB
5 KB 18ms
18ms Script
application/x-javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.klaviyo.com/onsite/js/static.28e2cf0dd323d58db2c7.js
Requested by: Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=Y3Wigm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a87f6a1981668addbbd3a71a90dd37d6c7ee1065499dadaf04f0eeb56b0d805d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thriftshaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: hFCu35rErooeMDm3J.M68AXCGTarSMrT
content-encoding: gzip
age: 51204
x-cache: HIT, HIT
x-amz-meta-surrogate-control: max-age=31536000
x-amz-meta-surrogate-key: fender-asset
content-length: 4863
x-amz-id-2: iyiMyvDkaAGbRgWqC07Q0OZzVyCZGesUfmItvp1YnoZp4YF5Yva33kSUk/mYTdfkdD32+XCBh6I=
x-served-by: cache-lga21923-LGA, cache-cdg20783-CDG
last-modified: Thu, 28 Oct 2021 21:37:17 GMT
server: AmazonS3
etag: "3dc6b0d03e63105f9f4bdf042485aa65"
vary: Accept-Encoding
x-amz-request-id: SMT69GH6BGJ3HBHA
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=2592000, stale-while-revalidate=10800
accept-ranges: bytes
content-type: application/x-javascript
date: Fri, 29 Oct 2021 11:51:30 GMT
x-cache-hits: 1, 23347

GET
H/1.1

200
OK

tagjs Show response
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/tagjs?a_id=44883&source=js_tag
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=44883&source=js_tag

125 B
454 B

29ms
29ms

Script
text/javascript

34.246.96.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=44883&source=js_tag
Requested by: Host: www.thriftshaq.com
URL: https://www.thriftshaq.com/thecanadianmug
Protocol: HTTP/1.1
Server: 34.246.96.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-96-178.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 4a5a029168b43ccd888d6e0a198c44873af700d1c25ef4d35bff189e3144863a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thriftshaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 125
Content-Type: text/javascript

Redirect headers

Location: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=44883&source=js_tag
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 66 KB
19 KB 19ms
19ms Script
application/javascript 2a02:26f0:1700:788::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.9663061497092487
Requested by: Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:788::1931 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 75ad585dd9aeca2614593614f6fd317e98b267e6595ffc18e9675e1c744b7a03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thriftshaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-encoding: br
x-cdn: akamai
etag: "0c6c6fa4aaa25b5091d9f0d1fe79700b"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=284
accept-ranges: bytes
content-length: 18683
access-control-expose-headers: X-CDN

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.thriftshaq.com
URL: https://www.thriftshaq.com/thecanadianmug

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4db326895b9e41f28616a34a13047957743f2c6ae4edc54041dc95e7670376f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thriftshaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: dIFxuPlbfkzwCqAwVc1MHA==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: jhEGH0ELNn/XBGyFzAH53w+/C1kUYzcMw3sAVlkJL7kAVpalYhzgonsaW1YUkzBfyStFT6Wh9esvJQ2pr8hvhw==
x-fb-trip-id: 686109401
x-fb-content-md5: 16cb13ce7db7e18165ceafc3704f9e25
x-frame-options: DENY
date: Fri, 29 Oct 2021 11:51:31 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "88ad2dbaeb227485370a1ffb0b42809d"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 29 Oct 2021 11:55:33 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 271 KB
77 KB 21ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=e6c8b763afb831f124dc03ad7a1dfa2f

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

86b727264141a25f7cb026bfd557ee57168d98ef477ccc1f793c2e2cd675d1fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.thriftshaq.com/
Origin: https://www.thriftshaq.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Rz9ENcDpseuRioux7vonlg==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 78179
x-fb-rlafr: 0
x-fb-debug: XE4MhTwrfdvHuFWQUl+qPcqpujW7D95gTfRTwuUMuSpx4tTNbSyAwcRBTgNMiSrVTyrzZAVBZqUHNi0pUrhgjg==
x-fb-trip-id: 686109401
x-fb-content-md5: 0cb4c9c95901f4cbbb0f12e3c7a45db4
x-frame-options: DENY
date: Fri, 29 Oct 2021 11:51:31 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "f04352f76041bb2a6f8e893f38d43185"
timing-allow-origin: *
expires: Sat, 29 Oct 2022 10:08:28 GMT

GET
H2

200

adsct
analytics.twitter.com/i/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=twtr
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_Ihs8yy3sKGizfwNFO

43 B
597 B

138ms
113ms

Image
image/gif

104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_Ihs8yy3sKGizfwNFO

Requested by

Host: www.thriftshaq.com
URL: https://www.thriftshaq.com/thecanadianmug

Protocol

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thriftshaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 11:51:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 105
pragma: no-cache
last-modified: Fri, 29 Oct 2021 11:51:31 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 0e0e13418e8510b934e6a94d5aa95143ce31fc19fa1a1e114cb8ff74c52d1eb7
x-transaction: ff4cc5a2b64a7627
expires: Tue, 31 Mar 1981 05:00:00 GMT

Redirect headers

Location: https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_Ihs8yy3sKGizfwNFO
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/58288/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=yah
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_Ihs8yy3sKGizfwNFO&_origin=1
https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_Ihs8yy3sKGizfwNFO&_origin=1&verify=true

0
735 B

10ms
9ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_Ihs8yy3sKGizfwNFO&_origin=1&verify=true

Requested by

Host: www.thriftshaq.com
URL: https://www.thriftshaq.com/thecanadianmug

Protocol

HTTP/1.1

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.138 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thriftshaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 11:51:31 GMT
Server: ATS/7.1.2.138
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date: Fri, 29 Oct 2021 11:51:31 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://ups.analytics.yahoo.com/ups/58288/sync?uid=pa_Ihs8yy3sKGizfwNFO&_origin=1&verify=true
Connection: keep-alive
Content-Length: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=opx
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_Ihs8yy3sKGizfwNFO
https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_Ihs8yy3sKGizfwNFO

43 B
180 B

16ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_Ihs8yy3sKGizfwNFO
Requested by: Host: www.thriftshaq.com
URL: https://www.thriftshaq.com/thecanadianmug
Protocol: H2
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.217.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thriftshaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 11:51:31 GMT
via: 1.1 google
server: OXGW/16.217.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_Ihs8yy3sKGizfwNFO
date: Fri, 29 Oct 2021 11:51:31 GMT
via: 1.1 google
server: OXGW/16.217.1
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=rbcn
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_Ihs8yy3sKGizfwNFO

0
239 B

58ms
10ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_Ihs8yy3sKGizfwNFO
Requested by: Host: www.thriftshaq.com
URL: https://www.thriftshaq.com/thecanadianmug
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thriftshaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_Ihs8yy3sKGizfwNFO
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

cb
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=goo
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfSWhzOHl5M3NLR2l6ZndORk8
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfSWhzOHl5M3NLR2l6ZndORk8&google_tc=
https://pixel-geo.prfct.co/cb?partnerId=goo

43 B
365 B

30ms
30ms

Image
image/gif

34.246.96.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/cb?partnerId=goo
Requested by: Host: www.thriftshaq.com
URL: https://www.thriftshaq.com/thecanadianmug
Protocol: HTTP/1.1
Server: 34.246.96.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-96-178.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thriftshaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 29 Oct 2021 11:51:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel-geo.prfct.co/cb?partnerId=goo
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
pixel-geo.prfct.co/seg/ 43 B
365 B 177ms
113ms Image
image/gif 34.246.96.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/seg/?add=2833632&source=js_tag&a_id=44883
Requested by: Host: www.thriftshaq.com
URL: https://www.thriftshaq.com/thecanadianmug
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.96.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-96-178.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thriftshaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?t=2&add=2833632
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D2833632

43 B
1023 B

15ms
15ms

Image
image/gif

185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D2833632

Requested by

Host: www.thriftshaq.com
URL: https://www.thriftshaq.com/thecanadianmug

Protocol

HTTP/1.1

Server

185.33.221.91 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thriftshaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 11:51:31 GMT
X-Proxy-Origin: 185.232.23.179; 185.232.23.179; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 83870b04-c1d9-4bc2-a7b5-c3b3d46b8316
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 11:51:31 GMT
X-Proxy-Origin: 185.232.23.179; 185.232.23.179; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0ec75c69-7aff-4fd8-af79-58996b7d32ea
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D2833632
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 /
log.pinterest.com/ 0
333 B 139ms
107ms Image
text/plain 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=Y33gc7ot5j27&tv=2021082501&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fwww.thriftshaq.com%2Fthecanadianmug
Requested by: Host: www.thriftshaq.com
URL: https://www.thriftshaq.com/thecanadianmug
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thriftshaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 11:51:32 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 1
x-cache-hits: 0
content-length: 0
x-served-by: cache-hhn4078-HHN
pragma: no-cache
server: envoy
x-timer: S1635508292.991243,VS0,VE95
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-pinterest-rid: 1506400224719485
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 nr-1211.min.js Show response
js-agent.newrelic.com/ 33 KB
13 KB 29ms
7ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1211.min.js
Requested by: Host: www.thriftshaq.com
URL: https://www.thriftshaq.com/thecanadianmug
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e42e478fd27161799c18a75c2e9a7341996250f696d09d53db336a2962ba06b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thriftshaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: yf8j0EL0OxPIPTHd.58X6iFExO4xIT0R
content-encoding: gzip
etag: "3ad2268e635f4d033b0062f582c5b85a"
x-amz-request-id: X3M81H4NM1B4G6R6
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 12477
x-amz-id-2: cvOSmODg07/4O4zGwviZMR3PU/m+IFAgnbTWch2Pw3XfIW/4Me7DGjuuZsigtg0xT+fI73EM98w=
x-served-by: cache-hhn4065-HHN
last-modified: Mon, 27 Sep 2021 20:46:50 GMT
server: AmazonS3
x-timer: S1635508292.123083,VS0,VE0
date: Fri, 29 Oct 2021 11:51:32 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 18916

GET
H2 200 like.php Show response
www.facebook.com/v2.3/plugins/ Frame 9358 0
3 KB 69ms
38ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.3/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df332526ca93fe3%26domain%3Dwww.thriftshaq.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.thriftshaq.com%252Ffd9d8c7f504e6c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fhttps%3A%2F%2Fwww.facebook.com%2Fabrram20%2F%3Fref%3Daymt_homepage_panel%26eid%3DARA6knDLfHV71NXJt9mRCosJp0v9GalUzgaS__hDG3Ph0prv5p0tH_eVzRriEID3VhBnZXIdOxcd2CiI&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=e6c8b763afb831f124dc03ad7a1dfa2f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net ;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com ;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com ;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: ;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com ad.atdmt.com data: www.instagram.com .vrich619.com .fbcdn.net ;worker-src blob: .facebook.com data: *;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thriftshaq.com/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net *;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com *;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com *;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net *;worker-src blob: *.facebook.com data: *;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net *;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com *;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com *;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net *;worker-src blob: *.facebook.com data: *;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: s8zw6aTOs0ZnAWMzuWw2aJon+AD11c4NRKiou2tOpsqRukHHONRyAyYWN3+F+2EZuxpPS+9P/vPLd2pj2dRNuw==
content-length: 0
date: Fri, 29 Oct 2021 11:51:32 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H/1.1 200
OK dee5c93325 Show response
bam-cell.nr-data.net/1/ 49 B
725 B 556ms
530ms Script
text/javascript 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/dee5c93325?a=16400362&v=1211.ba193a8&to=Jw0KTEtcXQ8DQxhaWQkSBVFeXUJMFVlYTg%3D%3D&rst=2337&ck=1&ref=https://www.thriftshaq.com/thecanadianmug&ap=57&be=828&fe=2300&dc=1196&perf=%7B%22timing%22:%7B%22of%22:1635508289797,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:18,%22c%22:18,%22s%22:23,%22ce%22:562,%22rq%22:562,%22rp%22:806,%22rpe%22:808,%22dl%22:809,%22di%22:1195,%22ds%22:1195,%22de%22:1206,%22dc%22:2300,%22l%22:2300,%22le%22:2325%7D,%22navigation%22:%7B%7D%7D&fp=1049&fcp=1049&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1211.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thriftshaq.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 11:51:32 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6a5c314a0efd6913-FRA

Verdicts & Comments Add Verdict or Comment

125 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.thriftshaq.com/	1970-01-19 22:21:21	Name: _gearbubble_session Value: VzZaUUdRZEhSWi9yQmxNM1V4RlJCR25QVVpXbCtIdlNEcWNONDcrOXpFQWlYNWRzbmkrT05hMTZoTWdPTEVTT1JPTHR3Z2g1UHN0c3daTFJkajdoa2U5eXNZTVpuSkFYWEtUVXY2YWU2allZVm9WdmMvWW9vTGM4NVNBUytnc3NHR2Y1eEEyakh5RnhIbzZPZk9xd21MVGJRNkpXdlBSWlB0ZnlEc2txYnN2UTJmcVBvV1dZRXo5RGJld213VkZ5TzFyaVJoR0JlbHBsTHhMTElwMnVqV0ZSQ0w0L01Ga0dPbW14M0dPT09pNzZYeFVsaU43YlBFd0lwYkJIRWNiU1NMSm1oOGxwMFNxSHIwZ1BzWk9pQ2FVSzhIQTJEM0NTKzB6dndVZm1UQkU9LS12WWUwbkY0K2lYM2xHWDdkVVhCVnh3PT0%3D--d117f839db7cd8a1add6cb8279a946166a86d019
.google.com/	1970-01-20 02:41:59	Name: NID Value: 511=SDZzrtJN5edzhY-zSlB6NVJigTJTpn6Pc3jEsT6IjTxVPVk5vHUg-oyw4E5zeCxs8aWs7glRheH7F-yZx9HvToxKzNAFilGDrg7-62yM5z7IyE_elnjfc6cB5HXFQ2oPPqkP2RcLI01D1wZCg389g99CiwhpOnxeyEqrXoK62Ig
www.thriftshaq.com/	1970-01-20 15:49:40	Name: __kla_id Value: eyIkcmVmZXJyZXIiOnsidHMiOjE2MzU1MDgyOTEsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vd3d3LnRocmlmdHNoYXEuY29tL3RoZWNhbmFkaWFubXVnIn0sIiRsYXN0X3JlZmVycmVyIjp7InRzIjoxNjM1NTA4MjkxLCJ2YWx1ZSI6IiIsImZpcnN0X3BhZ2UiOiJodHRwczovL3d3dy50aHJpZnRzaGFxLmNvbS90aGVjYW5hZGlhbm11ZyJ9fQ==
.thriftshaq.com/	1970-01-23 13:54:28	Name: optimizelyEndUserId Value: oeu1635508290983r0.6526443481035331
.thriftshaq.com/	1970-01-23 13:54:28	Name: optimizelySegments Value: %7B%223016950347%22%3A%22false%22%2C%223023400121%22%3A%22direct%22%2C%223034690589%22%3A%22gc%22%7D
.thriftshaq.com/	1970-01-23 13:54:28	Name: optimizelyBuckets Value: %7B%7D
.thriftshaq.com/	1970-01-19 22:18:28	Name: optimizelyPendingLogEvents Value: %5B%5D
.prfct.co/	1970-01-20 15:49:40	Name: pa_uid Value: pa_Ihs8yy3sKGizfwNFO
.prfct.co/	1970-01-20 15:49:40	Name: pa_twitter_ts Value: 1635508291131
.prfct.co/	1970-01-20 15:49:40	Name: pa_yahoo_ts Value: 1635508291162
.adnxs.com/	1970-01-20 00:28:04	Name: uuid2 Value: 8529695204604870481
.adnxs.com/	1970-01-20 00:28:04	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2Hb^Kcmh<!1yIE'Yg-$0y=/d!!'!/$NuLD
.prfct.co/	1970-01-20 15:49:40	Name: pa_openx_ts Value: 1635508291193
.prfct.co/	1970-01-20 15:49:40	Name: pa_rubicon_ts Value: 1635508291193
.prfct.co/	1970-01-20 15:49:40	Name: pa_google_ts Value: 1635508291195
.yahoo.com/	1970-01-20 07:04:25	Name: A3 Value: d=AQABBEPge2ECEMbYzJklwWixBC34A2WaY-EFEgEBAQExfWGFYQAAAAAA_eMAAA&S=AQAAAl5p8CI6H98tyMuYaAD9_0o
.analytics.yahoo.com/	1970-01-20 07:05:30	Name: IDSYNC Value: 18z4~218b
.openx.net/	1970-01-20 07:04:04	Name: i Value: 59e23306-0d12-40d9-afb8-87bf5208e1f9\|1635508291
.twitter.com/	1970-01-20 15:49:40	Name: personalization_id Value: "v1_bzPMaEaePqjDSKP5g21vww=="
.doubleclick.net/	1970-01-20 07:40:04	Name: IDE Value: AHWqTUlebQa5jfgulXqCuvqbLi9baH54jPQDyq82Is0TED0htxYZCwYkdGC1TXiCI5k
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 5760126da650a385

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
apis.google.com
assets.pinterest.com
bam-cell.nr-data.net
cdn.optimizely.com
cm.g.doubleclick.net
connect.facebook.net
fonts.googleapis.com
gearbubble-assets.s3.amazonaws.com
js-agent.newrelic.com
log.pinterest.com
pixel-geo.prfct.co
pixel.rubiconproject.com
secure.adnxs.com
static.klaviyo.com
tag.marinsm.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.gearbubble-assets.com
www.thriftshaq.com
104.244.42.131
142.250.186.66
151.101.0.65
151.101.0.84
151.101.130.137
151.101.194.133
162.247.243.147
18.156.0.31
185.33.221.91
2606:4700:3032::ac43:8bc0
2a00:1450:4001:801::200a
2a00:1450:4001:80f::200e
2a02:26f0:1700:788::1931
2a02:26f0:1700:793::13b8
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.246.96.178
34.98.64.218
52.217.87.204
54.148.81.178
69.173.144.165
0241b7e43899c58ab11a45339a26fe7b1a541209cbdcda47bf68a74a18e0d518
1286c1a557a698462276bbf96a51ff121fdead42fa1be4f24e39d1e532dbc7eb
17673d978351245ba2d84d4f0727302bbd1df871b669d2a276c5dccc6acaefb1
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
4a5a029168b43ccd888d6e0a198c44873af700d1c25ef4d35bff189e3144863a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4db326895b9e41f28616a34a13047957743f2c6ae4edc54041dc95e7670376f2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e42e478fd27161799c18a75c2e9a7341996250f696d09d53db336a2962ba06b
64ae61891e66c0462b8f23896798b9776e9af4265b7351f0a9dba4b3697e4cf6
75ad585dd9aeca2614593614f6fd317e98b267e6595ffc18e9675e1c744b7a03
7f37244be83bc4185a1b1fd284af93ad0bda8a524f161dc6190eca7d560ac5da
86b727264141a25f7cb026bfd557ee57168d98ef477ccc1f793c2e2cd675d1fc
87a7eedfc669fa9f3b9c7a48d3312673c6932ec7d7c246a7031c963290ff5f33
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a87f6a1981668addbbd3a71a90dd37d6c7ee1065499dadaf04f0eeb56b0d805d
aa1c6d7f02424f8bb2f6de5a4d828cc856ba176f37f9e3083f9fc2ba820ae997
aa8acd00075832e1c7630e10baac1c2ab95c373d8a6eacd889a732d06c333c5c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b5138977b782b178fe822902757eca630acb66a4bd7050ace749753246b86481
b8bcfe08e31485cff86f9a405dd8a014a3c3d35c33fe65af3273edd178652a54
bcd9fa46e03495727fe6b85695f28d9097dbb4656d3d5f6f23d0c200b5113815
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
e21aa289818ac270e2647b8f04a0b04a78716f57797940f6fea477c6d03b7e56
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7e0fb1db111da66fc02869cafcdb0e9d4f961aab2413553d65874532716a3c3
feb707e85bcab302a236ecb4f0c97fc946de083abc782478ede38f8649d861b2
fed29432df642109fbb60b82fa10c9241275c4d34ed7b6887df6206f1dad4cf0

www.thriftshaq.com Open in urlscan Pro 54.148.81.178 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

33 Requests

76 %HTTPS

33 %IPv6

20 Domains

21 Subdomains

20 IPs

5 Countries

979 kBTransfer

2983 kBSize

21 Cookies

0 Outgoing links

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

www.thriftshaq.com Open in urlscan Pro
54.148.81.178 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

76 %
HTTPS

33 %
IPv6

20
Domains

21
Subdomains

20
IPs

5
Countries

979 kB
Transfer

2983 kB
Size

21
Cookies

33 HTTP transactions
0 data transactions