Submitted URL: https://uat.accounts.haymarket.media/
Effective URL: https://uat.accounts.haymarket.media/Identity/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DStripePayment.W...
Submission: On December 12 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 12 IPs in 3 countries across 8 domains to perform 76 HTTP transactions. The main IP is 18.136.167.242, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is uat.accounts.haymarket.media.
TLS certificate: Issued by Amazon on January 11th 2021. Valid for: a year.
This is the only time uat.accounts.haymarket.media was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
37 uat.accounts.haymarket.media 3 redirects uat.accounts.haymarket.media
6 www.gstatic.com www.recaptcha.net
www.gstatic.com
6 q.stripe.com uat.accounts.haymarket.media
6 js.stripe.com uat.accounts.haymarket.media
js.stripe.com
5 fonts.gstatic.com fonts.googleapis.com
www.recaptcha.net
4 www.recaptcha.net uat.accounts.haymarket.media
www.gstatic.com
4 m.stripe.network js.stripe.com
m.stripe.network
3 embed.typeform.com uat.accounts.haymarket.media
3 fonts.googleapis.com uat.accounts.haymarket.media
2 cdnjs.cloudflare.com uat.accounts.haymarket.media
2 m.stripe.com m.stripe.network
76 11

This site contains links to these domains. Also see Links.

Domain
form.typeform.com
Subject Issuer Validity Valid
uat.accounts.haymarket.media
Amazon
2021-01-11 -
2022-02-09
a year crt.sh
upload.video.google.com
GTS CA 1C3
2021-11-08 -
2022-01-31
3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2021-10-21 -
2022-02-02
3 months crt.sh
*.typeform.com
Amazon
2021-10-31 -
2022-11-28
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-11-08 -
2022-01-31
3 months crt.sh
*.stripe.com
DigiCert SHA2 Secure Server CA
2021-09-08 -
2022-09-07
a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1
2021-10-20 -
2022-02-02
3 months crt.sh
misc.google.com
GTS CA 1C3
2021-11-08 -
2022-01-31
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-09-21 -
2022-09-20
a year crt.sh

This page contains 8 frames:

Primary Page: https://uat.accounts.haymarket.media/Identity/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DStripePayment.Web%26redirect_uri%3Dhttps%253A%252F%252Fuat.accounts.haymarket.media%252Fauthentication%252Flogin-callback%26response_type%3Dcode%26scope%3DStripePayment.WebAPI%2520openid%2520profile%26state%3D70d9a25ee4964b1f9581939283790094%26code_challenge%3DArX74iwTZm-fdPBjEa6rs9jSXlxABXz0klKjhzkY_lY%26code_challenge_method%3DS256%26response_mode%3Dquery
Frame ID: CFF64AE9B39DFBF7B66C56E80BFA0892
Requests: 32 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
Frame ID: A732B038868FD7AC861F3E1DC2A6C047
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 6113E98F0664870008447ED04B0BB446
Requests: 5 HTTP requests in this frame

Frame: https://uat.accounts.haymarket.media/
Frame ID: 740C7227D16B9EC8987CF0995ECFAF67
Requests: 19 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
Frame ID: 01AB95FB61A618D5D2293A1AD1D48BC6
Requests: 3 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 4765B85E025E500241A1763F3EFECD73
Requests: 5 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdR7IwUAAAAAMeX6GMr6Vqo4s1C19WEdRFg7p98&co=aHR0cHM6Ly91YXQuYWNjb3VudHMuaGF5bWFya2V0Lm1lZGlhOjQ0Mw..&hl=en&v=rPvs0Nyx3sANE-ZHUN-0nM85&theme=light&size=normal&cb=u03ndzvnc5j1
Frame ID: 28CCB5BA000A623B07BF76EF30925BFC
Requests: 8 HTTP requests in this frame

Frame: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=rPvs0Nyx3sANE-ZHUN-0nM85&k=6LdR7IwUAAAAAMeX6GMr6Vqo4s1C19WEdRFg7p98
Frame ID: 682721AEF9397B1C9168BFFC41311DF0
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Sign In - Haymarket Account

Page URL History Show full URLs

  1. https://uat.accounts.haymarket.media/ HTTP 307
    https://uat.accounts.haymarket.media/manage Page URL
  2. https://uat.accounts.haymarket.media/connect/authorize?client_id=StripePayment.Web&redirect_uri=https%3A%2F%2Fuat... HTTP 302
    https://uat.accounts.haymarket.media/Identity/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_... Page URL

Page Statistics

76
Requests

99 %
HTTPS

64 %
IPv6

8
Domains

11
Subdomains

12
IPs

3
Countries

2628 kB
Transfer

6861 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://uat.accounts.haymarket.media/ HTTP 307
    https://uat.accounts.haymarket.media/manage Page URL
  2. https://uat.accounts.haymarket.media/connect/authorize?client_id=StripePayment.Web&redirect_uri=https%3A%2F%2Fuat.accounts.haymarket.media%2Fauthentication%2Flogin-callback&response_type=code&scope=StripePayment.WebAPI%20openid%20profile&state=70d9a25ee4964b1f9581939283790094&code_challenge=ArX74iwTZm-fdPBjEa6rs9jSXlxABXz0klKjhzkY_lY&code_challenge_method=S256&response_mode=query HTTP 302
    https://uat.accounts.haymarket.media/Identity/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DStripePayment.Web%26redirect_uri%3Dhttps%253A%252F%252Fuat.accounts.haymarket.media%252Fauthentication%252Flogin-callback%26response_type%3Dcode%26scope%3DStripePayment.WebAPI%2520openid%2520profile%26state%3D70d9a25ee4964b1f9581939283790094%26code_challenge%3DArX74iwTZm-fdPBjEa6rs9jSXlxABXz0klKjhzkY_lY%26code_challenge_method%3DS256%26response_mode%3Dquery Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://uat.accounts.haymarket.media/ HTTP 307
  • https://uat.accounts.haymarket.media/manage
Request Chain 27
  • https://uat.accounts.haymarket.media/connect/authorize?client_id=StripePayment.Web&redirect_uri=https%3A%2F%2Fuat.accounts.haymarket.media%2Fauthentication%2Flogin-callback&response_type=code&scope=StripePayment.WebAPI%20openid%20profile&state=b25047b012c8465a9127d002d033d784&code_challenge=C2qak7KAYZEuSjkqBULcNJ7wk-JPt50C5V2JOTVXzmc&code_challenge_method=S256&prompt=none&response_mode=query HTTP 302
  • https://uat.accounts.haymarket.media/authentication/login-callback?error=login_required&state=b25047b012c8465a9127d002d033d784

76 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
manage
uat.accounts.haymarket.media/
Redirect Chain
  • https://uat.accounts.haymarket.media/
  • https://uat.accounts.haymarket.media/manage
5 KB
3 KB
Document
General
Full URL
https://uat.accounts.haymarket.media/manage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.167.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-167-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
eb4fb369a44b55dab561d3a2d61cd195adb1a1b6f53b095971f089fab37652d3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Dec 2021 00:21:29 GMT
content-type
text/html
content-encoding
gzip
last-modified
Mon, 29 Nov 2021 07:19:52 GMT
accept-ranges
bytes
etag
"1d7e4f18036094a"
vary
Accept-Encoding
server
strict-transport-security
max-age=2592000

Redirect headers

date
Sun, 12 Dec 2021 00:21:29 GMT
location
/manage
server
strict-transport-security
max-age=2592000
css2
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;700&display=swap
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/manage
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5c0fa704524cebac28ecc9aa8a2ad43d4d2d5e48980fdeec93253d6d9c61e98a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uat.accounts.haymarket.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 11 Dec 2021 22:28:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 12 Dec 2021 00:21:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 12 Dec 2021 00:21:30 GMT
6.2364977d.chunk.css
uat.accounts.haymarket.media/static/css/
8 KB
3 KB
Stylesheet
General
Full URL
https://uat.accounts.haymarket.media/static/css/6.2364977d.chunk.css
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/manage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.167.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-167-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
08de603056e51c242902e60277b47a6a2b985f26b5c3132597026967b60f901e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uat.accounts.haymarket.media/manage
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:21:30 GMT
content-encoding
gzip
last-modified
Mon, 29 Nov 2021 07:19:52 GMT
server
etag
"1d7e4f18036029f"
vary
Accept-Encoding
content-type
text/css
strict-transport-security
max-age=2592000
accept-ranges
bytes
/
js.stripe.com/v3/
268 KB
71 KB
Script
General
Full URL
https://js.stripe.com/v3/
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/manage
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-110.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
bfe2063596ec06fce236c9b6b65ca2ba0c7194f7431154ab7c6f952981388930
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uat.accounts.haymarket.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
46
x-cache
Hit from cloudfront
date
Sun, 12 Dec 2021 00:20:45 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
last-modified
Fri, 10 Dec 2021 21:30:54 GMT
server
Cloudfront
etag
W/"ad75a91c7414d0f6265ddc6ddc661dfc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
FRA6-C1
timing-allow-origin
*
x-amz-cf-id
YBU6H7A0z6FKkYctKBfW_fjzV48JXgiDbz6BZJKa9nE8bI1x91jSsA==
6.89878908.chunk.js
uat.accounts.haymarket.media/static/js/
1 MB
463 KB
Script
General
Full URL
https://uat.accounts.haymarket.media/static/js/6.89878908.chunk.js
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/manage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.167.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-167-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ea6bbde13e922359614715544f60fd919d590d2fb28ed4787802eaad16a50b23
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uat.accounts.haymarket.media/manage
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:21:30 GMT
content-encoding
gzip
last-modified
Mon, 29 Nov 2021 07:19:52 GMT
server
etag
"1d7e4f180228e58"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=2592000
accept-ranges
bytes
main.cadb3ba9.chunk.js
uat.accounts.haymarket.media/static/js/
348 KB
92 KB
Script
General
Full URL
https://uat.accounts.haymarket.media/static/js/main.cadb3ba9.chunk.js
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/manage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.167.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-167-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
9e8b75eb2284cf50963e9b1959c0c17e131dbfd8bb559aaa73a1aaaab307a245
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uat.accounts.haymarket.media/manage
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:21:30 GMT
content-encoding
gzip
last-modified
Mon, 29 Nov 2021 07:19:52 GMT
server
etag
"1d7e4f180336d38"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=2592000
accept-ranges
bytes
embed.js
embed.typeform.com/
166 KB
54 KB
Script
General
Full URL
https://embed.typeform.com/embed.js
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/manage
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6400:2:c605:29c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e5a06d30f076b8f2528468513a6c4c5ab7dd4e6d7906917662908d58f4ace6aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uat.accounts.haymarket.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:18:33 GMT
content-encoding
gzip
last-modified
Mon, 23 Aug 2021 12:13:14 GMT
server
AmazonS3
age
277
etag
W/"33702e05c8b925fd7fdba3817fd31af9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
zsIJJ6suDTlF0TgBdNjskOvdxQPppeuOvkzlR7uQ91mm-sIZZnmYLg==
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/
19 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://uat.accounts.haymarket.media
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 04:37:19 GMT
x-content-type-options
nosniff
age
330252
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 08 Dec 2022 04:37:19 GMT
StripePayment.Web
uat.accounts.haymarket.media/_configuration/
334 B
454 B
Fetch
General
Full URL
https://uat.accounts.haymarket.media/_configuration/StripePayment.Web
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/static/js/main.cadb3ba9.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.167.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-167-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
88fe85f1bdd085d3d3e2655db83376fd9eee087c1c5fff95764e8b1a65827106
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uat.accounts.haymarket.media/manage
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:21:31 GMT
server
content-length
334
strict-transport-security
max-age=2592000
content-type
application/json; charset=utf-8
m-outer-f7902241893e7a497417843cb15dc858.html
js.stripe.com/v3/ Frame A732
240 B
958 B
Document
General
Full URL
https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-110.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
1969520bd7b0ea7b84b1cbdda4a8ae93c321abe6eaeff82b5fa496680bf88a0f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://uat.accounts.haymarket.media/

Response headers

content-type
text/html; charset=utf-8
content-length
240
last-modified
Wed, 27 Oct 2021 22:19:31 GMT
accept-ranges
bytes
server
Cloudfront
access-control-allow-origin
*
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-security-policy
default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
timing-allow-origin
*
date
Sun, 12 Dec 2021 00:20:33 GMT
cache-control
max-age=60
etag
"f7902241893e7a497417843cb15dc858"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
SbcM15LUB7F9j-cnBiD5Ggqe1nQL_zQVkLveJ17pSXM60mUHfGveSw==
age
59
csp-report
q.stripe.com/ Frame A732
0
347 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/manage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://js.stripe.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 12 Dec 2021 00:21:31 GMT
server
nginx
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
x-envoy-upstream-service-time
2
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length
0
m-outer-639174098ea8fe7fede6fa654790e8ec.js
js.stripe.com/v3/fingerprinted/js/ Frame A732
1 KB
1 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-110.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
52
x-cache
Hit from cloudfront
date
Sun, 12 Dec 2021 00:20:40 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
last-modified
Mon, 25 Oct 2021 19:35:20 GMT
server
Cloudfront
etag
W/"5213886b88cd72e6d0aebc89868e5d13"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
FRA6-C1
timing-allow-origin
*
x-amz-cf-id
cfYr2_yj54K5UJpiE9Mm-PSaNDl0-1nf8qtlUkBTy2VAhNMkHPOUkg==
inner.html
m.stripe.network/ Frame 6113
932 B
2 KB
Document
General
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ea00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/

Response headers

content-type
text/html; charset=utf-8
content-length
932
last-modified
Thu, 04 Nov 2021 19:04:57 GMT
accept-ranges
bytes
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
x-content-type-options
nosniff
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://m.stripe.com; default-src 'none'; font-src 'self'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; script-src 'self' 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy
connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
date
Sun, 12 Dec 2021 00:16:41 GMT
cache-control
max-age=300, public
etag
"f6254e6dd0cb06228801a1c8baf0939f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
nQ4bdtnG8nS75yKTeg6LALDRLcwsFoHFNvgy0s75P7CN-IuZbvlofQ==
age
291
csp-report
q.stripe.com/ Frame 6113
0
120 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/manage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://m.stripe.network/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 12 Dec 2021 00:21:31 GMT
x-envoy-upstream-service-time
6
server
nginx
content-length
0
strict-transport-security
max-age=31556926; includeSubDomains; preload
csp-report
q.stripe.com/ Frame 6113
0
120 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/manage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://m.stripe.network/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 12 Dec 2021 00:21:31 GMT
x-envoy-upstream-service-time
5
server
nginx
content-length
0
strict-transport-security
max-age=31556926; includeSubDomains; preload
out-4.5.41.js
m.stripe.network/ Frame 6113
85 KB
14 KB
Script
General
Full URL
https://m.stripe.network/out-4.5.41.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ea00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
7
x-cache
Hit from cloudfront
date
Sun, 12 Dec 2021 00:21:24 GMT
last-modified
Thu, 04 Nov 2021 19:04:57 GMT
server
Cloudfront
etag
W/"2db385faf28cf5f9393cf01a0a1edfa2"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
cache-control
max-age=300, public
x-amz-cf-pop
FRA6-C1
timing-allow-origin
*
x-amz-cf-id
NvVTipS-7jd0VmBsn_C4-nQSP9vDsOyFlLs9XHiRIitllNLwp24HIg==
6
m.stripe.com/ Frame 6113
156 B
523 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.41.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.40.8.68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-40-8-68.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4d0bf3c52d0f07df3abc595aaec26d8f28f04e55c9bd12c58f8f01ada59529fb
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 12 Dec 2021 00:21:31 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
1.a4fcdf2f.chunk.js
uat.accounts.haymarket.media/static/js/
48 KB
21 KB
Script
General
Full URL
https://uat.accounts.haymarket.media/static/js/1.a4fcdf2f.chunk.js
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/manage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.167.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-167-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
d48eed0f6b78183b60c766948b49cd87bc5e58b697cf119b39c922df684638fd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uat.accounts.haymarket.media/manage
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:21:31 GMT
content-encoding
gzip
last-modified
Mon, 29 Nov 2021 07:19:52 GMT
server
etag
"1d7e4f18036a2b1"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=2592000
accept-ranges
bytes
3.95730875.chunk.js
uat.accounts.haymarket.media/static/js/
51 KB
21 KB
Script
General
Full URL
https://uat.accounts.haymarket.media/static/js/3.95730875.chunk.js
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/manage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.167.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-167-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
1259c5970468ac12f1a357f135fe421958de56261dc89b65214c03c9a2041be6
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uat.accounts.haymarket.media/manage
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:21:31 GMT
content-encoding
gzip
last-modified
Mon, 29 Nov 2021 07:19:52 GMT
server
etag
"1d7e4f18036d098"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=2592000
accept-ranges
bytes
2.80614b39.chunk.js
uat.accounts.haymarket.media/static/js/
69 KB
23 KB
Script
General
Full URL
https://uat.accounts.haymarket.media/static/js/2.80614b39.chunk.js
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/manage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.167.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-167-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
92554ff9a1727a65eac0e107d7edcf85b13dbeae79006ffedce0c22b13457b94
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uat.accounts.haymarket.media/manage
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:21:31 GMT
content-encoding
gzip
last-modified
Mon, 29 Nov 2021 07:19:52 GMT
server
etag
"1d7e4f180370eca"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=2592000
accept-ranges
bytes
0.52fa99a6.chunk.js
uat.accounts.haymarket.media/static/js/
41 KB
10 KB
Script
General
Full URL
https://uat.accounts.haymarket.media/static/js/0.52fa99a6.chunk.js
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/manage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.167.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-167-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
71adee4ce0e18cc51e8253fdb2f39566ceef0a0001d58b0533cf2d852fef5a99
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uat.accounts.haymarket.media/manage
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:21:31 GMT
content-encoding
gzip
last-modified
Mon, 29 Nov 2021 07:19:52 GMT
server
etag
"1d7e4f18036b80c"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=2592000
accept-ranges
bytes
metadata
uat.accounts.haymarket.media/api/v1/
68 KB
69 KB
XHR
General
Full URL
https://uat.accounts.haymarket.media/api/v1/metadata
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/static/js/6.89878908.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.167.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-167-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
36b8319475c1e97926a9d3a007b83fdb023d113f73875866f33637ba9f95630c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
application/json, text/plain, */*
Referer
https://uat.accounts.haymarket.media/manage
authorization
Bearer null
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:21:32 GMT
server
strict-transport-security
max-age=2592000
content-length
70012
api-supported-versions
1.0
content-type
application/json; charset=utf-8
en
uat.accounts.haymarket.media/api/v1/locales/
37 KB
37 KB
XHR
General
Full URL
https://uat.accounts.haymarket.media/api/v1/locales/en?DocumentPath=html
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/static/js/6.89878908.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.167.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-167-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
c8adb7f8b75ab7da488599d1ce8c05333b3a2e6802e48a5eb682421341cbca7c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
application/json, text/plain, */*
Referer
https://uat.accounts.haymarket.media/manage
authorization
Bearer null
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:21:32 GMT
server
strict-transport-security
max-age=2592000
content-length
37863
api-supported-versions
1.0
content-type
application/json; charset=utf-8
zh-CN
uat.accounts.haymarket.media/api/v1/locales/
37 KB
37 KB
XHR
General
Full URL
https://uat.accounts.haymarket.media/api/v1/locales/zh-CN?DocumentPath=html
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/static/js/6.89878908.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.167.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-167-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
b4ec3dd55e9cf1491d8c2daa904f7346e7b11833e595f2378dfb97435c49f31e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
application/json, text/plain, */*
Referer
https://uat.accounts.haymarket.media/manage
authorization
Bearer null
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:21:32 GMT
server
strict-transport-security
max-age=2592000
content-length
37866
api-supported-versions
1.0
content-type
application/json; charset=utf-8
ja
uat.accounts.haymarket.media/api/v1/locales/
37 KB
37 KB
XHR
General
Full URL
https://uat.accounts.haymarket.media/api/v1/locales/ja?DocumentPath=html
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/static/js/6.89878908.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.167.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-167-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
53c08c62b91b0843df853dd0232c423bc811333bd39bba248b27145765787d20
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
application/json, text/plain, */*
Referer
https://uat.accounts.haymarket.media/manage
authorization
Bearer null
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:21:32 GMT
server
strict-transport-security
max-age=2592000
content-length
37863
api-supported-versions
1.0
content-type
application/json; charset=utf-8
accent
uat.accounts.haymarket.media/api/v1/locales/
94 B
234 B
XHR
General
Full URL
https://uat.accounts.haymarket.media/api/v1/locales/accent?DocumentPath=html
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/static/js/6.89878908.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.167.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-167-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
b515306db57d0143100478e135f10b311fab8f53850dcf7e564148028a8aad26
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
application/json, text/plain, */*
Referer
https://uat.accounts.haymarket.media/manage
authorization
Bearer null
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:21:32 GMT
server
strict-transport-security
max-age=2592000
content-length
94
api-supported-versions
1.0
content-type
application/json; charset=utf-8
openid-configuration
uat.accounts.haymarket.media/.well-known/
2 KB
2 KB
XHR
General
Full URL
https://uat.accounts.haymarket.media/.well-known/openid-configuration
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/static/js/6.89878908.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.167.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-167-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
43ce97820f353b03be535e6d9011ab3601d0e41aada39c9b9730e38746b2e46f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uat.accounts.haymarket.media/authentication/login?returnUrl=https://uat.accounts.haymarket.media/manage
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:21:32 GMT
server
strict-transport-security
max-age=2592000
content-type
application/json; charset=UTF-8
login-callback
uat.accounts.haymarket.media/authentication/ Frame 740C
Redirect Chain
  • https://uat.accounts.haymarket.media/connect/authorize?client_id=StripePayment.Web&redirect_uri=https%3A%2F%2Fuat.accounts.haymarket.media%2Fauthentication%2Flogin-callback&response_type=code&scope...
  • https://uat.accounts.haymarket.media/authentication/login-callback?error=login_required&state=b25047b012c8465a9127d002d033d784
5 KB
3 KB
Document
General
Full URL
https://uat.accounts.haymarket.media/authentication/login-callback?error=login_required&state=b25047b012c8465a9127d002d033d784
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/static/js/6.89878908.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.167.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-167-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
eb4fb369a44b55dab561d3a2d61cd195adb1a1b6f53b095971f089fab37652d3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

date
Sun, 12 Dec 2021 00:21:33 GMT
content-type
text/html
content-length
3068
content-encoding
gzip
last-modified
Mon, 29 Nov 2021 07:19:52 GMT
accept-ranges
bytes
etag
"1d7e4f18036094a"
vary
Accept-Encoding
server
strict-transport-security
max-age=2592000

Redirect headers

date
Sun, 12 Dec 2021 00:21:33 GMT
location
https://uat.accounts.haymarket.media/authentication/login-callback?error=login_required&state=b25047b012c8465a9127d002d033d784#_=_
cache-control
no-store, no-cache, max-age=0
pragma
no-cache
server
strict-transport-security
max-age=2592000
css2
fonts.googleapis.com/ Frame 740C
7 KB
758 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;700&display=swap
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/authentication/login-callback?error=login_required&state=b25047b012c8465a9127d002d033d784
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5c0fa704524cebac28ecc9aa8a2ad43d4d2d5e48980fdeec93253d6d9c61e98a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uat.accounts.haymarket.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 11 Dec 2021 23:04:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 12 Dec 2021 00:21:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 12 Dec 2021 00:21:33 GMT
6.2364977d.chunk.css
uat.accounts.haymarket.media/static/css/ Frame 740C
8 KB
3 KB
Stylesheet
General
Full URL
https://uat.accounts.haymarket.media/static/css/6.2364977d.chunk.css
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/authentication/login-callback?error=login_required&state=b25047b012c8465a9127d002d033d784
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.167.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-167-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
08de603056e51c242902e60277b47a6a2b985f26b5c3132597026967b60f901e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uat.accounts.haymarket.media/authentication/login-callback?error=login_required&state=b25047b012c8465a9127d002d033d784
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:21:33 GMT
content-encoding
gzip
last-modified
Mon, 29 Nov 2021 07:19:52 GMT
server
etag
"1d7e4f18036029f"
vary
Accept-Encoding
content-type
text/css
strict-transport-security
max-age=2592000
accept-ranges
bytes
content-length
2494
/
js.stripe.com/v3/ Frame 740C
268 KB
71 KB
Script
General
Full URL
https://js.stripe.com/v3/
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/authentication/login-callback?error=login_required&state=b25047b012c8465a9127d002d033d784
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-110.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
bfe2063596ec06fce236c9b6b65ca2ba0c7194f7431154ab7c6f952981388930
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uat.accounts.haymarket.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
49
x-cache
Hit from cloudfront
date
Sun, 12 Dec 2021 00:20:45 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
last-modified
Fri, 10 Dec 2021 21:30:54 GMT
server
Cloudfront
etag
W/"ad75a91c7414d0f6265ddc6ddc661dfc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
FRA6-C1
timing-allow-origin
*
x-amz-cf-id
sZXJ2m_Dvqr8tPmo78BpIJ_eFTKu6L4DIDP0oPQ9d4g4-MqGuZXdOw==
6.89878908.chunk.js
uat.accounts.haymarket.media/static/js/ Frame 740C
1 MB
463 KB
Script
General
Full URL
https://uat.accounts.haymarket.media/static/js/6.89878908.chunk.js
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/authentication/login-callback?error=login_required&state=b25047b012c8465a9127d002d033d784
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.167.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-167-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ea6bbde13e922359614715544f60fd919d590d2fb28ed4787802eaad16a50b23
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uat.accounts.haymarket.media/authentication/login-callback?error=login_required&state=b25047b012c8465a9127d002d033d784
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:21:33 GMT
content-encoding
gzip
last-modified
Mon, 29 Nov 2021 07:19:52 GMT
server
etag
"1d7e4f180228e58"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=2592000
accept-ranges
bytes
main.cadb3ba9.chunk.js
uat.accounts.haymarket.media/static/js/ Frame 740C
348 KB
92 KB
Script
General
Full URL
https://uat.accounts.haymarket.media/static/js/main.cadb3ba9.chunk.js
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/authentication/login-callback?error=login_required&state=b25047b012c8465a9127d002d033d784
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.167.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-167-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
9e8b75eb2284cf50963e9b1959c0c17e131dbfd8bb559aaa73a1aaaab307a245
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uat.accounts.haymarket.media/authentication/login-callback?error=login_required&state=b25047b012c8465a9127d002d033d784
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:21:33 GMT
content-encoding
gzip
last-modified
Mon, 29 Nov 2021 07:19:52 GMT
server
etag
"1d7e4f180336d38"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=2592000
accept-ranges
bytes
embed.js
embed.typeform.com/ Frame 740C
166 KB
54 KB
Script
General
Full URL
https://embed.typeform.com/embed.js
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/authentication/login-callback?error=login_required&state=b25047b012c8465a9127d002d033d784
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6400:2:c605:29c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e5a06d30f076b8f2528468513a6c4c5ab7dd4e6d7906917662908d58f4ace6aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uat.accounts.haymarket.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:18:33 GMT
content-encoding
gzip
last-modified
Mon, 23 Aug 2021 12:13:14 GMT
server
AmazonS3
age
280
etag
W/"33702e05c8b925fd7fdba3817fd31af9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
AQn3-pgT3BfPZrfJMvOtWKuiA58varExFFZfS4_2snTUycXHOpxIQA==
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ Frame 740C
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://uat.accounts.haymarket.media
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 04:37:19 GMT
x-content-type-options
nosniff
age
330254
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 08 Dec 2022 04:37:19 GMT
StripePayment.Web
uat.accounts.haymarket.media/_configuration/ Frame 740C
334 B
454 B
Fetch
General
Full URL
https://uat.accounts.haymarket.media/_configuration/StripePayment.Web
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/static/js/main.cadb3ba9.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.167.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-167-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
88fe85f1bdd085d3d3e2655db83376fd9eee087c1c5fff95764e8b1a65827106
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uat.accounts.haymarket.media/authentication/login-callback?error=login_required&state=b25047b012c8465a9127d002d033d784
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:21:33 GMT
server
content-length
334
strict-transport-security
max-age=2592000
content-type
application/json; charset=utf-8
m-outer-f7902241893e7a497417843cb15dc858.html
js.stripe.com/v3/ Frame 01AB
240 B
952 B
Document
General
Full URL
https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-110.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
1969520bd7b0ea7b84b1cbdda4a8ae93c321abe6eaeff82b5fa496680bf88a0f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://uat.accounts.haymarket.media/

Response headers

content-type
text/html; charset=utf-8
content-length
240
last-modified
Wed, 27 Oct 2021 22:19:31 GMT
accept-ranges
bytes
server
Cloudfront
access-control-allow-origin
*
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-security-policy
default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
timing-allow-origin
*
date
Sun, 12 Dec 2021 00:21:34 GMT
cache-control
max-age=60
etag
"f7902241893e7a497417843cb15dc858"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
cIqln2OwX9hCzOymCDZIB4zWSYt8VbcWskLKmBv9Dlt4aCXIxjzv6A==
csp-report
q.stripe.com/ Frame 01AB
0
346 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/manage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://js.stripe.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 12 Dec 2021 00:21:33 GMT
server
nginx
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
x-envoy-upstream-service-time
2
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length
0
m-outer-639174098ea8fe7fede6fa654790e8ec.js
js.stripe.com/v3/fingerprinted/js/ Frame 01AB
1 KB
1 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-110.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
54
x-cache
Hit from cloudfront
date
Sun, 12 Dec 2021 00:20:40 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
last-modified
Mon, 25 Oct 2021 19:35:20 GMT
server
Cloudfront
etag
W/"5213886b88cd72e6d0aebc89868e5d13"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
FRA6-C1
timing-allow-origin
*
x-amz-cf-id
t703jD0I35g3S99ZqWyUJSh7k6_eKp1hU3m-PRGgf_YirKab0teIIg==
inner.html
m.stripe.network/ Frame 4765
932 B
2 KB
Document
General
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ea00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/

Response headers

content-type
text/html; charset=utf-8
content-length
932
last-modified
Thu, 04 Nov 2021 19:04:57 GMT
accept-ranges
bytes
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
x-content-type-options
nosniff
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://m.stripe.com; default-src 'none'; font-src 'self'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; script-src 'self' 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy
connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
date
Sun, 12 Dec 2021 00:16:41 GMT
cache-control
max-age=300, public
etag
"f6254e6dd0cb06228801a1c8baf0939f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
Pun7-TT8hwj6z7zn5pookAUh6N0MhoMm_4gT051wPUVGp1qLnP7Idg==
age
293
csp-report
q.stripe.com/ Frame 4765
0
120 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/manage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://m.stripe.network/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 12 Dec 2021 00:21:33 GMT
x-envoy-upstream-service-time
2
server
nginx
content-length
0
strict-transport-security
max-age=31556926; includeSubDomains; preload
csp-report
q.stripe.com/ Frame 4765
0
120 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/manage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://m.stripe.network/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 12 Dec 2021 00:21:33 GMT
x-envoy-upstream-service-time
1
server
nginx
content-length
0
strict-transport-security
max-age=31556926; includeSubDomains; preload
out-4.5.41.js
m.stripe.network/ Frame 4765
85 KB
14 KB
Script
General
Full URL
https://m.stripe.network/out-4.5.41.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ea00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
9
x-cache
Hit from cloudfront
date
Sun, 12 Dec 2021 00:21:24 GMT
last-modified
Thu, 04 Nov 2021 19:04:57 GMT
server
Cloudfront
etag
W/"2db385faf28cf5f9393cf01a0a1edfa2"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
cache-control
max-age=300, public
x-amz-cf-pop
FRA6-C1
timing-allow-origin
*
x-amz-cf-id
ZMsYKGKW1rMzLgRDhsO4lBfvMeFEEmI1a7L3fAOUE7au7Gr-FJx9fw==
6
m.stripe.com/ Frame 4765
156 B
522 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.41.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.40.8.68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-40-8-68.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4d0bf3c52d0f07df3abc595aaec26d8f28f04e55c9bd12c58f8f01ada59529fb
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 12 Dec 2021 00:21:33 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
1.a4fcdf2f.chunk.js
uat.accounts.haymarket.media/static/js/ Frame 740C
48 KB
21 KB
Script
General
Full URL
https://uat.accounts.haymarket.media/static/js/1.a4fcdf2f.chunk.js
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/authentication/login-callback?error=login_required&state=b25047b012c8465a9127d002d033d784
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.167.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-167-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
d48eed0f6b78183b60c766948b49cd87bc5e58b697cf119b39c922df684638fd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uat.accounts.haymarket.media/authentication/login-callback?error=login_required&state=b25047b012c8465a9127d002d033d784
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:21:34 GMT
content-encoding
gzip
last-modified
Mon, 29 Nov 2021 07:19:52 GMT
server
etag
"1d7e4f18036a2b1"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=2592000
accept-ranges
bytes
3.95730875.chunk.js
uat.accounts.haymarket.media/static/js/ Frame 740C
51 KB
21 KB
Script
General
Full URL
https://uat.accounts.haymarket.media/static/js/3.95730875.chunk.js
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/authentication/login-callback?error=login_required&state=b25047b012c8465a9127d002d033d784
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.167.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-167-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
1259c5970468ac12f1a357f135fe421958de56261dc89b65214c03c9a2041be6
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uat.accounts.haymarket.media/authentication/login-callback?error=login_required&state=b25047b012c8465a9127d002d033d784
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:21:34 GMT
content-encoding
gzip
last-modified
Mon, 29 Nov 2021 07:19:52 GMT
server
etag
"1d7e4f18036d098"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=2592000
accept-ranges
bytes
2.80614b39.chunk.js
uat.accounts.haymarket.media/static/js/ Frame 740C
69 KB
23 KB
Script
General
Full URL
https://uat.accounts.haymarket.media/static/js/2.80614b39.chunk.js
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/authentication/login-callback?error=login_required&state=b25047b012c8465a9127d002d033d784
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.167.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-167-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
92554ff9a1727a65eac0e107d7edcf85b13dbeae79006ffedce0c22b13457b94
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uat.accounts.haymarket.media/authentication/login-callback?error=login_required&state=b25047b012c8465a9127d002d033d784
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:21:34 GMT
content-encoding
gzip
last-modified
Mon, 29 Nov 2021 07:19:52 GMT
server
etag
"1d7e4f180370eca"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=2592000
accept-ranges
bytes
0.52fa99a6.chunk.js
uat.accounts.haymarket.media/static/js/ Frame 740C
41 KB
10 KB
Script
General
Full URL
https://uat.accounts.haymarket.media/static/js/0.52fa99a6.chunk.js
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/authentication/login-callback?error=login_required&state=b25047b012c8465a9127d002d033d784
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.167.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-167-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
71adee4ce0e18cc51e8253fdb2f39566ceef0a0001d58b0533cf2d852fef5a99
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uat.accounts.haymarket.media/authentication/login-callback?error=login_required&state=b25047b012c8465a9127d002d033d784
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:21:34 GMT
content-encoding
gzip
last-modified
Mon, 29 Nov 2021 07:19:52 GMT
server
etag
"1d7e4f18036b80c"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=2592000
accept-ranges
bytes
metadata
uat.accounts.haymarket.media/api/v1/ Frame 740C
68 KB
69 KB
XHR
General
Full URL
https://uat.accounts.haymarket.media/api/v1/metadata
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/static/js/6.89878908.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.167.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-167-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
36b8319475c1e97926a9d3a007b83fdb023d113f73875866f33637ba9f95630c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
application/json, text/plain, */*
Referer
https://uat.accounts.haymarket.media/authentication/login-callback?error=login_required&state=b25047b012c8465a9127d002d033d784
authorization
Bearer null
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:21:34 GMT
server
strict-transport-security
max-age=2592000
content-length
70012
api-supported-versions
1.0
content-type
application/json; charset=utf-8
en
uat.accounts.haymarket.media/api/v1/locales/ Frame 740C
37 KB
37 KB
XHR
General
Full URL
https://uat.accounts.haymarket.media/api/v1/locales/en?DocumentPath=html
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/static/js/6.89878908.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.167.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-167-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
c8adb7f8b75ab7da488599d1ce8c05333b3a2e6802e48a5eb682421341cbca7c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
application/json, text/plain, */*
Referer
https://uat.accounts.haymarket.media/authentication/login-callback?error=login_required&state=b25047b012c8465a9127d002d033d784
authorization
Bearer null
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:21:34 GMT
server
strict-transport-security
max-age=2592000
content-length
37863
api-supported-versions
1.0
content-type
application/json; charset=utf-8
zh-CN
uat.accounts.haymarket.media/api/v1/locales/ Frame 740C
37 KB
37 KB
XHR
General
Full URL
https://uat.accounts.haymarket.media/api/v1/locales/zh-CN?DocumentPath=html
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/static/js/6.89878908.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.167.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-167-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
b4ec3dd55e9cf1491d8c2daa904f7346e7b11833e595f2378dfb97435c49f31e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
application/json, text/plain, */*
Referer
https://uat.accounts.haymarket.media/authentication/login-callback?error=login_required&state=b25047b012c8465a9127d002d033d784
authorization
Bearer null
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:21:34 GMT
server
strict-transport-security
max-age=2592000
content-length
37866
api-supported-versions
1.0
content-type
application/json; charset=utf-8
ja
uat.accounts.haymarket.media/api/v1/locales/ Frame 740C
37 KB
37 KB
XHR
General
Full URL
https://uat.accounts.haymarket.media/api/v1/locales/ja?DocumentPath=html
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/static/js/6.89878908.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.167.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-167-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
53c08c62b91b0843df853dd0232c423bc811333bd39bba248b27145765787d20
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
application/json, text/plain, */*
Referer
https://uat.accounts.haymarket.media/authentication/login-callback?error=login_required&state=b25047b012c8465a9127d002d033d784
authorization
Bearer null
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:21:34 GMT
server
strict-transport-security
max-age=2592000
content-length
37863
api-supported-versions
1.0
content-type
application/json; charset=utf-8
accent
uat.accounts.haymarket.media/api/v1/locales/ Frame 740C
94 B
234 B
XHR
General
Full URL
https://uat.accounts.haymarket.media/api/v1/locales/accent?DocumentPath=html
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/static/js/6.89878908.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.167.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-167-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
b515306db57d0143100478e135f10b311fab8f53850dcf7e564148028a8aad26
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
application/json, text/plain, */*
Referer
https://uat.accounts.haymarket.media/authentication/login-callback?error=login_required&state=b25047b012c8465a9127d002d033d784
authorization
Bearer null
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:21:34 GMT
server
strict-transport-security
max-age=2592000
content-length
94
api-supported-versions
1.0
content-type
application/json; charset=utf-8
/
uat.accounts.haymarket.media/ Frame 740C
0
0

Primary Request Login
uat.accounts.haymarket.media/Identity/Account/
Redirect Chain
  • https://uat.accounts.haymarket.media/connect/authorize?client_id=StripePayment.Web&redirect_uri=https%3A%2F%2Fuat.accounts.haymarket.media%2Fauthentication%2Flogin-callback&response_type=code&scope...
  • https://uat.accounts.haymarket.media/Identity/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DStripePayment.Web%26redirect_uri%3Dhttps%253A%252F%252Fuat.accounts.haymarket.m...
29 KB
11 KB
Document
General
Full URL
https://uat.accounts.haymarket.media/Identity/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DStripePayment.Web%26redirect_uri%3Dhttps%253A%252F%252Fuat.accounts.haymarket.media%252Fauthentication%252Flogin-callback%26response_type%3Dcode%26scope%3DStripePayment.WebAPI%2520openid%2520profile%26state%3D70d9a25ee4964b1f9581939283790094%26code_challenge%3DArX74iwTZm-fdPBjEa6rs9jSXlxABXz0klKjhzkY_lY%26code_challenge_method%3DS256%26response_mode%3Dquery
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/static/js/6.89878908.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.167.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-167-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
68f90c983a137de36ae9c6077ed7eb66a8584015a5a6e0271cb156dbe606dd33
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://uat.accounts.haymarket.media/authentication/login?returnUrl=https://uat.accounts.haymarket.media/manage

Response headers

date
Sun, 12 Dec 2021 00:21:35 GMT
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store
pragma
no-cache
content-encoding
gzip
expires
Thu, 01 Jan 1970 00:00:00 GMT
vary
Accept-Encoding
server
strict-transport-security
max-age=2592000
x-frame-options
SAMEORIGIN

Redirect headers

date
Sun, 12 Dec 2021 00:21:34 GMT
location
https://uat.accounts.haymarket.media/Identity/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DStripePayment.Web%26redirect_uri%3Dhttps%253A%252F%252Fuat.accounts.haymarket.media%252Fauthentication%252Flogin-callback%26response_type%3Dcode%26scope%3DStripePayment.WebAPI%2520openid%2520profile%26state%3D70d9a25ee4964b1f9581939283790094%26code_challenge%3DArX74iwTZm-fdPBjEa6rs9jSXlxABXz0klKjhzkY_lY%26code_challenge_method%3DS256%26response_mode%3Dquery
server
strict-transport-security
max-age=2592000
css2
fonts.googleapis.com/
7 KB
662 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;700&display=swap
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/Identity/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DStripePayment.Web%26redirect_uri%3Dhttps%253A%252F%252Fuat.accounts.haymarket.media%252Fauthentication%252Flogin-callback%26response_type%3Dcode%26scope%3DStripePayment.WebAPI%2520openid%2520profile%26state%3D70d9a25ee4964b1f9581939283790094%26code_challenge%3DArX74iwTZm-fdPBjEa6rs9jSXlxABXz0klKjhzkY_lY%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5c0fa704524cebac28ecc9aa8a2ad43d4d2d5e48980fdeec93253d6d9c61e98a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uat.accounts.haymarket.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 11 Dec 2021 23:46:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 12 Dec 2021 00:21:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 12 Dec 2021 00:21:35 GMT
login.css
uat.accounts.haymarket.media/css/
26 KB
7 KB
Stylesheet
General
Full URL
https://uat.accounts.haymarket.media/css/login.css
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/Identity/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DStripePayment.Web%26redirect_uri%3Dhttps%253A%252F%252Fuat.accounts.haymarket.media%252Fauthentication%252Flogin-callback%26response_type%3Dcode%26scope%3DStripePayment.WebAPI%2520openid%2520profile%26state%3D70d9a25ee4964b1f9581939283790094%26code_challenge%3DArX74iwTZm-fdPBjEa6rs9jSXlxABXz0klKjhzkY_lY%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.167.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-167-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
1d6b9a12dd8295a4ae37bb88893ed43f733611a2732e5cad23b03bcb65157483
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uat.accounts.haymarket.media/Identity/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DStripePayment.Web%26redirect_uri%3Dhttps%253A%252F%252Fuat.accounts.haymarket.media%252Fauthentication%252Flogin-callback%26response_type%3Dcode%26scope%3DStripePayment.WebAPI%2520openid%2520profile%26state%3D70d9a25ee4964b1f9581939283790094%26code_challenge%3DArX74iwTZm-fdPBjEa6rs9jSXlxABXz0klKjhzkY_lY%26code_challenge_method%3DS256%26response_mode%3Dquery
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:21:35 GMT
content-encoding
gzip
last-modified
Mon, 29 Nov 2021 07:08:20 GMT
server
etag
"1d7e4efe3bf2c8e"
vary
Accept-Encoding
content-type
text/css
strict-transport-security
max-age=2592000
accept-ranges
bytes
content-length
6902
api.js
www.recaptcha.net/recaptcha/
935 B
1018 B
Script
General
Full URL
https://www.recaptcha.net/recaptcha/api.js?onload=_65d3018f_c059_4df0_81a4_db8240460ad7&render=explicit&hl=en
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/Identity/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DStripePayment.Web%26redirect_uri%3Dhttps%253A%252F%252Fuat.accounts.haymarket.media%252Fauthentication%252Flogin-callback%26response_type%3Dcode%26scope%3DStripePayment.WebAPI%2520openid%2520profile%26state%3D70d9a25ee4964b1f9581939283790094%26code_challenge%3DArX74iwTZm-fdPBjEa6rs9jSXlxABXz0klKjhzkY_lY%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d2a42fc2f259545b62af6cb01c98d3f6fe0a4966f269f85bf8eae5f23bdb3788
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uat.accounts.haymarket.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:21:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
605
x-xss-protection
1; mode=block
expires
Sun, 12 Dec 2021 00:21:35 GMT
jquery.min.js
uat.accounts.haymarket.media/lib/jquery/dist/
86 KB
39 KB
Script
General
Full URL
https://uat.accounts.haymarket.media/lib/jquery/dist/jquery.min.js
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/Identity/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DStripePayment.Web%26redirect_uri%3Dhttps%253A%252F%252Fuat.accounts.haymarket.media%252Fauthentication%252Flogin-callback%26response_type%3Dcode%26scope%3DStripePayment.WebAPI%2520openid%2520profile%26state%3D70d9a25ee4964b1f9581939283790094%26code_challenge%3DArX74iwTZm-fdPBjEa6rs9jSXlxABXz0klKjhzkY_lY%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.167.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-167-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uat.accounts.haymarket.media/Identity/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DStripePayment.Web%26redirect_uri%3Dhttps%253A%252F%252Fuat.accounts.haymarket.media%252Fauthentication%252Flogin-callback%26response_type%3Dcode%26scope%3DStripePayment.WebAPI%2520openid%2520profile%26state%3D70d9a25ee4964b1f9581939283790094%26code_challenge%3DArX74iwTZm-fdPBjEa6rs9jSXlxABXz0klKjhzkY_lY%26code_challenge_method%3DS256%26response_mode%3Dquery
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:21:35 GMT
content-encoding
gzip
last-modified
Mon, 29 Nov 2021 07:08:20 GMT
server
etag
"1d7e4efe3be1253"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=2592000
accept-ranges
bytes
jquery.validate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.17.0/
23 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.17.0/jquery.validate.min.js
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/Identity/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DStripePayment.Web%26redirect_uri%3Dhttps%253A%252F%252Fuat.accounts.haymarket.media%252Fauthentication%252Flogin-callback%26response_type%3Dcode%26scope%3DStripePayment.WebAPI%2520openid%2520profile%26state%3D70d9a25ee4964b1f9581939283790094%26code_challenge%3DArX74iwTZm-fdPBjEa6rs9jSXlxABXz0klKjhzkY_lY%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://uat.accounts.haymarket.media/
Origin
https://uat.accounts.haymarket.media
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:21:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2593324
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6677
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-5add"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vhbh%2BmbcnvRt%2BdRNh0nv1OJ5uBhZACX%2Br9HXRrESIn%2F1kCyzAVw0DeAnzeuNtoYhPRxedPxGjOn5TvZSxOScIZ2MpZXBbsShWZnPTjc9mNGxvuPpHH8pU1FsgLa%2BLuKf8xXJ0AWftGgG3YUkJKh7c229"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6bc2cb1edd6a434b-FRA
expires
Fri, 02 Dec 2022 00:21:35 GMT
jquery.validate.unobtrusive.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-validation-unobtrusive/3.2.11/
6 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-validation-unobtrusive/3.2.11/jquery.validate.unobtrusive.min.js
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/Identity/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DStripePayment.Web%26redirect_uri%3Dhttps%253A%252F%252Fuat.accounts.haymarket.media%252Fauthentication%252Flogin-callback%26response_type%3Dcode%26scope%3DStripePayment.WebAPI%2520openid%2520profile%26state%3D70d9a25ee4964b1f9581939283790094%26code_challenge%3DArX74iwTZm-fdPBjEa6rs9jSXlxABXz0klKjhzkY_lY%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f46c9ca499e58948c90d50ea3f4504bbf6ec9bd53eddd9d0507f3edd6d74be46
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://uat.accounts.haymarket.media/
Origin
https://uat.accounts.haymarket.media
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:21:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2862737
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1947
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-16ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hRhs50ZQfX%2BgARbE2jOiKVkyTCDr%2Bq48uLRNt3eEwEfuLr%2FktOn%2BmSpZLX9Jyg%2FNVKtN5qJJFhlVQAw5XmboDzPjUecKvQxMHpbBTD2pILY1IwwC7fQXXp2D5LhVyytZpEK0U5JTS6zdWkgSgMgSKeW7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6bc2cb1edd6c434b-FRA
expires
Fri, 02 Dec 2022 00:21:35 GMT
i18next.min.js
uat.accounts.haymarket.media/js/
36 KB
13 KB
Script
General
Full URL
https://uat.accounts.haymarket.media/js/i18next.min.js
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/Identity/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DStripePayment.Web%26redirect_uri%3Dhttps%253A%252F%252Fuat.accounts.haymarket.media%252Fauthentication%252Flogin-callback%26response_type%3Dcode%26scope%3DStripePayment.WebAPI%2520openid%2520profile%26state%3D70d9a25ee4964b1f9581939283790094%26code_challenge%3DArX74iwTZm-fdPBjEa6rs9jSXlxABXz0klKjhzkY_lY%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.167.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-167-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
b10f6ceecf032a8e79fdc6daf0dc8e99bd9f91ca9ae8b267abeab5dd075b63c8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uat.accounts.haymarket.media/Identity/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DStripePayment.Web%26redirect_uri%3Dhttps%253A%252F%252Fuat.accounts.haymarket.media%252Fauthentication%252Flogin-callback%26response_type%3Dcode%26scope%3DStripePayment.WebAPI%2520openid%2520profile%26state%3D70d9a25ee4964b1f9581939283790094%26code_challenge%3DArX74iwTZm-fdPBjEa6rs9jSXlxABXz0klKjhzkY_lY%26code_challenge_method%3DS256%26response_mode%3Dquery
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:21:35 GMT
content-encoding
gzip
last-modified
Mon, 29 Nov 2021 07:08:20 GMT
server
etag
"1d7e4efe3bfc440"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=2592000
accept-ranges
bytes
jquery-i18next.min.js
uat.accounts.haymarket.media/js/
2 KB
1 KB
Script
General
Full URL
https://uat.accounts.haymarket.media/js/jquery-i18next.min.js
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/Identity/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DStripePayment.Web%26redirect_uri%3Dhttps%253A%252F%252Fuat.accounts.haymarket.media%252Fauthentication%252Flogin-callback%26response_type%3Dcode%26scope%3DStripePayment.WebAPI%2520openid%2520profile%26state%3D70d9a25ee4964b1f9581939283790094%26code_challenge%3DArX74iwTZm-fdPBjEa6rs9jSXlxABXz0klKjhzkY_lY%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.136.167.242 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-136-167-242.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
568d70ac78e7cb88500cf03d4b0054a46fc405ac21bd4bac76a4476f721aef1f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uat.accounts.haymarket.media/Identity/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DStripePayment.Web%26redirect_uri%3Dhttps%253A%252F%252Fuat.accounts.haymarket.media%252Fauthentication%252Flogin-callback%26response_type%3Dcode%26scope%3DStripePayment.WebAPI%2520openid%2520profile%26state%3D70d9a25ee4964b1f9581939283790094%26code_challenge%3DArX74iwTZm-fdPBjEa6rs9jSXlxABXz0klKjhzkY_lY%26code_challenge_method%3DS256%26response_mode%3Dquery
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:21:35 GMT
content-encoding
gzip
last-modified
Mon, 29 Nov 2021 07:08:20 GMT
server
etag
"1d7e4efe3bf4d2f"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=2592000
accept-ranges
bytes
content-length
1073
recaptcha__en.js
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/
344 KB
135 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api.js?onload=_65d3018f_c059_4df0_81a4_db8240460ad7&render=explicit&hl=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1a9d49309a8c024d10745930b6313923ec84e1e0b2fae6b0aa649e93f647172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uat.accounts.haymarket.media/
Origin
https://uat.accounts.haymarket.media
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 11 Dec 2021 09:48:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52413
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
137351
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 05:02:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Sun, 11 Dec 2022 09:48:02 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://uat.accounts.haymarket.media
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 04:37:19 GMT
x-content-type-options
nosniff
age
330256
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 08 Dec 2022 04:37:19 GMT
embed.js
embed.typeform.com/
166 KB
54 KB
Script
General
Full URL
https://embed.typeform.com/embed.js
Requested by
Host: uat.accounts.haymarket.media
URL: https://uat.accounts.haymarket.media/Identity/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DStripePayment.Web%26redirect_uri%3Dhttps%253A%252F%252Fuat.accounts.haymarket.media%252Fauthentication%252Flogin-callback%26response_type%3Dcode%26scope%3DStripePayment.WebAPI%2520openid%2520profile%26state%3D70d9a25ee4964b1f9581939283790094%26code_challenge%3DArX74iwTZm-fdPBjEa6rs9jSXlxABXz0klKjhzkY_lY%26code_challenge_method%3DS256%26response_mode%3Dquery
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:6400:2:c605:29c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e5a06d30f076b8f2528468513a6c4c5ab7dd4e6d7906917662908d58f4ace6aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uat.accounts.haymarket.media/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:18:33 GMT
content-encoding
gzip
last-modified
Mon, 23 Aug 2021 12:13:14 GMT
server
AmazonS3
age
282
etag
W/"33702e05c8b925fd7fdba3817fd31af9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 a618edcb8ddcdae59a3a61a6c82ff54d.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
Jl2ZBZ1q574iIz9Xz354ab2BBHxlvPvekA_03pqMagMahN2rOXgKSw==
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://uat.accounts.haymarket.media
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 10 Dec 2021 06:44:42 GMT
x-content-type-options
nosniff
age
149813
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20040
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 10 Dec 2022 06:44:42 GMT
anchor
www.recaptcha.net/recaptcha/api2/ Frame 28CC
40 KB
21 KB
Document
General
Full URL
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdR7IwUAAAAAMeX6GMr6Vqo4s1C19WEdRFg7p98&co=aHR0cHM6Ly91YXQuYWNjb3VudHMuaGF5bWFya2V0Lm1lZGlhOjQ0Mw..&hl=en&v=rPvs0Nyx3sANE-ZHUN-0nM85&theme=light&size=normal&cb=u03ndzvnc5j1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f585f0b5928c2cfddf1c16392b0eec581a993eb33e5eb020857caeed5c0e0520
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XLLpEXygU87wxXmae2XWGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://uat.accounts.haymarket.media/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 12 Dec 2021 00:21:35 GMT
content-security-policy
script-src 'report-sample' 'nonce-XLLpEXygU87wxXmae2XWGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
21025
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/ Frame 28CC
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdR7IwUAAAAAMeX6GMr6Vqo4s1C19WEdRFg7p98&co=aHR0cHM6Ly91YXQuYWNjb3VudHMuaGF5bWFya2V0Lm1lZGlhOjQ0Mw..&hl=en&v=rPvs0Nyx3sANE-ZHUN-0nM85&theme=light&size=normal&cb=u03ndzvnc5j1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 10 Dec 2021 12:53:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
127672
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24065
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 05:02:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Sat, 10 Dec 2022 12:53:43 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/ Frame 28CC
344 KB
134 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdR7IwUAAAAAMeX6GMr6Vqo4s1C19WEdRFg7p98&co=aHR0cHM6Ly91YXQuYWNjb3VudHMuaGF5bWFya2V0Lm1lZGlhOjQ0Mw..&hl=en&v=rPvs0Nyx3sANE-ZHUN-0nM85&theme=light&size=normal&cb=u03ndzvnc5j1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1a9d49309a8c024d10745930b6313923ec84e1e0b2fae6b0aa649e93f647172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 11 Dec 2021 09:48:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52413
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
137351
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 05:02:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Sun, 11 Dec 2022 09:48:02 GMT
truncated
/ Frame 28CC
14 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 28CC
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 28CC
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 10 Dec 2021 07:03:19 GMT
x-content-type-options
nosniff
age
148696
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Fri, 17 Dec 2021 07:03:19 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 28CC
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdR7IwUAAAAAMeX6GMr6Vqo4s1C19WEdRFg7p98&co=aHR0cHM6Ly91YXQuYWNjb3VudHMuaGF5bWFya2V0Lm1lZGlhOjQ0Mw..&hl=en&v=rPvs0Nyx3sANE-ZHUN-0nM85&theme=light&size=normal&cb=u03ndzvnc5j1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.recaptcha.net/
Origin
https://www.recaptcha.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 11:18:05 GMT
x-content-type-options
nosniff
age
392610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 07 Dec 2022 11:18:05 GMT
webworker.js
www.recaptcha.net/recaptcha/api2/ Frame 28CC
102 B
134 B
Other
General
Full URL
https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=en&v=rPvs0Nyx3sANE-ZHUN-0nM85
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
72b35f464a06ce3f7f90f7349fad2caebcd752259c3f4771232ece0c4016f830
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LdR7IwUAAAAAMeX6GMr6Vqo4s1C19WEdRFg7p98&co=aHR0cHM6Ly91YXQuYWNjb3VudHMuaGF5bWFya2V0Lm1lZGlhOjQ0Mw..&hl=en&v=rPvs0Nyx3sANE-ZHUN-0nM85&theme=light&size=normal&cb=u03ndzvnc5j1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sun, 12 Dec 2021 00:21:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Sun, 12 Dec 2021 00:21:35 GMT
bframe
www.recaptcha.net/recaptcha/api2/ Frame 6827
7 KB
1 KB
Document
General
Full URL
https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=rPvs0Nyx3sANE-ZHUN-0nM85&k=6LdR7IwUAAAAAMeX6GMr6Vqo4s1C19WEdRFg7p98
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b149547c10af56ea7bd61ceef71b1e6e0d12dd39087cccca5597b9b1ca689435
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-b3TJUb6mEoGO/1icPMobow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://uat.accounts.haymarket.media/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 12 Dec 2021 00:21:35 GMT
content-security-policy
script-src 'report-sample' 'nonce-b3TJUb6mEoGO/1icPMobow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1111
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/ Frame 6827
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/styles__ltr.css
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=rPvs0Nyx3sANE-ZHUN-0nM85&k=6LdR7IwUAAAAAMeX6GMr6Vqo4s1C19WEdRFg7p98
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 10 Dec 2021 12:53:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
127672
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24065
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 05:02:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Sat, 10 Dec 2022 12:53:43 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/ Frame 6827
344 KB
134 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__en.js
Requested by
Host: www.recaptcha.net
URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=en&v=rPvs0Nyx3sANE-ZHUN-0nM85&k=6LdR7IwUAAAAAMeX6GMr6Vqo4s1C19WEdRFg7p98
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1a9d49309a8c024d10745930b6313923ec84e1e0b2fae6b0aa649e93f647172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.recaptcha.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 11 Dec 2021 09:48:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52413
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
137351
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 05:02:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Sun, 11 Dec 2022 09:48:02 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
uat.accounts.haymarket.media
URL
https://uat.accounts.haymarket.media/

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| _65d3018f_c059_4df0_81a4_db8240460ad7 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| $ function| jQuery object| i18next object| jqueryI18next object| i18nextInfo object| regeneratorRuntime boolean| typeformEmbedIsloaded object| typeformEmbed object| recaptcha object| closure_lm_870710

4 Cookies

Domain/Path Name / Value
m.stripe.com/ Name: m
Value: b5b68ffc-1b86-451b-9691-5f513ddbd5060c52d6
.uat.accounts.haymarket.media/ Name: __stripe_mid
Value: 19c4f486-0a6c-4b0b-be0a-64698919f3adb6ba74
.uat.accounts.haymarket.media/ Name: __stripe_sid
Value: f494fbf6-ec47-414b-88b0-eb0071d7e41500f23b
uat.accounts.haymarket.media/ Name: .AspNetCore.Antiforgery.Ij6sDnfowCI
Value: CfDJ8NHgM4OT6HlIpgr_W4xeZd16WEYWYHDtora9E8i0aluwRc2an5BB9NE0XNXMZdX4bTMMH4D6eMBnK5SNPyW2thZXbPWj5sY5Uftenfjt69T15Ikx28aupG8uPnOjxmwCuXF8tdKnJGLDcLYbqeuQz_c

2 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
embed.typeform.com
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
uat.accounts.haymarket.media
www.gstatic.com
www.recaptcha.net
uat.accounts.haymarket.media
13.35.253.110
18.136.167.242
2600:9000:2057:ea00:19:7d10:bd80:93a1
2600:9000:206f:6400:2:c605:29c0:93a1
2606:4700::6810:125e
2a00:1450:4001:801::2003
2a00:1450:4001:808::200a
2a00:1450:4001:810::2003
2a00:1450:4001:827::2003
52.40.8.68
54.187.119.242
08de603056e51c242902e60277b47a6a2b985f26b5c3132597026967b60f901e
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
1259c5970468ac12f1a357f135fe421958de56261dc89b65214c03c9a2041be6
17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50
1969520bd7b0ea7b84b1cbdda4a8ae93c321abe6eaeff82b5fa496680bf88a0f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d6b9a12dd8295a4ae37bb88893ed43f733611a2732e5cad23b03bcb65157483
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
36b8319475c1e97926a9d3a007b83fdb023d113f73875866f33637ba9f95630c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb
43ce97820f353b03be535e6d9011ab3601d0e41aada39c9b9730e38746b2e46f
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4d0bf3c52d0f07df3abc595aaec26d8f28f04e55c9bd12c58f8f01ada59529fb
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
53c08c62b91b0843df853dd0232c423bc811333bd39bba248b27145765787d20
568d70ac78e7cb88500cf03d4b0054a46fc405ac21bd4bac76a4476f721aef1f
5c0fa704524cebac28ecc9aa8a2ad43d4d2d5e48980fdeec93253d6d9c61e98a
68f90c983a137de36ae9c6077ed7eb66a8584015a5a6e0271cb156dbe606dd33
6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8
71adee4ce0e18cc51e8253fdb2f39566ceef0a0001d58b0533cf2d852fef5a99
72b35f464a06ce3f7f90f7349fad2caebcd752259c3f4771232ece0c4016f830
88fe85f1bdd085d3d3e2655db83376fd9eee087c1c5fff95764e8b1a65827106
92554ff9a1727a65eac0e107d7edcf85b13dbeae79006ffedce0c22b13457b94
9e8b75eb2284cf50963e9b1959c0c17e131dbfd8bb559aaa73a1aaaab307a245
a1a9d49309a8c024d10745930b6313923ec84e1e0b2fae6b0aa649e93f647172
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
b10f6ceecf032a8e79fdc6daf0dc8e99bd9f91ca9ae8b267abeab5dd075b63c8
b149547c10af56ea7bd61ceef71b1e6e0d12dd39087cccca5597b9b1ca689435
b4ec3dd55e9cf1491d8c2daa904f7346e7b11833e595f2378dfb97435c49f31e
b515306db57d0143100478e135f10b311fab8f53850dcf7e564148028a8aad26
bfe2063596ec06fce236c9b6b65ca2ba0c7194f7431154ab7c6f952981388930
c8adb7f8b75ab7da488599d1ce8c05333b3a2e6802e48a5eb682421341cbca7c
d2a42fc2f259545b62af6cb01c98d3f6fe0a4966f269f85bf8eae5f23bdb3788
d48eed0f6b78183b60c766948b49cd87bc5e58b697cf119b39c922df684638fd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a06d30f076b8f2528468513a6c4c5ab7dd4e6d7906917662908d58f4ace6aa
ea6bbde13e922359614715544f60fd919d590d2fb28ed4787802eaad16a50b23
eb4fb369a44b55dab561d3a2d61cd195adb1a1b6f53b095971f089fab37652d3
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
f46c9ca499e58948c90d50ea3f4504bbf6ec9bd53eddd9d0507f3edd6d74be46
f585f0b5928c2cfddf1c16392b0eec581a993eb33e5eb020857caeed5c0e0520