miniapp-payments.cdn.hqoapp.com Open in urlscan Pro
2600:9000:2250:fe00:7:8742:70c0:93a1  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response miniapp-payments.cdn.hqoapp.com/	4 KB 2 KB	62ms 14ms	Document text/html	2600:9000:2250:fe00:7:8742:70c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://miniapp-payments.cdn.hqoapp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:fe00:7:8742:70c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e3c1c200b6aac2e7fc9dad4318f544b07d22fdbdf9831cbf54cfb24ebc6adf4c Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 14 content-encoding gzip content-type text/html date Tue, 21 Feb 2023 06:47:38 GMT etag W/"b69fa1b80fbfedfa9c5535f7e73c241a" last-modified Thu, 19 Jan 2023 21:15:33 GMT server AmazonS3 vary Accept-Encoding via 1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront) x-amz-cf-id xVCJM_h7KW2f4OLbP8etPNkD2jXdy8B93q_gHTVTHVjbGcyJ_EGF-Q== x-amz-cf-pop FRA60-P2 x-amz-server-side-encryption AES256 x-amz-version-id MnCt71QgHshuxlGLJKFY0wqSPRSTkmEK x-cache Hit from cloudfront
GET H2	200	iframe-v1.min.js Show response core.spreedly.com/iframe/	77 KB 77 KB	83ms 7ms	Script text/javascript	151.101.66.182 FASTLY
General Check archive.org Show headers Download Go to Full URL https://core.spreedly.com/iframe/iframe-v1.min.js Requested by Host: miniapp-payments.cdn.hqoapp.com URL: https://miniapp-payments.cdn.hqoapp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.66.182 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 75ffc68bafddd7ac4571ed3b23ef3c0bb67d535247810a29199c609d865ebbb7 Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers accept-language de-DE,de;q=0.9 Referer https://miniapp-payments.cdn.hqoapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers x-amz-version-id null date Tue, 21 Feb 2023 06:47:51 GMT via 1.1 varnish strict-transport-security max-age=31557600 x-amz-request-id JWK3S7816P786TQG age 1521 x-cache HIT content-length 78862 x-amz-id-2 PQOMf3Wz70f6gh8EgK9U+NmTIKCzFtQ8sOTAV9TX6WmuXkJqR8GQVdxE9ihVUljuYb2qa6P4z2M= x-served-by cache-hhn-etou8220022-HHN last-modified Thu, 16 Feb 2023 20:50:50 GMT server AmazonS3 x-timer S1676962072.615921,VS0,VE0 etag "9d801986326c5837c2c2d955effefa58" content-type text/javascript accept-ranges bytes x-cache-hits 16
GET H2	200	css fonts.googleapis.com/	12 KB 1 KB	46ms 17ms	Stylesheet text/css	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900 Requested by Host: miniapp-payments.cdn.hqoapp.com URL: https://miniapp-payments.cdn.hqoapp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b345abe33a4f53c748b8b6858bbe2c0380add9fbbec748044d2e76d6f0bd681d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://miniapp-payments.cdn.hqoapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 21 Feb 2023 06:47:51 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 21 Feb 2023 05:06:03 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 21 Feb 2023 06:47:51 GMT
GET H2	200	css2 fonts.googleapis.com/	2 KB 648 B	47ms 18ms	Stylesheet text/css	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto+Condensed&display=swap Requested by Host: miniapp-payments.cdn.hqoapp.com URL: https://miniapp-payments.cdn.hqoapp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f5c0d8c6f0568e8560693747afafd5fe765d9e25f69ce330c67c148499ac1f13 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://miniapp-payments.cdn.hqoapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 21 Feb 2023 06:47:51 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 21 Feb 2023 06:47:13 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 21 Feb 2023 06:47:51 GMT
GET H2	200	main.4a6015e7.chunk.css miniapp-payments.cdn.hqoapp.com/static/css/	247 B 634 B	475ms 472ms	Stylesheet text/css	2600:9000:2250:fe00:7:8742:70c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://miniapp-payments.cdn.hqoapp.com/static/css/main.4a6015e7.chunk.css Requested by Host: miniapp-payments.cdn.hqoapp.com URL: https://miniapp-payments.cdn.hqoapp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:fe00:7:8742:70c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 55f16683cd0843fd58952bc56c21bc417476b584444ec8eba9cd92675de39ad4 Request headers accept-language de-DE,de;q=0.9 Referer https://miniapp-payments.cdn.hqoapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Tue, 21 Feb 2023 06:47:52 GMT x-amz-version-id u.LvGC4UhNvA_L9qsM_YEjzMXqFiqunb via 1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront) last-modified Thu, 19 Jan 2023 21:15:33 GMT server AmazonS3 x-amz-cf-pop FRA60-P2 etag "dde4e88eb021899d47edb1cc70e14c0a" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 247 x-amz-cf-id Pd43wWi-aZbLpjv4QK4wvE2uLHwvITTH87hPQw_GfbZzWlPYVTcmMw==
GET H2	200	2.fff04055.chunk.js Show response miniapp-payments.cdn.hqoapp.com/static/js/	7 MB 2 MB	586ms 584ms	Script application/javascript	2600:9000:2250:fe00:7:8742:70c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://miniapp-payments.cdn.hqoapp.com/static/js/2.fff04055.chunk.js Requested by Host: miniapp-payments.cdn.hqoapp.com URL: https://miniapp-payments.cdn.hqoapp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:fe00:7:8742:70c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 57c83477b85381376b6f71e2df19150e334a3aaaa691090830cca87cbdc7b9e9 Request headers accept-language de-DE,de;q=0.9 Referer https://miniapp-payments.cdn.hqoapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Tue, 21 Feb 2023 06:47:52 GMT x-amz-version-id IXYB1WQygRsSLzUw5Nh8YH4E6f3ZuvcK content-encoding gzip last-modified Thu, 19 Jan 2023 21:15:33 GMT server AmazonS3 via 1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P2 etag W/"3997f96a76d409f83905242615ab5e0d" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript x-amz-cf-id Ds2wmfR0wgJzmLqS2vBFQdvKOs0jnx6kpqJJJD1c0qxIX2UGB9r8ow==
GET H2	200	main.81cf209a.chunk.js Show response miniapp-payments.cdn.hqoapp.com/static/js/	266 KB 60 KB	475ms 474ms	Script application/javascript	2600:9000:2250:fe00:7:8742:70c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://miniapp-payments.cdn.hqoapp.com/static/js/main.81cf209a.chunk.js Requested by Host: miniapp-payments.cdn.hqoapp.com URL: https://miniapp-payments.cdn.hqoapp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2250:fe00:7:8742:70c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8b68673e833abadb30d9353acd0a24ae323b04dfddecf089dcbb806f0a762595 Request headers accept-language de-DE,de;q=0.9 Referer https://miniapp-payments.cdn.hqoapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Tue, 21 Feb 2023 06:47:52 GMT x-amz-version-id 2wAyDV9sN87kuQewIPyIbjXKMYf_z74I content-encoding gzip last-modified Thu, 19 Jan 2023 21:15:33 GMT server AmazonS3 via 1.1 375431e28d82888f474ac3665a4ceb66.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P2 etag W/"bd26c627d46d06fc9a5176f7d9592355" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript x-amz-cf-id dPH8WAaXnsMXWkQDTDoK5brzd-Nge_j5_2Q9UgOnmbqijk92sOgl_Q==
GET H2	200	pendo.js Show response cdn.pendo.io/agent/static/d4258d17-712b-43b6-71de-3b9d3571ef53/	393 KB 131 KB	96ms 28ms	Script application/javascript	2600:9000:2204:fc00:1f:aa31:7740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.pendo.io/agent/static/d4258d17-712b-43b6-71de-3b9d3571ef53/pendo.js Requested by Host: miniapp-payments.cdn.hqoapp.com URL: https://miniapp-payments.cdn.hqoapp.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2204:fc00:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software UploadServer / Resource Hash ad4595ee76256dd0692a50451953c6e2eb77c8cff86d6a02b313d21614d90845 Request headers accept-language de-DE,de;q=0.9 Referer https://miniapp-payments.cdn.hqoapp.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Tue, 21 Feb 2023 06:47:52 GMT content-encoding gzip via 1.1 ff991951152c9edc076607bc5a471612.cloudfront.net (CloudFront) x-amz-cf-pop AMS50-C1 age 53 x-guploader-uploadid ADPycdt3q0H3GOxJEZte1hoPi68RdemVW4yIC5IkYf89wJg-6V3ILuCBauAlSiwmJZSHZ5JYrd3mBrepVBMUg68IMDxWBw x-cache Hit from cloudfront x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding gzip content-length 132991 last-modified Fri, 17 Feb 2023 21:19:16 GMT server UploadServer etag "6f8ee920b89b0d4a74b35d52418bffd4" vary Accept-Encoding x-goog-generation 1676668756395934 content-type application/javascript access-control-allow-origin * x-goog-hash crc32c=GQDqrw==, md5=b47pILibDUp0s11SQYv/1A== access-control-expose-headers * cache-control max-age=450 x-goog-stored-content-length 132991 accept-ranges bytes x-amz-cf-id C7HW2eJKJ-llU5OE-vrcTuN4ZHK6n6RSzSn8IKY5_oofTKb9MdQw3w== expires Tue, 21 Feb 2023 06:54:29 GMT
OPTIONS H2	200	5f492e6d97411f0985fba279 app.launchdarkly.com/sdk/goals/	0 0	304ms 271ms	Preflight	151.101.66.217 FASTLY
General Check archive.org Show headers Download Go to Full URL https://app.launchdarkly.com/sdk/goals/5f492e6d97411f0985fba279 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.66.217 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Headers x-launchdarkly-user-agent,x-launchdarkly-wrapper Access-Control-Request-Method GET Origin https://miniapp-payments.cdn.hqoapp.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers accept-ranges bytes access-control-allow-headers Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags access-control-allow-methods GET, OPTIONS, HEAD access-control-allow-origin * access-control-max-age 3600 age 0 allow GET, OPTIONS, HEAD content-encoding gzip content-length 23 date Tue, 21 Feb 2023 06:47:53 GMT ld-region us-east-1 strict-transport-security max-age=31536000 vary Accept-Encoding via 1.1 varnish x-cache MISS x-cache-hits 0 x-served-by cache-hhn-etou8220054-HHN x-timer S1676962073.370803,VS0,VE265
GET H2	200	5f492e6d97411f0985fba279 Show response app.launchdarkly.com/sdk/goals/	2 B 177 B	102ms 102ms	XHR application/json	151.101.66.217 FASTLY
General Check archive.org Show headers Download Go to Full URL https://app.launchdarkly.com/sdk/goals/5f492e6d97411f0985fba279 Requested by Host: miniapp-payments.cdn.hqoapp.com URL: https://miniapp-payments.cdn.hqoapp.com/static/js/2.fff04055.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.66.217 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://miniapp-payments.cdn.hqoapp.com/ X-LaunchDarkly-Wrapper react-client-sdk/2.26.0 accept-language de-DE,de;q=0.9 X-LaunchDarkly-User-Agent JSClient/2.22.1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip via 1.1 varnish date Tue, 21 Feb 2023 06:47:53 GMT content-md5 d751713988987e9331980363e24189ce age 0 x-cache MISS content-length 26 x-served-by cache-hhn-etou8220054-HHN x-timer S1676962074.642976,VS0,VE94 etag "d751713988987e9331980363e24189ce" ld-region us-east-1 access-control-max-age 300 access-control-allow-methods GET, OPTIONS, HEAD content-type application/json access-control-allow-origin * cache-control max-age=0 vary Accept-Encoding accept-ranges bytes access-control-allow-headers Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags x-cache-hits 0
GET H2	200	eyJrZXkiOiJhbm9ueW1vdXNAaHFvLmNvIiwiYW5vbnltb3VzIjp0cnVlfQ Show response app.launchdarkly.com/sdk/evalx/5f492e6d97411f0985fba279/users/	6 KB 1 KB	763ms 763ms	XHR application/json	151.101.66.217 FASTLY
General Check archive.org Show headers Download Go to Full URL https://app.launchdarkly.com/sdk/evalx/5f492e6d97411f0985fba279/users/eyJrZXkiOiJhbm9ueW1vdXNAaHFvLmNvIiwiYW5vbnltb3VzIjp0cnVlfQ Requested by Host: miniapp-payments.cdn.hqoapp.com URL: https://miniapp-payments.cdn.hqoapp.com/static/js/2.fff04055.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.66.217 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 8294e2576bb3c91e450560efaf038e0b8d87eaf5ec30f6e1b8955c1c31438927 Request headers Referer https://miniapp-payments.cdn.hqoapp.com/ X-LaunchDarkly-Wrapper react-client-sdk/2.26.0 accept-language de-DE,de;q=0.9 X-LaunchDarkly-User-Agent JSClient/2.22.1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Tue, 21 Feb 2023 06:47:54 GMT content-encoding gzip via 1.1 varnish age 0 x-cache MISS content-length 872 x-served-by cache-hhn-etou8220087-HHN, cache-hhn-etou8220054-HHN x-timer S1676962074.735541,VS0,VE756 etag "636dbb" access-control-max-age 3600 access-control-allow-methods OPTIONS, GET content-type application/json access-control-allow-origin * cache-control max-age=0 vary Authorization, Accept-Encoding accept-ranges bytes access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version x-cache-hits 0
OPTIONS H2	200	eyJrZXkiOiJhbm9ueW1vdXNAaHFvLmNvIiwiYW5vbnltb3VzIjp0cnVlfQ app.launchdarkly.com/sdk/evalx/5f492e6d97411f0985fba279/users/	0 0	395ms 364ms	Preflight	151.101.66.217 FASTLY
General Check archive.org Show headers Download Go to Full URL https://app.launchdarkly.com/sdk/evalx/5f492e6d97411f0985fba279/users/eyJrZXkiOiJhbm9ueW1vdXNAaHFvLmNvIiwiYW5vbnltb3VzIjp0cnVlfQ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.66.217 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Headers x-launchdarkly-user-agent,x-launchdarkly-wrapper Access-Control-Request-Method GET Origin https://miniapp-payments.cdn.hqoapp.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers accept-ranges bytes access-control-allow-headers Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags access-control-allow-methods GET, OPTIONS, HEAD access-control-allow-origin * access-control-max-age 3600 age 0 allow GET, OPTIONS, HEAD content-encoding gzip content-length 23 date Tue, 21 Feb 2023 06:47:53 GMT ld-region us-east-1 strict-transport-security max-age=31536000 vary Accept-Encoding via 1.1 varnish x-cache MISS x-cache-hits 0 x-served-by cache-hhn-etou8220054-HHN x-timer S1676962073.370896,VS0,VE353
POST H2	202	5f492e6d97411f0985fba279 Show response events.launchdarkly.com/events/diagnostic/	0 344 B	93ms 93ms	XHR application/json	34.198.76.125 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://events.launchdarkly.com/events/diagnostic/5f492e6d97411f0985fba279 Requested by Host: miniapp-payments.cdn.hqoapp.com URL: https://miniapp-payments.cdn.hqoapp.com/static/js/2.fff04055.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.198.76.125 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-198-76-125.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://miniapp-payments.cdn.hqoapp.com/ X-LaunchDarkly-Wrapper react-client-sdk/2.26.0 accept-language de-DE,de;q=0.9 X-LaunchDarkly-User-Agent JSClient/2.22.1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/json Response headers date Tue, 21 Feb 2023 06:47:53 GMT strict-transport-security max-age=31536000 access-control-max-age 300 access-control-allow-methods POST,OPTIONS content-type application/json access-control-allow-origin * access-control-expose-headers Date access-control-allow-headers Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags content-length 0
OPTIONS H2	204	5f492e6d97411f0985fba279 events.launchdarkly.com/events/diagnostic/	0 0	278ms 90ms	Preflight	34.198.76.125 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://events.launchdarkly.com/events/diagnostic/5f492e6d97411f0985fba279 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.198.76.125 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-198-76-125.compute-1.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Headers content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper Access-Control-Request-Method POST Origin https://miniapp-payments.cdn.hqoapp.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers access-control-allow-headers Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags access-control-allow-methods POST,OPTIONS access-control-allow-origin * access-control-expose-headers Date access-control-max-age 300 date Tue, 21 Feb 2023 06:47:53 GMT strict-transport-security max-age=31536000
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	16 KB 16 KB	29ms 7ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://miniapp-payments.cdn.hqoapp.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Thu, 16 Feb 2023 05:21:08 GMT x-content-type-options nosniff age 437206 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 16 Feb 2024 05:21:08 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 15 KB	31ms 9ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://miniapp-payments.cdn.hqoapp.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 01:29:06 GMT x-content-type-options nosniff age 105528 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 20 Feb 2024 01:29:06 GMT
GET H2	200	eyJrZXkiOiJhbm9ueW1vdXNAaHFvLmNvIiwiYW5vbnltb3VzIjp0cnVlfQ clientstream.launchdarkly.com/eval/5f492e6d97411f0985fba279/	6 KB 0	166ms 42ms	EventSource text/event-stream	76.223.31.44 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://clientstream.launchdarkly.com/eval/5f492e6d97411f0985fba279/eyJrZXkiOiJhbm9ueW1vdXNAaHFvLmNvIiwiYW5vbnltb3VzIjp0cnVlfQ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 76.223.31.44 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a1370dc23e25e46ce.awsglobalaccelerator.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept text/event-stream Cache-Control no-cache Referer https://miniapp-payments.cdn.hqoapp.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Tue, 21 Feb 2023 06:47:54 GMT strict-transport-security max-age=31536000 ld-region eu-west-1 access-control-max-age 300 access-control-allow-methods GET,OPTIONS content-type text/event-stream; charset=utf-8 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate accept-ranges bytes access-control-allow-headers Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper
POST H2	202	5f492e6d97411f0985fba279 Show response events.launchdarkly.com/events/bulk/	0 344 B	94ms 93ms	XHR application/json	34.198.76.125 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://events.launchdarkly.com/events/bulk/5f492e6d97411f0985fba279 Requested by Host: miniapp-payments.cdn.hqoapp.com URL: https://miniapp-payments.cdn.hqoapp.com/static/js/2.fff04055.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.198.76.125 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-198-76-125.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers X-LaunchDarkly-Payload-ID ab8780c0-b1b3-11ed-bb51-0b04a9ec169e X-LaunchDarkly-Event-Schema 3 accept-language de-DE,de;q=0.9 X-LaunchDarkly-User-Agent JSClient/2.22.1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Content-Type application/json Referer https://miniapp-payments.cdn.hqoapp.com/ X-LaunchDarkly-Wrapper react-client-sdk/2.26.0 Response headers date Tue, 21 Feb 2023 06:47:55 GMT strict-transport-security max-age=31536000 access-control-max-age 300 access-control-allow-methods POST,OPTIONS content-type application/json access-control-allow-origin * access-control-expose-headers Date access-control-allow-headers Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags content-length 0
OPTIONS H2	204	5f492e6d97411f0985fba279 events.launchdarkly.com/events/bulk/	0 0	93ms 92ms	Preflight	34.198.76.125 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://events.launchdarkly.com/events/bulk/5f492e6d97411f0985fba279 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.198.76.125 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-198-76-125.compute-1.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept */* Access-Control-Request-Headers content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent,x-launchdarkly-wrapper Access-Control-Request-Method POST Origin https://miniapp-payments.cdn.hqoapp.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers access-control-allow-headers Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags access-control-allow-methods POST,OPTIONS access-control-allow-origin * access-control-expose-headers Date access-control-max-age 300 date Tue, 21 Feb 2023 06:47:55 GMT strict-transport-security max-age=31536000

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange object| regeneratorRuntime object| Spreedly function| SpreedlyPaymentFrame object| pendo object| webpackJsonpminiapp-payments function| setImmediate function| clearImmediate object| FontAwesomeConfig object| ___FONT_AWESOME___ number| 2f1acc6c3a606b082e5eef5e54414ffb object| core object| __core-js_shared__

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.launchdarkly.com
cdn.pendo.io
clientstream.launchdarkly.com
core.spreedly.com
events.launchdarkly.com
fonts.googleapis.com
fonts.gstatic.com
miniapp-payments.cdn.hqoapp.com
151.101.66.182
151.101.66.217
2600:9000:2204:fc00:1f:aa31:7740:93a1
2600:9000:2250:fe00:7:8742:70c0:93a1
2a00:1450:4001:813::2003
2a00:1450:4001:830::200a
34.198.76.125
76.223.31.44
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
55f16683cd0843fd58952bc56c21bc417476b584444ec8eba9cd92675de39ad4
57c83477b85381376b6f71e2df19150e334a3aaaa691090830cca87cbdc7b9e9
75ffc68bafddd7ac4571ed3b23ef3c0bb67d535247810a29199c609d865ebbb7
8294e2576bb3c91e450560efaf038e0b8d87eaf5ec30f6e1b8955c1c31438927
8b68673e833abadb30d9353acd0a24ae323b04dfddecf089dcbb806f0a762595
ad4595ee76256dd0692a50451953c6e2eb77c8cff86d6a02b313d21614d90845
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b345abe33a4f53c748b8b6858bbe2c0380add9fbbec748044d2e76d6f0bd681d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c1c200b6aac2e7fc9dad4318f544b07d22fdbdf9831cbf54cfb24ebc6adf4c
f5c0d8c6f0568e8560693747afafd5fe765d9e25f69ce330c67c148499ac1f13
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615