urlscan.io logo urlscan.io
SecurityTrails logo

app.zipzap.gifts Open in urlscan Pro
2600:9000:275b:9200:12:f29d:a80:93a1  Public Scan

Go To Rescan Add Verdict Report
URL: https://app.zipzap.gifts/
Submission: On July 15 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 18 HTTP transactions. The main IP is 2600:9000:275b:9200:12:f29d:a80:93a1, located in United States and belongs to AMAZON-02, US. The main domain is app.zipzap.gifts.
TLS certificate: Issued by Amazon RSA 2048 M03 on July 7th 2024. Valid for: a year.
This is the only time app.zipzap.gifts was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2600:9000:275... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:25e... 16509 (AMAZON-02)
2 34.107.203.234 396982 (GOOGLE-CL...)
3 18.244.18.37 16509 (AMAZON-02)
1 52.217.164.128 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
18 8
4    2600:9000:275b:9200:12:f29d:a80:93a1 (United States)

ASN16509 (AMAZON-02, US)
app.zipzap.gifts
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2600:9000:25e8:1800:18:6c16:27c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
tools.luckyorange.com
2    34.107.203.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.203.107.34.bc.googleusercontent.com
settings.luckyorange.com
3    18.244.18.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-37.fra56.r.cloudfront.net
js.stripe.com
1    52.217.164.128 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
4 luckyorange.com
tools.luckyorange.com — Cisco Umbrella Rank: 22124
settings.luckyorange.com — Cisco Umbrella Rank: 21888
71 KB
4 zipzap.gifts
app.zipzap.gifts
677 KB
3 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2856
152 KB
1 gstatic.com
fonts.gstatic.com
8 KB
1 amazonaws.com
s3.amazonaws.com
229 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
18 6
Domain Requested by
4 app.zipzap.gifts app.zipzap.gifts
3 js.stripe.com app.zipzap.gifts
js.stripe.com
2 settings.luckyorange.com tools.luckyorange.com
2 tools.luckyorange.com app.zipzap.gifts
tools.luckyorange.com
1 fonts.gstatic.com fonts.googleapis.com
1 s3.amazonaws.com app.zipzap.gifts
1 fonts.googleapis.com app.zipzap.gifts
18 7

This site contains no links.

Subject Issuer Validity Valid
*.zipzap.gifts
Amazon RSA 2048 M03		 2024-07-07 -
2025-08-05		 a year crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
luckyorange.com
Amazon RSA 2048 M03		 2023-11-18 -
2024-12-15		 a year crt.sh
settings.luckyorange.com
R3		 2024-06-04 -
2024-09-02		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-06-21 -
2024-09-19		 3 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2024-05-25 -
2025-05-02		 a year crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://app.zipzap.gifts/
Frame ID: FE91EC289BF47D2EBA179916777B46A4
Requests: 10 HTTP requests in this frame

Frame: https://tools.luckyorange.com/core/core.js?v=29ae575
Frame ID: CB5F9F5CF84261B2C1239E1B44FC4A96
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-muas-control-f7597505c3409e451825baa3935355dd.html
Frame ID: 5C8122665C9E138CFC5534E0E6927B0C
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 0DF6107D10E0CC68388F86E22C2FF607
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Zip Zap Gifts

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

18
Requests

78 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

8
IPs

2
Countries

1139 kB
Transfer

3778 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app.zipzap.gifts/ 		1 KB
925 B 		Document
General
Check archive.org
Download Go to
Full URL
https://app.zipzap.gifts/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:9200:12:f29d:a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ff6d0e73961d0225fa6cefcec9211f74e236400577f9e76540e72b9d64b86ffc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, s-maxage=2
content-encoding
gzip
content-type
text/html
date
Mon, 15 Jul 2024 23:16:47 GMT
etag
W/"b844d9126a7f04fc2d502c42a6de48e8"
last-modified
Thu, 09 Feb 2023 03:28:55 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 0833e8be76641de099b8f4a92c7a1c4e.cloudfront.net (CloudFront)
x-amz-cf-id
oRwSaIL0rqIKUpeqGE45tpt11oullBn-gM17MHOtX3se-SP2cdEW3Q==
x-amz-cf-pop
FRA60-P7
x-cache
Miss from cloudfront
css2
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: app.zipzap.gifts
URL: https://app.zipzap.gifts/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4470c057475016a3045a16ac65828fc98e4b28380d0f6f3db238df2ac62755f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://app.zipzap.gifts/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 Jul 2024 23:16:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 Jul 2024 23:16:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Jul 2024 23:16:48 GMT
lo.js
tools.luckyorange.com/core/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tools.luckyorange.com/core/lo.js?site-id=8be029e0
Requested by
Host: app.zipzap.gifts
URL: https://app.zipzap.gifts/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25e8:1800:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
10e6bfe7f3b086e1a54d3f538efbeb9f8a764487f0a6d8d2fbec53830c08fb82

Request headers

Referer
https://app.zipzap.gifts/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 23:10:14 GMT
content-encoding
gzip
via
1.1 b5831686bbaffa69458853f1db0eca2a.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P3
age
395
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
4697
last-modified
Mon, 08 Jul 2024 20:10:09 GMT
server
AmazonS3
etag
"6db5fc83e3fffddca41950ba2c335181"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
VSRBSxSaX40SPUFnbxUDxDflbP8twNw2ehR2-mpcb41GhrCPi7RzbA==
main.0d67fc43.js
app.zipzap.gifts/static/js/ 		2 MB
632 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.zipzap.gifts/static/js/main.0d67fc43.js
Requested by
Host: app.zipzap.gifts
URL: https://app.zipzap.gifts/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:275b:9200:12:f29d:a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a602d29e40c4e64ed1e5a41ecced32b8ad72af07ab218fb650931241c1cdc89f

Request headers

Referer
https://app.zipzap.gifts/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 23:16:48 GMT
content-encoding
gzip
via
1.1 b08e1d433d62b5ab056680968a8cc7ea.cloudfront.net (CloudFront)
last-modified
Thu, 09 Feb 2023 03:28:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
etag
W/"01600cd9fb645556b121241a7488717c"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=0, s-maxage=2
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
hOvZHkt8Ucv_di2w0u4HswRf5eCuRKaPchnNjHroFrFJ-3ovXYOvtA==
main.41c75226.css
app.zipzap.gifts/static/css/ 		249 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.zipzap.gifts/static/css/main.41c75226.css
Requested by
Host: app.zipzap.gifts
URL: https://app.zipzap.gifts/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:9200:12:f29d:a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1590b08e8a551be3caaee6ef436480ccad9b2ecd1ccd18fafd674cb92251fcc3

Request headers

Referer
https://app.zipzap.gifts/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 23:16:48 GMT
content-encoding
gzip
via
1.1 0833e8be76641de099b8f4a92c7a1c4e.cloudfront.net (CloudFront)
last-modified
Thu, 09 Feb 2023 03:28:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
etag
W/"4bd5c9f82c173c21f90194733286ee93"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
cache-control
public, max-age=0, s-maxage=2
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
m7lGcGc3BZ142X2uu_dyeyJ0PWspKHi7BELtV1WUEBXamJfx_3xcyQ==
8be029e0
settings.luckyorange.com/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://settings.luckyorange.com/8be029e0
Requested by
Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/lo.js?site-id=8be029e0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.203.107.34.bc.googleusercontent.com
Software
/
Resource Hash
14ae35b57b5ddd06f77afb2fa9a84d75347cce36646ff571306d5dbee22b7ef4

Request headers

Referer
https://app.zipzap.gifts/
x-lucky-uid
undefined
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
x-lucky-referrer

Response headers

date
Mon, 15 Jul 2024 23:16:48 GMT
content-encoding
gzip
via
1.1 google
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.zipzap.gifts
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
8be029e0
settings.luckyorange.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://settings.luckyorange.com/8be029e0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.203.107.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-lucky-referrer,x-lucky-uid
Access-Control-Request-Method
GET
Origin
https://app.zipzap.gifts
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id,X-Lucky-Referrer
access-control-allow-methods
POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://app.zipzap.gifts
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 15 Jul 2024 23:16:48 GMT
via
1.1 google
core.js
tools.luckyorange.com/core/ Frame CB5F 		213 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tools.luckyorange.com/core/core.js?v=29ae575
Requested by
Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/lo.js?site-id=8be029e0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25e8:1800:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
582f1b4d6c7b07843c40b8740956c4dcc7fff139183e9409006d8377aed44fd0

Request headers

Referer
Origin
https://app.zipzap.gifts
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 23:16:50 GMT
content-encoding
gzip
via
1.1 7cda9a7fe68f979d43fe743d9fbd0db4.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P3
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
65399
last-modified
Mon, 08 Jul 2024 20:10:10 GMT
server
AmazonS3
etag
"82ef19518be1a5accbb172e50fe31a5f"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
67JUlqA3KYFgFonYTcZpJn79_RZGH-vmJAebJs-ICSMmuZY-lgbtOw==
v3
js.stripe.com/ 		622 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: app.zipzap.gifts
URL: https://app.zipzap.gifts/static/js/main.0d67fc43.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-37.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6da69de8b20a5b7b8c686f843c7a1e806cf8ed534c438ca11289afe0ee5052df
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.zipzap.gifts/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 23:16:46 GMT
content-encoding
br
via
1.1 012ed5015dc2306833b5abb65b3a0378.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
52
x-amz-cf-pop
FRA56-P11
x-cache
Hit from cloudfront
last-modified
Mon, 15 Jul 2024 21:52:28 GMT
server
Cloudfront
etag
W/"6a5a81f1f94123b7a35c4d870190c6f9"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
Sxxrqwlrt2gsAhUUnlwRBbl8LNJz5rdsirpMR5HGSnZxiq1DS2qRog==
zip-zap-login+(1).png
s3.amazonaws.com/content.zipzapgifts.com/ 		229 KB
229 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/content.zipzapgifts.com/zip-zap-login+(1).png
Requested by
Host: app.zipzap.gifts
URL: https://app.zipzap.gifts/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.164.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
a3afc185ea258e65801b68ca0b62a334ddc74f0ae4b7c6509032d3f9874331c8

Request headers

Referer
https://app.zipzap.gifts/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 15 Jul 2024 23:16:51 GMT
Last-Modified
Mon, 14 Mar 2022 19:00:05 GMT
Server
AmazonS3
x-amz-request-id
A55H658R4BBD5FP9
ETag
"ff08fea79ec65fed2afc8304548f54db"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
234211
x-amz-id-2
Y/hNWBi6moAoH5h4JHkGcikValxKBgqIKWtj7jge4AI4jods7aUeFXQ74L2NCF0xi5OBXBaTsqk=
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.zipzap.gifts
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 10:12:33 GMT
x-content-type-options
nosniff
age
565457
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 10:12:33 GMT
controller-with-muas-control-f7597505c3409e451825baa3935355dd.html
js.stripe.com/v3/ Frame 5C81 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-with-muas-control-f7597505c3409e451825baa3935355dd.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-37.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.zipzap.gifts/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
42
cache-control
max-age=60, stale-while-revalidate=900
content-length
651
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 15 Jul 2024 23:16:09 GMT
etag
"f7597505c3409e451825baa3935355dd"
last-modified
Mon, 15 Jul 2024 21:10:10 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 b166ca183629eada7c88ffe6bf8562a2.cloudfront.net (CloudFront)
x-amz-cf-id
PHBQg2lDwb4xzTAdr82rJNUUZrchyNDnvuzOX86ltR1wcxydAdTYdg==
x-amz-cf-pop
FRA56-P11
x-amz-meta-origin-agent-cluster
?1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
frame.js
tools.luckyorange.com/core/ Frame 5C81 		0
0
f8c75c62-6764-4f45-8c1e-24b767abc57b
https://app.zipzap.gifts/ Frame CB5F 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://app.zipzap.gifts/f8c75c62-6764-4f45-8c1e-24b767abc57b
Requested by
Host: app.zipzap.gifts
URL: https://app.zipzap.gifts/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
0
Content-Type
89c42a78-2281-4918-9bad-c089b29c04c1
https://app.zipzap.gifts/ Frame CB5F 		22 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://app.zipzap.gifts/89c42a78-2281-4918-9bad-c089b29c04c1
Requested by
Host: app.zipzap.gifts
URL: https://app.zipzap.gifts/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
381a5be20ed2f6200ec89025da163e8c99936fcfdea534073c2a7dcd06059852

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
22873
Content-Type
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 0DF6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-37.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.zipzap.gifts/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
600
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 15 Jul 2024 23:06:51 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 05 Jul 2024 17:12:02 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 b166ca183629eada7c88ffe6bf8562a2.cloudfront.net (CloudFront)
x-amz-cf-id
lsoZHF8DGQ21u7plPNCH8SV76HaVIEVdQmj7JBWHYL3tMnebYP80NQ==
x-amz-cf-pop
FRA56-P11
x-cache
Hit from cloudfront
x-content-type-options
nosniff
frame.js
tools.luckyorange.com/core/ Frame 0DF6 		0
0
favicon.ico
app.zipzap.gifts/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://app.zipzap.gifts/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:275b:9200:12:f29d:a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dbaad5edfe9320bfe8e1aa22ec12d0eced9bc88fa6df3001e3e74b04cb0fafb9

Request headers

Referer
https://app.zipzap.gifts/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 23:16:52 GMT
via
1.1 b08e1d433d62b5ab056680968a8cc7ea.cloudfront.net (CloudFront)
last-modified
Thu, 09 Feb 2023 03:28:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
etag
"7bfc5c187d891b2910ca4897750ea82c"
x-cache
Miss from cloudfront
content-type
image/vnd.microsoft.icon
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
15406
x-amz-cf-id
gq_OO_enLzdWUOO-DoDwaO5G7mrxFLqu9eCUkHKpoEKS0mlZFKeH9w==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tools.luckyorange.com
URL
https://tools.luckyorange.com/core/frame.js?v=29ae575
Domain
tools.luckyorange.com
URL
https://tools.luckyorange.com/core/frame.js?v=29ae575

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| LO object| webpackChunkzip_zap_gifts object| LOQ object| _loq object| webpackChunkStripeJSouter function| noop function| Stripe

5 Cookies

Domain/Path Name / Value
.zipzap.gifts/ Name: lo-uid
Value: 8be029e0-1721085408660-c331cb7a09266273
.zipzap.gifts/ Name: lo-visits
Value: 1
m.stripe.com/ Name: m
Value: 3316b074-f8cb-469e-abd1-2e06a194ddf75f11ff
.app.zipzap.gifts/ Name: __stripe_mid
Value: 5dbbf3d8-d9eb-4b43-9159-438087b0e17394a3ae
.app.zipzap.gifts/ Name: __stripe_sid
Value: c35ddaee-f60e-44a1-b7fc-93f167946b9ab6dab2