urlscan.io logo urlscan.io
SecurityTrails logo

bubble.merchpals.com Open in urlscan Pro
108.138.7.81  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bubble.merchpals.com/
Effective URL: https://bubble.merchpals.com/
Submission: On July 05 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 11 domains to perform 38 HTTP transactions. The main IP is 108.138.7.81, located in United States and belongs to AMAZON-02, US. The main domain is bubble.merchpals.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on October 31st 2023. Valid for: a year.
This is the only time bubble.merchpals.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 108.138.7.81 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 18.66.122.112 16509 (AMAZON-02)
2 2620:1ec:bdf::60 8075 (MICROSOFT...)
5 23.213.161.197 20940 (AKAMAI-ASN1)
2 151.101.128.176 54113 (FASTLY)
3 3.129.241.196 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 151.101.64.176 54113 (FASTLY)
2 51.8.64.151 8075 (MICROSOFT...)
1 2 13.74.129.1 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
4 3.5.131.229 16509 (AMAZON-02)
1 52.219.220.138 16509 (AMAZON-02)
38 15
5    108.138.7.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-81.fra56.r.cloudfront.net
bubble.merchpals.com
5    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    18.66.122.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-112.fra60.r.cloudfront.net
web-sdk.smartlook.com
2    2620:1ec:bdf::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
5    23.213.161.197 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-213-161-197.deploy.static.akamaitechnologies.com
analytics.tiktok.com
2    151.101.128.176 (San Francisco, United States)

ASN54113 (FASTLY, US)
js.stripe.com
3    3.129.241.196 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-129-241-196.us-east-2.compute.amazonaws.com
api.merchpals.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    151.101.64.176 (San Francisco, United States)

ASN54113 (FASTLY, US)
js.stripe.com
2    51.8.64.151 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
h.clarity.ms
2    13.74.129.1 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
4    3.5.131.229 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com
mp-design-uploads.s3.us-east-2.amazonaws.com
1    52.219.220.138 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-1-r-w.amazonaws.com
merchpals-storage.s3.us-west-1.amazonaws.com
Apex Domain
Subdomains		 Transfer
8 merchpals.com
bubble.merchpals.com
api.merchpals.com
3 MB
6 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 743
h.clarity.ms — Cisco Umbrella Rank: 19572
c.clarity.ms — Cisco Umbrella Rank: 1434
28 KB
5 amazonaws.com
mp-design-uploads.s3.us-east-2.amazonaws.com
merchpals-storage.s3.us-west-1.amazonaws.com
668 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 787
142 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
6 KB
4 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1638
151 KB
2 gstatic.com
fonts.gstatic.com
73 KB
2 smartlook.com
web-sdk.smartlook.com — Cisco Umbrella Rank: 25979
27 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 224
764 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2355
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
95 KB
38 11
Domain Requested by
5 analytics.tiktok.com bubble.merchpals.com
analytics.tiktok.com
5 fonts.googleapis.com bubble.merchpals.com
5 bubble.merchpals.com bubble.merchpals.com
4 mp-design-uploads.s3.us-east-2.amazonaws.com
4 js.stripe.com bubble.merchpals.com
js.stripe.com
3 api.merchpals.com bubble.merchpals.com
2 c.clarity.ms 1 redirects
2 h.clarity.ms analytics.tiktok.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.clarity.ms bubble.merchpals.com
www.clarity.ms
2 web-sdk.smartlook.com bubble.merchpals.com
web-sdk.smartlook.com
1 merchpals-storage.s3.us-west-1.amazonaws.com bubble.merchpals.com
1 c.bing.com 1 redirects
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com bubble.merchpals.com
38 15

This site contains links to these domains. Also see Links.

Domain
merchpals.com
Subject Issuer Validity Valid
merchpals.com
Amazon RSA 2048 M03		 2023-10-31 -
2024-11-29		 a year crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
web-sdk.smartlook.com
Amazon RSA 2048 M02		 2024-06-13 -
2025-07-12		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-06-21 -
2024-09-19		 3 months crt.sh
api.merchpals.com
Amazon RSA 2048 M02		 2024-02-28 -
2025-03-29		 a year crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
*.s3.us-east-2.amazonaws.com
Amazon RSA 2048 M01		 2024-02-29 -
2025-02-12		 a year crt.sh
*.s3-us-west-1.amazonaws.com
Amazon RSA 2048 M01		 2024-06-10 -
2025-05-20		 a year crt.sh

This page contains 3 frames:

Primary Page: https://bubble.merchpals.com/
Frame ID: 16B7154DD9E26D481DF2305CC88F2614
Requests: 36 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-6a259ce9c1cfd6bc93b8b95f1a5f50b3.html
Frame ID: 67477A2947F6CD3166CB4B1B51991EAE
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: B30EF2A16505E8CE220C47A415CD5C93
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Merchpals

Page URL History Show full URLs

  1. http://bubble.merchpals.com/ HTTP 307
    https://bubble.merchpals.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

38
Requests

97 %
HTTPS

38 %
IPv6

11
Domains

15
Subdomains

15
IPs

3
Countries

3994 kB
Transfer

5172 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bubble.merchpals.com/ HTTP 307
    https://bubble.merchpals.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=C7C0926EAC0F44AFA1E10A850852939F&RedC=c.clarity.ms&MXFR=359B3953378668062DCF2DE0338666CA HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C7C0926EAC0F44AFA1E10A850852939F&MUID=3D47F5C7FA5363040602E174FBD862CC

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bubble.merchpals.com/
Redirect Chain
  • http://bubble.merchpals.com/
  • https://bubble.merchpals.com/
3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bubble.merchpals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-81.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7bd687f971515f57487a7681aa32954324d3831127cddea0552e5f4ecc1babeb

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
42687
content-length
3486
content-type
text/html
date
Fri, 05 Jul 2024 11:03:16 GMT
etag
"935a8741436d8241aa115b89b9a0901a"
last-modified
Tue, 26 Mar 2024 04:30:56 GMT
server
AmazonS3
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
x-amz-cf-id
R3A-fe_agOjgXdMlh-VKZ2OdcTS8xp11RsSiM0dGBAgQZ-Ospx2KBA==
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
x-amz-version-id
TZg53Kd1Ok35RPfppNy255LlDmb17kyv
x-cache
Hit from cloudfront

Redirect headers

Location
https://bubble.merchpals.com/
Non-Authoritative-Reason
HttpsUpgrades
css2
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,700;1,700&display=swap
Requested by
Host: bubble.merchpals.com
URL: https://bubble.merchpals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e221402e7da187f8a92cdc29f490fa04489895fee204895bee86a7fcdcb5d23d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bubble.merchpals.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 Jul 2024 22:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 Jul 2024 22:54:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Jul 2024 22:54:42 GMT
css2
fonts.googleapis.com/ 		2 KB
557 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Manjari:wght@100;400&display=swap
Requested by
Host: bubble.merchpals.com
URL: https://bubble.merchpals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ff9709fe8ec7f8453c4a524fd02412a793846797c79043856b0231673a8a05eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bubble.merchpals.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 Jul 2024 22:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 Jul 2024 22:54:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Jul 2024 22:54:42 GMT
css2
fonts.googleapis.com/ 		3 KB
705 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Manjari:wght@100;400&family=Quicksand:wght@700&display=swap
Requested by
Host: bubble.merchpals.com
URL: https://bubble.merchpals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4690595d31e25411fdbafeb94725981d36221bbcd7354d16f11214d5b076fa7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bubble.merchpals.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 Jul 2024 22:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 Jul 2024 22:54:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Jul 2024 22:54:42 GMT
js
www.googletagmanager.com/gtag/ 		276 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XCNWBTZ46J
Requested by
Host: bubble.merchpals.com
URL: https://bubble.merchpals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
49b55c2e197547649ec68dad9f231f776a23965c01c421f7effaeedff152c80e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bubble.merchpals.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 22:54:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97318
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 05 Jul 2024 22:54:43 GMT
main.de3898b1.js
bubble.merchpals.com/static/js/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://bubble.merchpals.com/static/js/main.de3898b1.js
Requested by
Host: bubble.merchpals.com
URL: https://bubble.merchpals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-81.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9e3d00e6ba48d9bd7243a0021fac25660e9c2bbfaaae6a2f91f4c1b27022873

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bubble.merchpals.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
CXjy3JCaPL85xN1OuLN2EA2Gskh6h72X
date
Fri, 05 Jul 2024 22:54:42 GMT
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
last-modified
Tue, 26 Mar 2024 04:30:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
10533
x-amz-server-side-encryption
AES256
etag
"4bb41f0f656e7e04b60a0a6338d7a29e"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2425730
x-amz-cf-id
XXHMXfJ2ITY7ZEpv7e4cpJzO-zox4b1Yrq-OLMmhwzXOd7iw426CQw==
main.b300b240.css
bubble.merchpals.com/static/css/ 		339 KB
340 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bubble.merchpals.com/static/css/main.b300b240.css
Requested by
Host: bubble.merchpals.com
URL: https://bubble.merchpals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-81.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b255f5e8516fbac1530d8977da69dd9212d4661b45d7fe09baee417d7412be81

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bubble.merchpals.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 03:33:12 GMT
x-amz-version-id
Lyj7bfC7eZBCq7o2DgSqR1flzOfgmzCw
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
last-modified
Tue, 26 Mar 2024 04:30:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
69691
etag
"08f813819909430cb8809b4b3d06de38"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
347161
x-amz-cf-id
KJx5gloQs7qmUkUwmnyK5PtAMPEtmlR7Kt1Hu15mFK6D-fptaiakig==
recorder.js
web-sdk.smartlook.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-sdk.smartlook.com/recorder.js
Requested by
Host: bubble.merchpals.com
URL: https://bubble.merchpals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-112.fra60.r.cloudfront.net
Software
/
Resource Hash
6aa14e18a17983c42256f2ac221339dd4a795f1407ae4db99095892a30ef8ddf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bubble.merchpals.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000, max-age=31536000
content-encoding
br
x-content-type-options
nosniff
date
Fri, 05 Jul 2024 22:49:41 GMT
via
1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
303
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 25 Jun 2024 11:36:12 GMT
etag
W/"667aabac-17d1"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
public, max-age=600
x-amz-cf-id
Gq4m-cQL4yPh_i6hsL0UJXzbONCKy9YHxQh-IwwmccGdHXYCy_3enA==
dvd3cfwafh
www.clarity.ms/tag/ 		705 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/dvd3cfwafh
Requested by
Host: bubble.merchpals.com
URL: https://bubble.merchpals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c64e07f2eaf072840b66673b503572d5158d6bcd57d59c54886004c6039d2481

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bubble.merchpals.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Fri, 05 Jul 2024 22:54:43 GMT
x-azure-ref
20240705T225443Z-r195c4c79d9mjxl7c7e9bupdd0000000012g00000000ar5a
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
705
request-context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
events.js
analytics.tiktok.com/i18n/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CDK6MNBC77UDCMKM498G&lib=ttq
Requested by
Host: bubble.merchpals.com
URL: https://bubble.merchpals.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.197 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-197.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b4dd205bc1056b5c131bd9483b23e279d7f77c8b900f2bf33b3574ed671c96bd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bubble.merchpals.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
24773804.2accf901
date
Fri, 05 Jul 2024 22:54:43 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-2407052254432A4D8CD0E9F748FEFE18-0B60F8555DC4E134-00
x-cache
TCP_MISS from a23-213-160-197.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time
96,23.213.160.197
server-timing
cdn-cache; desc=MISS, edge; dur=87, origin; dur=9, inner; dur=3
content-length
2104
pragma
no-cache
server
nginx
x-tt-logid
202407052254432A4D8CD0E9F748FEFE18
x-cache-remote
TCP_MISS from a23-52-15-108.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
9,23.52.15.108
x-tt-trace-host
01a556e22e7f8dd2a67f749cf9f635e2e520ef497ffc25997b294e175bec1e66f6c9c5ede38f8afbf692b6c1802b8eaebd73d9ae6ec8cd6d4399ee35f21d41bfecb2735f2090cac723b41c3feb5d9c4fcfacad73f35a6f6a0e092dd17dc23506e783320492c00f79a2247de269c7c67649
expires
Fri, 05 Jul 2024 22:54:43 GMT
css2
fonts.googleapis.com/ 		70 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&family=Public+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Requested by
Host: bubble.merchpals.com
URL: https://bubble.merchpals.com/static/css/main.b300b240.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5f4e28bb833c8bd0bd89baec8d345c45ec941d3950c444a7f1d4664c649812cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bubble.merchpals.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 Jul 2024 22:54:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 Jul 2024 22:54:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Jul 2024 22:54:43 GMT
css2
fonts.googleapis.com/ 		28 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@100;200;300;400;500;600;700&display=swap
Requested by
Host: bubble.merchpals.com
URL: https://bubble.merchpals.com/static/css/main.b300b240.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
90787ca0e77942034765d1f69eff786ed8fbb616ed49ba6fbc8e9f56207c579e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bubble.merchpals.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 05 Jul 2024 22:54:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 05 Jul 2024 22:54:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 05 Jul 2024 22:54:43 GMT
init.bc9dc53d857ca1fe3be2.js
web-sdk.smartlook.com/es6/ 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-sdk.smartlook.com/es6/init.bc9dc53d857ca1fe3be2.js
Requested by
Host: web-sdk.smartlook.com
URL: https://web-sdk.smartlook.com/recorder.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.122.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-112.fra60.r.cloudfront.net
Software
/
Resource Hash
c3400885a5c39e4e4d7c1594880a9bc570e088963aa0cefb145e4561a2ff368e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bubble.merchpals.com/
Origin
https://bubble.merchpals.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 26 Jun 2024 10:30:29 GMT
strict-transport-security
max-age=31536000, max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
age
822254
x-amz-cf-pop
FRA60-P2
via
1.1 3072267d18c4d0ed9e535752800364e0.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 25 Jun 2024 11:36:12 GMT
etag
W/"667aabac-119c7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
hc3XowixeMZjLi2drjI8Ij8J3623Z6bhFRx-jIpRK6YVou6DOJXiFA==
main.MWU2NDEzYzJiMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		344 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CDK6MNBC77UDCMKM498G&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.197 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-197.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8b5eaf40218075cea5deeb7f5b1f281030c970a307707acb1a2057518c64a902

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bubble.merchpals.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
2accfb93
date
Fri, 05 Jul 2024 22:54:43 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202407021144269FC967F51F2BC77518E2
x-tt-trace-id
00-2407021144269FC967F51F2BC77518E2-525B0E73991DAF0D-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-213-160-197.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
012a59c3d757c0b51ec745046841292235d3d95854d60cba44134be0f396709f63ce5220dcf99b4dd2188d0a06bb57827e5c59bc683bac5500ad6d78f58026b2b31e689f0496ac34aac3cf7dc4319bae997f170bbb8dc1dc932b541818c44b21f33ca8500dcd3a81ba3ab237a72c7bbad9
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length
100273
v3
js.stripe.com/ 		619 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: bubble.merchpals.com
URL: https://bubble.merchpals.com/static/js/main.de3898b1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ce3a2c1f166951c17a773f8a1e503d7a416d5430854edf0ad5ea1460bfd92672
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bubble.merchpals.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 05 Jul 2024 22:54:43 GMT
via
1.1 varnish
age
35
x-cache
HIT
content-length
154096
x-request-id
bcad3173-b5e1-46f9-bca0-228ada40a9cf
x-served-by
cache-fra-etou8220063-FRA
last-modified
Wed, 03 Jul 2024 20:43:00 GMT
server
Fastly
etag
"16095b208fce1f9394656811fb5b307e"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
5
products
api.merchpals.com/api/v2/store/ 		37 B
943 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.merchpals.com/api/v2/store/products
Requested by
Host: bubble.merchpals.com
URL: https://bubble.merchpals.com/static/js/main.de3898b1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.129.241.196 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-129-241-196.us-east-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ac3c46eeb781b95872d344623860f0f75c2f3c37bb1abd9ba5294decfe1d279b
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://bubble.merchpals.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 22:54:43 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
37
x-xss-protection
0
referrer-policy
no-referrer
server
nginx/1.20.0
etag
W/"25-Y/9DhNk+fkg6hkvizDVGX7cBV4I"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bubble.merchpals.com
x-download-options
noopen
vary
Origin
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
bubble
api.merchpals.com/api/v2/store/ 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.merchpals.com/api/v2/store/bubble
Requested by
Host: bubble.merchpals.com
URL: https://bubble.merchpals.com/static/js/main.de3898b1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.129.241.196 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-129-241-196.us-east-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
f60808dfb95c9a12c4aed798eb41b0e8a2b6d77db406a2dc90f8824982e4a7ab
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://bubble.merchpals.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 22:54:43 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
3742
x-xss-protection
0
referrer-policy
no-referrer
server
nginx/1.20.0
etag
W/"e9e-dAjn/sGpIO3kIsZfVu3fSAExfxo"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bubble.merchpals.com
x-download-options
noopen
vary
Origin
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
refresh
api.merchpals.com/api/v2/token/ 		37 B
941 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.merchpals.com/api/v2/token/refresh
Requested by
Host: bubble.merchpals.com
URL: https://bubble.merchpals.com/static/js/main.de3898b1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.129.241.196 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-129-241-196.us-east-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ac3c46eeb781b95872d344623860f0f75c2f3c37bb1abd9ba5294decfe1d279b
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://bubble.merchpals.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 22:54:43 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
37
x-xss-protection
0
referrer-policy
no-referrer
server
nginx/1.20.0
etag
W/"25-Y/9DhNk+fkg6hkvizDVGX7cBV4I"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://bubble.merchpals.com
x-download-options
noopen
vary
Origin
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
visa.png
bubble.merchpals.com/assets/img/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bubble.merchpals.com/assets/img/visa.png
Requested by
Host: bubble.merchpals.com
URL: https://bubble.merchpals.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-81.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94caa4697b6f7d61830e069b20c6336f9d17f0533989b1e5c2d272872901829e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bubble.merchpals.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 14:55:14 GMT
x-amz-version-id
yjBySdxLXDPuT8YKNt.GTgr_Yg.iILA6
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
last-modified
Tue, 26 Mar 2024 04:30:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
28770
etag
"332606f969cc85f889459db089d8d392"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
18911
x-amz-cf-id
J5LCpZ9vW318degt6Zv6P3rzqkuho3fW8EsZ0hMR1HG4nNrtDGLG8A==
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-XCNWBTZ46J&gtm=45je4730v867941817za200&_p=1720220082960&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1210352982.1720220083&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720220083&sct=1&seg=0&dl=https%3A%2F%2Fbubble.merchpals.com%2F&dt=Merchpals&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=789&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XCNWBTZ46J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bubble.merchpals.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 05 Jul 2024 22:54:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://bubble.merchpals.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.34/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.34/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/dvd3cfwafh
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fffc6ed23cfeabaaace717503bfabd907816869c8c5ff38a2127b8284e8c5988

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bubble.merchpals.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 22:54:43 GMT
content-encoding
br
last-modified
Thu, 23 May 2024 23:20:12 GMT
etag
W/"0x8DC7B7EE5574D78"
vary
Accept-Encoding
x-azure-ref
20240705T225443Z-r195c4c79d9mjxl7c7e9bupdd0000000012g00000000ar5r
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
7ac5d56f-501e-0064-62d1-cedf43000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2
fonts.gstatic.com/s/publicsans/v15/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/publicsans/v15/ijwRs572Xtc6ZYQws9YVwnNGfJ4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&family=Public+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
432501d7bf47b128295c61f72eeee2e5c2d33755f85db43ba89188408ab9389d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://bubble.merchpals.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:59:09 GMT
x-content-type-options
nosniff
age
287734
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26244
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:34:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Jul 2025 14:59:09 GMT
identify_ce1d8843.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.197 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-197.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bubble.merchpals.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
2acd00b5
date
Fri, 05 Jul 2024 22:54:43 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202405211400009F19F3F262ADB0F2F94C
x-tt-trace-id
00-2405211400009F19F3F262ADB0F2F94C-4777DC948454243B-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-213-160-197.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0164d4df9127cd0260f8a4d34aa07b9aa9f371a909ebd4d6ca565c8a7d59062b9761b58c53aeab233271348eb425c6f751b243a09cac72fa7be95a444412353403240d0302b3219e337457d9570807f6b4cbc7dfa2f3740b0370a3b91e10e7b7f6
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length
39700
pixel
analytics.tiktok.com/api/v2/ 		0
844 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.197 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-197.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://bubble.merchpals.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
70eb9459.2acd00b6
date
Fri, 05 Jul 2024 22:54:43 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240705225443FB68C7F3CFF75483A2A7-22A725FB590321C6-00
x-cache
TCP_MISS from a23-213-160-197.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time
128,23.213.160.197
server-timing
cdn-cache; desc=MISS, edge; dur=110, origin; dur=28, inner; dur=25
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240705225443FB68C7F3CFF75483A2A7
x-cache-remote
TCP_MISS from a23-52-15-101.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
28,23.52.15.101
x-tt-trace-host
01a556e22e7f8dd2a67f749cf9f635e2e520ef497ffc25997b294e175bec1e66f6ac0f3760278db75e9fe1c1501174eb43198b3e16cad9d2d8af730d7a5a0424d6911815019ec3538f333cac5213c8d9397e5431c17f34db745a409383b8da8f3e54a8cda181784c5dc8673030957971cc
access-control-allow-headers
Authorization,*
expires
Fri, 05 Jul 2024 22:54:43 GMT
controller-with-preconnect-6a259ce9c1cfd6bc93b8b95f1a5f50b3.html
js.stripe.com/v3/ Frame 6747 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-with-preconnect-6a259ce9c1cfd6bc93b8b95f1a5f50b3.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://bubble.merchpals.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
45
cache-control
max-age=60, stale-while-revalidate=900
content-encoding
br
content-length
402
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 05 Jul 2024 22:54:43 GMT
etag
"6a259ce9c1cfd6bc93b8b95f1a5f50b3"
last-modified
Wed, 03 Jul 2024 20:04:08 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
12
x-content-type-options
nosniff
x-request-id
f91fa2c0-61cf-4599-bab2-b3d797b8d0b0
x-served-by
cache-fra-etou8220095-FRA
collect
h.clarity.ms/ 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.clarity.ms/collect
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMQ.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.8.64.151 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://bubble.merchpals.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://bubble.merchpals.com
Date
Fri, 05 Jul 2024 22:54:43 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
act
analytics.tiktok.com/api/v2/pixel/ 		0
846 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.197 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-197.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://bubble.merchpals.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
429832cd.2acd0450
date
Fri, 05 Jul 2024 22:54:43 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240705225443251A778BDDCB851F47BC-491C19C29F2EFBA5-00
x-cache
TCP_MISS from a23-213-160-197.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time
124,23.213.160.197
server-timing
cdn-cache; desc=MISS, edge; dur=111, origin; dur=25, inner; dur=22
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240705225443251A778BDDCB851F47BC
x-cache-remote
TCP_MISS from a23-218-222-75.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
25,23.218.222.75
x-tt-trace-host
01a556e22e7f8dd2a67f749cf9f635e2e520ef497ffc25997b294e175bec1e66f6cd615b5675c71fd35f62e2503a947f48ef40c197925e1e4f31dfc2d5cae788bf2de804296402772436e1d005ad1bc9a6ff8705373ef48487125f985d774e1f3a0a7f0f7a03fba292ec3bda51a37cab50
access-control-allow-headers
Authorization,*
expires
Fri, 05 Jul 2024 22:54:43 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=C7C0926EAC0F44AFA1E10A850852939F&RedC=c.clarity.ms&MXFR=359B3953378668062DCF2DE0338666CA
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C7C0926EAC0F44AFA1E10A850852939F&MUID=3D47F5C7FA5363040602E174FBD862CC
42 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C7C0926EAC0F44AFA1E10A850852939F&MUID=3D47F5C7FA5363040602E174FBD862CC
Protocol
H2
Server
13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://bubble.merchpals.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jul 2024 22:54:43 GMT
last-modified
Tue, 25 Jun 2024 19:30:12 GMT
server
Microsoft-IIS/10.0
etag
"7473f1936c7da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 05 Jul 2024 22:54:43 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4249F2189AE04470848CFF086DB70698 Ref B: FRA31EDGE0519 Ref C: 2024-07-05T22:54:44Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C7C0926EAC0F44AFA1E10A850852939F&MUID=3D47F5C7FA5363040602E174FBD862CC
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame B30E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://bubble.merchpals.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2499381
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 05 Jul 2024 22:54:43 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 11 Nov 2022 20:25:37 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
278099
x-content-type-options
nosniff
x-request-id
3a8e6d3f-4ee4-4109-a947-4aee1e478f5b
x-served-by
cache-fra-etou8220095-FRA
front-medium.png
mp-design-uploads.s3.us-east-2.amazonaws.com/39ead8a3-2fb2-45a3-ad34-3a8f8927e586/ 		165 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mp-design-uploads.s3.us-east-2.amazonaws.com/39ead8a3-2fb2-45a3-ad34-3a8f8927e586/front-medium.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.5.131.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
5002ec851fc83da16ca02a6cca5950acee2baa9983aac084112e8875f5d7b674

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bubble.merchpals.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Jul 2024 22:54:45 GMT
x-amz-version-id
vU_nAV7ctetpXfsqs6LALp4ByJdYugmS
Last-Modified
Fri, 28 Jun 2024 05:38:07 GMT
Server
AmazonS3
x-amz-request-id
FB6W8VA9J1S6CP63
ETag
"d3413fcfabf926f9fc74c9c87ff94027"
x-amz-server-side-encryption
AES256
Content-Type
application/x-www-form-urlencoded
Accept-Ranges
bytes
Content-Length
169310
x-amz-id-2
qcDaHDo82LOXynZTrk10wHQEsjL6Quiy+05wW9xtfE0XzLridk5WH9H5oPfJQhJF8ZfQHYosylqvAoYeq73+fYIm3K+3enusMapjWtM0BMU=
logo.png
mp-design-uploads.s3.us-east-2.amazonaws.com/2c1ae21b-042a-4d9e-b548-1fbc27804db3/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mp-design-uploads.s3.us-east-2.amazonaws.com/2c1ae21b-042a-4d9e-b548-1fbc27804db3/logo.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.5.131.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
d9ca6f98c3498cf804a5cb222944a545069e96f1f7dea7156b10e2c754b90419

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bubble.merchpals.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Jul 2024 22:54:45 GMT
x-amz-version-id
K0PTbNWbgTRFDFbwzb2kkyi6LgISAtF7
Last-Modified
Fri, 05 Jul 2024 00:15:58 GMT
Server
AmazonS3
x-amz-request-id
FB6X0F3TC4YQBSEP
ETag
"ab29e1ab999e34ffaa7332681911f812"
x-amz-server-side-encryption
AES256
Content-Type
application/x-www-form-urlencoded
Accept-Ranges
bytes
Content-Length
56232
x-amz-id-2
z8eGyDZ6qPs+ap3T/DvOVY6Dac+Cq+Mzj6mGvqNypnwgmKegdrd87m9tAu3Ts/hk1RQJi+YdAo/udZPNYyHqZcfWE6v9tfD93p3e/xbI9Ac=
beach1a.png
merchpals-storage.s3.us-west-1.amazonaws.com/themes/ 		289 KB
290 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://merchpals-storage.s3.us-west-1.amazonaws.com/themes/beach1a.png
Requested by
Host: bubble.merchpals.com
URL: https://bubble.merchpals.com/static/css/main.b300b240.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.219.220.138 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
d4781b3ac0a503df057ff4a3d99091eff53fef9cae73c3e6744262574a98fee8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bubble.merchpals.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Jul 2024 22:54:45 GMT
Last-Modified
Wed, 16 Nov 2022 00:53:09 GMT
Server
AmazonS3
x-amz-request-id
FB6T1KF24BEE3RRZ
ETag
"be7b089bf16c6184b1faba9d14b91758"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
296114
x-amz-id-2
rUna27bkL5X3ckWyIjCcFTNxHFKnCfsO0x7gCjJP68qSZrsqTKCkt0st14OeGwQ14CB3X/vRM+c=
cover.png
mp-design-uploads.s3.us-east-2.amazonaws.com/2c1ae21b-042a-4d9e-b548-1fbc27804db3/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mp-design-uploads.s3.us-east-2.amazonaws.com/2c1ae21b-042a-4d9e-b548-1fbc27804db3/cover.png
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
3.5.131.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
56adbcf3b2a6b6ef6fa796bd36effc4fbc87e0bdd441fb3e09ea511ae52e863a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bubble.merchpals.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Jul 2024 22:54:45 GMT
x-amz-version-id
FzHkdV6RzOiS6xbaU_Wc7Zt_ZFNBKMvx
Last-Modified
Fri, 05 Jul 2024 00:15:58 GMT
Server
AmazonS3
x-amz-request-id
FB6WAVKBMKSM0STM
ETag
"3904dec538a7dfe4530585b56a01b43b"
x-amz-server-side-encryption
AES256
Content-Type
application/x-www-form-urlencoded
Accept-Ranges
bytes
Content-Length
113152
x-amz-id-2
otT+22/k/iPjofTkaynJ+xkA2/bUUWyKLbqClGZ85RStEyNVXc+yn6JSCU5x5tf2aBuXjoaT4AQEzmwJSsC453uYsUgEnm15qB5wgSG5Prw=
poster.png
mp-design-uploads.s3.us-east-2.amazonaws.com/products/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mp-design-uploads.s3.us-east-2.amazonaws.com/products/poster.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.5.131.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
7f27a86ae905dcbb1a3de6172547cbca1c5e632d7229ee8b5d3a4d346772f7eb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bubble.merchpals.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 05 Jul 2024 22:54:45 GMT
x-amz-version-id
null
Last-Modified
Tue, 22 Mar 2022 08:50:46 GMT
Server
AmazonS3
x-amz-request-id
FB6SNDRBGN129MVZ
ETag
"fb46953803ca687221558fcb5614769a"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
46698
x-amz-id-2
bjuv4AcLdAWCkNh7/losH9lgaeKSlK/r77JBJK4jFe0ZJTuK3xlKTN2akQQh3KemmT8/9PVm/Zv2ElZFv7+9DnFlUXuClbYJpIOyhhDt0fg=
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@100;200;300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://bubble.merchpals.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 22:09:26 GMT
x-content-type-options
nosniff
age
89118
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Jul 2025 22:09:26 GMT
collect
h.clarity.ms/ 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.clarity.ms/collect
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMQ.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.8.64.151 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/x-clarity-gzip
Referer
https://bubble.merchpals.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://bubble.merchpals.com
Date
Fri, 05 Jul 2024 22:54:45 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
logo1.png
bubble.merchpals.com/ 		61 KB
62 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bubble.merchpals.com/logo1.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-81.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e65dcbe22718012951806c7a4c8e869316e3adf172141e386f9719b56d28be3b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bubble.merchpals.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Pb882nM6BUw5EJ6HV9h10aWpNVGozH6E
date
Fri, 05 Jul 2024 22:54:45 GMT
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
last-modified
Tue, 26 Mar 2024 04:30:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
21920
x-amz-server-side-encryption
AES256
etag
"78cc6f97f3e58df56db9e95539bb5665"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
62973
x-amz-cf-id
lr60zeJ022C1Iy4HVnEMCBGzvMRrYCaxbhmOfc56YWaXETPLNdI8dg==
trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
js.stripe.com/v3/fingerprinted/js/ 		176 B
298 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://bubble.merchpals.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 05 Jul 2024 22:54:48 GMT
via
1.1 varnish
age
3269055
x-cache
HIT
content-length
127
x-request-id
553c2af8-42f3-4910-a359-e4b94047964c
x-served-by
cache-fra-etou8220063-FRA
last-modified
Thu, 21 Dec 2023 18:13:43 GMT
server
Fastly
etag
"96f5b26d366f47393b3ff36fe7471474"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
46382

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 undefined| event object| fence object| sharedStorage function| smartlook function| gtag object| dataLayer function| clarity string| TiktokAnalyticsObject object| ttq object| webpackChunk_smartlook_recorder object| webpackChunkfrontend number| 2f1acc6c3a606b082e5eef5e54414ffb object| fabric object| regeneratorRuntime function| IMask function| _ object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| webpackChunkStripeJSouter function| noop function| Stripe

19 Cookies

Domain/Path Name / Value
.tiktok.com/ Name: _ttp
Value: 2iqZUZEMIGmPBwVKTW0s5ACT6Sn
www.clarity.ms/ Name: CLID
Value: 7adafc407af84940b2754732a60ce1ef.20240705.20250705
.merchpals.com/ Name: _ga_XCNWBTZ46J
Value: GS1.1.1720220083.1.0.1720220083.0.0.0
.merchpals.com/ Name: _ga
Value: GA1.1.1210352982.1720220083
.merchpals.com/ Name: _tt_enable_cookie
Value: 1
.merchpals.com/ Name: _ttp
Value: GUcezwScbn18deFgCTziylHYNrb
.merchpals.com/ Name: _clck
Value: dzbygy%7C2%7Cfn7%7C0%7C1647
.merchpals.com/ Name: _clsk
Value: 1eldh51%7C1720220083980%7C1%7C1%7Ch.clarity.ms%2Fcollect
api.merchpals.com/ Name: connect.sid
Value: s%3AHhnJcZdWvpiSL7bSRkQ38YdIgSQeRQfB.5FD0uj%2BNZanPyXtPEyrr7vDttZ9Th2MFDF0Qb7WyJFk
.bing.com/ Name: MUID
Value: 3D47F5C7FA5363040602E174FBD862CC
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 3D47F5C7FA5363040602E174FBD862CC
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 3D47F5C7FA5363040602E174FBD862CC
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
m.stripe.com/ Name: m
Value: aa4fd926-a94d-44bc-8e36-94559a8d6c86d85f0c
.bubble.merchpals.com/ Name: __stripe_mid
Value: 2a48b700-a4d2-4bb3-af72-36f306f4d597c86933
.bubble.merchpals.com/ Name: __stripe_sid
Value: f2005db9-04b3-4523-8a13-bf707c514482dc8fcc

2 Console Messages

Source Level URL
Text
network error URL: https://api.merchpals.com/api/v2/store/products
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://api.merchpals.com/api/v2/token/refresh
Message:
Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
api.merchpals.com
bubble.merchpals.com
c.bing.com
c.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
h.clarity.ms
js.stripe.com
merchpals-storage.s3.us-west-1.amazonaws.com
mp-design-uploads.s3.us-east-2.amazonaws.com
region1.google-analytics.com
web-sdk.smartlook.com
www.clarity.ms
www.googletagmanager.com
108.138.7.81
13.74.129.1
151.101.128.176
151.101.64.176
18.66.122.112
2001:4860:4802:34::36
23.213.161.197
2620:1ec:bdf::60
2620:1ec:c11::237
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:813::200a
3.129.241.196
3.5.131.229
51.8.64.151
52.219.220.138
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
432501d7bf47b128295c61f72eeee2e5c2d33755f85db43ba89188408ab9389d
4690595d31e25411fdbafeb94725981d36221bbcd7354d16f11214d5b076fa7c
49b55c2e197547649ec68dad9f231f776a23965c01c421f7effaeedff152c80e
5002ec851fc83da16ca02a6cca5950acee2baa9983aac084112e8875f5d7b674
56adbcf3b2a6b6ef6fa796bd36effc4fbc87e0bdd441fb3e09ea511ae52e863a
5f4e28bb833c8bd0bd89baec8d345c45ec941d3950c444a7f1d4664c649812cc
6aa14e18a17983c42256f2ac221339dd4a795f1407ae4db99095892a30ef8ddf
7bd687f971515f57487a7681aa32954324d3831127cddea0552e5f4ecc1babeb
7f27a86ae905dcbb1a3de6172547cbca1c5e632d7229ee8b5d3a4d346772f7eb
8b5eaf40218075cea5deeb7f5b1f281030c970a307707acb1a2057518c64a902
90787ca0e77942034765d1f69eff786ed8fbb616ed49ba6fbc8e9f56207c579e
94caa4697b6f7d61830e069b20c6336f9d17f0533989b1e5c2d272872901829e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
ac3c46eeb781b95872d344623860f0f75c2f3c37bb1abd9ba5294decfe1d279b
b255f5e8516fbac1530d8977da69dd9212d4661b45d7fe09baee417d7412be81
b4dd205bc1056b5c131bd9483b23e279d7f77c8b900f2bf33b3574ed671c96bd
c3400885a5c39e4e4d7c1594880a9bc570e088963aa0cefb145e4561a2ff368e
c64e07f2eaf072840b66673b503572d5158d6bcd57d59c54886004c6039d2481
ce3a2c1f166951c17a773f8a1e503d7a416d5430854edf0ad5ea1460bfd92672
d4781b3ac0a503df057ff4a3d99091eff53fef9cae73c3e6744262574a98fee8
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
d9ca6f98c3498cf804a5cb222944a545069e96f1f7dea7156b10e2c754b90419
d9e3d00e6ba48d9bd7243a0021fac25660e9c2bbfaaae6a2f91f4c1b27022873
e221402e7da187f8a92cdc29f490fa04489895fee204895bee86a7fcdcb5d23d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e65dcbe22718012951806c7a4c8e869316e3adf172141e386f9719b56d28be3b
f60808dfb95c9a12c4aed798eb41b0e8a2b6d77db406a2dc90f8824982e4a7ab
ff9709fe8ec7f8453c4a524fd02412a793846797c79043856b0231673a8a05eb
fffc6ed23cfeabaaace717503bfabd907816869c8c5ff38a2127b8284e8c5988