dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com Open in urlscan Pro
52.95.165.29  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	404 Not Found	Primary Request wallet Show response dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/	3 KB 3 KB	593ms 558ms	Document text/html	52.95.165.29 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/wallet?tab=2 Protocol HTTP/1.1 Server 52.95.165.29 São Paulo, Brazil, ASN16509 (AMAZON-02, US), Reverse DNS s3-website-sa-east-1.amazonaws.com Software AmazonS3 / Resource Hash 64f90a26f3fe0c03bcd7ca8e7e6b67cab93e8c60067759663cdcd8112e5d0f17 Request headers Host dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Last-Modified Thu, 15 Apr 2021 08:06:17 GMT ETag "cbe84abaae1abf3d224a0b2ee0d62a7f" x-amz-error-code NoSuchKey x-amz-error-message The specified key does not exist. x-amz-error-detail-Key wallet x-amz-request-id Z0VVJPV1CDXEXJR2 x-amz-id-2 LRQVQ2OY9AqARxL+lGfz5W+VsIe64DALi3byuTBBysmeMpllXMuM3xJeR1XbacUus9cu1wEprtQ= Content-Type text/html Content-Length 2563 Date Thu, 15 Apr 2021 20:32:15 GMT Server AmazonS3
GET H2	200	js Show response www.paypal.com/sdk/	286 KB 88 KB	924ms 817ms	Script application/javascript	151.101.129.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/sdk/js?client-id=AVH522PS0Tp4FWEW3_fWWlVbUxN34KDzfegKYd9LFjy8Dcs0N-sEj2QZlD0nrDDGz1shIOuC127KhKxj Requested by Host: dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com URL: http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/wallet?tab=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash e9c7579798f4bb8110b5c54ef9f5075a6d6dc6023fb30ab4e8f348ccd4d13d8d Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-PQ6YMC34nChk9q7y7Ev6Mwxnj0U2l+YfWtqPQFxkwcXhZBMO' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-PQ6YMC34nChk9q7y7Ev6Mwxnj0U2l+YfWtqPQFxkwcXhZBMO' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-PQ6YMC34nChk9q7y7Ev6Mwxnj0U2l+YfWtqPQFxkwcXhZBMO' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-PQ6YMC34nChk9q7y7Ev6Mwxnj0U2l+YfWtqPQFxkwcXhZBMO' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp content-encoding gzip x-content-type-options nosniff age 0 via 1.1 varnish x-cache MISS p3p true paypal-debug-id 2a1b5d379d948 dc ccg11-origin-www-1.paypal.com vary Accept-Encoding content-length 89350 x-xss-protection 1; mode=block x-served-by cache-hhn4046-HHN x-timer S1618518736.382313,VS0,VE780 x-frame-options SAMEORIGIN date Thu, 15 Apr 2021 20:32:17 GMT strict-transport-security max-age=63072000; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * expires Thu, 15 Apr 2021 21:32:16 GMT cache-control public, max-age=3600, s-maxage=10800 etag W/"15d06-frhOh9cxm5DhJR9uDgi7r3UiuhI" accept-ranges bytes x-cache-hits 0
GET H2	200	polyfill.min.js Show response polyfill.io/v3/	72 B 536 B	45ms 14ms	Script text/javascript	2a04:4e42:200::621 FASTLY
General Check archive.org Show headers Download Go to Full URL https://polyfill.io/v3/polyfill.min.js?version=3.52.1&features=fetch Requested by Host: dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com URL: http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/wallet?tab=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:200::621 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers Referer http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubdomains; preload content-encoding br x-content-type-options nosniff content-type text/javascript; charset=utf-8 age 3065152 detected-user-agent Chrome Mobile/89.0.4389 server-timing HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1 content-length 74 referrer-policy origin-when-cross-origin last-modified Wed, 10 Mar 2021 21:39:16 GMT date Thu, 15 Apr 2021 20:32:16 GMT vary User-Agent, Accept-Encoding access-control-allow-methods GET,HEAD,OPTIONS normalized-user-agent chrome/89.0.0 access-control-allow-origin * cache-control public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800 accept-ranges bytes timing-allow-origin *
GET H2	200	/ Show response js.stripe.com/v3/	223 KB 53 KB	179ms 31ms	Script application/javascript	151.101.112.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/ Requested by Host: dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com URL: http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/wallet?tab=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash d3706094ccfc1d7be1a3ad8432c715b03e069e79b6fd9703c0b1d254e5d1189b Security Headers Name Value Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Apr 2021 20:32:16 GMT content-encoding br vary Accept-Encoding age 274 via 1.1 varnish x-cache HIT content-length 54004 x-amz-id-2 gEcJUcMzIo/AQmHzAPYqsyoooCpy9WjMcu4m9+/WqCrPeSId5b63MM27H62+KeN0DPzBe1bSzKE= x-served-by cache-hhn4048-HHN timing-allow-origin * last-modified Thu, 15 Apr 2021 16:46:42 GMT server AmazonS3 etag "462f84e2ac7ef60d5cb2438b4f61b2ad" strict-transport-security max-age=31556926; includeSubDomains; preload x-amz-request-id D64TXKE0H8PESVJ7 access-control-allow-origin * cache-control public, max-age=300 content-security-policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' accept-ranges bytes content-type application/javascript; charset=utf-8 x-cache-hits 46
GET H/1.1	200 OK	2.d35b5412.chunk.css dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/static/css/	190 KB 191 KB	303ms 302ms	Stylesheet text/css	52.95.165.29 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/static/css/2.d35b5412.chunk.css Requested by Host: dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com URL: http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/wallet?tab=2 Protocol HTTP/1.1 Server 52.95.165.29 São Paulo, Brazil, ASN16509 (AMAZON-02, US), Reverse DNS s3-website-sa-east-1.amazonaws.com Software AmazonS3 / Resource Hash 386aa695c61ca8bd9f9302a54e067eb815a9f1dd33ffa43b1420ecf5b0e1605e Request headers Pragma no-cache Accept-Encoding gzip, deflate Host dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/wallet?tab=2 Connection keep-alive Cache-Control no-cache Referer http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/wallet?tab=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Apr 2021 20:32:17 GMT Last-Modified Thu, 15 Apr 2021 08:06:19 GMT Server AmazonS3 x-amz-request-id Z0VQ1SE1DQZFXABK ETag "0abb1eaabb18bf5aa58a2d5a7cba6ecd" Content-Type text/css Content-Length 194964 x-amz-id-2 myz/nURRZRpku50E2lrCu3jb9B4k4O7aErop2nDzBtbc/cGbOCKSkj0PPGdY4AJu1BV3ZtspLQM=
GET H/1.1	200 OK	main.3c600119.chunk.css dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/static/css/	198 KB 198 KB	567ms 547ms	Stylesheet text/css	52.95.165.29 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/static/css/main.3c600119.chunk.css Requested by Host: dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com URL: http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/wallet?tab=2 Protocol HTTP/1.1 Server 52.95.165.29 São Paulo, Brazil, ASN16509 (AMAZON-02, US), Reverse DNS s3-website-sa-east-1.amazonaws.com Software AmazonS3 / Resource Hash 37bae69204b42dec58cb7ffda3a68a6f5b0c0d38501cfe4a84258e3e6bae871b Request headers Pragma no-cache Accept-Encoding gzip, deflate Host dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/wallet?tab=2 Connection keep-alive Cache-Control no-cache Referer http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/wallet?tab=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Apr 2021 20:32:17 GMT Last-Modified Thu, 15 Apr 2021 08:06:19 GMT Server AmazonS3 x-amz-request-id Z0VPW9978H86Y8Q2 ETag "77b05385ea11c0d7134b6657c0e71cd4" Content-Type text/css Content-Length 202658 x-amz-id-2 TwHIEVv7rzZ3rRGnL9RqOUpNi2T/EXSX4/LKcX5UHUCDP3GkeuXOa8AhWdm9Azyj6Cfvb/gahc4=
GET H/1.1	200 OK	2.2cde3583.chunk.js Show response dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/static/js/	879 KB 880 KB	576ms 556ms	Script application/x-javascript	52.95.165.29 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/static/js/2.2cde3583.chunk.js Requested by Host: dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com URL: http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/wallet?tab=2 Protocol HTTP/1.1 Server 52.95.165.29 São Paulo, Brazil, ASN16509 (AMAZON-02, US), Reverse DNS s3-website-sa-east-1.amazonaws.com Software AmazonS3 / Resource Hash d8543c0be1c6244f7b09eb47a26967e3f10499fb26be7dea881b383aa564ffaf Request headers Pragma no-cache Accept-Encoding gzip, deflate Host dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept */* Referer http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/wallet?tab=2 Connection keep-alive Cache-Control no-cache Referer http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/wallet?tab=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Apr 2021 20:32:17 GMT Last-Modified Thu, 15 Apr 2021 08:06:18 GMT Server AmazonS3 x-amz-request-id Z0VJ6NVH7S8K9MPX ETag "46b28f3df5bd38bd94e2cec895dcc417" Content-Type application/x-javascript Content-Length 900439 x-amz-id-2 SMAmi5y8LkNbw2OHswXLZY85mikq0Yu+C+aNrvZaL87mvfdDCpJIw6wtbfJkRKBiVnINheY1wtI=
GET H/1.1	200 OK	main.d22137cc.chunk.js Show response dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/static/js/	1 MB 1 MB	571ms 551ms	Script application/x-javascript	52.95.165.29 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/static/js/main.d22137cc.chunk.js Requested by Host: dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com URL: http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/wallet?tab=2 Protocol HTTP/1.1 Server 52.95.165.29 São Paulo, Brazil, ASN16509 (AMAZON-02, US), Reverse DNS s3-website-sa-east-1.amazonaws.com Software AmazonS3 / Resource Hash 93801d1dab3b48deacd455ebeb632567e5a0e630020404a2344f959466b6c057 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept */* Referer http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/wallet?tab=2 Connection keep-alive Cache-Control no-cache Referer http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/wallet?tab=2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Thu, 15 Apr 2021 20:32:17 GMT Last-Modified Thu, 15 Apr 2021 08:06:18 GMT Server AmazonS3 x-amz-request-id Z0VYH5C4PYZ8PXJA ETag "223099975010f561fd11f4c3dd6750d4" Content-Type application/x-javascript Content-Length 1164855 x-amz-id-2 TRLzgVC3BtNEKrpJARs6BejWIHIq7OnVwFNDoicOk2pBplXTnpc8uPc62ao+SCF3YnKDeYTljv4=
GET H2	200	polyfill.min.js polyfill.io/v3/	72 B 174 B	13ms 13ms	Other text/javascript	2a04:4e42:200::621 FASTLY
General Check archive.org Show headers Download Go to Full URL https://polyfill.io/v3/polyfill.min.js?version=3.52.1&features=fetch Requested by Host: dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com URL: http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/wallet?tab=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:200::621 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers Referer http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubdomains; preload content-encoding br x-content-type-options nosniff content-type text/javascript; charset=utf-8 age 3065153 detected-user-agent Chrome Mobile/89.0.4389 server-timing HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1 content-length 74 referrer-policy origin-when-cross-origin last-modified Wed, 10 Mar 2021 21:39:16 GMT date Thu, 15 Apr 2021 20:32:17 GMT vary User-Agent, Accept-Encoding access-control-allow-methods GET,HEAD,OPTIONS normalized-user-agent chrome/89.0.0 access-control-allow-origin * cache-control public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800 accept-ranges bytes timing-allow-origin *
GET H2	200	css2 fonts.googleapis.com/	5 KB 648 B	14ms 14ms	Stylesheet text/css	2a00:1450:4001:800::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700&display=swap Requested by Host: dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com URL: http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/static/css/main.3c600119.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 63335463672d8be67b46c8c88a3558edc2cb401fda7077f972e563e39914795d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 15 Apr 2021 19:19:36 GMT server ESF date Thu, 15 Apr 2021 20:32:17 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 15 Apr 2021 20:32:17 GMT
GET H2	200	api.js Show response www.paypalobjects.com/js/external/connect/	19 KB 7 KB	107ms 35ms	Script application/x-javascript	151.101.14.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/js/external/connect/api.js Requested by Host: dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com URL: http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/static/js/main.d22137cc.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software Apache / Resource Hash 259398d0bb7e2f1b196c04aab259f0814bc41227b7a395d4188f406775715bec Security Headers Name Value Strict-Transport-Security max-age=31557600 X-Content-Type-Options nosniff Request headers Referer http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Apr 2021 20:32:18 GMT via 1.1 varnish, 1.1 varnish x-content-type-options nosniff age 33785814 x-cache HIT, HIT surrorage-key /js/external/connect/api.js /js/external/connect/api.js /js/external/connect/api.js /js/external/connect/api.js /js/external/connect/api.js /js/external/connect/api.js /js/external/connect /js/external /js content-encoding gzip vary Accept-Encoding content-length 7101 x-served-by cache-sjc10047-SJC, cache-fra19122-FRA last-modified Tue, 07 May 2019 00:08:26 GMT server Apache x-timer S1618518738.398926,VS0,VE0 strict-transport-security max-age=31557600 access-control-allow-methods GET content-type application/x-javascript access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes access-control-allow-headers x-csrf-token x-cache-hits 2, 458
GET H2	200	m-outer-0cba8a995d163797499ab006bbb6b889.html Show response js.stripe.com/v3/ Frame A05F	215 B 534 B	31ms 31ms	Document text/html	151.101.112.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 0e755df7fd0c4d557bcefdd1186cc8ddb518d001d6ee462335a6debee465090b Security Headers Name Value Content-Security-Policy connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers :method GET :authority js.stripe.com :scheme https :path /v3/m-outer-0cba8a995d163797499ab006bbb6b889.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/ Response headers x-amz-id-2 +bgLMgwyiJm0+mUdohDL9Fsw6S2SiIzVxugUUDEYVB3MagR2B/VrdVCSYtzqWl8cY0j2R48bykg= x-amz-request-id 3SCTE2G18P0BYFVX last-modified Tue, 09 Mar 2021 20:21:15 GMT etag "0cba8a995d163797499ab006bbb6b889" cache-control public, max-age=300 content-type text/html; charset=utf-8 server AmazonS3 content-encoding br accept-ranges bytes date Thu, 15 Apr 2021 20:32:18 GMT via 1.1 varnish age 171 x-served-by cache-hhn4048-HHN x-cache HIT x-cache-hits 374 vary Accept-Encoding access-control-allow-origin * strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * content-security-policy connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline' content-length 129
GET H2	200	m-outer-a7fed991536d116dae496abb616e06f8.js Show response js.stripe.com/v3/fingerprinted/js/ Frame A05F	1 KB 809 B	32ms 32ms	Script application/javascript	151.101.112.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/m-outer-a7fed991536d116dae496abb616e06f8.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash ab54291096b12653d08ff248c02373efdda237c3689ac3bc132c93e1b5fb9ff3 Security Headers Name Value Content-Security-Policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://js.stripe.com/v3/m-outer-0cba8a995d163797499ab006bbb6b889.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 15 Apr 2021 20:32:18 GMT content-encoding br vary Accept-Encoding age 254 via 1.1 varnish x-cache HIT content-length 628 x-amz-id-2 mhh7kVHtDx3Hw04ldTo9Qqa8srbJ1BLsFvl/S1SBMZv5/lT9rtmNHlzrQY1YwsieG87Oeo3sFoY= x-served-by cache-hhn4048-HHN timing-allow-origin * last-modified Tue, 09 Mar 2021 20:21:16 GMT server AmazonS3 etag "356a16407e7a019ffdf35f454b7438a9" strict-transport-security max-age=31556926; includeSubDomains; preload x-amz-request-id 9DBDE5F8ZS4S9HM3 access-control-allow-origin * cache-control public, max-age=300 content-security-policy connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline' accept-ranges bytes content-type application/javascript; charset=utf-8 x-cache-hits 500
GET H2	200	inner.html Show response m.stripe.network/ Frame 2B39	33 KB 13 KB	45ms 17ms	Document text/html	2600:9000:20e8:5c00:19:7d10:bd80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/inner.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-a7fed991536d116dae496abb616e06f8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20e8:5c00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 63429c42ee14e4837aceda0ee0546b64f0d424d9401e94948625e17d126e7778 Security Headers Name Value Content-Security-Policy default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self'; Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers :method GET :authority m.stripe.network :scheme https :path /inner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://js.stripe.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://js.stripe.com/ Response headers content-type text/html; charset=utf-8 server nginx last-modified Fri, 04 Dec 2020 19:17:49 GMT strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * content-security-policy default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self'; content-encoding gzip date Thu, 15 Apr 2021 20:32:18 GMT cache-control public, max-age=300 etag W/"5fca8b5d-84a0" vary Accept-Encoding x-cache Hit from cloudfront via 1.1 5cf5bc69324ade55eebb5e539fa6c2fa.cloudfront.net (CloudFront) x-amz-cf-pop TXL52-C1 x-amz-cf-id pOPmA1iz1RD1gzgh5oBzkW-OU5cuwNKOOMA7oMnHrYBgzMTG-FHIug==
POST H2	200	6 Show response m.stripe.com/ Frame 2B39	156 B 517 B	578ms 194ms	XHR text/plain	54.189.12.68 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/inner.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.189.12.68 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-189-12-68.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 31b4a31609d82ca449ed5d56e45d1675a2c9e1b7305c895cc31e57b8dc9d0fdb Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Thu, 15 Apr 2021 20:32:19 GMT content-encoding gzip x-content-type-options nosniff server nginx vary Accept-Encoding content-type text/plain;charset=utf-8 access-control-allow-origin https://m.stripe.network access-control-allow-credentials true strict-transport-security max-age=31556926; includeSubDomains; preload access-control-allow-headers Content-Type
POST H/1.1	200 OK	logger Show response www.sandbox.paypal.com/xoplatform/logger/api/	874 B 2 KB	203ms 203ms	XHR application/json	173.0.82.77 PAYPAL
General Check archive.org Show headers Download Go to Full URL https://www.sandbox.paypal.com/xoplatform/logger/api/logger Requested by Host: www.paypal.com URL: https://www.paypal.com/sdk/js?client-id=AVH522PS0Tp4FWEW3_fWWlVbUxN34KDzfegKYd9LFjy8Dcs0N-sEj2QZlD0nrDDGz1shIOuC127KhKxj Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 173.0.82.77 , United States, ASN17012 (PAYPAL, US), Reverse DNS Software / Resource Hash e33f5af18b33e165cda05461b38e262959d1bd6af52fe6f611172702427363fe Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff Request headers accept application/json Referer http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 content-type application/json Response headers Date Thu, 15 Apr 2021 20:32:19 GMT X-Content-Type-Options nosniff Etag W/"36a-bxa1GWlrPDgYXNe7pgs0CsA//Uk" Strict-Transport-Security max-age=63072000 Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com Cache-Control max-age=0, no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Paypal-Debug-Id 4a41ca3fa3152 Content-Length 874
OPTIONS H/1.1	200 OK	logger www.sandbox.paypal.com/xoplatform/logger/api/ Frame	0 0	821ms 216ms	Preflight	173.0.82.77 PAYPAL
General Check archive.org Show headers Download Go to Full URL https://www.sandbox.paypal.com/xoplatform/logger/api/logger Protocol HTTP/1.1 Server 173.0.82.77 , United States, ASN17012 (PAYPAL, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000 X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers content-type Access-Control-Allow-Methods POST Access-Control-Allow-Origin http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com Cache-Control max-age=0, no-cache, no-store, must-revalidate Date Thu, 15 Apr 2021 20:32:19 GMT Paypal-Debug-Id 4a41ca206e43e X-Content-Type-Options nosniff Content-Length 0 Strict-Transport-Security max-age=63072000

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| __post_robot_10_0_42___392bea4f31_mja6mzi6mtc object| paypal object| __zoid_9_0_63___392bea4f31_mja6mzi6mtc object| __webpackStripeJSv3Jsonp function| Stripe object| webpackJsonplogin number| 2f1acc6c3a606b082e5eef5e54414ffb object| regeneratorRuntime function| HowlerGlobal object| Howler function| Howl function| Sound function| requirejs function| require function| define object| __paypal_storage__

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: http://dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com/static/js/2.2cde3583.chunk.js(Line 2) Message: TypeError: Cannot read property 'getItem' of null
console-api	warning	URL: https://js.stripe.com/v3/(Line 1) Message: You may test your Stripe.js integration over HTTP. However, live Stripe.js integrations must use HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dev-playroom-webapp.s3-website-sa-east-1.amazonaws.com
fonts.googleapis.com
js.stripe.com
m.stripe.com
m.stripe.network
polyfill.io
www.paypal.com
www.paypalobjects.com
www.sandbox.paypal.com
151.101.112.176
151.101.129.21
151.101.14.133
173.0.82.77
2600:9000:20e8:5c00:19:7d10:bd80:93a1
2a00:1450:4001:800::200a
2a04:4e42:200::621
52.95.165.29
54.189.12.68
0e755df7fd0c4d557bcefdd1186cc8ddb518d001d6ee462335a6debee465090b
259398d0bb7e2f1b196c04aab259f0814bc41227b7a395d4188f406775715bec
31b4a31609d82ca449ed5d56e45d1675a2c9e1b7305c895cc31e57b8dc9d0fdb
37bae69204b42dec58cb7ffda3a68a6f5b0c0d38501cfe4a84258e3e6bae871b
386aa695c61ca8bd9f9302a54e067eb815a9f1dd33ffa43b1420ecf5b0e1605e
63335463672d8be67b46c8c88a3558edc2cb401fda7077f972e563e39914795d
63429c42ee14e4837aceda0ee0546b64f0d424d9401e94948625e17d126e7778
64f90a26f3fe0c03bcd7ca8e7e6b67cab93e8c60067759663cdcd8112e5d0f17
93801d1dab3b48deacd455ebeb632567e5a0e630020404a2344f959466b6c057
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
ab54291096b12653d08ff248c02373efdda237c3689ac3bc132c93e1b5fb9ff3
d3706094ccfc1d7be1a3ad8432c715b03e069e79b6fd9703c0b1d254e5d1189b
d8543c0be1c6244f7b09eb47a26967e3f10499fb26be7dea881b383aa564ffaf
e33f5af18b33e165cda05461b38e262959d1bd6af52fe6f611172702427363fe
e9c7579798f4bb8110b5c54ef9f5075a6d6dc6023fb30ab4e8f348ccd4d13d8d