user-area-front-rebrand.dev.envs.lookiero.tech Open in urlscan Pro
52.18.192.242 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://user-area-front-rebrand.dev.envs.lookiero.tech/
Submission: On March 21 via automatic, source certstream-suspicious (March 21st 2024, 1:32:48 pm UTC) — Scanned from CH

Summary HTTP 39 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 5 countries across 10 domains to perform 39 HTTP transactions. The main IP is 52.18.192.242, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is user-area-front-rebrand.dev.envs.lookiero.tech.
TLS certificate: Issued by Amazon RSA 2048 M03 on March 21st 2024. Valid for: a year.

This is the only time user-area-front-rebrand.dev.envs.lookiero.tech was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	52.18.192.242 52.18.192.242	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:b1e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:211... 2600:9000:211e:4200:19:f1c7:c3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	95.217.77.235 95.217.77.235	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700::68... 2606:4700::6810:1338	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400c:c02::5c	15169 (GOOGLE) (GOOGLE)
3	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2600:9000:272... 2600:9000:2724:2a00:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.211.61.88 34.211.61.88	16509 (AMAZON-02) (AMAZON-02)
39	13

4 52.18.192.242 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-192-242.eu-west-1.compute.amazonaws.com

user-area-front-rebrand.dev.envs.lookiero.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:b1e (United States)

ASN13335 (CLOUDFLARENET, US)

aplm4v3ckn.kameleoon.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:4200:19:f1c7:c3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.dev.envs.lookiero.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.217.77.235 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: data-api-new01.kameleoon.net

data.kameleoon.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:1338 (United States)

ASN13335 (CLOUDFLARENET, US)

js.appboycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c02::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.0.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2724:2a00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.211.61.88 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-211-61-88.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	google.com pay.google.com — Cisco Umbrella Rank: 4261 play.google.com — Cisco Umbrella Rank: 91	424 KB
6	lookiero.tech user-area-front-rebrand.dev.envs.lookiero.tech cdn.dev.envs.lookiero.tech	4 MB
4	gstatic.com www.gstatic.com	102 KB
4	stripe.com js.stripe.com — Cisco Umbrella Rank: 2499 m.stripe.com — Cisco Umbrella Rank: 2405	170 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 251	145 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 2673	16 KB
2	kameleoon.io data.kameleoon.io — Cisco Umbrella Rank: 15328	673 B
1	appboycdn.com js.appboycdn.com — Cisco Umbrella Rank: 5644
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	106 KB
1	kameleoon.eu aplm4v3ckn.kameleoon.eu	46 KB
39	10

	Domain	Requested by
12	play.google.com	www.gstatic.com
4	www.gstatic.com	pay.google.com www.gstatic.com
4	user-area-front-rebrand.dev.envs.lookiero.tech	user-area-front-rebrand.dev.envs.lookiero.tech
3	js.stripe.com	user-area-front-rebrand.dev.envs.lookiero.tech js.stripe.com
3	pay.google.com	user-area-front-rebrand.dev.envs.lookiero.tech pay.google.com www.gstatic.com
3	connect.facebook.net	user-area-front-rebrand.dev.envs.lookiero.tech connect.facebook.net
2	m.stripe.network	js.stripe.com m.stripe.network
2	data.kameleoon.io	aplm4v3ckn.kameleoon.eu user-area-front-rebrand.dev.envs.lookiero.tech
2	cdn.dev.envs.lookiero.tech	user-area-front-rebrand.dev.envs.lookiero.tech
1	m.stripe.com	m.stripe.network
1	js.appboycdn.com	www.googletagmanager.com
1	www.googletagmanager.com	user-area-front-rebrand.dev.envs.lookiero.tech
1	aplm4v3ckn.kameleoon.eu	user-area-front-rebrand.dev.envs.lookiero.tech
39	13

This site contains no links.

Subject Issuer	Validity	Valid
user-area-front-rebrand.dev.envs.lookiero.tech Amazon RSA 2048 M03	`2024-03-21` - `2025-04-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-01` - `2024-04-30`	a year	crt.sh
cdn.dev.envs.lookiero.tech Amazon RSA 2048 M01	`2023-04-30` - `2024-05-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-29` - `2024-03-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
data.kameleoon.io R3	`2024-01-21` - `2024-04-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-02-07` - `2024-05-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-26` - `2024-05-23`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://user-area-front-rebrand.dev.envs.lookiero.tech/
Frame ID: 58C4931DEC759638399AB47206857178
Requests: 16 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fuser-area-front-rebrand.dev.envs.lookiero.tech&mid=
Frame ID: C46074131B2152D2D0FBAE25EDE3F8AD
Requests: 12 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 26401D549C2B2CDD750471A154AAEF2F
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: B0D33622E68AB43245A6E3893B11CAC9
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Lookiero

Detected technologies

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Braze (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

js\.appboycdn\.com/web-sdk/([\d.]+)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Page Statistics

39
Requests

100 %
HTTPS

69 %
IPv6

10
Domains

13
Subdomains

13
IPs

5
Countries

5317 kB
Transfer

7771 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
user-area-front-rebrand.dev.envs.lookiero.tech/ 8 KB
8 KB 151ms
41ms Document
text/html 52.18.192.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://user-area-front-rebrand.dev.envs.lookiero.tech/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.192.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-192-242.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: c8ee3bc85db46b89dd26bf38e5b1e4441a8461fed857a50360cdedfc01a2b7c0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, must-revalidate
content-length: 8386
content-type: text/html; charset=utf-8
date: Thu, 21 Mar 2024 13:32:43 GMT
etag: false
expires: -1
pragma: no-cache
x-powered-by: Express

GET
H2 200 kameleoon.js Show response
aplm4v3ckn.kameleoon.eu/ 182 KB
46 KB 98ms
41ms Script
application/javascript 2606:4700:20::681a:b1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aplm4v3ckn.kameleoon.eu/kameleoon.js

Requested by

Host: user-area-front-rebrand.dev.envs.lookiero.tech
URL: https://user-area-front-rebrand.dev.envs.lookiero.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:b1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32f3cb5f1db117b3dfc16d552ee6631af507ee739c7aec0d8c17882002371475

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-area-front-rebrand.dev.envs.lookiero.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 13:32:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4459
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 14 Mar 2024 11:53:25 GMT
server: cloudflare
etag: W/"65f2e535-2d7c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=85o%2FNfkIIj909mCLfnAn%2BsWZuf1VPGObukMY8KjnMcE%2FTSfxwdfSQcPd3Fa954k6etgcbJ1bAMmOVQF6v%2Fwokk7hWbjVe41sP8mLuRfa5mYZlshauMRtlKlLpUIf2WD%2FPAh%2FCznjscLHtmh2k7IAAcWnQ8Uu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=5400
cf-ray: 867e4f475e5668f2-FRA
expires: Thu, 21 Mar 2024 13:48:25 GMT

GET
H2 200 fonts.MTcwNzQ4NzY0MTcxOA.css
cdn.dev.envs.lookiero.tech/commons/fonts/ 858 B
1 KB 157ms
78ms Stylesheet
text/css 2600:9000:211e:4200:19:f1c7:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dev.envs.lookiero.tech/commons/fonts/fonts.MTcwNzQ4NzY0MTcxOA.css
Requested by: Host: user-area-front-rebrand.dev.envs.lookiero.tech
URL: https://user-area-front-rebrand.dev.envs.lookiero.tech/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:4200:19:f1c7:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d43ed046d4344e023aec830e66f9b13b53e5f316be270f68ad5dc3b8dbcb67ed

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-area-front-rebrand.dev.envs.lookiero.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 16:20:48 GMT
via: 1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
last-modified: Wed, 20 Mar 2024 10:07:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 76317
etag: "717b2ffa45b7c00410a751009d1fd13c"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 858
x-amz-cf-id: HGGcCNNFgSsFP8rReQCWKFXmg3qe-MkWijkse5pIEjMDMzNSJ1AZlA==

GET
H2 200 auroraicons.css
cdn.dev.envs.lookiero.tech/commons/fonts/aurora-iconfont/3.0.0/ 11 KB
2 KB 104ms
26ms Stylesheet
text/css 2600:9000:211e:4200:19:f1c7:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dev.envs.lookiero.tech/commons/fonts/aurora-iconfont/3.0.0/auroraicons.css
Requested by: Host: user-area-front-rebrand.dev.envs.lookiero.tech
URL: https://user-area-front-rebrand.dev.envs.lookiero.tech/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:4200:19:f1c7:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 315e2d4e80525eea14f5974b04828478aa976f6fefc708036f16a5f666b69f75

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-area-front-rebrand.dev.envs.lookiero.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 13:06:31 GMT
content-encoding: br
via: 1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
last-modified: Tue, 19 Mar 2024 08:16:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 1574
x-amz-server-side-encryption: AES256
etag: W/"47c373ffc9e63680e3315ce4f5a031e7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: RF0KZiUX1we2zfI9G69zDf0xny29SIAtLDdwt6iYkT0ySOUqySZNag==

GET
H2 200 sdk.js Show response
connect.facebook.net/es_LA/ 3 KB
3 KB 66ms
23ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/es_LA/sdk.js

Requested by

Host: user-area-front-rebrand.dev.envs.lookiero.tech
URL: https://user-area-front-rebrand.dev.envs.lookiero.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d0b3afbdc4977f76b77ebc71f77513ac2b382ab5d948d177795b3e8331959028

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://user-area-front-rebrand.dev.envs.lookiero.tech/
Origin: https://user-area-front-rebrand.dev.envs.lookiero.tech
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 21 Mar 2024 13:32:44 GMT
content-md5: CT3BairIc7Gtd0YVOxZCnw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1684
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=12, mss=1320, tbw=2767, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug: HdY7ZyAyfHKNU5SvsCJuGK14gSnFB2XNNHSH0VjVleRDWGuLMw498w3xzdXugQq7ehkNExyNpK8PKyFnUeGL/Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 9a557338a45f53fe263f532c2ec278d2
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "459da3783e0ef43d561e17b78fa71c75"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Thu, 21 Mar 2024 13:46:38 GMT

GET
H2 200 runtime~app.4f0473e8.js Show response
user-area-front-rebrand.dev.envs.lookiero.tech/user/static/js/ 3 KB
3 KB 43ms
43ms Script
application/javascript 52.18.192.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://user-area-front-rebrand.dev.envs.lookiero.tech/user/static/js/runtime~app.4f0473e8.js
Requested by: Host: user-area-front-rebrand.dev.envs.lookiero.tech
URL: https://user-area-front-rebrand.dev.envs.lookiero.tech/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.192.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-192-242.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 1c892d3526aab43a0a7f06a027d73a0c37fa3b357cccb9fc3950f9572e1191dd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-area-front-rebrand.dev.envs.lookiero.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 13:32:44 GMT
last-modified: Thu, 21 Mar 2024 11:56:58 GMT
x-powered-by: Express
etag: W/"a73-18e60df1b10"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 2675

GET
H2 200 10.742d7816.chunk.js Show response
user-area-front-rebrand.dev.envs.lookiero.tech/user/static/js/ 4 MB
4 MB 49ms
49ms Script
application/javascript 52.18.192.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://user-area-front-rebrand.dev.envs.lookiero.tech/user/static/js/10.742d7816.chunk.js
Requested by: Host: user-area-front-rebrand.dev.envs.lookiero.tech
URL: https://user-area-front-rebrand.dev.envs.lookiero.tech/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.192.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-192-242.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 3c3fb6664bafd41b530a800ce8459764cb87e0dfc7e422d7786c15db22c66e2a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-area-front-rebrand.dev.envs.lookiero.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 13:32:44 GMT
last-modified: Thu, 21 Mar 2024 11:56:58 GMT
x-powered-by: Express
etag: W/"3fc5d2-18e60df1b10"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 4179410

GET
H2 200 app.764e3352.chunk.js Show response
user-area-front-rebrand.dev.envs.lookiero.tech/user/static/js/ 206 KB
206 KB 88ms
88ms Script
application/javascript 52.18.192.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://user-area-front-rebrand.dev.envs.lookiero.tech/user/static/js/app.764e3352.chunk.js
Requested by: Host: user-area-front-rebrand.dev.envs.lookiero.tech
URL: https://user-area-front-rebrand.dev.envs.lookiero.tech/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.192.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-192-242.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 52af43ada25feebb2b44b3ad8ee6b886306d3c5e4586bf2d80f6e5f9778c48bc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-area-front-rebrand.dev.envs.lookiero.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 13:32:44 GMT
last-modified: Thu, 21 Mar 2024 11:56:58 GMT
x-powered-by: Express
etag: W/"33617-18e60df1b10"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 210455

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 392 KB
106 KB 130ms
80ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TCZ662G

Requested by

Host: user-area-front-rebrand.dev.envs.lookiero.tech
URL: https://user-area-front-rebrand.dev.envs.lookiero.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

68f0afe7d00caf065d15f1928578e38fc48a61dc971e23756abc244792a21038

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-area-front-rebrand.dev.envs.lookiero.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 13:32:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107843
x-xss-protection: 0
last-modified: Thu, 21 Mar 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 21 Mar 2024 13:32:44 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/es_LA/ 298 KB
86 KB 23ms
23ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/es_LA/sdk.js?hash=c03ca761aebe0b5a41922e2a9aba36cb

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/es_LA/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00b21a0c5a48034805665f92a0894551ca3120a369e0c4f55ea6ba9b25fabaaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://user-area-front-rebrand.dev.envs.lookiero.tech/
Origin: https://user-area-front-rebrand.dev.envs.lookiero.tech
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 21 Mar 2024 13:32:44 GMT
content-md5: xd9VvCIT7Sw8GB51+lbzXQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87254
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=20, mss=1320, tbw=6350, tp=-1, tpl=-1, uplat=2, ullat=-1
x-fb-debug: IzUM57w9/Es26dRTUNJ6hLfTePHtug9VojSLT0xYV3hzKmhlxd85yFA5vzYJEWlGMpgfqsbJoTsF24dD/n2uOQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: b7d78a478de5a2ae4da4beb3f4594af2
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "f973f45f7e0bed7c06ddf1ddcbc6d9ca"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 21 Mar 2025 13:03:36 GMT

POST
H2 204 events Show response
data.kameleoon.io/visit/ 0
337 B 172ms
51ms XHR
text/plain 95.217.77.235
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://data.kameleoon.io/visit/events?siteCode=aplm4v3ckn&visitorCode=t0rxwydsn5qry4jz&itp=false

Requested by

Host: aplm4v3ckn.kameleoon.eu
URL: https://aplm4v3ckn.kameleoon.eu/kameleoon.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.217.77.235 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

data-api-new01.kameleoon.net

Software

nginx/1.24.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self' 'nonce-superNonce';base-uri 'self';form-action 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://user-area-front-rebrand.dev.envs.lookiero.tech/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 21 Mar 2024 13:32:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self' 'nonce-superNonce';base-uri 'self';form-action 'self'
server: nginx/1.24.0
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
access-control-allow-headers: user-agent,kameleoon-client

GET
H2 403 braze.no-amd.min.js
js.appboycdn.com/web-sdk/4/ 0
0 306ms
249ms Script
application/xml 2606:4700::6810:1338
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.appboycdn.com/web-sdk/4/braze.no-amd.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TCZ662G
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1338 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-area-front-rebrand.dev.envs.lookiero.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 216 KB
56 KB 47ms
22ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: user-area-front-rebrand.dev.envs.lookiero.tech
URL: https://user-area-front-rebrand.dev.envs.lookiero.tech/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-area-front-rebrand.dev.envs.lookiero.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 21 Mar 2024 13:32:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57659
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=23, mss=1232, tbw=4313, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: 4LyCN3QzhNW6SVSKkgyXqnkJxBAnDEf2R+cfJ5lXX+OQb4rywAzpBwPhMKDZ38AMrSGeecvUWfnwLNIgHeRJ1A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ 118 KB
36 KB 140ms
81ms Script
application/javascript 2a00:1450:400c:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: user-area-front-rebrand.dev.envs.lookiero.tech
URL: https://user-area-front-rebrand.dev.envs.lookiero.tech/user/static/js/10.742d7816.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

06eeb881c1566a0e461fd33710b6c8abd22cbb678eab5b0210aa8c66515d8a0d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7I_6ucuqwSAQWEjBODxJ5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-area-front-rebrand.dev.envs.lookiero.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 13:32:44 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-7I_6ucuqwSAQWEjBODxJ5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjKtHikmJw1JBiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-ZBN88Z3r35SUTz9eXTBJArAHEYj7TWQ9HT2flWzedVQWIdddPZw0FYqf0GaxBQOxTP4M1Bohbb55jnQrEQjwcf95-WM8mcGNa-3QmAN_mNLc"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Thu, 21 Mar 2024 13:32:44 GMT

GET
H2 200 v3 Show response
js.stripe.com/ 607 KB
168 KB 72ms
21ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: user-area-front-rebrand.dev.envs.lookiero.tech
URL: https://user-area-front-rebrand.dev.envs.lookiero.tech/user/static/js/10.742d7816.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9208d3b15dfda19ba48d0dd78429975637682531aa6aa9c9a0b0c9049a4a081d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-area-front-rebrand.dev.envs.lookiero.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 21 Mar 2024 13:32:44 GMT
via: 1.1 varnish
age: 59
x-cache: HIT
content-length: 171656
x-request-id: e0acef61-c4ad-499a-b5c9-2d5b49d4ac92
x-served-by: cache-fra-eddf8230045-FRA
last-modified: Wed, 20 Mar 2024 20:33:02 GMT
server: Fastly
etag: "83a195e0e9274f07cb20b0fbd92d4b5b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 21

POST
H2 204 events Show response
data.kameleoon.io/visit/ 0
336 B 50ms
50ms XHR
text/plain 95.217.77.235
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://data.kameleoon.io/visit/events?siteCode=aplm4v3ckn&visitorCode=t0rxwydsn5qry4jz&itp=false

Requested by

Host: user-area-front-rebrand.dev.envs.lookiero.tech
URL: https://user-area-front-rebrand.dev.envs.lookiero.tech/user/static/js/10.742d7816.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.217.77.235 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

data-api-new01.kameleoon.net

Software

nginx/1.24.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self' 'nonce-superNonce';base-uri 'self';form-action 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://user-area-front-rebrand.dev.envs.lookiero.tech/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 21 Mar 2024 13:32:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self' 'nonce-superNonce';base-uri 'self';form-action 'self'
server: nginx/1.24.0
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
access-control-allow-headers: user-agent,kameleoon-client

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame C460 20 KB
8 KB 221ms
221ms Document
text/html 2a00:1450:400c:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fuser-area-front-rebrand.dev.envs.lookiero.tech&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

40608b5e888ad69087ef1a0d8aba6812ec10c2d3c56fc64aecf5769790edf590

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-gnzld2gXqeazfQ_ruWWfbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://user-area-front-rebrand.dev.envs.lookiero.tech/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-gnzld2gXqeazfQ_ruWWfbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Thu, 21 Mar 2024 13:32:44 GMT
expires: Thu, 21 Mar 2024 13:32:44 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzjKtHikmJw1JBiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-ZBN88Z3r35SUTz9eXTBJArAHEYj7TWQ9HT2flWzedVQWIdddPZw0FYqf0GaxBQOxTP4M1Bohbb55jnQrEQjwcf95-WM8mMOH9pOnMAOAENNQ"
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de_CH.D3eRg1ZK7K4.es5.O/am=gEE2/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMi... Frame C460 160 KB
57 KB 73ms
22ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de_CH.D3eRg1ZK7K4.es5.O/am=gEE2/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhXrdLLqYsSGzZN-lnvC8Pu8R5yqw/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fuser-area-front-rebrand.dev.envs.lookiero.tech&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6022f30c99befedc57a09540492c5a4556f9394fa799618899402e6bc8110434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 01:05:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58098
x-xss-protection: 0
last-modified: Wed, 20 Mar 2024 10:18:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Mar 2025 01:05:15 GMT

GET
H2 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de_CH.D3eRg1ZK7K4.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.sqF... Frame C460 76 KB
27 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de_CH.D3eRg1ZK7K4.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.sqFQvOMX6Go.L.B1.O/am=gEE2/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhkBSGlCx3u03qZq5NAecsjnA006g/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de_CH.D3eRg1ZK7K4.es5.O/am=gEE2/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhXrdLLqYsSGzZN-lnvC8Pu8R5yqw/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a04c5e89a3d69c8702dda1af400f10d8885062b23edcfd29df85480d83ff4ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 06:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27988
x-xss-protection: 0
last-modified: Wed, 20 Mar 2024 04:10:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Mar 2025 06:36:58 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame C460 1 MB
379 KB 88ms
88ms XHR
text/html 2a00:1450:400c:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

816171389f8872e42a26e828ac8d1c20437e984b8a041eccf6ee49e61cc438c3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-oDI4lYj5YhQMwbkgiHHsNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 13:32:45 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-oDI4lYj5YhQMwbkgiHHsNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayUi/web-reports?context=eJzjKtHikmJw1JBiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-ZBN88Z3r35SUTz9eXTBJArAHEYj7TWQ9HT2flWzedVQWIdddPZw0FYqf0GaxBQOxTP4M1Bohbb55jnQrEQtwcf99-WM8msGHWKTMAqr40cw"
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Thu, 21 Mar 2024 13:32:45 GMT

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame 2640 200 B
841 B 21ms
21ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://user-area-front-rebrand.dev.envs.lookiero.tech/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 4451685
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 21 Mar 2024 13:32:45 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 812915
x-content-type-options: nosniff
x-request-id: 04173cbb-06d1-426f-9a23-66fea2d36ef7
x-served-by: cache-fra-eddf8230045-FRA

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de_CH.D3eRg1ZK7K4.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.sqF... Frame C460 9 KB
4 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de_CH.D3eRg1ZK7K4.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.sqFQvOMX6Go.L.B1.O/am=gEE2/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhkBSGlCx3u03qZq5NAecsjnA006g/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98d32b6300fac08003a07e9f817f075b19ef079a64833c0d64632881d43e99fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 06:36:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3748
x-xss-protection: 0
last-modified: Wed, 20 Mar 2024 04:10:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Mar 2025 06:36:59 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de_CH.D3eRg1ZK7K4.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.sqF... Frame C460 37 KB
14 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de_CH.D3eRg1ZK7K4.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.sqFQvOMX6Go.L.B1.O/am=gEE2/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhkBSGlCx3u03qZq5NAecsjnA006g/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71c2515ee9813a103123df58dcf02eeca56750f2cbede44f37ee13633cd0a533

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 06:36:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24946
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14259
x-xss-protection: 0
last-modified: Wed, 20 Mar 2024 04:10:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Mar 2025 06:36:59 GMT

POST
H3 200 log Show response
play.google.com/ Frame C460 131 B
155 B 128ms
82ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 21 Mar 2024 13:32:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Mar 2024 13:32:45 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 103ms
51ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 21 Mar 2024 13:32:45 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame C460 131 B
155 B 131ms
86ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 21 Mar 2024 13:32:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Mar 2024 13:32:45 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 102ms
51ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 21 Mar 2024 13:32:45 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame C460 131 B
155 B 129ms
84ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 21 Mar 2024 13:32:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Mar 2024 13:32:45 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 102ms
51ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 21 Mar 2024 13:32:45 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 102ms
52ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 21 Mar 2024 13:32:45 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame C460 131 B
155 B 127ms
83ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 21 Mar 2024 13:32:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Mar 2024 13:32:45 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 101ms
52ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 21 Mar 2024 13:32:45 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame C460 131 B
155 B 131ms
87ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 21 Mar 2024 13:32:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Mar 2024 13:32:45 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 101ms
53ms Preflight
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 21 Mar 2024 13:32:45 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame C460 131 B
155 B 128ms
85ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 21 Mar 2024 13:32:45 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 21 Mar 2024 13:32:45 GMT

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2640 526 B
451 B 21ms
21ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 21 Mar 2024 13:32:45 GMT
via: 1.1 varnish
age: 4439594
x-cache: HIT
content-length: 315
x-request-id: ac9705ac-627a-4c30-af27-c67970363697
x-served-by: cache-fra-eddf8230045-FRA
last-modified: Fri, 11 Nov 2022 20:25:36 GMT
server: Fastly
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 776870

GET
H2 200 inner.html Show response
m.stripe.network/ Frame B0D3 930 B
2 KB 66ms
22ms Document
text/html 2600:9000:2724:2a00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:2a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 220
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 21 Mar 2024 13:29:06 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 b4c8f37704271e217979234a38712c42.cloudfront.net (CloudFront)
x-amz-cf-id: tT5vfBRtxHuBu5wCmOS5YKodQs6PsPavGP19KRwjAcYpQqDxFOFpyw==
x-amz-cf-pop: FRA56-P12
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame B0D3 87 KB
14 KB 28ms
27ms Script
text/javascript 2600:9000:2724:2a00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:2a00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 13:28:56 GMT
content-encoding: br
via: 1.1 b4c8f37704271e217979234a38712c42.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 229
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: FRA56-P12
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: qc9Qe9-Cw5EIlLl9qJcoQrKLsPIz1xRGVFAtdyzlJuMwRABlssUyOQ==

POST
H2 200 6 Show response
m.stripe.com/ Frame B0D3 156 B
668 B 492ms
165ms XHR
application/json 34.211.61.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.211.61.88 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-211-61-88.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

19c67299b95a3b784571e2bef1e414bc1de1d74f540baa62966276d69bf17089

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Thu, 21 Mar 2024 13:32:45 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1711027965662496
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1711027965662210
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lookiero.tech/	1970-01-21 04:02:43	Name: kameleoonVisitorCode Value: t0rxwydsn5qry4jz
.lookiero.tech/	1970-01-21 04:02:43	Name: pathfinder Value: [{%22ref%22:%22%22%2C%22tld%22:%22%22%2C%22ua%22:%22desktop%22%2C%22ts%22:%222024-03-21%2013:32:44%22%2C%22s%22:%22%22%2C%22ad%22:false}]
.google.com/	1970-01-20 23:40:39	Name: NID Value: 512=H0uzKP2p4446AUpK8eFHUENDgvHP6gFdDImIkGb9CEr4wpgjCBtV6n3LSUlo0uqi4ypA6XQqS6FuXbYZrxCusl1xG6ppc-Su1xcmwDOsAIzRvrKhc1MtnPmXFtYdSjipiyjbsZJ-RwLYhg1WPrwwQ_-ZwzpacUV48uHpJKkQMg4
m.stripe.com/	1970-01-21 04:53:07	Name: m Value: 0b86fe53-114e-40af-bd10-2e0fd26833e043371f
.user-area-front-rebrand.dev.envs.lookiero.tech/	1970-01-21 04:02:43	Name: __stripe_mid Value: 672d73fe-6c7f-497d-ab5d-288ff1898ef636271c
.user-area-front-rebrand.dev.envs.lookiero.tech/	1970-01-20 19:17:09	Name: __stripe_sid Value: 3d5bfcbd-f3a9-4a61-85a5-519a82aa44110a8de5

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://js.appboycdn.com/web-sdk/4/braze.no-amd.min.js Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://user-area-front-rebrand.dev.envs.lookiero.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-area-front-rebrand.dev.envs.lookiero.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-area-front-rebrand.dev.envs.lookiero.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-area-front-rebrand.dev.envs.lookiero.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-area-front-rebrand.dev.envs.lookiero.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-area-front-rebrand.dev.envs.lookiero.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-area-front-rebrand.dev.envs.lookiero.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-area-front-rebrand.dev.envs.lookiero.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-area-front-rebrand.dev.envs.lookiero.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-area-front-rebrand.dev.envs.lookiero.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-area-front-rebrand.dev.envs.lookiero.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-area-front-rebrand.dev.envs.lookiero.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-area-front-rebrand.dev.envs.lookiero.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-area-front-rebrand.dev.envs.lookiero.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-area-front-rebrand.dev.envs.lookiero.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-area-front-rebrand.dev.envs.lookiero.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aplm4v3ckn.kameleoon.eu
cdn.dev.envs.lookiero.tech
connect.facebook.net
data.kameleoon.io
js.appboycdn.com
js.stripe.com
m.stripe.com
m.stripe.network
pay.google.com
play.google.com
user-area-front-rebrand.dev.envs.lookiero.tech
www.googletagmanager.com
www.gstatic.com
151.101.0.176
2600:9000:211e:4200:19:f1c7:c3c0:93a1
2600:9000:2724:2a00:19:7d10:bd80:93a1
2606:4700:20::681a:b1e
2606:4700::6810:1338
2a00:1450:4001:812::2008
2a00:1450:4001:81c::2003
2a00:1450:4001:82a::200e
2a00:1450:400c:c02::5c
2a03:2880:f083:100:face:b00c:0:3
34.211.61.88
52.18.192.242
95.217.77.235
00b21a0c5a48034805665f92a0894551ca3120a369e0c4f55ea6ba9b25fabaaf
06eeb881c1566a0e461fd33710b6c8abd22cbb678eab5b0210aa8c66515d8a0d
19c67299b95a3b784571e2bef1e414bc1de1d74f540baa62966276d69bf17089
1c892d3526aab43a0a7f06a027d73a0c37fa3b357cccb9fc3950f9572e1191dd
315e2d4e80525eea14f5974b04828478aa976f6fefc708036f16a5f666b69f75
32f3cb5f1db117b3dfc16d552ee6631af507ee739c7aec0d8c17882002371475
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
3c3fb6664bafd41b530a800ce8459764cb87e0dfc7e422d7786c15db22c66e2a
40608b5e888ad69087ef1a0d8aba6812ec10c2d3c56fc64aecf5769790edf590
4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
52af43ada25feebb2b44b3ad8ee6b886306d3c5e4586bf2d80f6e5f9778c48bc
6022f30c99befedc57a09540492c5a4556f9394fa799618899402e6bc8110434
68f0afe7d00caf065d15f1928578e38fc48a61dc971e23756abc244792a21038
6a04c5e89a3d69c8702dda1af400f10d8885062b23edcfd29df85480d83ff4ae
71c2515ee9813a103123df58dcf02eeca56750f2cbede44f37ee13633cd0a533
816171389f8872e42a26e828ac8d1c20437e984b8a041eccf6ee49e61cc438c3
9208d3b15dfda19ba48d0dd78429975637682531aa6aa9c9a0b0c9049a4a081d
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
98d32b6300fac08003a07e9f817f075b19ef079a64833c0d64632881d43e99fa
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
c8ee3bc85db46b89dd26bf38e5b1e4441a8461fed857a50360cdedfc01a2b7c0
d0b3afbdc4977f76b77ebc71f77513ac2b382ab5d948d177795b3e8331959028
d43ed046d4344e023aec830e66f9b13b53e5f316be270f68ad5dc3b8dbcb67ed
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

user-area-front-rebrand.dev.envs.lookiero.tech Open in urlscan Pro 52.18.192.242 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

39 Requests

100 %HTTPS

69 %IPv6

10 Domains

13 Subdomains

13 IPs

5 Countries

5317 kBTransfer

7771 kBSize

6 Cookies

0 Outgoing links

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

user-area-front-rebrand.dev.envs.lookiero.tech Open in urlscan Pro
52.18.192.242 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

100 %
HTTPS

69 %
IPv6

10
Domains

13
Subdomains

13
IPs

5
Countries

5317 kB
Transfer

7771 kB
Size

6
Cookies

39 HTTP transactions
0 data transactions