urlscan.io logo urlscan.io
SecurityTrails logo

needcotour.com Open in urlscan Pro
2600:9000:223f:2600:4:553e:1280:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://needcotour.com/
Effective URL: https://needcotour.com/
Submission: On March 08 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 20 HTTP transactions. The main IP is 2600:9000:223f:2600:4:553e:1280:93a1, located in United States and belongs to AMAZON-02, US. The main domain is needcotour.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on March 1st 2023. Valid for: 6 months.
This is the only time needcotour.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:223... 16509 (AMAZON-02)
6 2600:9000:223... 16509 (AMAZON-02)
3 99.86.4.9 16509 (AMAZON-02)
3 65.9.44.54 16509 (AMAZON-02)
3 54.187.119.242 16509 (AMAZON-02)
2 151.101.64.176 54113 (FASTLY)
1 54.184.205.88 16509 (AMAZON-02)
2 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
20 7
1    2600:9000:223f:f400:4:553e:1280:93a1 (United States)

ASN16509 (AMAZON-02, US)
needcotour.com
6    2600:9000:223f:2600:4:553e:1280:93a1 (United States)

ASN16509 (AMAZON-02, US)
needcotour.com
3    99.86.4.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-9.fra6.r.cloudfront.net
js.stripe.com
3    65.9.44.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-44-54.arn54.r.cloudfront.net
js.braintreegateway.com
3    54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com
q.stripe.com
2    151.101.64.176 (United States)

ASN54113 (FASTLY, US)
m.stripe.network
1    54.184.205.88 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-184-205-88.us-west-2.compute.amazonaws.com
m.stripe.com
2    2a02:26f0:11a::6867:487b (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
ucarecdn.com
Apex Domain
Subdomains		 Transfer
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1051
q.stripe.com — Cisco Umbrella Rank: 6717
m.stripe.com — Cisco Umbrella Rank: 1056
110 KB
7 needcotour.com
needcotour.com
548 KB
3 braintreegateway.com
js.braintreegateway.com — Cisco Umbrella Rank: 6871
39 KB
2 ucarecdn.com
ucarecdn.com — Cisco Umbrella Rank: 16024
180 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1159
17 KB
20 5
Domain Requested by
7 needcotour.com 1 redirects needcotour.com
3 q.stripe.com needcotour.com
3 js.braintreegateway.com needcotour.com
3 js.stripe.com needcotour.com
js.stripe.com
2 ucarecdn.com
2 m.stripe.network js.stripe.com
m.stripe.network
1 m.stripe.com m.stripe.network
20 7

This site contains no links.

Subject Issuer Validity Valid
*.needcotour.com
Amazon RSA 2048 M02		 2023-03-01 -
2023-08-29		 6 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-02-06 -
2023-05-13		 3 months crt.sh
checkout.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-07-28 -
2023-08-28		 a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-14 -
2023-06-13		 4 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-08 -
2023-04-08		 3 months crt.sh
ucarecdn.com
R3		 2023-02-03 -
2023-05-04		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://needcotour.com/
Frame ID: 1CA224F87FE9745AA566F5181A76CAC9
Requests: 12 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 1F6E9959DDD4F2F84F3D22F8A10BE2EF
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 4433F870367E659C9E70B1DBC361ABC7
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NEEDTOBREATHE

Page URL History Show full URLs

  1. http://needcotour.com/ HTTP 301
    https://needcotour.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.braintreegateway\.com
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Page Statistics

20
Requests

100 %
HTTPS

38 %
IPv6

5
Domains

7
Subdomains

7
IPs

2
Countries

893 kB
Transfer

2267 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://needcotour.com/ HTTP 301
    https://needcotour.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
needcotour.com/
Redirect Chain
  • http://needcotour.com/
  • https://needcotour.com/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://needcotour.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2600:4:553e:1280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
60acf7d1a61ee60124a624fe467bb9bc41cac313c6462c6ec42a721c3b23cb78

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Wed, 08 Mar 2023 01:30:08 GMT
etag
W/"f6a41ad7dbf1841eb5831dc35c78a51c"
last-modified
Tue, 07 Mar 2023 18:11:58 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-amz-cf-id
eubg4HRsnMLbIIkD75nyxfFL6eI1SFGtHRbrhtCgScZHoPIszkNlhQ==
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Wed, 08 Mar 2023 01:30:07 GMT
Location
https://needcotour.com/
Server
CloudFront
Via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
X-Amz-Cf-Id
jFGzkpHZKmRBWn5ayXi2RISB2H_T_OYZnslNcphiayJiQipXSJNh4Q==
X-Amz-Cf-Pop
FRA56-P5
X-Cache
Redirect from cloudfront
iconFont.css
needcotour.com/styles/ 		1 KB
905 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://needcotour.com/styles/iconFont.css
Requested by
Host: needcotour.com
URL: https://needcotour.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2600:4:553e:1280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
08f3c60b9d08f9b91c29e76c8a3c10d7dacc614db132072b2e4cf7b91f6229d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://needcotour.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 01:30:09 GMT
content-encoding
gzip
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
last-modified
Tue, 07 Mar 2023 18:11:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
etag
W/"c06b84cd1e338186b461038eca52b8b8"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
cache-control
no-cache
x-amz-cf-id
uXp3B-OBrFUrxAw1B3ZiSoHhhHzo5K7NeS5-z-V0t_SnNi5QoZRJdA==
public.css
needcotour.com/styles/ 		1 KB
901 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://needcotour.com/styles/public.css
Requested by
Host: needcotour.com
URL: https://needcotour.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2600:4:553e:1280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e540d1b016531b41cd92fc36f541bdf46fe06a82787d8e3efccdc79b5c6e0cd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://needcotour.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 01:30:09 GMT
content-encoding
gzip
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
last-modified
Tue, 07 Mar 2023 18:11:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
etag
W/"687ba0e03d4706226afe49a83a54cc1c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
cache-control
no-cache
x-amz-cf-id
iD2h_YKhgSkoVvSmfD-xVkbYAFF9r5cJX7YndcBywfVwTI8CLYV5Dw==
/
js.stripe.com/v3/ 		439 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: needcotour.com
URL: https://needcotour.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
3491a46d0db7015d9f9d0f4f43db792c94fdf4d9cd44bcb2702f15ffeae34f56
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://needcotour.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 08 Mar 2023 01:30:08 GMT
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
14
x-cache
Hit from cloudfront
last-modified
Tue, 07 Mar 2023 20:58:09 GMT
server
Cloudfront
etag
W/"f85bc6dfe980d9a0902a7805687455fd"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
hIznI5XtoOXjeNPi_4K-_I6W83VfWLdEX4S59nn86m8QNyE2rFUUlQ==
client.min.js
js.braintreegateway.com/web/3.85.3/js/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.braintreegateway.com/web/3.85.3/js/client.min.js
Requested by
Host: needcotour.com
URL: https://needcotour.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.44.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-44-54.arn54.r.cloudfront.net
Software
nginx /
Resource Hash
b23dc12557153d518538d7b2f011ded0be477c1b18ba014e811530bf25650daf
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://needcotour.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 20:45:55 GMT
content-security-policy
style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-encoding
gzip
via
1.1 d661c8f821b4dd0011bb1bb50baf07c2.cloudfront.net (CloudFront)
x-amz-cf-pop
ARN54-C1
age
17053
x-cache
Hit from cloudfront
last-modified
Wed, 01 Mar 2023 21:24:49 GMT
server
nginx
etag
W/"63ffc2a1-a813"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-id
zy6M2eDdwsZuVBBVwMoEjE6_22gTDoYQOXivuPJ4ex3DQdzzoowSVA==
expires
Wed, 08 Mar 2023 20:45:55 GMT
paypal-checkout.min.js
js.braintreegateway.com/web/3.85.3/js/ 		54 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.braintreegateway.com/web/3.85.3/js/paypal-checkout.min.js
Requested by
Host: needcotour.com
URL: https://needcotour.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.44.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-44-54.arn54.r.cloudfront.net
Software
nginx /
Resource Hash
97053f3ac692e9219b08bb8c326260d324aa51d2a9a816ed6fd260092607e20c
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://needcotour.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 01:28:42 GMT
content-security-policy
style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-encoding
gzip
via
1.1 d661c8f821b4dd0011bb1bb50baf07c2.cloudfront.net (CloudFront)
x-amz-cf-pop
ARN54-C1
age
86
x-cache
Hit from cloudfront
last-modified
Wed, 01 Mar 2023 21:24:49 GMT
server
nginx
etag
W/"63ffc2a1-d9f7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-id
iQHCbMyqStTzUtdBF2TLR8BtGRM96MgoFUvT9qiPqsTSN_TLiifIdA==
expires
Thu, 09 Mar 2023 01:28:42 GMT
data-collector.min.js
js.braintreegateway.com/web/3.85.3/js/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.braintreegateway.com/web/3.85.3/js/data-collector.min.js
Requested by
Host: needcotour.com
URL: https://needcotour.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.44.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-44-54.arn54.r.cloudfront.net
Software
nginx /
Resource Hash
c46bd70559c0fe5398b80e45ef1eb05e3d69b5d6382a9108a8739558c9d6786f
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://needcotour.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-encoding
gzip
via
1.1 d661c8f821b4dd0011bb1bb50baf07c2.cloudfront.net (CloudFront)
date
Tue, 07 Mar 2023 21:25:18 GMT
x-amz-cf-pop
ARN54-C1
age
14791
x-cache
Hit from cloudfront
last-modified
Wed, 01 Mar 2023 21:24:46 GMT
server
nginx
etag
W/"63ffc29e-7ee0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-id
T9vSWIVm1W6EtdjKmOSJD1R0-QhNig9ZcE3DFSrhRgLg-2jmKhnrwQ==
expires
Wed, 08 Mar 2023 21:23:37 GMT
fan_web.js
needcotour.com/build/ 		1 MB
529 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://needcotour.com/build/fan_web.js?835ed98856635de7f579accf3503efe8324c3571
Requested by
Host: needcotour.com
URL: https://needcotour.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2600:4:553e:1280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
121c1871d91e3e27054d435c9d35aa87f11be583a0d3aadffdf90ed70aea346d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://needcotour.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 01:30:09 GMT
content-encoding
gzip
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
last-modified
Tue, 07 Mar 2023 18:11:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
etag
W/"5a569f145d0079bcd2af16e4661f1f28"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
jwnXwPbYPGz8J5GcdY9OxMDnFxTUJA7s50wcVANQCp3bvGT1i18FLQ==
site_config.json
needcotour.com/data/ 		13 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://needcotour.com/data/site_config.json
Requested by
Host: needcotour.com
URL: https://needcotour.com/build/fan_web.js?835ed98856635de7f579accf3503efe8324c3571
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2600:4:553e:1280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8209392a5b9929a03b0c6365fe3d9199ad77a2b223508c5cc61012caacab45fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://needcotour.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 01:30:10 GMT
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
last-modified
Tue, 13 Dec 2022 23:41:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
etag
"1044e1cc3a58f141da0aecdc35f54d86"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
cache-control
no-cache
accept-ranges
bytes
content-length
13480
x-amz-cf-id
8eR9ERKte8onq6sHwj_g_aLNi0cURgOgJ2u085NA45NGrYaB3Bz4CQ==
m-outer-93afeeb17bc37e711759584dbfc50d47.html
js.stripe.com/v3/ Frame 1F6E 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://needcotour.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3581
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 08 Mar 2023 00:33:11 GMT
etag
"93afeeb17bc37e711759584dbfc50d47"
last-modified
Thu, 02 Mar 2023 19:54:09 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
x-amz-cf-id
pRvJNoAFRhjXJchjUOv3JgeYhlA7DA2GhctAOKjns0zNd8EPaZxpiQ==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame 1F6E 		0
601 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: needcotour.com
URL: https://needcotour.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 08 Mar 2023 01:30:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 1F6E 		0
600 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: needcotour.com
URL: https://needcotour.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 08 Mar 2023 01:30:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-8cb24ab2d649fd36a488d04d8c457933.js
js.stripe.com/v3/fingerprinted/js/ Frame 1F6E 		631 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-9.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Wed, 08 Mar 2023 01:22:22 GMT
x-content-type-options
nosniff
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
471
x-cache
Hit from cloudfront
content-length
631
last-modified
Fri, 03 Mar 2023 21:44:33 GMT
server
Cloudfront
etag
"f8f6a4584135f737b26927596ce6e0a7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
oDP98dE5zrHQ9MkNxx2NCNYdOHDKPQbdoYQDIY_2wcqxCGRh-5Fh4g==
inner.html
m.stripe.network/ Frame 4433 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
90
cache-control
max-age=300, public
content-encoding
gzip
content-length
527
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 08 Mar 2023 01:30:09 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
5
x-content-type-options
nosniff
x-request-id
9c51abaa-4f02-498e-b1cb-d6da158e48a9
x-served-by
cache-hhn-etou8220060-HHN
x-timer
S1678239009.252060,VS0,VE0
csp-report
q.stripe.com/ Frame 4433 		0
374 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: needcotour.com
URL: https://needcotour.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/csp-report

Response headers

x-stripe-bg-intended-route-color
green
pragma
no-cache
date
Wed, 08 Mar 2023 01:30:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
cross-origin-opener-policy
same-origin
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
5
x-robots-tag
none
content-length
0
expires
0
out-4.5.42.js
m.stripe.network/ Frame 4433 		86 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Wed, 08 Mar 2023 01:30:09 GMT
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 varnish
age
80
x-cache
HIT
content-length
16031
x-request-id
a2be31a0-172e-4007-b085-8720f01d3e43
x-served-by
cache-hhn-etou8220060-HHN
server
Fastly
x-timer
S1678239009.271623,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
5
6
m.stripe.com/ Frame 4433 		156 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.184.205.88 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-184-205-88.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e6f7becfbc2f22fc47d3f002d5107a8adaa486a2deb5bc6025f4edf0c65755a6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Wed, 08 Mar 2023 01:30:09 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
server
nginx
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
show_list.json
needcotour.com/data/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://needcotour.com/data/show_list.json
Requested by
Host: needcotour.com
URL: https://needcotour.com/build/fan_web.js?835ed98856635de7f579accf3503efe8324c3571
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2600:4:553e:1280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f95f78c39e82447886f1f8f480487424d297f80e7bd620678b1db62aea699f46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://needcotour.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 01:30:10 GMT
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
last-modified
Mon, 06 Mar 2023 23:51:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
etag
"0f3e7721cf923dafe6f27c9bf02fbbb5"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
cache-control
no-cache
accept-ranges
bytes
content-length
1573
x-amz-cf-id
XCiX0MpIfPR5CH_7oS3z9fnjyCcp-dk4mi2NWOG1d7Qx0KI6cyVM7g==
/
ucarecdn.com/4366a555-6f9e-489b-8dbc-b0ff7d929fca/-/quality/smart/-/format/auto/-/progressive/yes/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ucarecdn.com/4366a555-6f9e-489b-8dbc-b0ff7d929fca/-/quality/smart/-/format/auto/-/progressive/yes/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:487b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Uploadcare /
Resource Hash
59a9f51e2a54007f8a2c2668acc7761861a09fe60b70ddbab846d5662d37ca73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://needcotour.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 01:30:10 GMT
x-image-width
1600
server
Uploadcare
etag
"4023150ef3165015f32aec1b71614af9"
vary
accept
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control
public, max-age=31556926
content-disposition
inline
x-image-height
1800
content-length
15344
/
ucarecdn.com/ede1d4e7-508d-4d91-ad33-7048fef8c4f5/-/quality/smart/-/format/auto/-/progressive/yes/ 		163 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ucarecdn.com/ede1d4e7-508d-4d91-ad33-7048fef8c4f5/-/quality/smart/-/format/auto/-/progressive/yes/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::6867:487b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Uploadcare /
Resource Hash
7acf43fce1dd1ff4da2ce2cfb8f49ca131a81a384271a63b079776f53dc7a2a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://needcotour.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 08 Mar 2023 01:30:10 GMT
x-image-width
1600
server
Uploadcare
etag
"842b54c8a4ed6eb91723a31c93d3b022"
vary
accept
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control
public, max-age=31556888
content-disposition
inline
x-image-height
1800
content-length
167295

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| webpackChunkStripeJSouter function| noop function| Stripe object| braintree object| regeneratorRuntime function| startFanWeb

3 Cookies

Domain/Path Name / Value
m.stripe.com/ Name: m
Value: a1af3a6f-bb9c-40df-a211-6812f6e9f00d2759cf
.needcotour.com/ Name: __stripe_mid
Value: b20113b1-d6b0-4440-8560-61ac7444bdbc76351c
.needcotour.com/ Name: __stripe_sid
Value: d8194881-d9ec-4acb-967d-e5f449404e6d868fca

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

js.braintreegateway.com
js.stripe.com
m.stripe.com
m.stripe.network
needcotour.com
q.stripe.com
ucarecdn.com
151.101.64.176
2600:9000:223f:2600:4:553e:1280:93a1
2600:9000:223f:f400:4:553e:1280:93a1
2a02:26f0:11a::6867:487b
54.184.205.88
54.187.119.242
65.9.44.54
99.86.4.9
08f3c60b9d08f9b91c29e76c8a3c10d7dacc614db132072b2e4cf7b91f6229d0
121c1871d91e3e27054d435c9d35aa87f11be583a0d3aadffdf90ed70aea346d
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
3491a46d0db7015d9f9d0f4f43db792c94fdf4d9cd44bcb2702f15ffeae34f56
59a9f51e2a54007f8a2c2668acc7761861a09fe60b70ddbab846d5662d37ca73
60acf7d1a61ee60124a624fe467bb9bc41cac313c6462c6ec42a721c3b23cb78
7acf43fce1dd1ff4da2ce2cfb8f49ca131a81a384271a63b079776f53dc7a2a7
8209392a5b9929a03b0c6365fe3d9199ad77a2b223508c5cc61012caacab45fa
97053f3ac692e9219b08bb8c326260d324aa51d2a9a816ed6fd260092607e20c
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
b23dc12557153d518538d7b2f011ded0be477c1b18ba014e811530bf25650daf
c46bd70559c0fe5398b80e45ef1eb05e3d69b5d6382a9108a8739558c9d6786f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e540d1b016531b41cd92fc36f541bdf46fe06a82787d8e3efccdc79b5c6e0cd1
e6f7becfbc2f22fc47d3f002d5107a8adaa486a2deb5bc6025f4edf0c65755a6
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f95f78c39e82447886f1f8f480487424d297f80e7bd620678b1db62aea699f46