Report - www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1/authenticate?key=582047bd7ac525b46db61d7923ed9e30

Report Overview

Submitted URL
www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1/authenticate?key=582047bd7ac525b46db61d7923ed9e30
IP
23.227.38.74
ASN
#13335 CLOUDFLARENET
Submitted
2022-12-06 02:03:36
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
22

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	349 B	157.240.200.35
maps.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	739 B	2.2 kB	216.58.207.227
checkout.shopify.com	17168	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	515 B	2.6 kB	23.227.38.33
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	804 B	116 kB	31.13.72.12
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
maps.googleapis.com	33876	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	369 B	54 kB	142.250.74.42
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	616 B	713 B	64.233.165.157
b.clarity.ms	3462	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	918 B	580 B	20.75.32.255
www.clarity.ms	1404	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	394 B	635 B	13.107.246.53
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.5 kB	8.9 kB	216.58.211.3
s.pinimg.com	732	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	755 B	23 kB	151.101.84.84
c.clarity.ms	803	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	630 B	20.234.93.27
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	21 kB	142.250.74.110
ct.pinterest.com	852	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	4.4 kB	2.18.172.195
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.4 kB	12 kB	23.36.77.32
www.holycowcanvas.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	6.9 kB	23.227.38.74
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	4.5 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
cdn.shopify.com	2327	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.9 kB	67 kB	162.159.135.68
googleads.g.doubleclick.net	42	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	988 B	1.6 kB	216.58.207.226
s.adroll.com	2553	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	18 kB	143.204.55.84
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	984 B	143.204.42.156
www.knocdn.com	511572	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	440 B	522 B	54.230.111.126
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.212.166.60
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	57 kB	34.120.237.76
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	1.4 kB	216.58.207.228
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	757 B	142.250.74.131
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	972 B	34 kB	216.58.207.227
dttrk.com	59241	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	400 B	2.6 kB	172.67.211.235
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
www.googleadservices.com	107	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	386 B	18 kB	142.250.74.162
holycowcanvas.com.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.4 kB	5.0 kB	72.14.178.174

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-06	medium	holycowcanvas.com.com/store?thank-you	Malware
2022-12-06	medium	holycowcanvas.com.com/store?thank-you	Malware
2022-12-06	medium	holycowcanvas.com.com/store?thank-you	Malware
2022-12-06	medium	holycowcanvas.com.com/store?thank-you	Malware
2022-12-06	medium	holycowcanvas.com.com/store?thank-you	Malware
2022-12-06	medium	holycowcanvas.com.com/store?thank-you	Malware
2022-12-06	medium	holycowcanvas.com.com/store?thank-you	Malware
2022-12-06	medium	holycowcanvas.com.com/store?thank-you	Malware
2022-12-06	medium	holycowcanvas.com.com/store?thank-you	Malware
2022-12-06	medium	holycowcanvas.com.com/store?thank-you	Malware
2022-12-06	medium	holycowcanvas.com.com/store?thank-you	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (47)

	URL	Size	First Seen	Last Seen
	cdn.shopify.com/shopifycloud/shopify/assets/checkout-ed896bd9ba26934f1900c3c0c6012164b6506ab74cc9cc6ceb871bf505edd4f5.js	1.4 MB	2023-03-08	2023-03-11
Pretty URL cdn.shopify.com/shopifycloud/shopify/assets/checkout-ed896bd9ba26934f1900c3c0c6012164b6506ab74cc9cc6ceb871bf505edd4f5.js IP 162.159.135.68 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:21:33 Last Seen2023-03-11 21:57:34 Times Seen1 Hash b1edad9366be75be08e8eba29cdc8938 650ce7775efbcebdb7658d121b49b1dca318521a ed896bd9ba26934f1900c3c0c6012164b6506ab74cc9cc6ceb871bf505edd4f5 Loading...

	www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1	901 B	2023-03-08	2023-03-08
Pretty URL www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1 IP 23.227.38.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:59:43 Last Seen2023-03-08 19:59:43 Times Seen1 Hash 8ecb31ad6fd2386a4b7997c36e6c0ff2 8d59b9084786d41301d022eee7b7606894b4ad0b 7bb31283cd1523356f40687cf2f26d33ec68531b7042d7f64c38cc0892cddbcc Loading...

	connect.facebook.net/en_US/fbevents.js	105 kB	2023-03-08	2023-11-28
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:10 Last Seen2023-11-28 17:55:58 Times Seen32 Hash a6ef7927128284961f4cadd572969f09 57e21033749687e69de710a0be6d4244edf1fe51 d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-20
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-20 17:36:09 Times Seen1522 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	s.pinimg.com/ct/lib/main.9a94ee76.js	60 kB	2023-03-08	2023-08-13
Pretty URL s.pinimg.com/ct/lib/main.9a94ee76.js IP 151.101.84.84 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:33:58 Last Seen2023-08-13 09:32:28 Times Seen4 Hash ae6dc7983625b6533c70584774cc5270 f9725d6cb611692ccc4ec21a4db9d1c1cc6baf5f 77358e88e4d70191891544307a0a8677145d760e51eddef0293111d5a3008683 Loading...

	checkout.shopify.com/1839236/sandbox/google_maps?locale=en-US	252 B	2023-03-08	2023-03-29
Pretty URL checkout.shopify.com/1839236/sandbox/google_maps?locale=en-US IP 23.227.38.33 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:45:06 Last Seen2023-03-29 23:05:19 Times Seen4 Hash bb085ad68dc4a2575a691de33b172c77 75125872cec87d4e8f69b0d173cf067e4dcc775f c212a65daa5fe4f6d28570959e4cf504281465e25de9c2a409ae694aacd626c6 Loading...

	connect.facebook.net/signals/config/1714030572163623?v=2.9.89&r=stable	300 kB	2023-03-08	2023-03-08
Pretty URL connect.facebook.net/signals/config/1714030572163623?v=2.9.89&r=stable IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:59:43 Last Seen2023-03-08 19:59:43 Times Seen1 Hash 145e2011a980f2f9251485d8302265be 2ccaee373a1285c6ea3405c7fd10a5de4c254b11 92cc9c7dda22744a0e88707584613bf99f9c068e30925be1df69ff6d358901ca Loading...

	www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1	272 B	2023-03-07	2024-04-22
Pretty URL www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1 IP 23.227.38.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:53 Last Seen2024-04-22 03:16:34 Times Seen501 Hash e8c88be0f61f9bf2c10279ddd95c01a2 3db48ab7b0576aefb77d2f0139f4c02d682130d2 c9c3f7eab761d2e02f32d27e903f7d773f0109bddee3e72fbb43dd82c5c5863c Loading...

	checkout.shopify.com/1839236/sandbox/google_maps?locale=en-US	626 B	2023-03-08	2023-04-05
Pretty URL checkout.shopify.com/1839236/sandbox/google_maps?locale=en-US IP 23.227.38.33 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:41:32 Last Seen2023-04-05 01:38:36 Times Seen10 Hash 7a913f8fb3f8a659bed51e55d39e52b3 f4c35a0bcc2327dc31990ef27cf5bc21aa0f4ff0 31c7b416411399431a7ae1b1ca161dd450271dae915e01234d3c0bad7f1a4b47 Loading...

	unknown	0 B	2023-03-07	2024-04-23
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-23 16:57:16 Times Seen37022723 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.clarity.ms/eus2/s/0.6.43/clarity.js	55 kB	2023-03-08	2023-10-23
Pretty URL www.clarity.ms/eus2/s/0.6.43/clarity.js IP 13.107.246.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:44 Last Seen2023-10-23 15:37:18 Times Seen9 Hash 441723b72633b1ac9757ad7c63168005 806166ca9ebb5839dd90a5e5c9335e3e0b18c169 cc8a16ce849d72f106bd67187e4b60c20da3093375202bf0b53f23e8f40a8b11 Loading...

	maps.googleapis.com/maps/api/js?client=gme-shopifyinc1&language=en-US	164 kB	2023-03-08	2023-03-08
Pretty URL maps.googleapis.com/maps/api/js?client=gme-shopifyinc1&language=en-US IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:59:43 Last Seen2023-03-08 20:00:44 Times Seen1 Hash 6cf21d2940d9639d44b084e6094ccdf3 0e790ece7da61b8794786c8da176dc6ec4b07b85 6b7af3a12d731e2a89e9eaf39bf167060d511cf6255b62dc13ca7d2618ae56cb Loading...

	maps.googleapis.com/maps-api-v3/api/js/50/12a/marker.js	37 kB	2023-03-08	2023-03-26
Pretty URL maps.googleapis.com/maps-api-v3/api/js/50/12a/marker.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:33:29 Last Seen2023-03-26 06:43:12 Times Seen2 Hash a16acd33251bfb6bfbec77a1b26aced0 1ef72392074521f8eb2019afbd07d5c3e16641c5 226c5ea2586ad46be8cf4bfa1b2607a63f12e157d8bcb1d77529d0127e7e04f6 Loading...

	maps.googleapis.com/maps-api-v3/api/js/50/12a/util.js	170 kB	2023-03-08	2023-10-18
Pretty URL maps.googleapis.com/maps-api-v3/api/js/50/12a/util.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:19 Last Seen2023-10-18 15:23:03 Times Seen16 Hash 0b9b4e5d1bc7a1ae4ca5568310adcc16 8cb5a2a559d5d30b15e5feadea686192f2474462 9c794b1db0cce54971541669b8c23bbe83b3406db2d70eecac666136e6627b93 Loading...

	maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d42.52021971890407&2d-71.01286368065573&2m2&1d42.59861431931361&2d-70.71445842748392&2u13&4sen-US&5e0&6sm%40628000000&7b0&8e0&12e1&13shttps%3A%2F%2Fcheckout.shopify.com%2F1839236%2Fsandbox%2Fgoogle_maps&14b1&callback=_xdc_._x86eeq&client=gme-shopifyinc1&token=15462	17 kB	2023-03-08	2023-03-08
Pretty URL maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d42.52021971890407&2d-71.01286368065573&2m2&1d42.59861431931361&2d-70.71445842748392&2u13&4sen-US&5e0&6sm%40628000000&7b0&8e0&12e1&13shttps%3A%2F%2Fcheckout.shopify.com%2F1839236%2Fsandbox%2Fgoogle_maps&14b1&callback=_xdc_._x86eeq&client=gme-shopifyinc1&token=15462 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:59:43 Last Seen2023-03-08 19:59:43 Times Seen1 Hash 82a5f0775bb5476118651fcefa5b4558 c8c3a039a4f55f6e31383d4a89396c2698fe7a0b 81f45de72f7387493926a6a2b58031b09193ff892e94706f82f89ecfcd9de492 Loading...

	www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1	143 B	2023-03-08	2023-12-30
Pretty URL www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1 IP 23.227.38.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:59:43 Last Seen2023-12-30 21:56:05 Times Seen16 Hash 6c70e83d1719855c54504bd01c0a26ac bebb88e293b73e0063d4e174d6d4adde04d75e0d aa36f7ee7e76bfc7c843b9a287dc41860eb116fb42d16f9199b2ca4ce1d1d5fe Loading...

	cdn.shopify.com/shopifycloud/shopify/assets/shop_qr-1f53501e8ad08edc204b781136461a901672e8838b9408142dbd5469245aed63.js	20 kB	2023-03-08	2023-09-12
Pretty URL cdn.shopify.com/shopifycloud/shopify/assets/shop_qr-1f53501e8ad08edc204b781136461a901672e8838b9408142dbd5469245aed63.js IP 162.159.135.68 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:41:32 Last Seen2023-09-12 16:54:42 Times Seen341 Hash eec3c7e8c2975172a3ffe87041cc8c32 5683ea868b829c660228d37139589998784739dd 1f53501e8ad08edc204b781136461a901672e8838b9408142dbd5469245aed63 Loading...

	www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1	217 B	2023-03-08	2023-03-08
Pretty URL www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1 IP 23.227.38.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:59:43 Last Seen2023-03-08 19:59:43 Times Seen1 Hash d865671cdce09cca1e94329a529e44f0 b090da7656c2c0da1e72af1399bfeffd6cc76cd3 e3a8ced9a00b1589271c15fff3080876be6e09a6a96f8bdf61769b2d4fc55ab8 Loading...

	www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1	7.2 kB	2023-03-08	2023-03-08
Pretty URL www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1 IP 23.227.38.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:59:43 Last Seen2023-03-08 19:59:43 Times Seen1 Hash 017cf6695565f30faf270b19ecd78f69 cd6799162d89a1ef9c66ef8b2a4394f59d409574 8679aac2ae14bff879d82c443be8346fde4dcc3faae13adf5e9a25ebe40ca308 Loading...

	cdn.shopify.com/s/trekkie.storefront.bda8ec308b82321919119254e66bcab8fb5d8208.min.js	82 kB	2023-03-08	2023-09-04
Pretty URL cdn.shopify.com/s/trekkie.storefront.bda8ec308b82321919119254e66bcab8fb5d8208.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:43 Last Seen2023-09-04 20:11:55 Times Seen2 Hash 33458d0628e2edf6acf402a74822f960 003b1e498319e807bab4c08d7f078f34c3b8d040 6a9448e341e8f291d6b61962d53d440f77b449cdbc4fbd9bdfc7a1d7f2a15f8a Loading...

	maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fcheckout.shopify.com%2F1839236%2Fsandbox%2Fgoogle_maps&2sgme-shopifyinc1&7m1&1e0&8b0&callback=_xdc_._yw2jt0&client=gme-shopifyinc1&token=43809	62 B	2023-03-08	2023-03-08
Pretty URL maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fcheckout.shopify.com%2F1839236%2Fsandbox%2Fgoogle_maps&2sgme-shopifyinc1&7m1&1e0&8b0&callback=_xdc_._yw2jt0&client=gme-shopifyinc1&token=43809 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:59:43 Last Seen2023-03-08 19:59:43 Times Seen1 Hash 6ac4ea1ab371b1f3e46f8044e3a3ee15 c6432adb6bc49fa506cb1224b0bb7405fa03b832 20124839fd281d2663663c3a03e649323cd4fa8fa3cef32b33d28d3048b0c7da Loading...

	maps.googleapis.com/maps-api-v3/api/js/50/12a/controls.js	89 kB	2023-03-08	2023-08-03
Pretty URL maps.googleapis.com/maps-api-v3/api/js/50/12a/controls.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:33:29 Last Seen2023-08-03 23:30:58 Times Seen4 Hash 4eb494966898118d31a7c9e52946d65d 2001de310a571403d4b8b86c458acacbf791f758 2b183cf32095a0c1d998698ebbe721157d87da0f50d71f5283af603e78949444 Loading...

	www.googleadservices.com/pagead/conversion.js	46 kB	2023-03-08	2023-03-12
Pretty URL www.googleadservices.com/pagead/conversion.js IP 142.250.74.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:59:43 Last Seen2023-03-12 14:32:57 Times Seen1 Hash 9cdfece004275f945b074de4b8a0700c ede6c2b945f396ddadd66798b2936724f9529062 ebcd43274f956ef6d5c0f690695cc56c35a3a77180c9d1b80791febe4e27f601 Loading...

	www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1	364 B	2023-03-08	2024-04-18
Pretty URL www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1 IP 23.227.38.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:41:32 Last Seen2024-04-18 14:45:30 Times Seen201 Hash 9d9eac85d967ea3fcb18a9d99385daae 740da00e37224b750236001f31f77f1f655725e0 570d5001f2e32b41111669b98e6e72ccd331a08c9da8ec7661223e912bfe50e0 Loading...

	maps.googleapis.com/maps-api-v3/api/js/50/12a/infowindow.js	8.2 kB	2023-03-08	2023-03-14
Pretty URL maps.googleapis.com/maps-api-v3/api/js/50/12a/infowindow.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:33:29 Last Seen2023-03-14 01:26:02 Times Seen1 Hash 6a8fb7bbe6afcf51eab00c54c3fd2582 a7d5a4bb42359f5770e4f455c107754e207b6461 3709cd6b8defb1437aab149ce858679cead64a1b943a4a342af26409e1a473e7 Loading...

	maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fcheckout.shopify.com%2F1839236%2Fsandbox%2Fgoogle_maps&2sgme-shopifyinc1&7sbkuqij&10e1&11b0&callback=_xdc_._xs8087&client=gme-shopifyinc1&token=93725	62 B	2023-03-08	2023-03-08
Pretty URL maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fcheckout.shopify.com%2F1839236%2Fsandbox%2Fgoogle_maps&2sgme-shopifyinc1&7sbkuqij&10e1&11b0&callback=_xdc_._xs8087&client=gme-shopifyinc1&token=93725 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:59:43 Last Seen2023-03-08 19:59:43 Times Seen1 Hash 07716ccd2853fa0b7c16ff981df3accc 11cd27607969cd06ce562682eae57061ef16a264 cc60644ebae690a39f379207baedc17f423bb96085ca26865e3de2bac71c29c2 Loading...

	cdn.shopify.com/shopifycloud/web-pixels-manager/0.0.177/browser.modern.js	32 kB	2023-03-08	2023-09-04
Pretty URL cdn.shopify.com/shopifycloud/web-pixels-manager/0.0.177/browser.modern.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:43 Last Seen2023-09-04 20:11:55 Times Seen4 Hash d899201642df59c9f8b215ccf3314996 1a93b4431e3a1a17fcdb3822ea33d7ea317f816c 71c25ee396b852a2d2adfc1cbed4931cd68e4e408fa031952374f70c417fa1cc Loading...

	dttrk.com/shopify/track.js?shop=holycowcanvas.myshopify.com	3.4 kB	2023-03-07	2023-05-22
Pretty URL dttrk.com/shopify/track.js?shop=holycowcanvas.myshopify.com IP 172.67.211.235 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:57:21 Last Seen2023-05-22 00:49:12 Times Seen193 Hash 00e4c8baba472b4c1380bdd7f6d5b358 3abfeb606a5a86ff18bbf28c35de7448dae5513e 758307a899b84024df3fad4ee473d375f4a76bdb8392e122be017617198b2394 Loading...

	ct.pinterest.com/ct.html	436 B	2023-03-07	2023-04-05
Pretty URL ct.pinterest.com/ct.html IP 2.18.172.195 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:31 Last Seen2023-04-05 02:11:07 Times Seen676 Hash 59e69030b3eddd557aebcfedf0474a63 66d4f09f9ad02a4c0e28b9c1ecb2a699848dfeb7 6b3ab6e7095925d374e483784bd4beb874b39078c4263063b97d544ffc5457b3 Loading...

	cdn.shopify.com/app/services/1839236/javascripts/checkout_countries/121421529187/en-US/countries-10a7b7c24453b5ebd9c63f04c5eb0bf2a9f35611-0.js?version=edge	105 kB	2023-03-08	2023-03-12
Pretty URL cdn.shopify.com/app/services/1839236/javascripts/checkout_countries/121421529187/en-US/countries-10a7b7c24453b5ebd9c63f04c5eb0bf2a9f35611-0.js?version=edge IP 162.159.135.68 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:47:55 Last Seen2023-03-12 22:04:43 Times Seen1 Hash 6320cbce4adf1b822481d5f271448d7a 370b8c8c6dcff1d74ad5be18365f4783e3c19d84 c72f3a72b9547d350b99329fd54321a440c27b54b15a50a55645c6f8efe86cc2 Loading...

	www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1	1.9 kB	2023-03-08	2023-03-08
Pretty URL www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1 IP 23.227.38.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:59:43 Last Seen2023-03-08 19:59:43 Times Seen1 Hash e60cde75d956a23d92c264fb187576cb 95567a8eac35a8cb277e9fbaee4fee658ad7b4ea d4f94441e367cbcf0bb69101e90c02ccf31959c32a547d0f2e836090bdb07956 Loading...

	maps.googleapis.com/maps-api-v3/api/js/50/12a/map.js	72 kB	2023-03-08	2023-10-18
Pretty URL maps.googleapis.com/maps-api-v3/api/js/50/12a/map.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:33:29 Last Seen2023-10-18 15:23:02 Times Seen10 Hash ebb856aa78e254385c905ef99dea8b0f 6f04f59d232be611bb59b4d70e419b5a3be88984 e2c5d297851e8bda5008eb62a635f08e447690b09390ef71c4fde847e59350f8 Loading...

	maps.googleapis.com/maps-api-v3/api/js/50/12a/common.js	254 kB	2023-03-08	2023-10-18
Pretty URL maps.googleapis.com/maps-api-v3/api/js/50/12a/common.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:45 Last Seen2023-10-18 15:23:03 Times Seen16 Hash 7caaf941be566b5a0ab845ebbe6fa41c 6baa9fd462731f60d53390e8e808bca815601226 b7f6913366b53872adac07cbd9708d54830a578b5a59e6fcb600e32b340fa1bc Loading...

	www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1	414 B	2023-03-08	2023-03-08
Pretty URL www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1 IP 23.227.38.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:59:43 Last Seen2023-03-08 19:59:43 Times Seen1 Hash 75fae75af89335dd65de05d2b73d9b1b 4566a19384a34ab99160571de303604774631926 216d436eb8013a8fbcb5c19592ea666e4481c590a1e2e7492c44cd9610081873 Loading...

	www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1	2.6 kB	2023-03-08	2023-03-08
Pretty URL www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1 IP 23.227.38.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:59:43 Last Seen2023-03-08 19:59:43 Times Seen1 Hash fe0a10e356a765d4dbb162b77ca3cd2c 8c71323148d02f07ebcb1fd197968e199487b482 42f2284bc378e365cea040e21a28112c27b752ac21a282f6e7c04d78094476a0 Loading...

	s.pinimg.com/ct/core.js	1.1 kB	2023-03-08	2023-03-13
Pretty URL s.pinimg.com/ct/core.js IP 151.101.84.84 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:33:58 Last Seen2023-03-13 19:19:46 Times Seen1 Hash 8d9d0550c915347e312e24f00d311e50 cb44712b22cb011b759da4e741b543238839c735 57d73d188a6162bec272876156addbd7b02a2c6941c45653b8d3453e998e0b5b Loading...

	www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1	1.1 kB	2023-03-08	2023-03-08
Pretty URL www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1 IP 23.227.38.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:59:43 Last Seen2023-03-08 19:59:43 Times Seen1 Hash 892c4898c98704d4e56a50152812e4db d0682a30fcabfbcbb0faea10b181668d50db3d95 b583991979c93222ff3c434b1479ca66ce47997af4019fd85a44aa39562bbde2 Loading...

	maps.googleapis.com/maps/vt?pb=!1m4!1m3!1i13!2i2482!3i3023!1m4!1m3!1i13!2i2483!3i3023!1m4!1m3!1i13!2i2484!3i3023!1m4!1m3!1i13!2i2482!3i3024!1m4!1m3!1i13!2i2483!3i3024!1m4!1m3!1i13!2i2484!3i3024!2m3!1e0!2sm!3i628362474!3m17!2sen-US!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!12m4!1e26!2m2!1sstyles!2zcy50OjMzfHMuZTpsfHAudjpvZmY!4e3!12m1!5b1!23i1379903&callback=_xdc_._wg5asw&client=gme-shopifyinc1&token=59710	2.8 kB	2023-03-08	2023-03-08
Pretty URL maps.googleapis.com/maps/vt?pb=!1m4!1m3!1i13!2i2482!3i3023!1m4!1m3!1i13!2i2483!3i3023!1m4!1m3!1i13!2i2484!3i3023!1m4!1m3!1i13!2i2482!3i3024!1m4!1m3!1i13!2i2483!3i3024!1m4!1m3!1i13!2i2484!3i3024!2m3!1e0!2sm!3i628362474!3m17!2sen-US!3sUS!5e18!12m4!1e68!2m2!1sset!2sRoadmap!12m3!1e37!2m1!1ssmartmaps!12m4!1e26!2m2!1sstyles!2zcy50OjMzfHMuZTpsfHAudjpvZmY!4e3!12m1!5b1!23i1379903&callback=_xdc_._wg5asw&client=gme-shopifyinc1&token=59710 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:59:43 Last Seen2023-03-08 19:59:43 Times Seen1 Hash cae3106bb4626514a5975e93faad686a 4b1b324c8e25add9d0e00261bcdf680bacd79b79 861cfa22d92af8124b8999292b491515ce80378763cd1d197403a791f86735a0 Loading...

	maps.googleapis.com/maps-api-v3/api/js/50/12a/onion.js	27 kB	2023-03-08	2023-10-18
Pretty URL maps.googleapis.com/maps-api-v3/api/js/50/12a/onion.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:33:29 Last Seen2023-10-18 15:23:02 Times Seen10 Hash 1eda3efe1b13472fb0f0519a4a8ff5f7 e1d80046fe832cbd7fe78b0343c205e28a40678f 5628a593ca8b146f8da83b134ffab69585549a94799bb0d4ec249479f9bc3204 Loading...

	www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1	309 B	2023-03-08	2023-03-08
Pretty URL www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1 IP 23.227.38.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:59:43 Last Seen2023-03-08 19:59:43 Times Seen1 Hash ed3049b962bbec629fe0693d2a12fc9d 53b02dc42ba7a817dbcbd65ed37b0e63f6f40c3b a6232a7e23f237e503d665677ed4cbef8336249a40e94aa73e41545a11102a0e Loading...

	www.googleadservices.com/pagead/conversion/1007524534/?random=1670292205161&cv=9&fst=1670292205161&num=1&value=160&currency_code=USD&label=vrMZCOuGq2gQtrW24AM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.holycowcanvas.com%2F1839236%2Forders%2F77bb6512c822f3f9fa3e59e5aa23b3b1&tiba=Thank%20you%20Katie!%20-%20Holy%20Cow%20Canvas%20-%20Checkout&hn=www.googleadservices.com&rfmt=3&fmt=4	1.9 kB	2023-03-08	2023-03-08
Pretty URL www.googleadservices.com/pagead/conversion/1007524534/?random=1670292205161&cv=9&fst=1670292205161&num=1&value=160&currency_code=USD&label=vrMZCOuGq2gQtrW24AM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.holycowcanvas.com%2F1839236%2Forders%2F77bb6512c822f3f9fa3e59e5aa23b3b1&tiba=Thank%20you%20Katie!%20-%20Holy%20Cow%20Canvas%20-%20Checkout&hn=www.googleadservices.com&rfmt=3&fmt=4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:59:43 Last Seen2023-03-08 19:59:43 Times Seen1 Hash 412ebc98f5d0ec44ecc9195697e281aa 6550eb12716ad46efbf7c80f1982d8b79abd568d 597e74d62b76e4d3052892342c5164ae90e00c474cd0b23b3fc16eff9d8bd0c6 Loading...

	www.clarity.ms/tag/bb05wi4gl0	2.8 kB	2023-03-08	2023-03-08
Pretty URL www.clarity.ms/tag/bb05wi4gl0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:59:43 Last Seen2023-03-08 19:59:43 Times Seen1 Hash 572721a8931ec88be3086f816f2e7330 1cdc612503c0e25ee467ae6b37f83e41443709ed e181e02fcd23702b8ebc12d685eb5616ced709b301a4d388539418c6bc32966b Loading...

	www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1	730 B	2023-03-08	2023-03-08
Pretty URL www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1 IP 23.227.38.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:59:43 Last Seen2023-03-08 19:59:43 Times Seen1 Hash 4edaf277a4124d4c0713d43f823e82b5 c7a468d35d2d7b388c13648e617ab716429ba9bb 522e6289a7cb348762152b7c62480ab25fa0f626737360f3c02e4360900d57f8 Loading...

	www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1	349 B	2023-03-08	2023-03-08
Pretty URL www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1 IP 23.227.38.74 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:59:43 Last Seen2023-03-08 19:59:43 Times Seen1 Hash d62623bb120cea1a826e8f71eccfbd66 f789fd3396c4d1a13c6da6883f978bed83cf6ca8 d843b8f225efccd6b2ddc556adafbab0bf56f8d7b2cd664a94e9657d3260cbe8 Loading...

	cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js	8.3 kB	2023-03-07	2024-02-14
Pretty URL cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:47 Last Seen2024-02-14 13:18:44 Times Seen8836 Hash 6b8069ce486b54ede24b5fc50520a1be d9c70c45b0857585ce94b03b9bf5e819412830c7 65cd0ba3fcd81a1df33f2510ec5bcf8c0e0958653b50e3965ec972dd638ee13f Loading...

	s.adroll.com/j/roundtrip.js	56 kB	2023-03-08	2023-03-09
Pretty URL s.adroll.com/j/roundtrip.js IP 143.204.55.84 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:43:31 Last Seen2023-03-09 06:08:31 Times Seen1 Hash b1aa61e95e42ee6f3c520b6a2fc39cfa 803efe173ca7a87c665909f8d0e3030d8a250772 c9004ae83e2295bdd8bd45aa3c2114a69e8ebece2d0c9f2bfa834974bd1c1ee5 Loading...

		Size	First Seen	Last Seen
	#1 Write - d41d8cd98f00b204e9800998ecf8427e	0 B	2023-03-07	2024-04-23
Pretty Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-23 16:57:16 Times Seen37022723 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (93)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3502
Expires: Tue, 06 Dec 2022 03:01:46 GMT
Date: Tue, 06 Dec 2022 02:03:24 GMT
Connection: keep-alive

www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1/authenticate?key=582047bd7ac525b46db61d7923ed9e30

23.227.38.74

302 Found

0 B

URL HTTP/1.1
www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1/authenticate?key=582047bd7ac525b46db61d7923ed9e30
IP
23.227.38.74:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1/authenticate?key=582047bd7ac525b46db61d7923ed9e30 HTTP/1.1
Host: www.holycowcanvas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Tue, 06 Dec 2022 02:03:24 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Sorting-Hat-PodId: 285
X-Sorting-Hat-ShopId: 1839236
X-Frame-Options: DENY
Location: https://www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1/authenticate?key=582047bd7ac525b46db61d7923ed9e30
X-Shopify-Stage: production
Content-Security-Policy: frame-ancestors 'none'; report-uri /csp-report?source%5Baction%5D=authenticate&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Forders&source%5Bsection%5D=checkout&source%5Bshop_id%5D=1839236&source%5Buuid%5D=862ff591-a226-43bb-9449-e4c1b1105ee6
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block; report=/xss-report?source%5Baction%5D=authenticate&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Forders&source%5Bsection%5D=checkout&source%5Bshop_id%5D=1839236&source%5Buuid%5D=862ff591-a226-43bb-9449-e4c1b1105ee6
X-Dc: gcp-europe-north1,gcp-us-central1,gcp-us-central1
X-Request-ID: 862ff591-a226-43bb-9449-e4c1b1105ee6
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YaestPwUP4%2BIVphy%2FHZ6pdfMkA9CkEvwvuL3nRF3VXYD4MndSdIwmpk9vKuTcDbFqazn0hetgLG8eHvpqcSftfEbk3BJYnzXrmU59PmiV61ljHFdi4eLeUlHXngFIHeXh6GdGpe0Iw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server-Timing: cfRequestDuration;dur=297.999859
Server: cloudflare
CF-RAY: 775171e41a84b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1872
Cache-Control: max-age=118747
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 02:03:24 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 11:02:31 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 01:20:20 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2584
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5993
Expires: Tue, 06 Dec 2022 03:43:17 GMT
Date: Tue, 06 Dec 2022 02:03:24 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: dcby8y/gLtIbkujkypnSsndn80KQGQhtx1SRQJAOGP3g0S07NcuGvDQAs95fk/73rz0tyNNHIug=
x-amz-request-id: 1FVGXTB2TGGK5DA6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 01:46:55 GMT
age: 989
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
927bf77fdde1136705b21f2e05c3ec09
7f06d4f7e8dd654938e6846a03791210579dcf9b
d4948d7e8656d33316334f67e6bf40b7ee1cf43786b0cc5fc42a96c36e4afb4d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D4948D7E8656D33316334F67E6BF40B7EE1CF43786B0CC5FC42A96C36E4AFB4D"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 06 Dec 2022 08:03:24 GMT
Date: Tue, 06 Dec 2022 02:03:24 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 02:03:24 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
927bf77fdde1136705b21f2e05c3ec09
7f06d4f7e8dd654938e6846a03791210579dcf9b
d4948d7e8656d33316334f67e6bf40b7ee1cf43786b0cc5fc42a96c36e4afb4d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D4948D7E8656D33316334F67E6BF40B7EE1CF43786B0CC5FC42A96C36E4AFB4D"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 06 Dec 2022 08:03:24 GMT
Date: Tue, 06 Dec 2022 02:03:24 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 01:11:20 GMT
cache-control: public,max-age=3600
age: 3124
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1870
Cache-Control: max-age=113677
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 02:03:25 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 09:38:02 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

34.212.166.60

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.212.166.60:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: HBe+z/PovA+wMDp04QmfcA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: st5ns5lW3ZfLqQV2zjBP9hBZNac=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c446a0c33114f1b4aec3d6f2ef405b99
0aaf09592c1f43b4e72a7ec6fbc8b9af4742b566
9a99c00ff4509e10ba73496d354471e5fee71cc04343377374925e6ba1ed8838

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9A99C00FF4509E10BA73496D354471E5FEE71CC04343377374925E6BA1ED8838"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2424
Expires: Tue, 06 Dec 2022 02:43:49 GMT
Date: Tue, 06 Dec 2022 02:03:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c446a0c33114f1b4aec3d6f2ef405b99
0aaf09592c1f43b4e72a7ec6fbc8b9af4742b566
9a99c00ff4509e10ba73496d354471e5fee71cc04343377374925e6ba1ed8838

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9A99C00FF4509E10BA73496D354471E5FEE71CC04343377374925E6BA1ED8838"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2424
Expires: Tue, 06 Dec 2022 02:43:49 GMT
Date: Tue, 06 Dec 2022 02:03:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c446a0c33114f1b4aec3d6f2ef405b99
0aaf09592c1f43b4e72a7ec6fbc8b9af4742b566
9a99c00ff4509e10ba73496d354471e5fee71cc04343377374925e6ba1ed8838

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9A99C00FF4509E10BA73496D354471E5FEE71CC04343377374925E6BA1ED8838"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2424
Expires: Tue, 06 Dec 2022 02:43:49 GMT
Date: Tue, 06 Dec 2022 02:03:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c446a0c33114f1b4aec3d6f2ef405b99
0aaf09592c1f43b4e72a7ec6fbc8b9af4742b566
9a99c00ff4509e10ba73496d354471e5fee71cc04343377374925e6ba1ed8838

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9A99C00FF4509E10BA73496D354471E5FEE71CC04343377374925E6BA1ED8838"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2424
Expires: Tue, 06 Dec 2022 02:43:49 GMT
Date: Tue, 06 Dec 2022 02:03:25 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b01b16fb7e18301251b0a89703e5895a
5237d4cd06bcfc464411fe5cdceaf93d13dcbd83
944a7b4600d41a8ea2fa5acb7ecb8021ecafd9d736a10f968682b3d189b77783

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 02:03:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googleadservices.com/pagead/conversion.js

142.250.74.162

200 OK

17 kB

URL HTTP/2
www.googleadservices.com/pagead/conversion.js
IP
142.250.74.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2772)
Size
17 kB (16823 bytes)
Hash
b7bfb38de42aafcf20ec09cb43f51b2e
2329a485f1e5f5a2fdd8158d335fdd5a2683be55
6391614bdd92fbab896b523130690059cea5159fb598ae07fd89e5c46a2a2da0

HTTP Headers

GET /pagead/conversion.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 06 Dec 2022 02:03:25 GMT
expires: Tue, 06 Dec 2022 02:03:25 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 6351308751113588399
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 16823
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
181b661534dc3f6bbe887293452f685b
bf4e024b51870992b7b41ee50e570bebf4705bfb
4d7472e9a604e69e65040a318534883d14275d6ef7e19c6eb42a8a25099d8eeb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 02:03:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.shopify.com/s/files/1/0183/9236/products/Travel-Map-Vintage-3pMockA_small.jpg?v=1629839342

162.159.135.68

200 OK

4.1 kB

URL HTTP/2
cdn.shopify.com/s/files/1/0183/9236/products/Travel-Map-Vintage-3pMockA_small.jpg?v=1629839342
IP
162.159.135.68:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
4.1 kB (4062 bytes)
Hash
13647ce8237dd55c05613428a1a43249
935a3c8eb7f1ed627d7cc2ca72c9e24dd50a9dc3
0f45775d971936308673178bfa67ac70aa96a8275e4b4987e765c23b244467f6

HTTP Headers

GET /s/files/1/0183/9236/products/Travel-Map-Vintage-3pMockA_small.jpg?v=1629839342 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 02:03:25 GMT
content-type: image/webp
content-length: 4062
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0183/9236/products/Travel-Map-Vintage-3pMockA_small.jpg>; rel="canonical"
source-length: 982929
source-type: image/jpeg
timing-allow-origin: *
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-request-id: 67c24c2b-e7c8-41fd-95be-1ae508577cc0
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-central1
last-modified: Tue, 06 Dec 2022 01:41:52 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2B6rjpyWsaY6mCmX%2BS65uEhRF4xMStCoNV6rq18RlvlJki2ECbkEmsTt2JgjeixLDvT%2BtP%2FeifW4HkY%2BdsXpMmrcw0i34%2FvOK984hkWfFQNz%2BVtlHu%2F1h1B32NNUB6FrUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=347.175, imageryFetch;dur=57.729, imageryProcess;dur=286.660;desc="image", cfRequestDuration;dur=127.000093
server: cloudflare
cf-ray: 775171ed8ee61bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.shopify.com/s/files/1/0183/9236/files/logo_c1838fb8-843c-4a38-879d-1626e3fc8591.png?6117

162.159.135.68

200 OK

6.9 kB

URL HTTP/2
cdn.shopify.com/s/files/1/0183/9236/files/logo_c1838fb8-843c-4a38-879d-1626e3fc8591.png?6117
IP
162.159.135.68:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 406 x 146, 8-bit/color RGBA, non-interlaced\012- data
Size
6.9 kB (6899 bytes)
Hash
3aef46bc3cd6f7d6ba785227187ac0ae
d2ed7c549fab8469f63edd9f74bde22b6c6157f1
3b829d9279480b0c61431511d138e1e79350075de28fee953989bb66d5ff7185

HTTP Headers

GET /s/files/1/0183/9236/files/logo_c1838fb8-843c-4a38-879d-1626e3fc8591.png?6117 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 02:03:25 GMT
content-type: image/png
content-length: 6899
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0183/9236/files/logo_c1838fb8-843c-4a38-879d-1626e3fc8591.png>; rel="canonical"
source-length: 6791
source-type: image/png
timing-allow-origin: *
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-request-id: 20da08a9-6538-4a2f-b123-0703e2a523df
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-central1
last-modified: Wed, 30 Nov 2022 12:21:29 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UrMTJYVUxfQOxZpJkaECawcoAq%2FUc3k9aS3br7pvqi9XpG5wfiKJOSIAwx7WRr2l08vtWd0l5tsXUaYyRVv8zTN60YDOJU5VamK0pOTSop%2BhKswyTH9ioT%2F6sur9hJ3ocQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=874.414, imageryFetch;dur=57.177, imageryProcess;dur=816.503;desc="image", cfRequestDuration;dur=128.000021
server: cloudflare
cf-ray: 775171ed8ee51bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c446a0c33114f1b4aec3d6f2ef405b99
0aaf09592c1f43b4e72a7ec6fbc8b9af4742b566
9a99c00ff4509e10ba73496d354471e5fee71cc04343377374925e6ba1ed8838

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9A99C00FF4509E10BA73496D354471E5FEE71CC04343377374925E6BA1ED8838"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2424
Expires: Tue, 06 Dec 2022 02:43:49 GMT
Date: Tue, 06 Dec 2022 02:03:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3393
Expires: Tue, 06 Dec 2022 02:59:59 GMT
Date: Tue, 06 Dec 2022 02:03:26 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3393
Expires: Tue, 06 Dec 2022 02:59:59 GMT
Date: Tue, 06 Dec 2022 02:03:26 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3393
Expires: Tue, 06 Dec 2022 02:59:59 GMT
Date: Tue, 06 Dec 2022 02:03:26 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F273773ed-3135-47d7-b4ff-5e390a90fecf.jpeg

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F273773ed-3135-47d7-b4ff-5e390a90fecf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5273 bytes)
Hash
49c08cd33e41826af9dd4a8a912e0ddf
bde85bd98858e4b13484a9cc3263b4db7fb5d348
43471e7b4da8e4e58b842d05cb073ef150ff119eaa6890c86162f03a140459cf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F273773ed-3135-47d7-b4ff-5e390a90fecf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5273
x-amzn-requestid: 5ab71aaf-6757-46dc-86fc-0a866958d22f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSz2EqfIAMFqng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e5-15ae9d330e005f547161b4df;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xcEI729NEfORs3fT_fHi-BkyqA1sHl0dA6fAGd9hYkJNePUlM4vKQg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:05:52 GMT
age: 14254
etag: "bde85bd98858e4b13484a9cc3263b4db7fb5d348"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn.shopify.com/app/services/1839236/assets/121421529187/checkout_stylesheet/v2-ltr-edge-fae89129e14e1d1356f2f99f330d146d-6117

162.159.135.68

200 OK

48 kB

URL HTTP/2
cdn.shopify.com/app/services/1839236/assets/121421529187/checkout_stylesheet/v2-ltr-edge-fae89129e14e1d1356f2f99f330d146d-6117
IP
162.159.135.68:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
48 kB (48293 bytes)
Hash
52f41b8bf6421fbec1e5f241abcc60e6
2025085f8164ed6a0531b21b9a86437ac188a782
a34bdd7091cfb6b4c04c76027496492029b255138dd773752c4953b42a3d60cb

HTTP Headers

GET /app/services/1839236/assets/121421529187/checkout_stylesheet/v2-ltr-edge-fae89129e14e1d1356f2f99f330d146d-6117 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 02:03:25 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=31556952, public
link: <https://cdn.shopify.com/app/services/1839236/assets/121421529187/checkout_stylesheet/v2-ltr-edge-fae89129e14e1d1356f2f99f330d146d-6117>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 52690451-296c-4e23-9657-c2950ffd624d
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,us-central1
last-modified: Fri, 02 Dec 2022 17:27:15 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T5UKLFvI7IW17TjRK1e0dy16sHCXRzuZGw0KkMu6hbo2lnMufHrMryVv8abQe7uR%2FrXJkhNwkvJyvGOQlltXeEXiUv6teN7vJjEHDFpCvgxVojjngPP2tAqzLWAL1ElV%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=7204.374, imageryFetch;dur=7203.890, cfRequestDuration;dur=177.000046
server: cloudflare
cf-ray: 775171ed8ee41bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11175 bytes)
Hash
38b97436af942d5eb1111ca7043259a0
0234fe32c84c4711f0619714f3ac6d3db1b717d3
a76a7721355abbaecd5c8cb5218e7e4626dc345eb26e7541c71bf4ceaa7ae5d8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11175
x-amzn-requestid: 9c93ddca-1247-44af-a364-e617f69ace26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzYEnEoAMFa2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e2-7d38ea383725901524bc2ca0;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jqWuNfsDgPOsqxlX2HGJdhXm9GnGC-TBafSbSCrztICFgEwcyqc_iA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:22 GMT
age: 13264
etag: "0234fe32c84c4711f0619714f3ac6d3db1b717d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11352 bytes)
Hash
7f2c354a00ab51d4a41221b6bf191c10
01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4
7d3c8417e1db0db41ceb8b4bf3f506864392dd1ad29319a06a8a6055f6f2ed12

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11352
x-amzn-requestid: 7c3fc7bb-eb1f-46ec-8e92-b6ffc6261848
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwuF1ToAMFiIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d1-7c53152a279f00595b9886bd;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:25 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aYf5d6wAJlPSXVwF5uQXUb1g_65z-v6tInk7IF64bBV-w31d3MKeIQ==
via: 1.1 b6d577696b14c86cbfeb5b3459f38c50.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:23 GMT
age: 13263
etag: "01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8469 bytes)
Hash
2f60a6490f38a772dcd50a1132e98e1b
ff254a1df087d2c157d88a6ef04e395dc49efe5e
653e40becd103cd76cc2f194a87e933e8c548d346f87520fefca3b16430fc4ab

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: c17eff92-da62-4f0f-9e75-2741012ec43a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqFSjoAMFQ6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-61d61d2f0bb01ecb21b809ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i6QasBBRK9APW19sH0DdOipvUJA3gWj0CAMTzt7ejRCOk_V2psz-Xw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:45:47 GMT
age: 15459
etag: "ff254a1df087d2c157d88a6ef04e395dc49efe5e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42536ef2-6e40-4541-ac60-0ff74058daa7.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (15732 bytes)
Hash
b5e953213b7b13b8ee202406147fac52
67a09d8cd23ed444667b225f7fbf4bb17b9f42dd
cf6b2502f0a992148f9401c16a329cae5a6c21fb81f03131f3e69c58bc608110

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42536ef2-6e40-4541-ac60-0ff74058daa7.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15732
x-amzn-requestid: 7467ddb0-b9f9-47e9-ac31-c7599fe45698
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csVIIESBIAMFU6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e689a-79e3f8b66e1cf72f3283ac5b;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:54:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3seQ7H4qrlKKpuIWUobiey92ZMkB4jWqd5v6T6379g0V0y6XdVFvWQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:21 GMT
age: 13265
etag: "67a09d8cd23ed444667b225f7fbf4bb17b9f42dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d9339bfb0393ef6575db48a0481f2556
351fa573fc3ea6626f3258061743cad65e0c4fce
5890254c4fac81ab169d788b9e5f9100f36e1ea2a2a6fe9036c45122aff062b3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 02:03:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

googleads.g.doubleclick.net/pagead/viewthroughconversion/1007524534/?random=75055885&cv=9&fst=1670292205161&num=1&value=160&currency_code=USD&label=vrMZCOuGq2gQtrW24AM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.holycowcanvas.com%2F1839236%2Forders%2F77bb6512c822f3f9fa3e59e5aa23b3b1&tiba=Thank%20you%20Katie!%20-%20Holy%20Cow%20Canvas%20-%20Checkout&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=8KKOY6aVAuuUiM0P0p6ZYA&sscte=1&crd=

216.58.207.226

302 Found

42 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1007524534/?random=75055885&cv=9&fst=1670292205161&num=1&value=160&currency_code=USD&label=vrMZCOuGq2gQtrW24AM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.holycowcanvas.com%2F1839236%2Forders%2F77bb6512c822f3f9fa3e59e5aa23b3b1&tiba=Thank%20you%20Katie!%20-%20Holy%20Cow%20Canvas%20-%20Checkout&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=8KKOY6aVAuuUiM0P0p6ZYA&sscte=1&crd=
IP
216.58.207.226:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/viewthroughconversion/1007524534/?random=75055885&cv=9&fst=1670292205161&num=1&value=160&currency_code=USD&label=vrMZCOuGq2gQtrW24AM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.holycowcanvas.com%2F1839236%2Forders%2F77bb6512c822f3f9fa3e59e5aa23b3b1&tiba=Thank%20you%20Katie!%20-%20Holy%20Cow%20Canvas%20-%20Checkout&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=8KKOY6aVAuuUiM0P0p6ZYA&sscte=1&crd= HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 02:03:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-conversion/1007524534/?random=75055885&cv=9&fst=1670292205161&num=1&value=160&currency_code=USD&label=vrMZCOuGq2gQtrW24AM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.holycowcanvas.com%2F1839236%2Forders%2F77bb6512c822f3f9fa3e59e5aa23b3b1&tiba=Thank%20you%20Katie!%20-%20Holy%20Cow%20Canvas%20-%20Checkout&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=8KKOY6aVAuuUiM0P0p6ZYA&random=2902081568&resp=GooglemKTybQhCsO
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Dec-2022 02:18:28 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 02:03:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2e388f1ab4ec88104f57cf23944ee684
39178c45ed645709cc388d5790b1b58a3272a62f
e33b88f6f77d90b65a8fed943a45623e51f1efbdae401a1652f24be68408dba0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 02:03:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a179b3b6ab78e29169af8cc2363d6280
501cd2871c5b70c56852c6cd0c87f383504ca933
ceecf34d673dd0d910e3622aa0fa8d84fea748592acc796286c4ec5e76fbc170

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4255
Cache-Control: max-age=134784
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 02:03:28 GMT
Etag: "638dfdd1-1d7"
Expires: Wed, 07 Dec 2022 15:29:52 GMT
Last-Modified: Mon, 05 Dec 2022 14:18:57 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

s.pinimg.com/ct/core.js

151.101.84.84

200 OK

1.1 kB

URL HTTP/2
s.pinimg.com/ct/core.js
IP
151.101.84.84:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (1146), with no line terminators
Size
1.1 kB (1146 bytes)
Hash
8d9d0550c915347e312e24f00d311e50
cb44712b22cb011b759da4e741b543238839c735
57d73d188a6162bec272876156addbd7b02a2c6941c45653b8d3453e998e0b5b

HTTP Headers

GET /ct/core.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
etag: "8d9d0550c915347e312e24f00d311e50"
content-type: application/javascript
fastly-restarts: 1
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 86400
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
date: Tue, 06 Dec 2022 02:03:28 GMT
content-length: 1146
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 02:03:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (27340 bytes)
Hash
44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: p1ICjUNWPF6wm6sMc34D26Zf96QOULZsyAnHpAHt2fzaWHYvT0NCNghRf3kPyvq6JElKB3/J93Ftugn258KPGQ==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1904183273
date: Tue, 06 Dec 2022 02:03:28 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.google.com/pagead/1p-conversion/1007524534/?random=75055885&cv=9&fst=1670292205161&num=1&value=160&currency_code=USD&label=vrMZCOuGq2gQtrW24AM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.holycowcanvas.com%2F1839236%2Forders%2F77bb6512c822f3f9fa3e59e5aa23b3b1&tiba=Thank%20you%20Katie!%20-%20Holy%20Cow%20Canvas%20-%20Checkout&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=8KKOY6aVAuuUiM0P0p6ZYA&random=2902081568&resp=GooglemKTybQhCsO

216.58.207.228

302 Found

42 B

URL HTTP/2
www.google.com/pagead/1p-conversion/1007524534/?random=75055885&cv=9&fst=1670292205161&num=1&value=160&currency_code=USD&label=vrMZCOuGq2gQtrW24AM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.holycowcanvas.com%2F1839236%2Forders%2F77bb6512c822f3f9fa3e59e5aa23b3b1&tiba=Thank%20you%20Katie!%20-%20Holy%20Cow%20Canvas%20-%20Checkout&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=8KKOY6aVAuuUiM0P0p6ZYA&random=2902081568&resp=GooglemKTybQhCsO
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-conversion/1007524534/?random=75055885&cv=9&fst=1670292205161&num=1&value=160&currency_code=USD&label=vrMZCOuGq2gQtrW24AM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.holycowcanvas.com%2F1839236%2Forders%2F77bb6512c822f3f9fa3e59e5aa23b3b1&tiba=Thank%20you%20Katie!%20-%20Holy%20Cow%20Canvas%20-%20Checkout&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=8KKOY6aVAuuUiM0P0p6ZYA&random=2902081568&resp=GooglemKTybQhCsO HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 02:03:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/1007524534/?random=75055885&cv=9&fst=1670292205161&num=1&value=160&currency_code=USD&label=vrMZCOuGq2gQtrW24AM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.holycowcanvas.com%2F1839236%2Forders%2F77bb6512c822f3f9fa3e59e5aa23b3b1&tiba=Thank%20you%20Katie!%20-%20Holy%20Cow%20Canvas%20-%20Checkout&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=8KKOY6aVAuuUiM0P0p6ZYA&random=2902081568&resp=GooglemKTybQhCsO&ipr=y&prhg=0
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 06 Dec 2022 00:41:08 GMT
expires: Tue, 06 Dec 2022 02:41:08 GMT
cache-control: public, max-age=7200
age: 4940
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

s.pinimg.com/ct/lib/main.9a94ee76.js

151.101.84.84

200 OK

21 kB

URL HTTP/2
s.pinimg.com/ct/lib/main.9a94ee76.js
IP
151.101.84.84:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (59858), with no line terminators
Size
21 kB (20728 bytes)
Hash
e43867aadc515024dd460d8611098a12
c4fd1b2ace2f8a96a38e4b4996be8d7c46fdfd3f
76d528cb411bf6ff7fd77619aa507bec3bdf7f02063add1d9fe9009088f78d98

HTTP Headers

GET /ct/lib/main.9a94ee76.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "e43867aadc515024dd460d8611098a12"
content-encoding: gzip
content-type: application/javascript
fastly-restarts: 1
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 86400
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
date: Tue, 06 Dec 2022 02:03:28 GMT
content-length: 20728
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a179b3b6ab78e29169af8cc2363d6280
501cd2871c5b70c56852c6cd0c87f383504ca933
ceecf34d673dd0d910e3622aa0fa8d84fea748592acc796286c4ec5e76fbc170

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4255
Cache-Control: max-age=134784
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 02:03:28 GMT
Etag: "638dfdd1-1d7"
Expires: Wed, 07 Dec 2022 15:29:52 GMT
Last-Modified: Mon, 05 Dec 2022 14:18:57 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d33c34994db0a6eb13cd42088ecad0e4
b7f185db6f22551b34840609641df80d724735c9
6018638409279f8b8b053cf37909d67aed3ca257a98d1011cccaf88efb1d6e2d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5756
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 02:03:28 GMT
Last-Modified: Tue, 06 Dec 2022 00:27:32 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

www.google-analytics.com/collect?v=1&_v=j98&a=1110810973&t=pageview&_s=1&dl=https%3A%2F%2Fwww.holycowcanvas.com%2F1839236%2Forders%2F77bb6512c822f3f9fa3e59e5aa23b3b1&dp=%2F1839236%2Forders%2F77bb6512c822f3f9fa3e59e5aa23b3b1&ul=en-us&de=UTF-8&dt=Orders%20-%20Thank%20You&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YGBAgEABBAAAAAgCIAB~&jid=809193024&gjid=506196741&cid=501875342.1670292205&tid=UA-35678871-1&_gid=787302245.1670292205&did=BwiEti&z=1889801488

142.250.74.110

200 OK

35 B

URL HTTP/2
www.google-analytics.com/collect?v=1&_v=j98&a=1110810973&t=pageview&_s=1&dl=https%3A%2F%2Fwww.holycowcanvas.com%2F1839236%2Forders%2F77bb6512c822f3f9fa3e59e5aa23b3b1&dp=%2F1839236%2Forders%2F77bb6512c822f3f9fa3e59e5aa23b3b1&ul=en-us&de=UTF-8&dt=Orders%20-%20Thank%20You&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YGBAgEABBAAAAAgCIAB~&jid=809193024&gjid=506196741&cid=501875342.1670292205&tid=UA-35678871-1&_gid=787302245.1670292205&did=BwiEti&z=1889801488
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /collect?v=1&_v=j98&a=1110810973&t=pageview&_s=1&dl=https%3A%2F%2Fwww.holycowcanvas.com%2F1839236%2Forders%2F77bb6512c822f3f9fa3e59e5aa23b3b1&dp=%2F1839236%2Forders%2F77bb6512c822f3f9fa3e59e5aa23b3b1&ul=en-us&de=UTF-8&dt=Orders%20-%20Thank%20You&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YGBAgEABBAAAAAgCIAB~&jid=809193024&gjid=506196741&cid=501875342.1670292205&tid=UA-35678871-1&_gid=787302245.1670292205&did=BwiEti&z=1889801488 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Mon, 05 Dec 2022 20:43:13 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 19215
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

472 B

URL
ocsp.pki.goog/gts1c3
IP
:0
ASN
#0

File type
data
Size
472 B (472 bytes)
Hash
5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 02:03:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
917d281ca22c901597795b51fd9df338
be0e026d76f26092edfc1f67ea98ddc4a539439a
5f47f5ac32d4c80f29c4a69a830ec9427dd0055fc57973f01f73ec22503cd30c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 02:03:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-35678871-1&cid=501875342.1670292205&jid=809193024&gjid=506196741&_gid=787302245.1670292205&_u=YGBAgEABBAAAAEgCIAB~&z=235876244

64.233.165.157

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-35678871-1&cid=501875342.1670292205&jid=809193024&gjid=506196741&_gid=787302245.1670292205&_u=YGBAgEABBAAAAEgCIAB~&z=235876244
IP
64.233.165.157:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-35678871-1&cid=501875342.1670292205&jid=809193024&gjid=506196741&_gid=787302245.1670292205&_u=YGBAgEABBAAAAEgCIAB~&z=235876244 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Content-Type: text/plain
Content-Length: 0
Origin: https://www.holycowcanvas.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://www.holycowcanvas.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 06 Dec 2022 02:03:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/pagead/1p-conversion/1007524534/?random=75055885&cv=9&fst=1670292205161&num=1&value=160&currency_code=USD&label=vrMZCOuGq2gQtrW24AM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.holycowcanvas.com%2F1839236%2Forders%2F77bb6512c822f3f9fa3e59e5aa23b3b1&tiba=Thank%20you%20Katie!%20-%20Holy%20Cow%20Canvas%20-%20Checkout&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=8KKOY6aVAuuUiM0P0p6ZYA&random=2902081568&resp=GooglemKTybQhCsO&ipr=y&prhg=0

142.250.74.131

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-conversion/1007524534/?random=75055885&cv=9&fst=1670292205161&num=1&value=160&currency_code=USD&label=vrMZCOuGq2gQtrW24AM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.holycowcanvas.com%2F1839236%2Forders%2F77bb6512c822f3f9fa3e59e5aa23b3b1&tiba=Thank%20you%20Katie!%20-%20Holy%20Cow%20Canvas%20-%20Checkout&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=8KKOY6aVAuuUiM0P0p6ZYA&random=2902081568&resp=GooglemKTybQhCsO&ipr=y&prhg=0
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-conversion/1007524534/?random=75055885&cv=9&fst=1670292205161&num=1&value=160&currency_code=USD&label=vrMZCOuGq2gQtrW24AM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.holycowcanvas.com%2F1839236%2Forders%2F77bb6512c822f3f9fa3e59e5aa23b3b1&tiba=Thank%20you%20Katie!%20-%20Holy%20Cow%20Canvas%20-%20Checkout&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=8KKOY6aVAuuUiM0P0p6ZYA&random=2902081568&resp=GooglemKTybQhCsO&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 02:03:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

connect.facebook.net/signals/config/1714030572163623?v=2.9.89&r=stable

31.13.72.12

200 OK

86 kB

URL HTTP/2
connect.facebook.net/signals/config/1714030572163623?v=2.9.89&r=stable
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
data
Size
86 kB (86507 bytes)
Hash
613448fbcf106400ef3e9477bbfb5f06
a622accc2ba481195f40f1893dcb099448d96a9d
851d9f95dabe777041463223ca263c729038a76f4eb25fd3cf84a11fa89e3360

HTTP Headers

GET /signals/config/1714030572163623?v=2.9.89&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: K05ExNiPC0aZ5mx5ZednNbSH3DcXw7POUyq7YwPqoopFRZxYJp0eZi117aaYPgjma40z/CLoO29cz1F8JXeRhg==
x-fb-trip-id: 1904183273
date: Tue, 06 Dec 2022 02:03:28 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ct.pinterest.com/user/?tid=2619032176312&pd=%7B%22np%22%3A%22shopify%22%7D&cb=1670292205507&dep=2%2CPAGE_LOAD

2.18.172.195

200 OK

377 B

URL HTTP/2
ct.pinterest.com/user/?tid=2619032176312&pd=%7B%22np%22%3A%22shopify%22%7D&cb=1670292205507&dep=2%2CPAGE_LOAD
IP
2.18.172.195:0
ASN
#16625 AKAMAI-AS

File type
JSON data\012- , ASCII text, with very long lines (539), with no line terminators
Size
377 B (377 bytes)
Hash
f6314a3333f750a090b7d16565b63b62
b071e68a3c67319a26ff36cd8a2758cc69e72377
341b6a8e9fc8f0cd98feb8442e1c01f066cf2b220749842c5be46d65786c3085

HTTP Headers

GET /user/?tid=2619032176312&pd=%7B%22np%22%3A%22shopify%22%7D&cb=1670292205507&dep=2%2CPAGE_LOAD HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Origin: https://www.holycowcanvas.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPVpUazFPVGRsTkRBdFlXWm1NUzAwT1dRNUxXRXhPREl0Tm1ZelltRTJZVGt4Wkdaaw
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: https://www.holycowcanvas.com
content-type: application/json; charset=utf-8
content-encoding: gzip
content-length: 377
x-envoy-upstream-service-time: 3
referrer-policy: origin
x-pinterest-rid: 1145036297468812
date: Tue, 06 Dec 2022 02:03:28 GMT
vary: Accept-Encoding
akamai-grn: 0.540a655f.1670292208.312c31ae
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

ct.pinterest.com/user/?event=PageVisit&ed=%7B%22np%22%3A%22shopify%22%2C%22eventID%22%3A%22e52c7f19-CA30-4753-6E3F-50C686F53299%22%7D&tid=2619032176312&cb=1670292205510&dep=5%2CEVENT_TAGS_ABSENT

2.18.172.195

200 OK

377 B

URL HTTP/2
ct.pinterest.com/user/?event=PageVisit&ed=%7B%22np%22%3A%22shopify%22%2C%22eventID%22%3A%22e52c7f19-CA30-4753-6E3F-50C686F53299%22%7D&tid=2619032176312&cb=1670292205510&dep=5%2CEVENT_TAGS_ABSENT
IP
2.18.172.195:0
ASN
#16625 AKAMAI-AS

File type
JSON data\012- , ASCII text, with very long lines (539), with no line terminators
Size
377 B (377 bytes)
Hash
f6314a3333f750a090b7d16565b63b62
b071e68a3c67319a26ff36cd8a2758cc69e72377
341b6a8e9fc8f0cd98feb8442e1c01f066cf2b220749842c5be46d65786c3085

HTTP Headers

GET /user/?event=PageVisit&ed=%7B%22np%22%3A%22shopify%22%2C%22eventID%22%3A%22e52c7f19-CA30-4753-6E3F-50C686F53299%22%7D&tid=2619032176312&cb=1670292205510&dep=5%2CEVENT_TAGS_ABSENT HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Origin: https://www.holycowcanvas.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPU1tUXpOR0ZqTURNdFpEQXdOeTAwTmpabUxUazNaVFF0WlRNNVpXSXhNV1JtWkRGaA
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: https://www.holycowcanvas.com
content-type: application/json; charset=utf-8
content-encoding: gzip
content-length: 377
x-envoy-upstream-service-time: 3
referrer-policy: origin
x-pinterest-rid: 5300572781767571
date: Tue, 06 Dec 2022 02:03:28 GMT
vary: Accept-Encoding
akamai-grn: 0.540a655f.1670292208.312c31ad
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 02:03:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

maps.googleapis.com/maps/api/js?client=gme-shopifyinc1&language=en-US

142.250.74.42

200 OK

53 kB

URL HTTP/2
maps.googleapis.com/maps/api/js?client=gme-shopifyinc1&language=en-US
IP
142.250.74.42:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2468)
Size
53 kB (53396 bytes)
Hash
b294a85a20b33a06ff7553e0b4136667
373e412bd4f94c90cdd1f1868d4fb53f95d0e770
9bc5df5f36a2f4fb56a41ffc544fa28e09cb3a4c38ec1c99241c20f033d65b02

HTTP Headers

GET /maps/api/js?client=gme-shopifyinc1&language=en-US HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 53396
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=12
date: Tue, 06 Dec 2022 01:46:28 GMT
expires: Tue, 06 Dec 2022 02:16:28 GMT
cache-control: public, max-age=1800
content-type: text/javascript; charset=UTF-8
age: 1020
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ct.pinterest.com/v3/?tid=2619032176312&pd=%7B%22np%22%3A%22shopify%22%2C%22shopify_y%22%3A%22b5fdf3e9-29f5-416c-9572-af88e5346569%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.holycowcanvas.com%2F1839236%2Forders%2F77bb6512c822f3f9fa3e59e5aa23b3b1%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1670292205510

2.18.172.195

200 OK

35 B

URL HTTP/2
ct.pinterest.com/v3/?tid=2619032176312&pd=%7B%22np%22%3A%22shopify%22%2C%22shopify_y%22%3A%22b5fdf3e9-29f5-416c-9572-af88e5346569%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.holycowcanvas.com%2F1839236%2Forders%2F77bb6512c822f3f9fa3e59e5aa23b3b1%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1670292205510
IP
2.18.172.195:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

HTTP Headers

GET /v3/?tid=2619032176312&pd=%7B%22np%22%3A%22shopify%22%2C%22shopify_y%22%3A%22b5fdf3e9-29f5-416c-9572-af88e5346569%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.holycowcanvas.com%2F1839236%2Forders%2F77bb6512c822f3f9fa3e59e5aa23b3b1%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1670292205510 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 1402218420112928
date: Tue, 06 Dec 2022 02:03:28 GMT
akamai-grn: 0.540a655f.1670292208.312c31b7
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=1714030572163623&ev=PageView&dl=https%3A%2F%2Fwww.holycowcanvas.com%2F1839236%2Forders%2F77bb6512c822f3f9fa3e59e5aa23b3b1&rl=&if=false&ts=1670292205646&sw=1280&sh=1024&udff[em]=11ffeaebd142725590961243e127b0e750ba0a23d04961bf6c83d2cbaa1423d6&udff[fn]=3460eb8087523e19ac486f37fc68192c2dcd087814a2a9c9ad6b668fee3e0134&udff[ln]=77ba46c89f8a9ab2ed27a9dbb673ca0d78d54c940d874a3f41412e3371c17f4f&udff[ct]=e31d426b5d3ff7257745b1d03bf1fcd5c7dea1d955dfc73d6ea8999d6dbd823b&udff[st]=3c44c3e1b8b7844786724ac776d3d90ee7eac452bdbcb44495b77dec2ef73cfe&udff[zp]=1dadd02d1ed2226cf6fa51fbf2df89c28041b7b2b9afecb97fb4650ec87cbf89&udff[ph]=11ec85ddbefe3d9cf71d968c6276a91f0982f3087a5fb957f281894f4dd5da71&v=2.9.89&r=stable&a=shopify&ec=0&o=2078&fbp=fb.1.1670292205646.545579266&it=1670292205477&coo=false&eid=e52c7f19-CA30-4753-6E3F-50C686F53299&rqm=GET

157.240.200.35

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=1714030572163623&ev=PageView&dl=https%3A%2F%2Fwww.holycowcanvas.com%2F1839236%2Forders%2F77bb6512c822f3f9fa3e59e5aa23b3b1&rl=&if=false&ts=1670292205646&sw=1280&sh=1024&udff[em]=11ffeaebd142725590961243e127b0e750ba0a23d04961bf6c83d2cbaa1423d6&udff[fn]=3460eb8087523e19ac486f37fc68192c2dcd087814a2a9c9ad6b668fee3e0134&udff[ln]=77ba46c89f8a9ab2ed27a9dbb673ca0d78d54c940d874a3f41412e3371c17f4f&udff[ct]=e31d426b5d3ff7257745b1d03bf1fcd5c7dea1d955dfc73d6ea8999d6dbd823b&udff[st]=3c44c3e1b8b7844786724ac776d3d90ee7eac452bdbcb44495b77dec2ef73cfe&udff[zp]=1dadd02d1ed2226cf6fa51fbf2df89c28041b7b2b9afecb97fb4650ec87cbf89&udff[ph]=11ec85ddbefe3d9cf71d968c6276a91f0982f3087a5fb957f281894f4dd5da71&v=2.9.89&r=stable&a=shopify&ec=0&o=2078&fbp=fb.1.1670292205646.545579266&it=1670292205477&coo=false&eid=e52c7f19-CA30-4753-6E3F-50C686F53299&rqm=GET
IP
157.240.200.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=1714030572163623&ev=PageView&dl=https%3A%2F%2Fwww.holycowcanvas.com%2F1839236%2Forders%2F77bb6512c822f3f9fa3e59e5aa23b3b1&rl=&if=false&ts=1670292205646&sw=1280&sh=1024&udff[em]=11ffeaebd142725590961243e127b0e750ba0a23d04961bf6c83d2cbaa1423d6&udff[fn]=3460eb8087523e19ac486f37fc68192c2dcd087814a2a9c9ad6b668fee3e0134&udff[ln]=77ba46c89f8a9ab2ed27a9dbb673ca0d78d54c940d874a3f41412e3371c17f4f&udff[ct]=e31d426b5d3ff7257745b1d03bf1fcd5c7dea1d955dfc73d6ea8999d6dbd823b&udff[st]=3c44c3e1b8b7844786724ac776d3d90ee7eac452bdbcb44495b77dec2ef73cfe&udff[zp]=1dadd02d1ed2226cf6fa51fbf2df89c28041b7b2b9afecb97fb4650ec87cbf89&udff[ph]=11ec85ddbefe3d9cf71d968c6276a91f0982f3087a5fb957f281894f4dd5da71&v=2.9.89&r=stable&a=shopify&ec=0&o=2078&fbp=fb.1.1670292205646.545579266&it=1670292205477&coo=false&eid=e52c7f19-CA30-4753-6E3F-50C686F53299&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 06 Dec 2022 02:03:28 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 02:03:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3de00ccc28e8607cab9fe4ddbdd831cf
530971bce248c2634952348b6bf8ca35a78f3339
d1490967f935765b4621b491c4affce690113a056b60178266e819a4e019a0fd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D1490967F935765B4621B491C4AFFCE690113A056B60178266E819A4E019A0FD"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4288
Expires: Tue, 06 Dec 2022 03:14:56 GMT
Date: Tue, 06 Dec 2022 02:03:28 GMT
Connection: keep-alive

ct.pinterest.com/v3/?event=PageVisit&ed=%7B%22np%22%3A%22shopify%22%2C%22eventID%22%3A%22e52c7f19-CA30-4753-6E3F-50C686F53299%22%7D&tid=2619032176312&cb=1670292205737&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22shopify%22%2C%22shopify_y%22%3A%22b5fdf3e9-29f5-416c-9572-af88e5346569%22%2C%22pin_unauth%22%3A%22dWlkPVpUazFPVGRsTkRBdFlXWm1NUzAwT1dRNUxXRXhPREl0Tm1ZelltRTJZVGt4Wkdaaw%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.holycowcanvas.com%2F1839236%2Forders%2F77bb6512c822f3f9fa3e59e5aa23b3b1%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D

2.18.172.195

200 OK

35 B

URL HTTP/2
ct.pinterest.com/v3/?event=PageVisit&ed=%7B%22np%22%3A%22shopify%22%2C%22eventID%22%3A%22e52c7f19-CA30-4753-6E3F-50C686F53299%22%7D&tid=2619032176312&cb=1670292205737&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22shopify%22%2C%22shopify_y%22%3A%22b5fdf3e9-29f5-416c-9572-af88e5346569%22%2C%22pin_unauth%22%3A%22dWlkPVpUazFPVGRsTkRBdFlXWm1NUzAwT1dRNUxXRXhPREl0Tm1ZelltRTJZVGt4Wkdaaw%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.holycowcanvas.com%2F1839236%2Forders%2F77bb6512c822f3f9fa3e59e5aa23b3b1%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D
IP
2.18.172.195:0
ASN
#16625 AKAMAI-AS

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

HTTP Headers

GET /v3/?event=PageVisit&ed=%7B%22np%22%3A%22shopify%22%2C%22eventID%22%3A%22e52c7f19-CA30-4753-6E3F-50C686F53299%22%7D&tid=2619032176312&cb=1670292205737&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22shopify%22%2C%22shopify_y%22%3A%22b5fdf3e9-29f5-416c-9572-af88e5346569%22%2C%22pin_unauth%22%3A%22dWlkPVpUazFPVGRsTkRBdFlXWm1NUzAwT1dRNUxXRXhPREl0Tm1ZelltRTJZVGt4Wkdaaw%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.holycowcanvas.com%2F1839236%2Forders%2F77bb6512c822f3f9fa3e59e5aa23b3b1%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%229a94ee76%22%2C%22is_eu%22%3Atrue%2C%22ecm_enabled%22%3Afalse%7D HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
content-length: 35
access-control-allow-origin: *
x-envoy-upstream-service-time: 3
referrer-policy: origin
x-pinterest-rid: 3813060302885903
date: Tue, 06 Dec 2022 02:03:28 GMT
set-cookie: _pinterest_ct_ua="TWc9PSZEMXVlMnQvL29FT3dZMStCWUhpbWdVWTlST2Q5TE1FY2lSbjd0eVF4MXE3MHFKaEtIR0FvL0U1ZVg1ZzN1VDBPaksvUytpdXAyV0EvNEFhdDlOMVlyUFhDQ1liY21KVFVUQW5zVHRaSjR1Zz0mTFVsTVBWb3JGS1FGNTFSMXYwaFIvWVh1eUxvPQ=="; Expires=Wed, 06 Dec 2023 02:03:28 GMT; Path=/; Domain=ct.pinterest.com; Secure; SameSite=None
akamai-grn: 0.540a655f.1670292208.312c31cf
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

holycowcanvas.com.com/store?thank-you

72.14.178.174

302 Moved Temporarily

167 B

URL HTTP/1.1
holycowcanvas.com.com/store?thank-you
IP
72.14.178.174:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
1dd977065c1e457e5fe1c16c8c83abdd
6dc6acfc9432bd4f48927f4d3ffe23ca6a2eb504
a2b66bda5d606b25a9a6f90b47113590083c3f2477e319567cbc783412c34f83

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /store?thank-you HTTP/1.1
Host: holycowcanvas.com.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.13.6.1
Date: Tue, 06 Dec 2022 02:03:28 GMT
Content-Type: text/html
Content-Length: 167
Connection: close
Location: http://holycowcanvas.com.com/store?thank-you
Set-Cookie: mtmssl=1;Domain=holycowcanvas.com.com;Path=/;Max-Age=120

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 02:03:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

maps.gstatic.com/mapfiles/openhand_8_8.cur

216.58.207.227

200 OK

326 B

URL HTTP/2
maps.gstatic.com/mapfiles/openhand_8_8.cur
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
MS Windows cursor resource - 1 icon, 32x32, 2 colors, hotspot @8x8\012- data
Size
326 B (326 bytes)
Hash
feff9159f56cb2069041d660b484eb07
0d0a08cf25a258511957f357b89d3908f3c5e6e3
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7

HTTP Headers

GET /mapfiles/openhand_8_8.cur HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/bmp
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-length: 326
date: Tue, 06 Dec 2022 02:03:28 GMT
expires: Tue, 06 Dec 2022 02:03:28 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 18 May 2021 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

maps.gstatic.com/mapfiles/transparent.png

216.58.207.227

200 OK

68 B

URL HTTP/2
maps.gstatic.com/mapfiles/transparent.png
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
8327a6037ae00a5be9f75e63ee1b9fbe
a812c79b0d125e4946b33446eae0353f518627e2
fe67e12a6497f8518ef1673fd8cf5622871935ff85f204715e78b2009dd48588

HTTP Headers

GET /mapfiles/transparent.png HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-length: 68
date: Tue, 06 Dec 2022 02:03:28 GMT
expires: Tue, 06 Dec 2022 02:03:28 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 18 May 2021 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 02:03:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://checkout.shopify.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 455374
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://checkout.shopify.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:56 GMT
expires: Thu, 30 Nov 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 455372
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

holycowcanvas.com.com/store?thank-you

72.14.178.174

302 Moved Temporarily

167 B

URL HTTP/1.1
holycowcanvas.com.com/store?thank-you
IP
72.14.178.174:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
1dd977065c1e457e5fe1c16c8c83abdd
6dc6acfc9432bd4f48927f4d3ffe23ca6a2eb504
a2b66bda5d606b25a9a6f90b47113590083c3f2477e319567cbc783412c34f83

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /store?thank-you HTTP/1.1
Host: holycowcanvas.com.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.13.6.1
Date: Tue, 06 Dec 2022 02:03:29 GMT
Content-Type: text/html
Content-Length: 167
Connection: close
Location: http://holycowcanvas.com.com/store?thank-you
Set-Cookie: mtmssl=1;Domain=holycowcanvas.com.com;Path=/;Max-Age=120

b.clarity.ms/collect

20.75.32.255

204 No Content

0 B

URL HTTP/2
b.clarity.ms/collect
IP
20.75.32.255:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 657
Origin: https://www.holycowcanvas.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://www.holycowcanvas.com
access-control-allow-credentials: true
date: Tue, 06 Dec 2022 02:03:28 GMT
X-Firefox-Spdy: h2

holycowcanvas.com.com/store?thank-you

72.14.178.174

302 Moved Temporarily

167 B

URL HTTP/1.1
holycowcanvas.com.com/store?thank-you
IP
72.14.178.174:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
1dd977065c1e457e5fe1c16c8c83abdd
6dc6acfc9432bd4f48927f4d3ffe23ca6a2eb504
a2b66bda5d606b25a9a6f90b47113590083c3f2477e319567cbc783412c34f83

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /store?thank-you HTTP/1.1
Host: holycowcanvas.com.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.13.6.1
Date: Tue, 06 Dec 2022 02:03:29 GMT
Content-Type: text/html
Content-Length: 167
Connection: close
Location: http://holycowcanvas.com.com/store?thank-you
Set-Cookie: mtmssl=1;Domain=holycowcanvas.com.com;Path=/;Max-Age=120

b.clarity.ms/collect

20.75.32.255

204 No Content

0 B

URL HTTP/2
b.clarity.ms/collect
IP
20.75.32.255:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 33005
Origin: https://www.holycowcanvas.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://www.holycowcanvas.com
access-control-allow-credentials: true
date: Tue, 06 Dec 2022 02:03:28 GMT
X-Firefox-Spdy: h2

holycowcanvas.com.com/store?thank-you

72.14.178.174

302 Moved Temporarily

167 B

URL HTTP/1.1
holycowcanvas.com.com/store?thank-you
IP
72.14.178.174:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
1dd977065c1e457e5fe1c16c8c83abdd
6dc6acfc9432bd4f48927f4d3ffe23ca6a2eb504
a2b66bda5d606b25a9a6f90b47113590083c3f2477e319567cbc783412c34f83

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /store?thank-you HTTP/1.1
Host: holycowcanvas.com.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.13.6.1
Date: Tue, 06 Dec 2022 02:03:29 GMT
Content-Type: text/html
Content-Length: 167
Connection: close
Location: http://holycowcanvas.com.com/store?thank-you
Set-Cookie: mtmssl=1;Domain=holycowcanvas.com.com;Path=/;Max-Age=120

holycowcanvas.com.com/store?thank-you

72.14.178.174

302 Moved Temporarily

167 B

URL HTTP/1.1
holycowcanvas.com.com/store?thank-you
IP
72.14.178.174:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
1dd977065c1e457e5fe1c16c8c83abdd
6dc6acfc9432bd4f48927f4d3ffe23ca6a2eb504
a2b66bda5d606b25a9a6f90b47113590083c3f2477e319567cbc783412c34f83

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /store?thank-you HTTP/1.1
Host: holycowcanvas.com.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.13.6.1
Date: Tue, 06 Dec 2022 02:03:30 GMT
Content-Type: text/html
Content-Length: 167
Connection: close
Location: http://holycowcanvas.com.com/store?thank-you
Set-Cookie: mtmssl=1;Domain=holycowcanvas.com.com;Path=/;Max-Age=120

holycowcanvas.com.com/store?thank-you

72.14.178.174

302 Moved Temporarily

167 B

URL HTTP/1.1
holycowcanvas.com.com/store?thank-you
IP
72.14.178.174:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
1dd977065c1e457e5fe1c16c8c83abdd
6dc6acfc9432bd4f48927f4d3ffe23ca6a2eb504
a2b66bda5d606b25a9a6f90b47113590083c3f2477e319567cbc783412c34f83

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /store?thank-you HTTP/1.1
Host: holycowcanvas.com.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.13.6.1
Date: Tue, 06 Dec 2022 02:03:30 GMT
Content-Type: text/html
Content-Length: 167
Connection: close
Location: http://holycowcanvas.com.com/store?thank-you
Set-Cookie: mtmssl=1;Domain=holycowcanvas.com.com;Path=/;Max-Age=120

holycowcanvas.com.com/store?thank-you

72.14.178.174

302 Moved Temporarily

167 B

URL HTTP/1.1
holycowcanvas.com.com/store?thank-you
IP
72.14.178.174:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
1dd977065c1e457e5fe1c16c8c83abdd
6dc6acfc9432bd4f48927f4d3ffe23ca6a2eb504
a2b66bda5d606b25a9a6f90b47113590083c3f2477e319567cbc783412c34f83

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /store?thank-you HTTP/1.1
Host: holycowcanvas.com.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.13.6.1
Date: Tue, 06 Dec 2022 02:03:30 GMT
Content-Type: text/html
Content-Length: 167
Connection: close
Location: http://holycowcanvas.com.com/store?thank-you
Set-Cookie: mtmssl=1;Domain=holycowcanvas.com.com;Path=/;Max-Age=120

holycowcanvas.com.com/store?thank-you

72.14.178.174

302 Moved Temporarily

167 B

URL HTTP/1.1
holycowcanvas.com.com/store?thank-you
IP
72.14.178.174:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
1dd977065c1e457e5fe1c16c8c83abdd
6dc6acfc9432bd4f48927f4d3ffe23ca6a2eb504
a2b66bda5d606b25a9a6f90b47113590083c3f2477e319567cbc783412c34f83

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /store?thank-you HTTP/1.1
Host: holycowcanvas.com.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.13.6.1
Date: Tue, 06 Dec 2022 02:03:31 GMT
Content-Type: text/html
Content-Length: 167
Connection: close
Location: http://holycowcanvas.com.com/store?thank-you
Set-Cookie: mtmssl=1;Domain=holycowcanvas.com.com;Path=/;Max-Age=120

holycowcanvas.com.com/store?thank-you

72.14.178.174

302 Moved Temporarily

167 B

URL HTTP/1.1
holycowcanvas.com.com/store?thank-you
IP
72.14.178.174:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
1dd977065c1e457e5fe1c16c8c83abdd
6dc6acfc9432bd4f48927f4d3ffe23ca6a2eb504
a2b66bda5d606b25a9a6f90b47113590083c3f2477e319567cbc783412c34f83

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /store?thank-you HTTP/1.1
Host: holycowcanvas.com.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.13.6.1
Date: Tue, 06 Dec 2022 02:03:31 GMT
Content-Type: text/html
Content-Length: 167
Connection: close
Location: http://holycowcanvas.com.com/store?thank-you
Set-Cookie: mtmssl=1;Domain=holycowcanvas.com.com;Path=/;Max-Age=120

holycowcanvas.com.com/store?thank-you

72.14.178.174

302 Moved Temporarily

167 B

URL HTTP/1.1
holycowcanvas.com.com/store?thank-you
IP
72.14.178.174:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
1dd977065c1e457e5fe1c16c8c83abdd
6dc6acfc9432bd4f48927f4d3ffe23ca6a2eb504
a2b66bda5d606b25a9a6f90b47113590083c3f2477e319567cbc783412c34f83

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /store?thank-you HTTP/1.1
Host: holycowcanvas.com.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.13.6.1
Date: Tue, 06 Dec 2022 02:03:32 GMT
Content-Type: text/html
Content-Length: 167
Connection: close
Location: http://holycowcanvas.com.com/store?thank-you
Set-Cookie: mtmssl=1;Domain=holycowcanvas.com.com;Path=/;Max-Age=120

holycowcanvas.com.com/store?thank-you

72.14.178.174

302 Moved Temporarily

167 B

URL HTTP/1.1
holycowcanvas.com.com/store?thank-you
IP
72.14.178.174:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
1dd977065c1e457e5fe1c16c8c83abdd
6dc6acfc9432bd4f48927f4d3ffe23ca6a2eb504
a2b66bda5d606b25a9a6f90b47113590083c3f2477e319567cbc783412c34f83

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /store?thank-you HTTP/1.1
Host: holycowcanvas.com.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Moved Temporarily
Server: openresty/1.13.6.1
Date: Tue, 06 Dec 2022 02:03:32 GMT
Content-Type: text/html
Content-Length: 167
Connection: close
Location: http://holycowcanvas.com.com/store?thank-you
Set-Cookie: mtmssl=1;Domain=holycowcanvas.com.com;Path=/;Max-Age=120

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
25bbcbc271b31b834a22d5aa80f11ab6
b26108728d12fd953ab8c17166209bcf9ec24c67
20a4b37e4a4e96c7a5bd1ab15b2d42376c24c768ae995fbb2e9a71cc6c461462

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4477
Cache-Control: max-age=115894
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 02:03:32 GMT
Etag: "638db32d-117"
Expires: Wed, 07 Dec 2022 10:15:06 GMT
Last-Modified: Mon, 05 Dec 2022 09:00:29 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279

ct.pinterest.com/ct.html

2.18.172.195

200 OK

323 B

URL HTTP/2
ct.pinterest.com/ct.html
IP
2.18.172.195:0
ASN
#16625 AKAMAI-AS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (565), with no line terminators
Size
323 B (323 bytes)
Hash
b49b45b63051915a8c657060651eb07f
acaddf8021f220d0e4d30e7c8b3d8330ff781af9
4b00fbca5db49c6e4b29a0c873c43671880bcea1b7b3007655183382a318c2dc

HTTP Headers

GET /ct.html HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: max-age=86400
content-type: text/html; charset=utf-8
content-encoding: gzip
content-length: 323
x-envoy-upstream-service-time: 0
referrer-policy: origin
x-pinterest-rid: 9768273753360967
date: Tue, 06 Dec 2022 02:03:32 GMT
vary: Accept-Encoding
akamai-grn: 0.540a655f.1670292212.312c33ab
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2

dttrk.com/shopify/track.js?shop=holycowcanvas.myshopify.com

172.67.211.235

200 OK

1.8 kB

URL HTTP/2
dttrk.com/shopify/track.js?shop=holycowcanvas.myshopify.com
IP
172.67.211.235:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (3396), with no line terminators
Size
1.8 kB (1767 bytes)
Hash
6c90faeddbfa6b22a96b360ca342f116
7c3d2bd5e83ff8e8752705af7529bc5dbbb4090e
95b0ede4428ccd4f7cf2027579c028746bba64a6df58ab0d9c023e34bcb0f5c1

HTTP Headers

GET /shopify/track.js?shop=holycowcanvas.myshopify.com HTTP/1.1
Host: dttrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 02:03:32 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 77517219bc27b517-OSL
age: 93824
cache-control: max-age=7200
etag: W/"shopify/track.55051d17cc.js"
vary: Accept-Encoding
cf-cache-status: HIT
feature-policy: none
referrer-policy: unsafe-url
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zax3itUsDPzrw659dPOiL2kDEin%2Fsa8%2F3k3vLtJqziKjy4bp2k7Ah%2FVckAs0sBZxgJKV%2FyfJy%2BHgpVV1AK529XCRacJuXSpj2H1xlGAWYNOB0LJ%2BSrf76bz83%2F0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

s.adroll.com/j/roundtrip.js

143.204.55.84

200 OK

17 kB

URL HTTP/1.1
s.adroll.com/j/roundtrip.js
IP
143.204.55.84:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (1096)
Size
17 kB (17168 bytes)
Hash
ed06acf3c90cdec0eed4432ca8f83550
2c6a39fcad716191cf3b7dc2e6fe06f766a51a35
ea535f0703181746eb426330cb5e962ec0e42afae3e44674dd67bde9c6692aea

HTTP Headers

GET /j/roundtrip.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 15:45:06 GMT
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: 9xobUm0MAvJh1LhW_hNgjVEGwDCPHXvN
Server: AmazonS3
Content-Encoding: gzip
Date: Tue, 06 Dec 2022 01:50:34 GMT
Cache-Control: max-age=3600, must-revalidate
Etag: W/"b1aa61e95e42ee6f3c520b6a2fc39cfa"
Vary: Accept-Encoding
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
Age: 787
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: QnAL6mRjUaXI9cvkd573PHfNcsYJFLeWdLxoOJpJOovAWHVvs5nfRw==

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
6a3dbc999be1cec258867060c3e2ce92
8cb756e80ea9e2d7cd69931388e150e6892de7ed
cd3a770b1d65aa2034cd794cf17eadd7d0d0b8b4bc62534f45faabcf4cf653ba

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=170498
Date: Tue, 06 Dec 2022 02:03:33 GMT
Etag: "638e99f7-1d7"
Expires: Thu, 08 Dec 2022 01:25:11 GMT
Last-Modified: Tue, 06 Dec 2022 01:25:11 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BwSo79ISVLoy1GQMS9aSe5pqnswqkVk-CtiV_rsXRm6oJ7UjBaU8qw==

c.clarity.ms/c.gif

20.234.93.27

302 Found

0 B

URL HTTP/2
c.clarity.ms/c.gif
IP
20.234.93.27:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=63520525F4EA4DBCA2E0E67025FC7912&RedC=c.clarity.ms&MXFR=25AE102E56DF645808AD025C52DF6A90
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=25AE102E56DF645808AD025C52DF6A90; domain=.clarity.ms; expires=Sun, 31-Dec-2023 02:03:33 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Tue, 06 Dec 2022 02:03:32 GMT
content-length: 0
X-Firefox-Spdy: h2

www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1

23.227.38.74

200 OK

0 B

URL HTTP/2
www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1
IP
23.227.38.74:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1 HTTP/1.1
Host: www.holycowcanvas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: order=eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaEpJaVUxT0RJd05EZGlaRGRoWXpVeU5XSTBObVJpTmpGa056a3lNMlZrT1dVek1BWTZCa1ZVIiwiZXhwIjoiMjAyMi0xMi0yN1QwMjowMzoyNC42NzNaIiwicHVyIjoiY29va2llLm9yZGVyIn19--b5140b0069a5a1183eeb0de056432b5737e4b1dc; _y=b5fdf3e9-29f5-416c-9572-af88e5346569; _s=7a0f6976-ebb3-48df-9b82-b267c5c3159d; _shopify_y=b5fdf3e9-29f5-416c-9572-af88e5346569; _shopify_s=7a0f6976-ebb3-48df-9b82-b267c5c3159d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 02:03:25 GMT
content-type: text/html; charset=utf-8
x-sorting-hat-podid: 285
x-sorting-hat-shopid: 1839236
vary: Accept-Encoding
x-frame-options: DENY
x-shopid: 1839236
x-shardid: 285
x-robots-tag: none
referrer-policy: origin-when-cross-origin
content-language: en-US
cache-control: no-cache
strict-transport-security: max-age=7889238
x-shopify-stage: production
content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=show&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Forders&source%5Bsection%5D=checkout&source%5Bshop_id%5D=1839236&source%5Buuid%5D=26701c8b-dae6-4dc4-b893-92de0e342e15
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block; report=/xss-report?source%5Baction%5D=show&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Forders&source%5Bsection%5D=checkout&source%5Bshop_id%5D=1839236&source%5Buuid%5D=26701c8b-dae6-4dc4-b893-92de0e342e15
x-dc: gcp-europe-north1,gcp-us-central1,gcp-us-central1
set-cookie: _orig_referrer=; Expires=Tue, 20-Dec-22 02:03:25 GMT; Domain=holycowcanvas.com; Path=/; HttpOnly; SameSite=Lax
_landing_page=%2F1839236%2Forders%2F77bb6512c822f3f9fa3e59e5aa23b3b1; Expires=Tue, 20-Dec-22 02:03:25 GMT; Domain=holycowcanvas.com; Path=/; HttpOnly; SameSite=Lax
_y=b5fdf3e9-29f5-416c-9572-af88e5346569; Expires=Wed, 06-Dec-23 02:03:25 GMT; Domain=holycowcanvas.com; Path=/; SameSite=Lax
_s=7a0f6976-ebb3-48df-9b82-b267c5c3159d; Expires=Tue, 06-Dec-22 02:33:25 GMT; Domain=holycowcanvas.com; Path=/; SameSite=Lax
_shopify_y=b5fdf3e9-29f5-416c-9572-af88e5346569; Expires=Wed, 06-Dec-23 02:03:25 GMT; Domain=holycowcanvas.com; Path=/; SameSite=Lax
_shopify_s=7a0f6976-ebb3-48df-9b82-b267c5c3159d; Expires=Tue, 06-Dec-22 02:33:25 GMT; Domain=holycowcanvas.com; Path=/; SameSite=Lax
x-request-id: 26701c8b-dae6-4dc4-b893-92de0e342e15
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mXa3MxzhWrBQdEHowBzqhPllF1WZD9%2FfSt78AeW0XeTBXuQS4R55%2B%2BVpb1I7YUY8YPsW9C%2F5i%2BLTuss6Pu7gL9sWAneZKzDMb4u751mj5J45%2F6bcGCOHJOwxsQTxUk3%2BGu3yrCDQMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=733.000040
server: cloudflare
cf-ray: 775171e7d9a7fac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.shopify.com/shopifycloud/shopify/assets/shop_qr-1f53501e8ad08edc204b781136461a901672e8838b9408142dbd5469245aed63.js

162.159.135.68

200 OK

0 B

URL HTTP/2
cdn.shopify.com/shopifycloud/shopify/assets/shop_qr-1f53501e8ad08edc204b781136461a901672e8838b9408142dbd5469245aed63.js
IP
162.159.135.68:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /shopifycloud/shopify/assets/shop_qr-1f53501e8ad08edc204b781136461a901672e8838b9408142dbd5469245aed63.js HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Origin: https://www.holycowcanvas.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 02:03:25 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/shop_qr-1f53501e8ad08edc204b781136461a901672e8838b9408142dbd5469245aed63.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 72fbe085-16d2-4f05-9f28-94585a768b3d
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-central1
last-modified: Sat, 29 Oct 2022 15:08:50 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Ahkty%2FE4j64yGRmEfAiLJLIM%2FixM5BqHPfGzqrlCeaPLMOc8XD%2BYQx5byOtYp3FCIdJAZoSgLyTGKqp5AbKcbcG4m5iPsyMLy9OFQiyhofuv%2FdKU5xLxr0XUUqyQiES%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=33.905, imageryFetch;dur=33.649, cfRequestDuration;dur=164.999962
server: cloudflare
cf-ray: 775171ed7bf9b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.shopify.com/app/services/1839236/javascripts/checkout_countries/121421529187/en-US/countries-10a7b7c24453b5ebd9c63f04c5eb0bf2a9f35611-0.js?version=edge

162.159.135.68

200 OK

0 B

URL HTTP/2
cdn.shopify.com/app/services/1839236/javascripts/checkout_countries/121421529187/en-US/countries-10a7b7c24453b5ebd9c63f04c5eb0bf2a9f35611-0.js?version=edge
IP
162.159.135.68:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /app/services/1839236/javascripts/checkout_countries/121421529187/en-US/countries-10a7b7c24453b5ebd9c63f04c5eb0bf2a9f35611-0.js?version=edge HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Origin: https://www.holycowcanvas.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 02:03:27 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: no-cache
content-language: en-US
link: <https://cdn.shopify.com/app/services/1839236/javascripts/checkout_countries/121421529187/en-US/countries-10a7b7c24453b5ebd9c63f04c5eb0bf2a9f35611-0.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 8bf20e87-48c4-426c-b676-4611b8445175
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,us-central1
last-modified: Tue, 06 Dec 2022 02:03:27 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5avTlk5%2F%2B%2BWlbDb9KFWgDfIsg9S6xJi3J5XmWiRr5ShslKO1q8ZmwZk5RCncorRJubSP2njZWhcjT75G0vkOTDYzsk%2BWgjvLBCRHsX%2FC%2Fk%2FHhHiMk3Eqc%2BidYbqvHuWdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=1995.915, imageryFetch;dur=1965.005, cfRequestDuration;dur=2174.000025
server: cloudflare
cf-ray: 775171ed8c03b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.shopify.com/shopifycloud/shopify/assets/checkout-ed896bd9ba26934f1900c3c0c6012164b6506ab74cc9cc6ceb871bf505edd4f5.js

162.159.135.68

200 OK

0 B

URL HTTP/2
cdn.shopify.com/shopifycloud/shopify/assets/checkout-ed896bd9ba26934f1900c3c0c6012164b6506ab74cc9cc6ceb871bf505edd4f5.js
IP
162.159.135.68:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /shopifycloud/shopify/assets/checkout-ed896bd9ba26934f1900c3c0c6012164b6506ab74cc9cc6ceb871bf505edd4f5.js HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Origin: https://www.holycowcanvas.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 02:03:26 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31556952, immutable
link: <https://cdn.shopify.com/shopifycloud/shopify/assets/checkout-ed896bd9ba26934f1900c3c0c6012164b6506ab74cc9cc6ceb871bf505edd4f5.js>; rel="canonical"
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 92f56716-bdc8-411a-beeb-65f739777d4c
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-central1,us-east1
last-modified: Thu, 17 Nov 2022 22:11:43 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RX9n6F%2Fb9t6WhYYaacRsHrNhYw67KLzh%2FJh%2FNqsrBnvZCcFGyCODn%2F2p7A4ez9CLRQZaSPgjm9N0ZstezSf00xdQs4TbPp%2B2NPqFgTZxz%2Bocw4ClHub9pl44%2BBuJMcD%2FJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=77.128, imageryFetch;dur=76.896, cfRequestDuration;dur=175.999880
server: cloudflare
cf-ray: 775171ed7bfdb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

checkout.shopify.com/1839236/sandbox/google_maps?locale=en-US

23.227.38.33

200 OK

0 B

URL HTTP/2
checkout.shopify.com/1839236/sandbox/google_maps?locale=en-US
IP
23.227.38.33:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /1839236/sandbox/google_maps?locale=en-US HTTP/1.1
Host: checkout.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 02:03:28 GMT
content-type: text/html; charset=utf-8
x-sorting-hat-podid: 285
x-sorting-hat-shopid: 1839236
vary: Accept-Encoding
x-shopid: 1839236
x-shardid: 285
x-robots-tag: none
referrer-policy: origin-when-cross-origin
content-language: en-US
cache-control: no-cache
strict-transport-security: max-age=315569520; includeSubdomains
x-shopify-stage: production
content-security-policy: frame-ancestors *; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=google_maps&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Fsandbox&source%5Bsection%5D=checkout&source%5Bshop_id%5D=1839236&source%5Buuid%5D=623c372c-e5d5-4c14-9c54-8ebe38ba38ed
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block; report=/xss-report?source%5Baction%5D=google_maps&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Fsandbox&source%5Bsection%5D=checkout&source%5Bshop_id%5D=1839236&source%5Buuid%5D=623c372c-e5d5-4c14-9c54-8ebe38ba38ed
x-dc: gcp-europe-north1,gcp-us-central1,gcp-us-central1
set-cookie: _orig_referrer=https%3A%2F%2Fwww.holycowcanvas.com%2F; Expires=Tue, 20-Dec-22 02:03:28 GMT; Domain=shopify.com; Path=/; HttpOnly; SameSite=Lax
_landing_page=%2F1839236%2Fsandbox%2Fgoogle_maps%3Flocale%3Den-US; Expires=Tue, 20-Dec-22 02:03:28 GMT; Domain=shopify.com; Path=/; HttpOnly; SameSite=Lax
_y=984d4af1-47a8-4f61-82ef-a9b9785927bd; Expires=Wed, 06-Dec-23 02:03:28 GMT; Domain=shopify.com; Path=/; SameSite=Lax
_s=242a4e4a-3261-4e63-bf44-fd52e28c407a; Expires=Tue, 06-Dec-22 02:33:28 GMT; Domain=shopify.com; Path=/; SameSite=Lax
_shopify_y=984d4af1-47a8-4f61-82ef-a9b9785927bd; Expires=Wed, 06-Dec-23 02:03:28 GMT; Domain=shopify.com; Path=/; SameSite=Lax
_shopify_s=242a4e4a-3261-4e63-bf44-fd52e28c407a; Expires=Tue, 06-Dec-22 02:33:28 GMT; Domain=shopify.com; Path=/; SameSite=Lax
x-request-id: 623c372c-e5d5-4c14-9c54-8ebe38ba38ed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ELKuw4HrCKD%2Fss%2BNB3WlvNvG%2F2wip%2BYDWRjlCqTPTZ5IU%2B0No2dzcWaZ%2BUmHz%2BcHEQnKwzV4hwfLuNpcWreKAGcm1IMe9j7STjk2xnLhRjL8MnLlUNFLE99nNQ%2Byzba6GdjWnU9y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=270.000219
server: cloudflare
cf-ray: 775171fc395db4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.clarity.ms/eus2/s/0.6.43/clarity.js

13.107.246.53

200 OK

0 B

URL HTTP/2
www.clarity.ms/eus2/s/0.6.43/clarity.js
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /eus2/s/0.6.43/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d9026a431ead4c"
server: Microsoft-IIS/10.0
x-cache: TCP_HIT
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-azure-ref-originshield: 06x+OYwAAAAAwT6LeiIEhRbO2vCXeRfjQQU1TMDRFREdFMTgxNAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-azure-ref: 08KKOYwAAAADp8hQ726GETpsexI5IWNEoU1ZHMjBFREdFMDYxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Tue, 06 Dec 2022 02:03:28 GMT
X-Firefox-Spdy: h2

www.knocdn.com/v1/embed.js?id=67894ad0-74ca-4d9a-a8d6-f7eacea09248&shop=holycowcanvas.myshopify.com

54.230.111.126

200 OK

0 B

URL HTTP/2
www.knocdn.com/v1/embed.js?id=67894ad0-74ca-4d9a-a8d6-f7eacea09248&shop=holycowcanvas.myshopify.com
IP
54.230.111.126:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /v1/embed.js?id=67894ad0-74ca-4d9a-a8d6-f7eacea09248&shop=holycowcanvas.myshopify.com HTTP/1.1
Host: www.knocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.holycowcanvas.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 240181
date: Mon, 05 Dec 2022 15:09:43 GMT
last-modified: Mon, 05 Dec 2022 15:02:04 GMT
etag: "0b39e6742aefb53463ac332f063865cb"
x-amz-version-id: tNPq64660nSyZXkcls901OLTm0cS4uX7
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uAK6qNCf32e4PyHm3M6gUXEA5pmq1yaCD4XlhWUZZbz9qtzlMijc7w==
age: 39231
X-Firefox-Spdy: h2

www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1/authenticate?key=582047bd7ac525b46db61d7923ed9e30

23.227.38.74

302 Found

0 B

URL HTTP/2
www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1/authenticate?key=582047bd7ac525b46db61d7923ed9e30
IP
23.227.38.74:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1/authenticate?key=582047bd7ac525b46db61d7923ed9e30 HTTP/1.1
Host: www.holycowcanvas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Tue, 06 Dec 2022 02:03:24 GMT
content-type: text/html; charset=utf-8
location: https://www.holycowcanvas.com/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1
x-sorting-hat-podid: 285
x-sorting-hat-shopid: 1839236
x-frame-options: DENY
x-shopid: 1839236
x-shardid: 285
x-robots-tag: none
referrer-policy: origin-when-cross-origin
content-language: en-US
cache-control: no-cache
strict-transport-security: max-age=7889238
set-cookie: order=eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaEpJaVUxT0RJd05EZGlaRGRoWXpVeU5XSTBObVJpTmpGa056a3lNMlZrT1dVek1BWTZCa1ZVIiwiZXhwIjoiMjAyMi0xMi0yN1QwMjowMzoyNC42NzNaIiwicHVyIjoiY29va2llLm9yZGVyIn19--b5140b0069a5a1183eeb0de056432b5737e4b1dc; path=/1839236/orders/77bb6512c822f3f9fa3e59e5aa23b3b1; expires=Tue, 27 Dec 2022 02:03:24 GMT; secure; HttpOnly; SameSite=Lax
_y=b5fdf3e9-29f5-416c-9572-af88e5346569; Expires=Wed, 06-Dec-23 02:03:24 GMT; Domain=holycowcanvas.com; Path=/; SameSite=Lax
_s=7a0f6976-ebb3-48df-9b82-b267c5c3159d; Expires=Tue, 06-Dec-22 02:33:24 GMT; Domain=holycowcanvas.com; Path=/; SameSite=Lax
_shopify_y=b5fdf3e9-29f5-416c-9572-af88e5346569; Expires=Wed, 06-Dec-23 02:03:24 GMT; Domain=holycowcanvas.com; Path=/; SameSite=Lax
_shopify_s=7a0f6976-ebb3-48df-9b82-b267c5c3159d; Expires=Tue, 06-Dec-22 02:33:24 GMT; Domain=holycowcanvas.com; Path=/; SameSite=Lax
x-shopify-stage: production
content-security-policy: frame-ancestors 'none'; upgrade-insecure-requests; report-uri /csp-report?source%5Baction%5D=authenticate&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Forders&source%5Bsection%5D=checkout&source%5Bshop_id%5D=1839236&source%5Buuid%5D=bce3f1a1-f4a3-4b66-851e-4839e1fd07f4
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block; report=/xss-report?source%5Baction%5D=authenticate&source%5Bapp%5D=Shopify&source%5Bcontroller%5D=checkouts%2Fweb%2Forders&source%5Bsection%5D=checkout&source%5Bshop_id%5D=1839236&source%5Buuid%5D=bce3f1a1-f4a3-4b66-851e-4839e1fd07f4
x-dc: gcp-europe-north1,gcp-us-central1,gcp-us-central1
x-request-id: bce3f1a1-f4a3-4b66-851e-4839e1fd07f4
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dc%2Fnnqu1uNx35uIhwwszz79GcCMkSItCWB7tAZQryVHwkL%2BNTcVKO6F4wiVW9Fgh4Hh75TdceGhtjrRaT8aXgUfTH6j6qYwXMwc%2FvYj4fn%2F4j%2BEF8xlPJoYRh5p8iiaoLsNmAml4cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=322.000027
server: cloudflare
cf-ray: 775171e63965fac8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (47)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations