account-staging.pickware.de Open in urlscan Pro
104.26.4.75  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response account-staging.pickware.de/	3 KB 2 KB	233ms 193ms	Document text/html	104.26.4.75 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://account-staging.pickware.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.4.75 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 73d01f9171350a594f39e0f61370243c359ab13f1ad3163467465626fbac4fd6 Request headers :method GET :authority account-staging.pickware.de :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Mon, 11 Oct 2021 00:32:54 GMT content-type text/html; charset=utf-8 x-powered-by Express via 1.1 vegur cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=honaKBkLmVBKMOW8pFwo3V7g9w5rzTJ%2FHeUEO%2FhU6ECQezIXks70WVreK6Alrm9CUb06MsD2pZQfLr5p8QBpYTsF3hY%2FfenlEqP7wfXqOp87deQkpSHCE32nQDIVCvUlfpYzI4Rq7SDapsYeAg%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 69c3fe74baa24137-PRG content-encoding br
GET H2	200	be819dd.js Show response account-staging.pickware.de/_nuxt/	3 KB 2 KB	160ms 159ms	Script application/javascript	104.26.4.75 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://account-staging.pickware.de/_nuxt/be819dd.js Requested by Host: account-staging.pickware.de URL: https://account-staging.pickware.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.4.75 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 3868d264243d7053ad496ea0651d4766366db3c9b5011e8c52390d5d8a304eb0 Request headers :path /_nuxt/be819dd.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority account-staging.pickware.de referer https://account-staging.pickware.de/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://account-staging.pickware.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers cf-ray 69c3fe760ae64137-PRG date Mon, 11 Oct 2021 00:32:54 GMT via 1.1 vegur etag W/"ad3-17c609bb288" cf-cache-status MISS last-modified Fri, 08 Oct 2021 15:53:09 GMT server cloudflare x-powered-by Express expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ym9qiEmZxysH%2Fp%2B0ABor4ShnO103C%2BY8ClZClDsLMXCXAAUFS%2Br8BnzyUIa6%2BfnXxlNAMV4Z5YmTQ2JI5s1Ks5ruA523XXMYwzh1HXAKAXnQYEzNMFqwpLocQNnqQD%2B%2B8ZceZW%2BWYm%2FsntjHIA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br
GET H2	200	67c46e8.js Show response account-staging.pickware.de/_nuxt/	311 KB 97 KB	762ms 761ms	Script application/javascript	104.26.4.75 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://account-staging.pickware.de/_nuxt/67c46e8.js Requested by Host: account-staging.pickware.de URL: https://account-staging.pickware.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.4.75 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 9cc9f6c1552ca05e3ebfa01f63d3e9e9a675cc158a522616aaeb294366685121 Request headers :path /_nuxt/67c46e8.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority account-staging.pickware.de referer https://account-staging.pickware.de/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://account-staging.pickware.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers cf-ray 69c3fe760ae74137-PRG date Mon, 11 Oct 2021 00:32:55 GMT via 1.1 vegur etag W/"4dd29-17c609bb288" cf-cache-status MISS last-modified Fri, 08 Oct 2021 15:53:09 GMT server cloudflare x-powered-by Express expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmAW04P9CkCSc3Fne2%2FHWkiCL3JzD4T%2BjsNYCww9nDYN8lxRTU10enV9CooMabaSGL32%2Bxx%2FOesjYkNp8sEdvPsVYbV6%2FbvhgLWcolphrRhfUIyK2I2KFl3otKS%2Bs7lpaFHJdowjNFe6yJTQDA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br
GET H2	200	1f18367.js Show response account-staging.pickware.de/_nuxt/	1 MB 230 KB	354ms 353ms	Script application/javascript	104.26.4.75 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://account-staging.pickware.de/_nuxt/1f18367.js Requested by Host: account-staging.pickware.de URL: https://account-staging.pickware.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.4.75 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 3b8c633cb7917448517d7f4295665d4701066f7088539b83f80dfbf9bb6018a4 Request headers :path /_nuxt/1f18367.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority account-staging.pickware.de referer https://account-staging.pickware.de/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://account-staging.pickware.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers cf-ray 69c3fe760ae84137-PRG date Mon, 11 Oct 2021 00:32:55 GMT via 1.1 vegur etag W/"10fb5a-17c609bb288" cf-cache-status MISS last-modified Fri, 08 Oct 2021 15:53:09 GMT server cloudflare x-powered-by Express expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=irv%2F2DWdfkuKLG8hDY2UPLSufECMBvlfXbJ1XpkLdI%2B7JMZB%2BaCT%2Bw9R9fNx8TIObP2mG%2Fbgowh7TrlhGgKOw4DdnCbTr%2FHDgeRL0sihVwDAssCrpLeqT6I%2BOc%2FnUkZx2PJgBjVVmW6mZynqzA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br
GET H2	200	bfa297a.js Show response account-staging.pickware.de/_nuxt/	156 KB 37 KB	500ms 499ms	Script application/javascript	104.26.4.75 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://account-staging.pickware.de/_nuxt/bfa297a.js Requested by Host: account-staging.pickware.de URL: https://account-staging.pickware.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.4.75 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 28779419152085d8332a62a89543f6ebe29073d0f3ec4d52830572874681b49e Request headers :path /_nuxt/bfa297a.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority account-staging.pickware.de referer https://account-staging.pickware.de/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://account-staging.pickware.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers cf-ray 69c3fe760ae94137-PRG date Mon, 11 Oct 2021 00:32:55 GMT via 1.1 vegur etag W/"26ed6-17c609bb288" cf-cache-status MISS last-modified Fri, 08 Oct 2021 15:53:09 GMT server cloudflare x-powered-by Express expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FS7wkQKd8wx40E94HlANPF%2B6Lqa%2BGrYZxVXv1ELqjVz0acMjCY8hJqHgvCnBrW3CabcahpU5CxD6Ia4Tlc0yZ4%2BzzCBJ4GbKobTNQUi8Xgc%2BPNFrfJTe4SRgRpbJw3NFW8qcjcCiVdc0i6FrRg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br
GET H2	200	css fonts.googleapis.com/	13 KB 2 KB	37ms 16ms	Stylesheet text/css	172.217.18.106 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&display=swap Requested by Host: account-staging.pickware.de URL: https://account-staging.pickware.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.106 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s05-in-f106.1e100.net Software ESF / Resource Hash ff420b26b8a33e1bcae39c4d165c2cc259681bbb7b32565dbd7644c1d84cbfa8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://account-staging.pickware.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 11 Oct 2021 00:32:09 GMT server ESF date Mon, 11 Oct 2021 00:32:54 GMT x-frame-options SAMEORIGIN report-to {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk" expires Mon, 11 Oct 2021 00:32:54 GMT
GET H2	200	materialdesignicons.min.css cdn.jsdelivr.net/npm/@mdi/font@latest/css/	284 KB 46 KB	54ms 22ms	Stylesheet text/css	104.16.85.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css Requested by Host: account-staging.pickware.de URL: https://account-staging.pickware.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 42bb60211a7b7a99c48006e4e63d608bd81191956a7605210982b37eaffc58bb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://account-staging.pickware.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 00:32:54 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 21283 x-jsd-version 6.2.95 x-cache HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-served-by cache-fra19125-FRA timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"46ece-BHd0jjk4erXkpQXEKTjVcccAnxo" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 cf-ray 69c3fe763f1f177a-FRA
GET H2	200	v3 Show response js.stripe.com/	258 KB 68 KB	94ms 18ms	Script application/javascript	13.225.87.96 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3 Requested by Host: account-staging.pickware.de URL: https://account-staging.pickware.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.87.96 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-96.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 9cf88c6b79400eedf523d1efd1d26bbb9d77542478d0b42b5d9174671fd865c4 Security Headers Name Value Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self'; Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://account-staging.pickware.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 00:32:04 GMT content-encoding gzip age 51 x-amz-meta-cache-control max-age=300 x-edge-origin-shield-skipped 0 x-amz-meta-metadata-headers-enabled true x-amz-meta-vary Accept-Encoding last-modified Fri, 08 Oct 2021 22:51:31 GMT x-amz-meta-access-control-allow-origin * strict-transport-security max-age=31556926; includeSubDomains; preload x-amz-request-id QG3NYN8XA6ERA8WX x-amz-id-2 9ESbUGQpBdsDygY16j3nCVVKjbWrZ9xGEOteUk3Rw7mMLxc/j5VuKUXJfHNqz6XsjU8Po+W7EPU= x-cache Hit from cloudfront access-control-allow-origin * x-amz-meta-timing-allow-origin * server AmazonS3 x-amz-meta-strict-transport-security max-age=31556926; includeSubDomains; preload etag W/"bc7ba6abcd65764b75654b66ee5a3834" vary Accept-Encoding content-type application/javascript; charset=utf-8 via 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront) cache-control max-age=60 content-security-policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self'; x-amz-cf-pop FRA2-C2 timing-allow-origin * x-amz-cf-id 6upZMGw6_EUFirg21B5Z6TJy8PcrGpS_aIkdYzSyvqSErU2-FCvrBw== x-amz-meta-x-content-type-options nosniff
GET H2	200	beacon.min.js Show response static.cloudflareinsights.com/	13 KB 5 KB	63ms 36ms	Script text/javascript	104.16.94.65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js Requested by Host: account-staging.pickware.de URL: https://account-staging.pickware.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.94.65 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f Request headers Accept-Language de-DE,de;q=0.9 Referer https://account-staging.pickware.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 00:32:54 GMT content-encoding gzip last-modified Wed, 22 Sep 2021 16:39:17 GMT server cloudflare etag W/2021.9.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 69c3fe76fc665c68-FRA
GET H2	200	2467974.js Show response account-staging.pickware.de/_nuxt/	1 KB 1017 B	140ms 139ms	Script application/javascript	104.26.4.75 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://account-staging.pickware.de/_nuxt/2467974.js Requested by Host: account-staging.pickware.de URL: https://account-staging.pickware.de/_nuxt/be819dd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.4.75 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 5ad355a859c17185d62900083aa372fa62d4d3ee0ca0e91a15cee464d2511c6e Request headers :path /_nuxt/2467974.js pragma no-cache accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority account-staging.pickware.de referer https://account-staging.pickware.de/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://account-staging.pickware.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers cf-ray 69c3fe7b8bf64137-PRG date Mon, 11 Oct 2021 00:32:55 GMT via 1.1 vegur etag W/"589-17c609bb288" cf-cache-status MISS last-modified Fri, 08 Oct 2021 15:53:09 GMT server cloudflare x-powered-by Express expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XT2qWeCCoqMLPEu7uVRIT4aB4SMFaVpl%2FgE49ugdDLZK%2FdcW6%2B%2FEyW0O%2BXjFMUTLgrumx9qI4D9fTZWh%2FVauZtLvow%2FMMGxk56lXGLdt1kBhLDVGGfiLLSBArk46cExbv6YEta78d2fs3AoQ3w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br
GET H2	200	m-outer-79f4c4ec97e4a9c650a8aa5dc0a621df.html Show response js.stripe.com/v3/ Frame BA37	215 B 973 B	21ms 20ms	Document text/html	13.225.87.96 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-79f4c4ec97e4a9c650a8aa5dc0a621df.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.87.96 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-96.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 1942d92c0cf67997cea0dc7c6058f7d4231a56aadafacacc15ed65c1e8a49925 Security Headers Name Value Content-Security-Policy default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers :method GET :authority js.stripe.com :scheme https :path /v3/m-outer-79f4c4ec97e4a9c650a8aa5dc0a621df.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://account-staging.pickware.de/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://account-staging.pickware.de/ Response headers content-type text/html; charset=utf-8 content-length 215 x-amz-id-2 efvreysSFnCOb2QlrA5QF+HAliBoh+2b35dPdSQ3nm5I3xV4k42ak1iQqzgNFwRgDxJQTC4eVMg= x-amz-request-id 3MJ1JGP7R3184V5N last-modified Thu, 30 Sep 2021 22:19:33 GMT accept-ranges bytes server AmazonS3 strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * access-control-allow-origin * content-security-policy default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; x-edge-origin-shield-skipped 0 date Mon, 11 Oct 2021 00:31:46 GMT cache-control public, max-age=300 etag "79f4c4ec97e4a9c650a8aa5dc0a621df" x-cache Hit from cloudfront via 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 x-amz-cf-id xKLX5M7Jde2v3wplIB36hSsSFXjeKCtANa0GYbxMc4WYs3SCAK3zrg== age 73
GET H2	200	m-outer-a630934868d6eead16233600eabc02b0.js Show response js.stripe.com/v3/fingerprinted/js/ Frame BA37	1 KB 2 KB	17ms 17ms	Script application/javascript	13.225.87.96 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/m-outer-a630934868d6eead16233600eabc02b0.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/m-outer-79f4c4ec97e4a9c650a8aa5dc0a621df.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.87.96 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-96.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 7aa8a31521fca34e454549169275a559b334ff604261a4a2ef89319d3bf5cf6c Security Headers Name Value Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self'; Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/m-outer-79f4c4ec97e4a9c650a8aa5dc0a621df.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-amz-meta-cache-control max-age=300 content-encoding gzip age 17 x-edge-origin-shield-skipped 0 x-amz-meta-metadata-headers-enabled true x-amz-meta-vary Accept-Encoding date Mon, 11 Oct 2021 00:32:44 GMT last-modified Fri, 08 Oct 2021 22:30:31 GMT x-amz-meta-access-control-allow-origin * strict-transport-security max-age=31556926; includeSubDomains; preload x-amz-request-id HFKW5JYPDZSEPFHP x-amz-id-2 h0ANE1mBZi0Vt1vd2+HD/MybFdn/6QKEzeVpHywfCu06a+tbDMAr6cGxdhtN5S8EuvCEi8HrVN4= x-cache Hit from cloudfront access-control-allow-origin * x-amz-meta-timing-allow-origin * server AmazonS3 x-amz-meta-strict-transport-security max-age=31556926; includeSubDomains; preload etag W/"8240ee835643f4c573d637d6184b80e7" vary Accept-Encoding content-type application/javascript; charset=utf-8 via 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront) cache-control max-age=60 content-security-policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self'; x-amz-cf-pop FRA2-C2 timing-allow-origin * x-amz-cf-id 6e-FjLQ5WOoMac2OwwcgjUH_hajms5tKVRRb-1maytapz-qsL3oBZA== x-amz-meta-x-content-type-options nosniff
GET H2	200	inner.html Show response m.stripe.network/ Frame 1715	932 B 1 KB	34ms 6ms	Document text/html	151.101.64.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/inner.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-a630934868d6eead16233600eabc02b0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a Security Headers Name Value Content-Security-Policy connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers :method GET :authority m.stripe.network :scheme https :path /inner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://js.stripe.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://js.stripe.com/ Response headers content-type text/html; charset=utf-8 cache-control max-age=300, public content-security-policy connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff server Fastly content-encoding gzip accept-ranges bytes date Mon, 11 Oct 2021 00:32:55 GMT via 1.1 varnish age 51 x-served-by cache-hhn4022-HHN x-cache HIT x-cache-hits 13 x-timer S1633912376.682517,VS0,VE0 vary Accept-Encoding, Origin content-length 528
POST H2	200	csp-report q.stripe.com/ Frame 1715	0 121 B	520ms 170ms	Other text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: account-staging.pickware.de URL: https://account-staging.pickware.de/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://m.stripe.network/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/csp-report Response headers date Mon, 11 Oct 2021 00:32:56 GMT x-envoy-upstream-service-time 1 server nginx content-length 0 strict-transport-security max-age=31556926; includeSubDomains; preload
GET H2	200	out-4.5.40.js Show response m.stripe.network/ Frame 1715	85 KB 16 KB	6ms 6ms	Script application/javascript	151.101.64.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/out-4.5.40.js Requested by Host: m.stripe.network URL: https://m.stripe.network/inner.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://m.stripe.network/inner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 119 x-cache HIT content-length 15786 x-served-by cache-hhn4022-HHN server Fastly x-timer S1633912376.695585,VS0,VE0 date Mon, 11 Oct 2021 00:32:55 GMT vary Accept-Encoding, Origin content-type application/javascript via 1.1 varnish cache-control max-age=300, public accept-ranges bytes x-cache-hits 28
POST H2	200	6 Show response m.stripe.com/ Frame 1715	156 B 519 B	515ms 172ms	XHR text/plain	35.167.194.245 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/out-4.5.40.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.167.194.245 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-167-194-245.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 81d156864aeb46392e3e722c44a5ccde508502b2f1be7b25012cdde25ae6388e Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 11 Oct 2021 00:32:56 GMT content-encoding gzip x-content-type-options nosniff server nginx vary Accept-Encoding content-type text/plain;charset=utf-8 access-control-allow-origin https://m.stripe.network access-control-allow-credentials true strict-transport-security max-age=31556926; includeSubDomains; preload access-control-allow-headers Content-Type
GET H2	200	controller-76b3361585cd9d7f9ed80f1afad34d1a.html Show response js.stripe.com/v3/ Frame 8AF9	299 B 1 KB	19ms 19ms	Document text/html	13.225.87.96 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/controller-76b3361585cd9d7f9ed80f1afad34d1a.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.87.96 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-96.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 1f18d8989cf8c4c1edc050588b3ba3903236f1846727c0f2bda6b3133685265d Security Headers Name Value Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self'; Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers :method GET :authority js.stripe.com :scheme https :path /v3/controller-76b3361585cd9d7f9ed80f1afad34d1a.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://account-staging.pickware.de/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://account-staging.pickware.de/ Response headers content-type text/html; charset=utf-8 content-length 299 x-amz-id-2 kWP8qAxuWZFtlUS4DnLv/LfrqmhzL4IhI3A1ltQ7e/SxmW6kRER2Z9BIVFqQXUqlEl2Tlc3ryjc= x-amz-request-id 7SJ7XJ2KQ6XHPJ6R last-modified Thu, 07 Oct 2021 20:25:46 GMT accept-ranges bytes server AmazonS3 strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * access-control-allow-origin * content-security-policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self'; x-edge-origin-shield-skipped 0 date Mon, 11 Oct 2021 00:32:25 GMT cache-control public, max-age=300 etag "76b3361585cd9d7f9ed80f1afad34d1a" x-cache Hit from cloudfront via 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 x-amz-cf-id SC3LiyA-ZIKC-oQ7GkAqgJdSQ9lXuN5JRn9avm7Xog-2D200iLozUw== age 33
GET H2	401	user Show response account-staging.pickware.de/api/	43 B 387 B	64ms 64ms	XHR application/json	104.26.4.75 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://account-staging.pickware.de/api/user Requested by Host: account-staging.pickware.de URL: https://account-staging.pickware.de/_nuxt/1f18367.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.4.75 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 32460949c58d8afc72c9d51a7b345c6d963249d5b1e49d14c5da4f796ab6696f Request headers :path /api/user pragma no-cache cookie lang=en; auth.strategy=http-only-refresh accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode cors accept application/json, text/plain, */* cache-control no-cache sec-fetch-dest empty :authority account-staging.pickware.de referer https://account-staging.pickware.de/ :scheme https sec-fetch-site same-origin :method GET Accept application/json, text/plain, */* Referer https://account-staging.pickware.de/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 00:32:55 GMT via 1.1 vegur etag W/"2b-hGShxOkieaAVDloBubJVM+h58D8" cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2FCchUvUbuWYW8FqZXZWqATHtsvBgnv47Ju%2B0kLbVbnagKIcCGW26GVuGqhEmPXHIo7AZLObk2hvpISiTSNVLB43yU%2B7JfnGer6q7CdoZzEEexy8%2FqbHmYHJVbIxfzWitx9PflMZCHevSovNyg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 cf-ray 69c3fe7ccc304137-PRG content-length 43
GET H2	200	shared-542f11b12715941d885d74a0fdac2e4c.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 8AF9	182 KB 51 KB	24ms 24ms	Script application/javascript	13.225.87.96 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/shared-542f11b12715941d885d74a0fdac2e4c.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/controller-76b3361585cd9d7f9ed80f1afad34d1a.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.87.96 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-96.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 4e810999b32fc8e7a7fd888cabe4b6db822f6a589faba939405dc24e07dba6d9 Security Headers Name Value Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self'; Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/controller-76b3361585cd9d7f9ed80f1afad34d1a.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-amz-meta-cache-control max-age=300 content-encoding gzip age 7 x-edge-origin-shield-skipped 0 x-amz-meta-metadata-headers-enabled true x-amz-meta-vary Accept-Encoding date Mon, 11 Oct 2021 00:32:48 GMT last-modified Fri, 08 Oct 2021 22:51:10 GMT x-amz-meta-access-control-allow-origin * strict-transport-security max-age=31556926; includeSubDomains; preload x-amz-request-id 9FDMH90TDX4VCH49 x-amz-id-2 XWs0UgwwLTQs/CIklF1JYXprA4jDTNnu75iSRuF4P4sXzVEcJIdvdQsAHslKSckppwowiLw+8bY= x-cache Hit from cloudfront access-control-allow-origin * x-amz-meta-timing-allow-origin * server AmazonS3 x-amz-meta-strict-transport-security max-age=31556926; includeSubDomains; preload etag W/"92c3221549a2bb8fd170c4c5754a2ac7" vary Accept-Encoding content-type application/javascript; charset=utf-8 via 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront) cache-control max-age=60 content-security-policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self'; x-amz-cf-pop FRA2-C2 timing-allow-origin * x-amz-cf-id CpZe5LikeBCAuWS6PDhkvQ26KxuJxeaZVm1D6Bh790PqdNqsTh8whg== x-amz-meta-x-content-type-options nosniff
GET H2	200	controller-4195d9e1fd0b3ba66ab0274d32203c30.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 8AF9	282 KB 80 KB	20ms 20ms	Script application/javascript	13.225.87.96 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/controller-4195d9e1fd0b3ba66ab0274d32203c30.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/controller-76b3361585cd9d7f9ed80f1afad34d1a.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.87.96 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-96.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash f19a2b9a601b9e9331e1fef26c96807d0184353305ab5ceb66247d69699ff215 Security Headers Name Value Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self'; Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/controller-76b3361585cd9d7f9ed80f1afad34d1a.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-amz-meta-cache-control max-age=300 content-encoding gzip age 21 x-edge-origin-shield-skipped 0 x-amz-meta-metadata-headers-enabled true x-amz-meta-vary Accept-Encoding date Mon, 11 Oct 2021 00:32:37 GMT last-modified Fri, 08 Oct 2021 22:51:04 GMT x-amz-meta-access-control-allow-origin * strict-transport-security max-age=31556926; includeSubDomains; preload x-amz-request-id FVC2AF8R2HW95DDA x-amz-id-2 KcrbjiCH2SK3mvqVf0FUWi4lpHH5xAe+BfeSsQ6gmDeXLCb9oaiOfOh69nHlLb89g6yEux0e19U= x-cache Hit from cloudfront access-control-allow-origin * x-amz-meta-timing-allow-origin * server AmazonS3 x-amz-meta-strict-transport-security max-age=31556926; includeSubDomains; preload etag W/"ecd0bc83250ad0340fc35118b1fa1739" vary Accept-Encoding content-type application/javascript; charset=utf-8 via 1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront) cache-control max-age=60 content-security-policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self'; x-amz-cf-pop FRA2-C2 timing-allow-origin * x-amz-cf-id Qckhs1U3NBOvPk3qMqVy30UqS3HTx0SheKuBmkkOojnn8DPzqbXpFg== x-amz-meta-x-content-type-options nosniff
POST H2	200	0 Show response r.stripe.com/ Frame 8AF9	0 214 B	519ms 172ms	XHR application/octet-stream	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-542f11b12715941d885d74a0fdac2e4c.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Accept application/json Referer https://js.stripe.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 11 Oct 2021 00:32:56 GMT server nginx strict-transport-security max-age=31556926; includeSubDomains; preload content-type application/octet-stream;charset=utf-8 access-control-allow-origin https://js.stripe.com access-control-allow-credentials true x-envoy-upstream-service-time 2 content-length 0
POST H2	401	refresh-cookie Show response account-staging.pickware.de/api/auth/	43 B 515 B	140ms 139ms	XHR application/json	104.26.4.75 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://account-staging.pickware.de/api/auth/refresh-cookie Requested by Host: account-staging.pickware.de URL: https://account-staging.pickware.de/_nuxt/1f18367.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.4.75 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 32460949c58d8afc72c9d51a7b345c6d963249d5b1e49d14c5da4f796ab6696f Request headers sec-fetch-mode cors origin https://account-staging.pickware.de accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 sec-fetch-dest empty cookie lang=en; auth.strategy=http-only-refresh content-length 0 :path /api/auth/refresh-cookie pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept application/json, text/plain, */* cache-control no-cache :authority account-staging.pickware.de referer https://account-staging.pickware.de/ :scheme https sec-fetch-site same-origin :method POST Accept application/json, text/plain, */* Referer https://account-staging.pickware.de/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 00:32:56 GMT via 1.1 vegur etag W/"2b-hGShxOkieaAVDloBubJVM+h58D8" cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uOcYvi7ItJa14vcC0OOVfS16tuH%2B8MUPNLwV48XyIkQ%2BAT5RJ8FEbMQkK81ImysoTY1FhqVuToWo%2FUBZF135hpsinoIo4k1wf1FvYzBT6dWQ1SI3KQnIJ1mYF8LOTMBkJ5SAcVQhpyJk07EItQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 cf-ray 69c3fe7d4c4e4137-PRG content-length 43
POST H2	200	rum Show response account-staging.pickware.de/cdn-cgi/	0 242 B	14ms 14ms	XHR text/plain	104.26.4.75 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://account-staging.pickware.de/cdn-cgi/rum? Requested by Host: account-staging.pickware.de URL: https://account-staging.pickware.de/_nuxt/1f18367.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.4.75 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-fetch-mode cors origin https://account-staging.pickware.de accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 sec-fetch-dest empty cookie lang=en; auth.strategy=http-only-refresh content-length 4897 :path /cdn-cgi/rum? pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 content-type application/json accept */* cache-control no-cache :authority account-staging.pickware.de referer https://account-staging.pickware.de/ :scheme https sec-fetch-site same-origin :method POST Referer https://account-staging.pickware.de/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 content-type application/json Response headers date Mon, 11 Oct 2021 00:32:55 GMT content-encoding gzip x-content-type-options nosniff server cloudflare x-frame-options DENY access-control-allow-methods POST,OPTIONS content-type text/plain access-control-allow-origin https://account-staging.pickware.de access-control-max-age 86400 access-control-allow-credentials true cf-ray 69c3fe7d4c514137-PRG vary Origin
GET H2	200	/ q.stripe.com/ Frame 8AF9	43 B 286 B	491ms 162ms	Image image/gif	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://q.stripe.com/?event=elements.fetch_locale&event_count=2&timestamp=1633912375883&event_id=3e06ea49-d27d-4ea1-af5f-0ccf223ab825&os=Windows&browserFamily=Chrome&version=28708734a&key=pk_test_51JQ7XwCHPGdqFGy0DeDEdb9Iyi2koV4vLbqaFLj9kXxoC210pTJjImnllbltFoBa9w48AJ4TxYPn1TUaMQEPJvPz00n2R0SXRn&referrer=https%3A%2F%2Faccount-staging.pickware.de&stripe_js_id=8d91b34e-dbc7-4618-aa07-c9a2201cc7b2&controller_load_time=1633912375876&wrapper=unknown&es_module=false&frame_width=1600 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.stripe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Mon, 11 Oct 2021 00:32:56 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server nginx strict-transport-security max-age=31556926; includeSubDomains; preload content-type image/gif cache-control no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0 content-length 43 expires 0
GET H2	200	/ q.stripe.com/ Frame 8AF9	43 B 285 B	491ms 163ms	Image image/gif	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://q.stripe.com/?event=elements.register_app_info&event_count=3&timestamp=1633912375884&event_id=1cfd3255-66a9-4d9d-abfa-d802a657da28&os=Windows&browserFamily=Chrome&version=28708734a&key=pk_test_51JQ7XwCHPGdqFGy0DeDEdb9Iyi2koV4vLbqaFLj9kXxoC210pTJjImnllbltFoBa9w48AJ4TxYPn1TUaMQEPJvPz00n2R0SXRn&referrer=https%3A%2F%2Faccount-staging.pickware.de&stripe_js_id=8d91b34e-dbc7-4618-aa07-c9a2201cc7b2&controller_load_time=1633912375876&wrapper=unknown&es_module=false&frame_width=1600&app_info_raw=vue-stripe&app_info_version=4.2.5 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.stripe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Mon, 11 Oct 2021 00:32:56 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server nginx strict-transport-security max-age=31556926; includeSubDomains; preload content-type image/gif cache-control no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0 content-length 43 expires 0
GET H2	200	/ q.stripe.com/ Frame 8AF9	43 B 285 B	491ms 164ms	Image image/gif	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://q.stripe.com/?event=elements.timings&event_count=4&timestamp=1633912375884&event_id=a714a19e-f6b1-43e0-b746-10c63754a6e3&os=Windows&browserFamily=Chrome&version=28708734a&key=pk_test_51JQ7XwCHPGdqFGy0DeDEdb9Iyi2koV4vLbqaFLj9kXxoC210pTJjImnllbltFoBa9w48AJ4TxYPn1TUaMQEPJvPz00n2R0SXRn&referrer=https%3A%2F%2Faccount-staging.pickware.de&stripe_js_id=8d91b34e-dbc7-4618-aa07-c9a2201cc7b2&controller_load_time=1633912375876&wrapper=unknown&es_module=false&frame_width=1600&element=outer&dom_loading=237&dom_interactive=1132&dom_complete=1411&since_fetch=374&load_count=1&load_before_dom_content_loaded=true&load_ready_state=loading&first_create_ready_state=interactive&first_mount_readyState=interactive&until_first_create=943&until_first_mount=945&until_first_load=1040&resource_timings-stripe.js-transfer_size=69160&resource_timings-stripe.js-duration=109&resource_timings-m-outer.html-transfer_size=515&resource_timings-m-outer.html-duration=22&resource_timings-controller.html-transfer_size=599&resource_timings-controller.html-duration=21 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.stripe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Mon, 11 Oct 2021 00:32:56 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server nginx strict-transport-security max-age=31556926; includeSubDomains; preload content-type image/gif cache-control no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0 content-length 43 expires 0
GET H2	200	/ q.stripe.com/ Frame 8AF9	43 B 285 B	490ms 163ms	Image image/gif	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://q.stripe.com/?event=elements.timings&event_count=5&timestamp=1633912375885&event_id=70a63861-f62f-4f10-99d6-e6df3fec83fb&os=Windows&browserFamily=Chrome&version=28708734a&key=pk_test_51JQ7XwCHPGdqFGy0DeDEdb9Iyi2koV4vLbqaFLj9kXxoC210pTJjImnllbltFoBa9w48AJ4TxYPn1TUaMQEPJvPz00n2R0SXRn&referrer=https%3A%2F%2Faccount-staging.pickware.de&stripe_js_id=8d91b34e-dbc7-4618-aa07-c9a2201cc7b2&controller_load_time=1633912375876&wrapper=unknown&es_module=false&frame_width=1600&element=ControllerApp&dom_loading=23&dom_interactive=88&dom_complete=88&since_sjs_load=1036&since_stripe_create=92&since_create=92&mount_duration=89&since_fetch=85&load_count=1&match_frame=true&resource_timings-shared.js-transfer_size=51208&resource_timings-shared.js-duration=28&resource_timings-controller.js-transfer_size=81175&resource_timings-controller.js-duration=24 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://js.stripe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers pragma no-cache date Mon, 11 Oct 2021 00:32:56 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server nginx strict-transport-security max-age=31556926; includeSubDomains; preload content-type image/gif cache-control no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0 content-length 43 expires 0
GET H2	200	8d71a6f.js Show response account-staging.pickware.de/_nuxt/	6 KB 3 KB	146ms 146ms	Script application/javascript	104.26.4.75 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://account-staging.pickware.de/_nuxt/8d71a6f.js Requested by Host: account-staging.pickware.de URL: https://account-staging.pickware.de/_nuxt/be819dd.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.4.75 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 25858627899a15130ae910ef18e8272f1ce1ae89a5e39e99b03742d2e2a972f3 Request headers :path /_nuxt/8d71a6f.js pragma no-cache cookie lang=en; auth.strategy=http-only-refresh; auth._token.http-only-refresh=false; auth._token_expiration.http-only-refresh=false; auth.redirect=%2F accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority account-staging.pickware.de referer https://account-staging.pickware.de/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://account-staging.pickware.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers cf-ray 69c3fe7e4c794137-PRG date Mon, 11 Oct 2021 00:32:56 GMT via 1.1 vegur etag W/"189e-17c609bb288" cf-cache-status MISS last-modified Fri, 08 Oct 2021 15:53:09 GMT server cloudflare x-powered-by Express expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FrdXbtSapY4QMiPv5nsZaHfsP2NOn1uBkf9YECe%2FX3ER09ao0KVTWoPSjsgSild4mDohMQAlNH1bZ5qY0idq08D6rP6Zquia2KaOxODyCVTW2GML%2B5XwO183RyvXHOOpq6wHJyUaDvQIA3lL8w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br
GET H2	200	bp-account-login.3652049.svg account-staging.pickware.de/_nuxt/img/	14 KB 5 KB	181ms 181ms	Image image/svg+xml	104.26.4.75 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://account-staging.pickware.de/_nuxt/img/bp-account-login.3652049.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.4.75 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 997fd94b8bf55af5c87edd9b5d7fa4e2ca6ea5d6b8baaea0baabb61cd84eefb1 Request headers :path /_nuxt/img/bp-account-login.3652049.svg pragma no-cache cookie lang=en; auth.strategy=http-only-refresh; auth._token.http-only-refresh=false; auth._token_expiration.http-only-refresh=false; auth.redirect=%2F accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority account-staging.pickware.de referer https://account-staging.pickware.de/login :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://account-staging.pickware.de/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers cf-ray 69c3fe7f6ca64137-PRG date Mon, 11 Oct 2021 00:32:56 GMT via 1.1 vegur etag W/"3641-17c609bb288" cf-cache-status MISS last-modified Fri, 08 Oct 2021 15:53:09 GMT server cloudflare x-powered-by Express expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZILRdu3X9d%2Bil4EM%2Bj4VDQnalR8qZIFWobmJX%2FAYXKXwyKNmziUvYfN%2FbXlqIt98TW1%2FRLE0EV3Smd04Jhoe%2F4U7rqT8uKJ%2BpernMVSyQBYKGGUhyz%2FFiP%2B1esnARvj0FR4fSo2Q%2B2XLI2peuQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br
GET H2	200	pickware-logo.d461c4f.svg account-staging.pickware.de/_nuxt/img/	2 KB 1 KB	141ms 141ms	Image image/svg+xml	104.26.4.75 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://account-staging.pickware.de/_nuxt/img/pickware-logo.d461c4f.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.4.75 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 74fd59f4b06b7d7ddbd9fc9168f5e013569edd01eee396b672a580b33352e722 Request headers :path /_nuxt/img/pickware-logo.d461c4f.svg pragma no-cache cookie lang=en; auth.strategy=http-only-refresh; auth._token.http-only-refresh=false; auth._token_expiration.http-only-refresh=false; auth.redirect=%2F accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority account-staging.pickware.de referer https://account-staging.pickware.de/login :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://account-staging.pickware.de/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers cf-ray 69c3fe7f6ca74137-PRG date Mon, 11 Oct 2021 00:32:56 GMT via 1.1 vegur etag W/"8d1-17c609bb288" cf-cache-status MISS last-modified Fri, 08 Oct 2021 15:53:09 GMT server cloudflare x-powered-by Express expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r4aoZl6FUrwhuF0AGT2BaDLhnZyvfFst0EieLjT7QeWM%2BBwk8s17XGXma5mlCZrjzoTYKVs5she0YoBIWsMPGyvMo7JB4gepd7cU65Xf4h%2FGeLEs5NUxYMWe3ZxA9d6Q5J7gr4XPEOsu0e7lGA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 16 KB	28ms 7ms	Font font/woff2	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://account-staging.pickware.de Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 16:31:41 GMT x-content-type-options nosniff age 374475 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:19 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 06 Oct 2022 16:31:41 GMT
GET H3	200	materialdesignicons-webfont.woff2 cdn.jsdelivr.net/npm/@mdi/font@latest/fonts/	336 KB 336 KB	23ms 11ms	Font font/woff2	104.16.85.20 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@mdi/font@latest/fonts/materialdesignicons-webfont.woff2?v=6.2.95 Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef807a6df81e1224e58adac3d6bc3b7e0fa5ce79bd876a2d15158685698bc984 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css Origin https://account-staging.pickware.de Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 11 Oct 2021 00:32:56 GMT x-content-type-options nosniff cf-cache-status HIT age 21283 x-jsd-version 6.2.95 x-cache HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 343656 x-served-by cache-fra19147-FRA timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"53e68-30ouq5HiF0sneU5sJfd3m7I2I3c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type font/woff2 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes cf-ray 69c3fe7f7dd14a8c-FRA
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v29/	16 KB 16 KB	33ms 12ms	Font font/woff2	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software sffe / Resource Hash bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://account-staging.pickware.de Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Wed, 06 Oct 2021 16:31:57 GMT x-content-type-options nosniff age 374459 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15920 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:21 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 06 Oct 2022 16:31:57 GMT
POST H2	200	6 Show response m.stripe.com/ Frame 1715	156 B 518 B	171ms 171ms	XHR text/plain	35.167.194.245 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/out-4.5.40.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.167.194.245 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-167-194-245.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 81d156864aeb46392e3e722c44a5ccde508502b2f1be7b25012cdde25ae6388e Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 11 Oct 2021 00:32:59 GMT content-encoding gzip x-content-type-options nosniff server nginx vary Accept-Encoding content-type text/plain;charset=utf-8 access-control-allow-origin https://m.stripe.network access-control-allow-credentials true strict-transport-security max-age=31556926; includeSubDomains; preload access-control-allow-headers Content-Type

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect boolean| originAgentCluster object| __webpackStripeJSv3Jsonp function| Stripe object| __NUXT__ object| webpackJsonp function| installComponents object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| __SENTRY__ object| __cfBeacon object| $nuxt

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			account-staging.pickware.de/	1970-01-20 06:37:28	Name: lang Value: en
			account-staging.pickware.de/	1969-12-31 23:59:59	Name: auth.strategy Value: http-only-refresh
			account-staging.pickware.de/	1969-12-31 23:59:59	Name: auth._token.http-only-refresh Value: false
			account-staging.pickware.de/	1969-12-31 23:59:59	Name: auth._token_expiration.http-only-refresh Value: false
			account-staging.pickware.de/	1969-12-31 23:59:59	Name: auth.redirect Value: %2F
			m.stripe.com/	1970-01-20 15:23:04	Name: m Value: 488feef4-13f6-4a5a-bd63-b0862d3ae21deef4f7
			.account-staging.pickware.de/	1970-01-20 06:37:28	Name: __stripe_mid Value: 95ff435e-26d3-4240-8968-afbcc3ec73170971ba
			.account-staging.pickware.de/	1970-01-19 21:51:54	Name: __stripe_sid Value: 20234082-f344-454b-8ccc-9b09456760c7a3ccbd

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://account-staging.pickware.de/api/user Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://account-staging.pickware.de/api/auth/refresh-cookie Message: Failed to load resource: the server responded with a status of 401 ()