commander.monsieurbourguignon.ch Open in urlscan Pro
18.156.75.98 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://commander.monsieurbourguignon.ch/
Effective URL:
https://commander.monsieurbourguignon.ch/
Submission: On February 27 via api (February 27th 2024, 12:53:04 pm UTC) from NL — Scanned from CH

Summary HTTP 43 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 11 domains to perform 43 HTTP transactions. The main IP is 18.156.75.98, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is commander.monsieurbourguignon.ch.
TLS certificate: Issued by R3 on February 27th 2024. Valid for: 3 months.

This is the only time commander.monsieurbourguignon.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	18.156.75.98 18.156.75.98	16509 (AMAZON-02) (AMAZON-02)
8	108.138.36.106 108.138.36.106	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
6	2606:4700:303... 2606:4700:3032::6815:325e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f03... 2a03:2880:f03d:1c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:400c:c09::54	15169 (GOOGLE) (GOOGLE)
1	52.10.34.124 52.10.34.124	16509 (AMAZON-02) (AMAZON-02)
1	18.66.192.32 18.66.192.32	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	18.173.154.87 18.173.154.87	16509 (AMAZON-02) (AMAZON-02)
1	3.5.134.145 3.5.134.145	16509 (AMAZON-02) (AMAZON-02)
3	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
1	54.194.159.216 54.194.159.216	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
43	16

8 18.156.75.98 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-75-98.eu-central-1.compute.amazonaws.com

commander.monsieurbourguignon.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 108.138.36.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-106.muc50.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3032::6815:325e (United States)

ASN13335 (CLOUDFLARENET, US)

api.myhop.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f03d:1c:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c09::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.10.34.124 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-34-124.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-32.muc50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.154.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-87.muc50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.5.134.145 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.eu-central-1.amazonaws.com

hop-delivery.s3.eu-central-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.159.216 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-159-216.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	stripe.com js.stripe.com — Cisco Umbrella Rank: 1204 m.stripe.com — Cisco Umbrella Rank: 1173 r.stripe.com — Cisco Umbrella Rank: 3338	434 KB
8	monsieurbourguignon.ch 1 redirects commander.monsieurbourguignon.ch	3 MB
6	myhop.ch api.myhop.ch	5 KB
5	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 369 fonts.googleapis.com — Cisco Umbrella Rank: 32	186 KB
4	google.com apis.google.com — Cisco Umbrella Rank: 104 accounts.google.com — Cisco Umbrella Rank: 24	65 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 710 script.hotjar.com — Cisco Umbrella Rank: 961	60 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1277	16 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 176	90 KB
1	gstatic.com www.gstatic.com	37 KB
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 6381	161 B
1	amazonaws.com hop-delivery.s3.eu-central-1.amazonaws.com	3 MB
43	11

	Domain	Requested by
8	js.stripe.com	commander.monsieurbourguignon.ch js.stripe.com
8	commander.monsieurbourguignon.ch	1 redirects commander.monsieurbourguignon.ch
6	api.myhop.ch	commander.monsieurbourguignon.ch
4	maps.googleapis.com	commander.monsieurbourguignon.ch maps.googleapis.com
3	r.stripe.com	js.stripe.com
2	accounts.google.com	apis.google.com www.gstatic.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	connect.facebook.net	commander.monsieurbourguignon.ch connect.facebook.net
2	apis.google.com	commander.monsieurbourguignon.ch apis.google.com
1	www.gstatic.com	accounts.google.com
1	content.hotjar.io	commander.monsieurbourguignon.ch
1	hop-delivery.s3.eu-central-1.amazonaws.com	commander.monsieurbourguignon.ch
1	script.hotjar.com	static.hotjar.com
1	fonts.googleapis.com	commander.monsieurbourguignon.ch
1	static.hotjar.com	commander.monsieurbourguignon.ch
1	m.stripe.com	m.stripe.network
43	16

This site contains no links.

Subject Issuer	Validity	Valid
commander.monsieurbourguignon.ch R3	`2024-02-27` - `2024-05-27`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-02-07` - `2024-05-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
myhop.ch GTS CA 1P5	`2024-02-24` - `2024-05-24`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-06` - `2024-03-05`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-22` - `2024-03-21`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
*.s3.eu-central-1.amazonaws.com Amazon RSA 2048 M01	`2024-02-08` - `2025-01-18`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2024-02-26` - `2024-05-23`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-01-31` - `2025-03-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://commander.monsieurbourguignon.ch/
Frame ID: DCB41C01963393D28D4661098B94F18A
Requests: 24 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: D3F551FF211833F4F12630822CDAC1C7
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 1325316206BBE857BD702AD63E401C7C
Requests: 3 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: EC1B29848EB8F00E170EE188A640808A
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-eb137b084429aec91da5fd5e8ccad45e.html
Frame ID: 2BBB99C93ECA0F9219C76386C5FF55C1
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Monsieur Bourguignon

Page URL History Show full URLs

http://commander.monsieurbourguignon.ch/ HTTP 301
https://commander.monsieurbourguignon.ch/ Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

43
Requests

100 %
HTTPS

44 %
IPv6

11
Domains

16
Subdomains

16
IPs

4
Countries

6759 kB
Transfer

9283 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://commander.monsieurbourguignon.ch/ HTTP 301
https://commander.monsieurbourguignon.ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
commander.monsieurbourguignon.ch/
Redirect Chain

http://commander.monsieurbourguignon.ch/
https://commander.monsieurbourguignon.ch/

2 KB
2 KB

118ms
66ms

Document
text/html

18.156.75.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commander.monsieurbourguignon.ch/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.75.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-75-98.eu-central-1.compute.amazonaws.com
Software: / Express
Resource Hash: 3fc36c6c846e96871a72ff90a860040be8667bd804d05dfa4e02557823eb8d2c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 1598
Content-Type: text/html; charset=utf-8
Date: Tue, 27 Feb 2024 12:52:57 GMT
ETag: W/"63e-WvnblKExPloxwL7Hj9Pb+oOMk8M"
Keep-Alive: timeout=5
X-Powered-By: Express

Redirect headers

Connection: keep-alive
Content-Length: 239
Content-Type: text/html; charset=utf-8
Date: Tue, 27 Feb 2024 12:52:57 GMT
Keep-Alive: timeout=5
Location: https://commander.monsieurbourguignon.ch/

GET
H2 200 / Show response
js.stripe.com/v3/ 601 KB
148 KB 71ms
24ms Script
text/javascript 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: commander.monsieurbourguignon.ch
URL: https://commander.monsieurbourguignon.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

d1350249f48fe23ab951812814d417b78ce954823edd5387748c63851d21c4a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://commander.monsieurbourguignon.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 12:52:58 GMT
content-encoding: br
via: 1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 7
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Mon, 26 Feb 2024 18:36:39 GMT
server: Cloudfront
etag: W/"370c51af8b59bd1e7f1216fffb8f8ebe"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: 64FCjgtjt6t2KTh2w84aiz6Sp3dZGJNQqEEZCFf0lMIVcv29ihIYqA==

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 224 KB
75 KB 112ms
51ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBrN5G7ldwGew-_mZ8e5NxNCkr73H30jIo&libraries=places,drawing

Requested by

Host: commander.monsieurbourguignon.ch
URL: https://commander.monsieurbourguignon.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

4a3e29cc1bd9138fae0975c04728ebeb40dafb64859b329de313294e44ab920a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://commander.monsieurbourguignon.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 12:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76181
x-xss-protection: 0

GET
H/1.1 200
OK styles.6954c52a7b4ff5d1.css
commander.monsieurbourguignon.ch/ 253 KB
253 KB 49ms
48ms Stylesheet
text/css 18.156.75.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commander.monsieurbourguignon.ch/styles.6954c52a7b4ff5d1.css
Requested by: Host: commander.monsieurbourguignon.ch
URL: https://commander.monsieurbourguignon.ch/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.75.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-75-98.eu-central-1.compute.amazonaws.com
Software: / Express
Resource Hash: e0c3538ad9f9f5a8978cc0969dedab1fde715811383f1c839fe24fc9b15f4a2c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://commander.monsieurbourguignon.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 12:52:57 GMT
Last-Modified: Mon, 19 Feb 2024 14:55:39 GMT
X-Powered-By: Express
ETag: W/"3f449-18dc1dd90bc"
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 259145

GET
H/1.1 200
OK runtime.a8dfada676533f68.js Show response
commander.monsieurbourguignon.ch/ 1 KB
1 KB 74ms
26ms Script
application/javascript 18.156.75.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commander.monsieurbourguignon.ch/runtime.a8dfada676533f68.js
Requested by: Host: commander.monsieurbourguignon.ch
URL: https://commander.monsieurbourguignon.ch/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.75.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-75-98.eu-central-1.compute.amazonaws.com
Software: / Express
Resource Hash: 27b4c7e7190b138faaa9a680bef8cdebbd9689939cfc6ff3f12f91768d618881

Request headers

Referer: https://commander.monsieurbourguignon.ch/
Origin: https://commander.monsieurbourguignon.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 12:52:58 GMT
Last-Modified: Mon, 19 Feb 2024 14:55:38 GMT
X-Powered-By: Express
ETag: W/"473-18dc1dd8a8c"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 1139

GET
H/1.1 200
OK polyfills.0f6366f7ff66e01d.js Show response
commander.monsieurbourguignon.ch/ 37 KB
37 KB 98ms
48ms Script
application/javascript 18.156.75.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commander.monsieurbourguignon.ch/polyfills.0f6366f7ff66e01d.js
Requested by: Host: commander.monsieurbourguignon.ch
URL: https://commander.monsieurbourguignon.ch/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.75.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-75-98.eu-central-1.compute.amazonaws.com
Software: / Express
Resource Hash: a29f8826c4719f5a3788dfcbbc6f83778302389a5555421213a8bba7315f219a

Request headers

Referer: https://commander.monsieurbourguignon.ch/
Origin: https://commander.monsieurbourguignon.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 12:52:58 GMT
Last-Modified: Mon, 19 Feb 2024 14:55:36 GMT
X-Powered-By: Express
ETag: W/"93ae-18dc1dd83c8"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 37806

GET
H/1.1 200
OK vendor.ec9ecf983671cbfd.js Show response
commander.monsieurbourguignon.ch/ 2 MB
2 MB 103ms
53ms Script
application/javascript 18.156.75.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commander.monsieurbourguignon.ch/vendor.ec9ecf983671cbfd.js
Requested by: Host: commander.monsieurbourguignon.ch
URL: https://commander.monsieurbourguignon.ch/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.75.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-75-98.eu-central-1.compute.amazonaws.com
Software: / Express
Resource Hash: ba04d1070ccf78d642f0c9bb33e630bc573b6db37270275312656f004e7fa44e

Request headers

Referer: https://commander.monsieurbourguignon.ch/
Origin: https://commander.monsieurbourguignon.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 12:52:58 GMT
Last-Modified: Mon, 19 Feb 2024 14:55:55 GMT
X-Powered-By: Express
ETag: W/"1979ce-18dc1ddccb8"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 1669582

GET
H/1.1 200
OK main.8e0064a00088864e.js Show response
commander.monsieurbourguignon.ch/ 760 KB
760 KB 105ms
54ms Script
application/javascript 18.156.75.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commander.monsieurbourguignon.ch/main.8e0064a00088864e.js
Requested by: Host: commander.monsieurbourguignon.ch
URL: https://commander.monsieurbourguignon.ch/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.75.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-75-98.eu-central-1.compute.amazonaws.com
Software: / Express
Resource Hash: aa0a3e1f71734e5537a68fb9e401121470040373e42d434261045ed9dbabf561

Request headers

Referer: https://commander.monsieurbourguignon.ch/
Origin: https://commander.monsieurbourguignon.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 12:52:58 GMT
Last-Modified: Mon, 19 Feb 2024 14:56:02 GMT
X-Powered-By: Express
ETag: W/"bdfed-18dc1dde7ec"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 778221

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 109ms
54ms XHR
application/json 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBrN5G7ldwGew-_mZ8e5NxNCkr73H30jIo&libraries=places,drawing

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://commander.monsieurbourguignon.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 12:52:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://commander.monsieurbourguignon.ch
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

OPTIONS
H2 204 check_and_get_domain_data
api.myhop.ch/api/store/ Frame 0
0 205ms
72ms Preflight 2606:4700:3032::6815:325e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.myhop.ch/api/store/check_and_get_domain_data
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:325e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,content-type,is_main_website,type
Access-Control-Request-Method: POST
Origin: https://commander.monsieurbourguignon.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-headers: access-control-allow-origin,content-type,is_main_website,type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85c091693a37b91a-AMS
content-length: 0
date: Tue, 27 Feb 2024 12:52:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=raQuRYDJjgEwi%2BILGcAgAdq79lXmjcQBeWrZeZuLm8cuc8v2222gUDhz28E4uXEYC94JB0Sk3A3ek5WMm65dsYH1zC50u1R1DTmX2kZqL8Y49KNinF%2FOdSJsulgrBxQVWkv0zr1BMEKb%2FpU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Access-Control-Request-Headers
x-powered-by: Express

GET
H/1.1 200
OK fr.json Show response
commander.monsieurbourguignon.ch/assets/i18n/ 18 KB
19 KB 26ms
25ms XHR
application/json 18.156.75.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://commander.monsieurbourguignon.ch/assets/i18n/fr.json
Requested by: Host: commander.monsieurbourguignon.ch
URL: https://commander.monsieurbourguignon.ch/polyfills.0f6366f7ff66e01d.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.75.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-75-98.eu-central-1.compute.amazonaws.com
Software: / Express
Resource Hash: fd77e990cbb7538e196886f35a41caf4340f0da845bd98b9b7aa94d7ebf10529

Request headers

Accept: application/json, text/plain, */*
Referer: https://commander.monsieurbourguignon.ch/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 12:52:58 GMT
Last-Modified: Tue, 02 Jan 2024 08:45:59 GMT
X-Powered-By: Express
ETag: W/"49ab-18cc959e044"
Content-Type: application/json; charset=UTF-8
Cache-Control: public, max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 18859

POST
H2 200 check_and_get_domain_data Show response
api.myhop.ch/api/store/ 4 KB
1 KB 74ms
74ms XHR
application/json 2606:4700:3032::6815:325e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.myhop.ch/api/store/check_and_get_domain_data
Requested by: Host: commander.monsieurbourguignon.ch
URL: https://commander.monsieurbourguignon.ch/polyfills.0f6366f7ff66e01d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:325e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c4e63a72caaaff98fd657e22bdbc95521004236ace98155ebf4a19bdb921a508

Request headers

accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
content-type: application/json
Access-Control-Allow-Origin: *
is_main_website: false
Accept: application/json, text/plain, */*
Referer: https://commander.monsieurbourguignon.ch/
type: 7

Response headers

date: Tue, 27 Feb 2024 12:52:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"11be-TgiJLTEAtOhm8vGsTena+rwM8Y0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RS%2BvlJ0Q4GtRZxPqBekzIUQorG%2FGB4Bst2DEertAFz73ztjXi%2FL%2FYWGnx%2Blf21d2TyDYt7TTgEeDet85pF4uX7rsJ9kCrwjRQPl%2FoBLQrK%2B9403IfVTpsJyono2EerWDsrweo6GC4DyJdtA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 85c09169aaf7b91a-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 platform.js Show response
apis.google.com/js/ 56 KB
22 KB 107ms
48ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: commander.monsieurbourguignon.ch
URL: https://commander.monsieurbourguignon.ch/vendor.ec9ecf983671cbfd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

619775a3b00105aadf85ef2aaf2fa40eaa2acb0ae238448e79365a68fbcf38de

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://commander.monsieurbourguignon.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 27 Feb 2024 12:52:58 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21874
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "e73bcf810a16043c"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Feb 2024 12:52:58 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 90ms
30ms Script
application/x-javascript 2a03:2880:f03d:1c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: commander.monsieurbourguignon.ch
URL: https://commander.monsieurbourguignon.ch/vendor.ec9ecf983671cbfd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f03d:1c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b07b7b25d5896f325cb8b366a25b5d24eb02e42cb0f130886151b7dc8b99238b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://commander.monsieurbourguignon.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 27 Feb 2024 12:52:58 GMT
content-md5: SzEvUZMTezLi1Fd59Z+InA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug: 5bQ70uoxbWDGSbw2Fuzv+jOjFSvQFhCDLzojqrjQutElPqzkGaTmHq2VVQx58+O7IIXj2fDNgBGGnjStv0ikaA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: d319449a7d70cbce78a232523c8cdaa1
x-stack: www
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "691fd2277d42684671ceeb419c69a668"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Tue, 27 Feb 2024 13:00:22 GMT

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame D3F5 200 B
1 KB 22ms
21ms Document
text/html 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://commander.monsieurbourguignon.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1958
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 27 Feb 2024 12:20:21 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Wed, 14 Feb 2024 22:10:56 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
x-amz-cf-id: 3NDLzwW3tqe6BtZ70bd9uxR1peQBy1BIfLKhB2EhytDrAxSHmlL93Q==
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D3F5 526 B
1 KB 22ms
22ms Script
text/javascript 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 12:20:20 GMT
via: 1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 1960
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
content-length: 526
last-modified: Wed, 14 Feb 2024 22:10:55 GMT
server: Cloudfront
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: DLoBrh8YGAQNZEFxlLLHClEMg4_iAI6n5c6inUrKZhLlHcjAlYYXgw==

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 1325 930 B
1 KB 70ms
20ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 279
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 27 Feb 2024 12:52:58 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 144
x-content-type-options: nosniff
x-request-id: b827da8d-5139-4cb7-9875-8d71812d5bbe
x-served-by: cache-mxp6956-MXP
x-timer: S1709038378.419996,VS0,VE0

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 303 KB
87 KB 61ms
30ms Script
application/x-javascript 2a03:2880:f03d:1c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=e13205624075be78391c5d62c39cdf92

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f03d:1c:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

78d87c1b0b24fd318d1fa9c12165bf06733d23e9409ff41b991a5b4eef6be0d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://commander.monsieurbourguignon.ch/
Origin: https://commander.monsieurbourguignon.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 27 Feb 2024 12:52:58 GMT
content-md5: HQq4fweCftrJpSQxv3FJrQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88663
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug: N6WdwTHdwjVRpKK9HGU56HBMo/67By3xUE73gj2UsFp7yTdib9gm6fifegMKiQkhG36toBLttzuXFxcsh77KCQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 0dd33e0eed02f7aba5a5e7656d6ecdc6
x-stack: www
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "67961af94e39f02f8e159ec1d0b94c3f"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Wed, 26 Feb 2025 11:11:21 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.aeZ_fR6R8dw.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8sci9Edc4jbYPjA7lmgveCIC2AvA/ 119 KB
40 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.aeZ_fR6R8dw.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8sci9Edc4jbYPjA7lmgveCIC2AvA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91f4052bc612bffb980677dac8e4789cef14919f92e1f16f333bc2dfce3206d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://commander.monsieurbourguignon.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:57:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14134
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40958
x-xss-protection: 0
last-modified: Fri, 02 Feb 2024 17:51:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Feb 2025 08:57:24 GMT

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 1325 87 KB
15 KB 20ms
20ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Tue, 27 Feb 2024 12:52:58 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 22
x-cache: HIT
content-length: 15509
x-request-id: 2ab81eba-a437-4d6b-bb6d-6bcce2cdb86a
x-served-by: cache-mxp6956-MXP
server: Fastly
x-timer: S1709038378.445837,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 9

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame EC1B 286 B
2 KB 424ms
352ms Document
text/html 2a00:1450:400c:c09::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.aeZ_fR6R8dw.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8sci9Edc4jbYPjA7lmgveCIC2AvA/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

489287f12117bd72fb698cb20f3de3a750eb578498c78d8a311ddcff8d791fc2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-Ze7JwCB09Qg7prmT82hgXw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://commander.monsieurbourguignon.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-Ze7JwCB09Qg7prmT82hgXw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Tue, 27 Feb 2024 12:52:58 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: Anx7P+ykxPk2cvb3pmDcFJrtthuvm2pPqF/N9DW2XnD4tw+GvaXWaUhemhtJeK2OiYYjgVfcdmEkym+Al84WUQEAAABReyJvcmlnaW4iOiJodHRwczovL2FjY291bnRzLmdvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTl9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
reporting-endpoints: default="/_/IdpIFrameHttp/web-reports?context=eJzjstHikmLw0pBiePflJRPP15dMEkCsAcQ7fDxY-NZNZ1UBYt3101lDgdgpfQZrEBD71M9gjQFiIR6OVdu-r2MT6Ph16jETAB08HPY"
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame 1325 156 B
669 B 600ms
207ms XHR
application/json 52.10.34.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.10.34.124 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-10-34-124.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

522500056755d66b791aed9c8cf28cd4fe92a0ee115b260bf80c1adf0c93c877

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 27 Feb 2024 12:52:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1709038379008052
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 6
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1709038379007710
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 controller-eb137b084429aec91da5fd5e8ccad45e.html Show response
js.stripe.com/v3/ Frame 2BBB 325 B
1 KB 23ms
23ms Document
text/html 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-eb137b084429aec91da5fd5e8ccad45e.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

d188a44caf39ac50aec3de003218c58c2f5ad6ff2b4e0e8ec025ec529b1616f2

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://commander.monsieurbourguignon.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 15
cache-control: max-age=60, stale-while-revalidate=900
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 27 Feb 2024 12:52:58 GMT
etag: "eb137b084429aec91da5fd5e8ccad45e"
last-modified: Mon, 26 Feb 2024 18:02:51 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
x-amz-cf-id: RdVWChd_fnB0i7WnNc2wszc7V2GFes_FNgR4RibX9MMHiTKYX09bsg==
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

OPTIONS
H2 204 get_store_detail
api.myhop.ch/api/user/ Frame 0
0 60ms
60ms Preflight 2606:4700:3032::6815:325e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.myhop.ch/api/user/get_store_detail
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:325e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,content-type,is_main_website,type
Access-Control-Request-Method: POST
Origin: https://commander.monsieurbourguignon.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-headers: access-control-allow-origin,content-type,is_main_website,type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85c0916a3be2b91a-AMS
content-length: 0
date: Tue, 27 Feb 2024 12:52:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zbqSIk4Zt8EH6Iaq697qVZJDhjWqATKcW1DR61G1dRK53miNYN%2Bbkhur8x9Qgx0APvOq9gvYd4hmGIkIhkRiiZOfm%2FUYjn4JsqkHKSpJHs%2B6WSenPKvRQCFD1UEKzO3aQaFofpTaP4T%2F9nY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Access-Control-Request-Headers
x-powered-by: Express

OPTIONS
H2 204 get_cart
api.myhop.ch/api/user/ Frame 0
0 57ms
57ms Preflight 2606:4700:3032::6815:325e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.myhop.ch/api/user/get_cart
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:325e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,content-type,is_main_website,type
Access-Control-Request-Method: POST
Origin: https://commander.monsieurbourguignon.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-headers: access-control-allow-origin,content-type,is_main_website,type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85c0916a3be5b91a-AMS
content-length: 0
date: Tue, 27 Feb 2024 12:52:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CKD6alj6q7U0zEo85ivxZdaZyfOvzotfxYENSUv%2BGpNo9Vn%2Bb6BZ31MyDNiu8WKvdJdnpI7BGmGGPuk72kzbEkQdVQRtLB1Ew%2B3VNK691A3WOMEaD0t2b6pENvZyfpw5Tb8Opwwem0%2BwV4A%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Access-Control-Request-Headers
x-powered-by: Express

GET
H2 200 hotjar-1121668.js Show response
static.hotjar.com/c/ 9 KB
4 KB 83ms
29ms Script
application/javascript 18.66.192.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1121668.js?sv=6

Requested by

Host: commander.monsieurbourguignon.ch
URL: https://commander.monsieurbourguignon.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-32.muc50.r.cloudfront.net

Software

Resource Hash

00c999b0dc159353cbd39ca9ceb0960a3ff536829537eaf6df4b81bebf4ae436

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://commander.monsieurbourguignon.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 12:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 aedc37d054398c84a361f8542a82efea.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 16
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/8e07c4a43cbc03549febb8f1ff2f844f
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: AfYIAc4KmWqHXvSGE3TTglYLJzI-2NZQpLSRwe5EmpkgW8q7A1JBoQ==

GET
H2 400 css2
fonts.googleapis.com/ 0
0 95ms
35ms Stylesheet
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.googleapis.com/css2?family=playfairdisplay:ital@500;600;700;800;900&display=swap
Requested by: Host: commander.monsieurbourguignon.ch
URL: https://commander.monsieurbourguignon.ch/main.8e0064a00088864e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://commander.monsieurbourguignon.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

POST
H2 200 get_store_detail Show response
api.myhop.ch/api/user/ 10 KB
3 KB 62ms
62ms XHR
application/json 2606:4700:3032::6815:325e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.myhop.ch/api/user/get_store_detail
Requested by: Host: commander.monsieurbourguignon.ch
URL: https://commander.monsieurbourguignon.ch/polyfills.0f6366f7ff66e01d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:325e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 700abfb3f1287b8b31f8083af79b79b2dcec47e009daae5a6eb44c739662c0de

Request headers

accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
content-type: application/json
Access-Control-Allow-Origin: *
is_main_website: false
Accept: application/json, text/plain, */*
Referer: https://commander.monsieurbourguignon.ch/
type: 7

Response headers

date: Tue, 27 Feb 2024 12:52:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"27c6-OPYlLWh6SSTgNWWd7rNObSLWlmE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YhY3WBqMFiB7BgFg6a%2BndIiQSfxBvVJerLrwYko0f1LIHwNXLwhCfYYv4wrFBKWK5wwQaqW%2FfECpKYfLmCxk4h4Ncm8SLkDphVz6%2Bvh5ZM7e6V7qMJAlK%2BHf4jAN%2FjTz1JF7FHUkmmsnwO4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 85c0916a9cc8b91a-AMS
alt-svc: h3=":443"; ma=86400

POST
H2 200 get_cart Show response
api.myhop.ch/api/user/ 34 B
345 B 62ms
62ms XHR
application/json 2606:4700:3032::6815:325e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.myhop.ch/api/user/get_cart
Requested by: Host: commander.monsieurbourguignon.ch
URL: https://commander.monsieurbourguignon.ch/polyfills.0f6366f7ff66e01d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:325e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ac715e38ca9110cd19c5bc97c2063b882119de6c21461cd577e0182b08c23cd8

Request headers

accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
content-type: application/json
Access-Control-Allow-Origin: *
is_main_website: false
Accept: application/json, text/plain, */*
Referer: https://commander.monsieurbourguignon.ch/
type: 7

Response headers

date: Tue, 27 Feb 2024 12:52:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"22-eiwAyFE0ufxVh0qabLSIgMlmgYA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ub%2Fww%2FBVxnLksXnpIflWMTz%2FoRinTk2iOSPYCs43Npm3Xd8vE98qhIU2F5iZABD6hepGLG04pljZ%2FI6xJ6EHiFb30n1V0Mu8K7TZDRRuvnBbPOL2DkGkoG3kiXAkuidlwbAK2hpdkbOfeh4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 85c0916a9cc1b91a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 34

GET
H2 200 shared-d6996c139f34797b344199c4613ba52a.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2BBB 536 KB
117 KB 38ms
38ms Script
text/javascript 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-d6996c139f34797b344199c4613ba52a.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-eb137b084429aec91da5fd5e8ccad45e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

da65dd5b4403c4cad4500d6d141cb62c1479439d8dcdef5300741f05780c7b92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://js.stripe.com/v3/controller-eb137b084429aec91da5fd5e8ccad45e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 12:04:58 GMT
content-encoding: br
via: 1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2889
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Mon, 26 Feb 2024 18:03:03 GMT
server: Cloudfront
etag: W/"0502c684690eaf9ff64e489377266bf6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 7xZ_osYmFCpA2Fro-J9c2g571nS-GhSopE5iLQXI3qL4Ha6DErJSLg==

GET
H2 200 controller-5a8231b8144d527f6bea9817e8db7884.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2BBB 695 KB
162 KB 22ms
22ms Script
text/javascript 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-5a8231b8144d527f6bea9817e8db7884.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-eb137b084429aec91da5fd5e8ccad45e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1590988315ec3c075d2cb936d7f68d57926725841bb3ede20eccf90b61560ae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://js.stripe.com/v3/controller-eb137b084429aec91da5fd5e8ccad45e.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 11:59:30 GMT
content-encoding: br
via: 1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 3215
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
last-modified: Mon, 26 Feb 2024 18:03:01 GMT
server: Cloudfront
etag: W/"cda4dd29dfb90743be1889bd8149018c"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: emiEHNnP9MwY3Z2D_JetzzPUxqRIlbh1p1X4RqwkuuiWq19TUuUrXA==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 2BBB 474 B
916 B 62ms
22ms Fetch
application/json 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6996c139f34797b344199c4613ba52a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

20971a0fc427b29e657ea104de3e3f847f6e71c0395e4245d119f7dd48d20117

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-eb137b084429aec91da5fd5e8ccad45e.html
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 27 Feb 2024 12:52:58 GMT
via: 1.1 210c8ad3e752d602af05a2de06eb2ff8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 10
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
content-length: 474
last-modified: Mon, 26 Feb 2024 18:36:39 GMT
server: Cloudfront
etag: "906e0882a4afad5f29d714a6dc397619"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: Yy4djShEec8lRAO2yFyIUSs6aqwnsF8raSLP9a5U14-zdAPHSfqhyA==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 2BBB 474 B
915 B 55ms
24ms Fetch
application/json 108.138.36.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6996c139f34797b344199c4613ba52a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-106.muc50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

20971a0fc427b29e657ea104de3e3f847f6e71c0395e4245d119f7dd48d20117

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-eb137b084429aec91da5fd5e8ccad45e.html
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 27 Feb 2024 12:52:58 GMT
via: 1.1 210c8ad3e752d602af05a2de06eb2ff8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 10
x-amz-cf-pop: MUC50-P2
x-cache: Hit from cloudfront
content-length: 474
last-modified: Mon, 26 Feb 2024 18:36:39 GMT
server: Cloudfront
etag: "906e0882a4afad5f29d714a6dc397619"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: a7XHPFpGbkeJj2ryvs-lY1RFtPRFjfZ475RItQFpEtKuBBNs570iXg==

GET
H2 200 modules.edfa88fa094af2bba7f9.js Show response
script.hotjar.com/ 229 KB
56 KB 77ms
22ms Script
application/javascript 18.173.154.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.edfa88fa094af2bba7f9.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1121668.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-87.muc50.r.cloudfront.net

Software

Resource Hash

6432f355492e71d3ef3f718ece533e2b6d10d800849a41d4c308e48ef6ba128c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://commander.monsieurbourguignon.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 14:34:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 2dd902cd86ee8f22d66046533880d3e8.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 80332
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56517
last-modified: Mon, 26 Feb 2024 14:33:54 GMT
etag: "14cc2670e7483f3dc272a5a42e445a4b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: c5qx8_gCLGOKW_x3QMfh_73VHqpqxTzeUX8NhKZIadyW1HKMqrVFPQ==

GET
H/1.1 200
OK 650071e5a031b31efa8769f6M6PA.jpg
hop-delivery.s3.eu-central-1.amazonaws.com/store_profiles/ 3 MB
3 MB 199ms
109ms Image
application/octet-stream 3.5.134.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hop-delivery.s3.eu-central-1.amazonaws.com/store_profiles/650071e5a031b31efa8769f6M6PA.jpg
Requested by: Host: commander.monsieurbourguignon.ch
URL: https://commander.monsieurbourguignon.ch/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.5.134.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1badfbadf29b7d26ae224a4c4d200b9e2729526f31f63c87046e97bc377c5167

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://commander.monsieurbourguignon.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 12:52:59 GMT
Last-Modified: Wed, 20 Sep 2023 16:17:10 GMT
Server: AmazonS3
x-amz-request-id: 34VCBARHB8H4MYF5
ETag: "df1d7201f77353451824d220310b77f3"
x-amz-server-side-encryption: AES256
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 3237768
x-amz-id-2: 6QDrhcmJA85Y33UwEZCjJOF1bVzvIERrCo35S2SH+MqsqOmVlhngbwdvWnLr21ZHzUdSE1QIFVgeHRypeduZ3g==

POST
H2 200 b Show response
r.stripe.com/ Frame 2BBB 0
274 B 600ms
201ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6996c139f34797b344199c4613ba52a.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 27 Feb 2024 12:52:59 GMT
x-stripe-server-envoy-start-time-us: 1709038379239837
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1709038379239283
access-control-allow-credentials: true
content-length: 0

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 169ms
53ms XHR
application/json 54.194.159.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?site_id=1121668&gzip=1
Requested by: Host: commander.monsieurbourguignon.ch
URL: https://commander.monsieurbourguignon.ch/polyfills.0f6366f7ff66e01d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.194.159.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-159-216.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6e77d75c918fb52604733ccda1157f29e9a8673354e9bd14e6eae1c701a814eb

Request headers

Referer: https://commander.monsieurbourguignon.ch/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 27 Feb 2024 12:52:58 GMT
content-length: 56
vary: Origin
content-type: application/json

GET
H2 200 m=base Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.TzGoomgB6w0.es5.O/am=wA/d=1/rs=AOaEmlHng3zSJIPFeXwffj7lK9GIL1tk8A/ Frame EC1B 105 KB
37 KB 84ms
25ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.TzGoomgB6w0.es5.O/am=wA/d=1/rs=AOaEmlHng3zSJIPFeXwffj7lK9GIL1tk8A/m=base

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45d1411a455b969acd98d390e03a150b07c30ffaa264d2f89ff3e7bfc96760b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 00:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42969
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36861
x-xss-protection: 0
last-modified: Fri, 23 Feb 2024 05:47:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Feb 2025 00:56:49 GMT

GET
H2 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame EC1B 50 B
778 B 1184ms
1183ms XHR
application/json 2a00:1450:400c:c09::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fcommander.monsieurbourguignon.ch&client_id=94334734421-s9r1bvm2lm98ua61qqf0sls6e4kmej62.apps.googleusercontent.com

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.TzGoomgB6w0.es5.O/am=wA/d=1/rs=AOaEmlHng3zSJIPFeXwffj7lK9GIL1tk8A/m=base

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

427653d8b0569e986b88bb7dca1852b627a034f69be1da68b150eb0d2bbacb5d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-OJ-rCr3oRLY0LNaWhGIacQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 12:53:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-OJ-rCr3oRLY0LNaWhGIacQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-encoding: gzip
cross-origin-embedder-policy: require-corp
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/IdpIFrameHttp/web-reports?context=eJzjstHikmJw0JBiePflJRPP15dMEkCsAcQ7fDxY-NZNZ1UBYt3101lDgdgpfQZrEBD71M9gjQFiIW6ONdu-r2MT2PHmmRQA_ZIcYA"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, Origin
content-type: application/json; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Tue, 27 Feb 2024 12:53:00 GMT

POST
H2 200 b Show response
r.stripe.com/ Frame 2BBB 0
273 B 203ms
203ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6996c139f34797b344199c4613ba52a.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 27 Feb 2024 12:52:59 GMT
x-stripe-server-envoy-start-time-us: 1709038379842709
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 6
x-stripe-client-envoy-start-time-us: 1709038379842478
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 2BBB 0
273 B 205ms
205ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6996c139f34797b344199c4613ba52a.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 27 Feb 2024 12:53:00 GMT
x-stripe-server-envoy-start-time-us: 1709038380235505
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 7
x-stripe-client-envoy-start-time-us: 1709038380234807
access-control-allow-credentials: true
content-length: 0

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/1/intl/de_ALL/ 255 KB
56 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/1/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBrN5G7ldwGew-_mZ8e5NxNCkr73H30jIo&libraries=places,drawing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b61d60ac69b3abd7c5f216c24b77cd4b75379568e039ab5640a23c7bc3460d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://commander.monsieurbourguignon.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:10:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56846
x-xss-protection: 0
last-modified: Tue, 20 Feb 2024 19:28:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Feb 2025 09:10:25 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/56/1/intl/de_ALL/ 180 KB
56 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/56/1/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBrN5G7ldwGew-_mZ8e5NxNCkr73H30jIo&libraries=places,drawing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

673c1136f9b83e60edec4d2cae19a26f9f0d3ecab07e2dd36c91a0e4d53fe35d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://commander.monsieurbourguignon.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:14:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13116
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56804
x-xss-protection: 0
last-modified: Tue, 20 Feb 2024 19:28:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Feb 2025 09:14:27 GMT

Verdicts & Comments Add Verdict or Comment

177 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.commander.monsieurbourguignon.ch/	1970-01-21 04:19:58	Name: G_ENABLED_IDPS Value: google
.monsieurbourguignon.ch/	1970-01-21 03:29:34	Name: _hjSessionUser_1121668 Value: eyJpZCI6IjRiNDEzZTNkLTY2YmQtNTIxNy04NDI2LTJiYjkzZWZiMmY5MSIsImNyZWF0ZWQiOjE3MDkwMzgzNzg4MTksImV4aXN0aW5nIjp0cnVlfQ==
.monsieurbourguignon.ch/	1970-01-20 18:44:00	Name: _hjSession_1121668 Value: eyJpZCI6IjBjNTc2YjRlLWIxOTktNDg5NC05MWRmLTQ5NGY2YmRhNWFmNyIsImMiOjE3MDkwMzgzNzg4MjAsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
m.stripe.com/	1970-01-21 04:19:58	Name: m Value: 7bb41035-74ec-4812-9abf-7b13e7f95ec2da09dd
.commander.monsieurbourguignon.ch/	1970-01-21 03:29:34	Name: __stripe_mid Value: 23e2fb4c-6dfc-4a9f-9072-365a27e1efb357379b
.commander.monsieurbourguignon.ch/	1970-01-20 18:44:00	Name: __stripe_sid Value: 768aa395-9d0a-48a6-811e-72c154228d72917ab3
.google.com/	1970-01-20 23:07:29	Name: NID Value: 512=sI7GJwSs8NbwrLQfvXOkXvPGwBR6LWdpjyRFJu-8MBtWhpaRlbV06hnT2J9ZUPLfla7NsmjNTmQ1xevA6yMAZhiHm4uu3TEXN2uArj0BLzHVFhlsLvu0DoSPRZFu7IC64z30pjsz8vZElO8Up5bA7-DIYRILlwRULcKeJ6bc4zU

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.aeZ_fR6R8dw.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8sci9Edc4jbYPjA7lmgveCIC2AvA/cb=gapi.loaded_0?le=scs(Line 183) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://fonts.googleapis.com/css2?family=playfairdisplay:ital@500;600;700;800;900&display=swap Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://commander.monsieurbourguignon.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://commander.monsieurbourguignon.ch/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
api.myhop.ch
apis.google.com
commander.monsieurbourguignon.ch
connect.facebook.net
content.hotjar.io
fonts.googleapis.com
hop-delivery.s3.eu-central-1.amazonaws.com
js.stripe.com
m.stripe.com
m.stripe.network
maps.googleapis.com
r.stripe.com
script.hotjar.com
static.hotjar.com
www.gstatic.com
108.138.36.106
151.101.128.176
18.156.75.98
18.173.154.87
18.66.192.32
2606:4700:3032::6815:325e
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:812::200a
2a00:1450:4001:828::200e
2a00:1450:400c:c09::54
2a03:2880:f03d:1c:face:b00c:0:3
3.5.134.145
52.10.34.124
54.187.159.182
54.194.159.216
00c999b0dc159353cbd39ca9ceb0960a3ff536829537eaf6df4b81bebf4ae436
1590988315ec3c075d2cb936d7f68d57926725841bb3ede20eccf90b61560ae5
1badfbadf29b7d26ae224a4c4d200b9e2729526f31f63c87046e97bc377c5167
20971a0fc427b29e657ea104de3e3f847f6e71c0395e4245d119f7dd48d20117
27b4c7e7190b138faaa9a680bef8cdebbd9689939cfc6ff3f12f91768d618881
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
3b61d60ac69b3abd7c5f216c24b77cd4b75379568e039ab5640a23c7bc3460d0
3fc36c6c846e96871a72ff90a860040be8667bd804d05dfa4e02557823eb8d2c
427653d8b0569e986b88bb7dca1852b627a034f69be1da68b150eb0d2bbacb5d
45d1411a455b969acd98d390e03a150b07c30ffaa264d2f89ff3e7bfc96760b1
489287f12117bd72fb698cb20f3de3a750eb578498c78d8a311ddcff8d791fc2
4a3e29cc1bd9138fae0975c04728ebeb40dafb64859b329de313294e44ab920a
522500056755d66b791aed9c8cf28cd4fe92a0ee115b260bf80c1adf0c93c877
619775a3b00105aadf85ef2aaf2fa40eaa2acb0ae238448e79365a68fbcf38de
6432f355492e71d3ef3f718ece533e2b6d10d800849a41d4c308e48ef6ba128c
673c1136f9b83e60edec4d2cae19a26f9f0d3ecab07e2dd36c91a0e4d53fe35d
6e77d75c918fb52604733ccda1157f29e9a8673354e9bd14e6eae1c701a814eb
700abfb3f1287b8b31f8083af79b79b2dcec47e009daae5a6eb44c739662c0de
78d87c1b0b24fd318d1fa9c12165bf06733d23e9409ff41b991a5b4eef6be0d1
91f4052bc612bffb980677dac8e4789cef14919f92e1f16f333bc2dfce3206d4
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
a29f8826c4719f5a3788dfcbbc6f83778302389a5555421213a8bba7315f219a
aa0a3e1f71734e5537a68fb9e401121470040373e42d434261045ed9dbabf561
ac715e38ca9110cd19c5bc97c2063b882119de6c21461cd577e0182b08c23cd8
b07b7b25d5896f325cb8b366a25b5d24eb02e42cb0f130886151b7dc8b99238b
ba04d1070ccf78d642f0c9bb33e630bc573b6db37270275312656f004e7fa44e
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
c4e63a72caaaff98fd657e22bdbc95521004236ace98155ebf4a19bdb921a508
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d1350249f48fe23ab951812814d417b78ce954823edd5387748c63851d21c4a4
d188a44caf39ac50aec3de003218c58c2f5ad6ff2b4e0e8ec025ec529b1616f2
da65dd5b4403c4cad4500d6d141cb62c1479439d8dcdef5300741f05780c7b92
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e0c3538ad9f9f5a8978cc0969dedab1fde715811383f1c839fe24fc9b15f4a2c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fd77e990cbb7538e196886f35a41caf4340f0da845bd98b9b7aa94d7ebf10529

commander.monsieurbourguignon.ch Open in urlscan Pro 18.156.75.98 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

100 %HTTPS

44 %IPv6

11 Domains

16 Subdomains

16 IPs

4 Countries

6759 kBTransfer

9283 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

commander.monsieurbourguignon.ch Open in urlscan Pro
18.156.75.98 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

100 %
HTTPS

44 %
IPv6

11
Domains

16
Subdomains

16
IPs

4
Countries

6759 kB
Transfer

9283 kB
Size

7
Cookies

43 HTTP transactions
0 data transactions