return.thehennaplug.com Open in urlscan Pro
54.87.111.129 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://return.thehennaplug.com/
Submission: On January 21 via api (January 21st 2024, 5:35:10 pm UTC) from US — Scanned from US

Summary HTTP 137 Redirects Behaviour Indicators

Summary

This website contacted 25 IPs in 2 countries across 18 domains to perform 137 HTTP transactions. The main IP is 54.87.111.129, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is return.thehennaplug.com.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on January 18th 2024. Valid for: 3 months.

This is the only time return.thehennaplug.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	54.87.111.129 54.87.111.129	14618 (AMAZON-AES) (AMAZON-AES)
11	2600:9000:215... 2600:9000:215f:ee00:17:fa3:a5c0:21	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4004:c07::5f	15169 (GOOGLE) (GOOGLE)
18	104.192.33.180 104.192.33.180	33512 (GATEWAY-P...) (GATEWAY-PROCESSING-SERVICES)
8	2600:9000:215... 2600:9000:215f:8800:18:6c16:27c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:215... 2600:9000:215f:6000:1d:16ba:9dc0:21	16509 (AMAZON-02) (AMAZON-02)
7	52.217.136.89 52.217.136.89	16509 (AMAZON-02) (AMAZON-02)
8	2607:f8b0:400... 2607:f8b0:4004:c1d::63	15169 (GOOGLE) (GOOGLE)
6	34.126.138.154 34.126.138.154	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.225.195.69 13.225.195.69	16509 (AMAZON-02) (AMAZON-02)
7	2607:f8b0:400... 2607:f8b0:4004:c17::5e	15169 (GOOGLE) (GOOGLE)
16	2607:f8b0:400... 2607:f8b0:4004:c08::5e	15169 (GOOGLE) (GOOGLE)
2	52.45.193.217 52.45.193.217	14618 (AMAZON-AES) (AMAZON-AES)
2	34.107.203.234 34.107.203.234	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	104.192.33.241 104.192.33.241	33512 (GATEWAY-P...) (GATEWAY-PROCESSING-SERVICES)
6	2607:f8b0:400... 2607:f8b0:4004:c06::5c	15169 (GOOGLE) (GOOGLE)
2	54.230.48.245 54.230.48.245	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a04:4e42:77::84 2a04:4e42:77::84	54113 (FASTLY) (FASTLY)
1 7	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
5	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
2 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a03:2880:f10... 2a03:2880:f103:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2607:f8b0:400... 2607:f8b0:4004:c08::65	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::9c	15169 (GOOGLE) (GOOGLE)
137	25

3 54.87.111.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-111-129.compute-1.amazonaws.com

return.thehennaplug.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:215f:ee00:17:fa3:a5c0:21 (United States)

ASN16509 (AMAZON-02, US)

d2n844f18s487r.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c07::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.192.33.180 (United States)

ASN33512 (GATEWAY-PROCESSING-SERVICES, US)
PTR: 104-192-33-180.safewebservices.com

secure.easypaydirectgateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:215f:8800:18:6c16:27c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tools.luckyorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:215f:6000:1d:16ba:9dc0:21 (United States)

ASN16509 (AMAZON-02, US)

d3uywd90fuiiyf.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.217.136.89 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

samcart-foundation-prod.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4004:c1d::63 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.126.138.154 (Singapore, Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 154.138.126.34.bc.googleusercontent.com

server.thehennaplug.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.195.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-69.yul62.r.cloudfront.net

sockdrawer.snowstorm.samcart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4004:c08::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.193.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-193-217.compute-1.amazonaws.com

snowstorm.samcart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.203.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.203.107.34.bc.googleusercontent.com

settings.luckyorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.192.33.241 (United States)

ASN33512 (GATEWAY-PROCESSING-SERVICES, US)
PTR: 104-192-33-241.safewebservices.com

collectcheckout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c06::5c (Washington, United States)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.230.48.245 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-48-245.yul62.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:77::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.190.43.134 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.128.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::65 (Ashburn, United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::9c (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	gstatic.com fonts.gstatic.com www.gstatic.com	972 KB
18	easypaydirectgateway.com secure.easypaydirectgateway.com	136 KB
16	cloudfront.net d2n844f18s487r.cloudfront.net d3uywd90fuiiyf.cloudfront.net	511 KB
15	google.com www.google.com — Cisco Umbrella Rank: 2 pay.google.com — Cisco Umbrella Rank: 2630 analytics.google.com — Cisco Umbrella Rank: 154	530 KB
10	luckyorange.com tools.luckyorange.com — Cisco Umbrella Rank: 13640 settings.luckyorange.com — Cisco Umbrella Rank: 13616	166 KB
9	thehennaplug.com return.thehennaplug.com server.thehennaplug.com	345 KB
7	snapchat.com 1 redirects tr.snapchat.com — Cisco Umbrella Rank: 922 tr6.snapchat.com — Cisco Umbrella Rank: 1368	2 KB
7	amazonaws.com samcart-foundation-prod.s3.amazonaws.com — Cisco Umbrella Rank: 700333	19 MB
5	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 871	2 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	6 KB
3	samcart.com sockdrawer.snowstorm.samcart.com — Cisco Umbrella Rank: 675654 snowstorm.samcart.com — Cisco Umbrella Rank: 476375	25 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 501	1 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 869	21 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	92 KB
2	sc-static.net sc-static.net — Cisco Umbrella Rank: 1260	36 KB
2	collectcheckout.com collectcheckout.com — Cisco Umbrella Rank: 508494 Failed	13 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79	250 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	185 B
137	18

	Domain	Requested by
18	secure.easypaydirectgateway.com	return.thehennaplug.com secure.easypaydirectgateway.com
16	www.gstatic.com	www.google.com collectcheckout.com pay.google.com www.gstatic.com
11	d2n844f18s487r.cloudfront.net	return.thehennaplug.com
8	www.google.com	return.thehennaplug.com www.gstatic.com www.google.com
8	tools.luckyorange.com	return.thehennaplug.com tools.luckyorange.com
7	fonts.gstatic.com	fonts.googleapis.com return.thehennaplug.com
7	samcart-foundation-prod.s3.amazonaws.com	return.thehennaplug.com
6	tr.snapchat.com	1 redirects sc-static.net return.thehennaplug.com
6	pay.google.com	collectcheckout.com pay.google.com return.thehennaplug.com www.gstatic.com
6	server.thehennaplug.com	return.thehennaplug.com server.thehennaplug.com
5	ct.pinterest.com	s.pinimg.com return.thehennaplug.com
5	d3uywd90fuiiyf.cloudfront.net	return.thehennaplug.com d3uywd90fuiiyf.cloudfront.net
4	fonts.googleapis.com	return.thehennaplug.com client
3	return.thehennaplug.com	d2n844f18s487r.cloudfront.net
2	pixel.tapad.com	2 redirects
2	s.pinimg.com	server.thehennaplug.com s.pinimg.com
2	connect.facebook.net	server.thehennaplug.com connect.facebook.net
2	sc-static.net	server.thehennaplug.com tr.snapchat.com
2	collectcheckout.com	secure.easypaydirectgateway.com collectcheckout.com
2	settings.luckyorange.com	tools.luckyorange.com
2	snowstorm.samcart.com	sockdrawer.snowstorm.samcart.com
1	stats.g.doubleclick.net	server.thehennaplug.com
1	analytics.google.com	server.thehennaplug.com
1	www.facebook.com	return.thehennaplug.com
1	tr6.snapchat.com	sc-static.net
1	sockdrawer.snowstorm.samcart.com	return.thehennaplug.com
137	26

This site contains no links.

Subject Issuer	Validity	Valid
return.thehennaplug.com ZeroSSL ECC Domain Secure Site CA	`2024-01-18` - `2024-04-17`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
secure.easypaydirectgateway.com RapidSSL TLS RSA CA G1	`2024-01-09` - `2025-01-08`	a year	crt.sh
luckyorange.com Amazon RSA 2048 M03	`2023-11-18` - `2024-12-15`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
server.thehennaplug.com R3	`2024-01-04` - `2024-04-03`	3 months	crt.sh
snowstorm.samcart.com Amazon RSA 2048 M02	`2023-10-03` - `2024-10-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
settings.luckyorange.com R3	`2023-12-13` - `2024-03-12`	3 months	crt.sh
collectcheckout.com RapidSSL TLS RSA CA G1	`2023-06-27` - `2024-06-26`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-31` - `2024-01-29`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-07`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://return.thehennaplug.com/
Frame ID: 3A659316F0482C52D3771CEEA7FBFCE2
Requests: 64 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfyULUmAAAAAJld89qgZEGDDIGnjfWqZGBkXh3t&co=aHR0cHM6Ly9yZXR1cm4udGhlaGVubmFwbHVnLmNvbTo0NDM.&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=u3lnu5ospils
Frame ID: 931303C50B9CEA0A259DC578F8EB7884
Requests: 5 HTTP requests in this frame

Frame: https://collectcheckout.com/token/google_pay_field.php?country=US&price=3100&currency=USD&billingAddressRequired=false&billingAddressParameters=%7B%22format%22%3A%22MIN%22%2C%22phoneNumberRequired%22%3Afalse%7D&shippingAddressRequired=false&shippingAddressParameters=%7B%22phoneNumberRequired%22%3Afalse%7D&buttonType=buy&buttonColor=default&buttonLocale=en&totalPriceStatus=FINAL&emailRequired=true&merchantId=948366&merchantName=The+Henna+Plug&cardBrands=%5B%22AMEX%22%2C%22MASTERCARD%22%2C%22VISA%22%2C%22DISCOVER%22%5D&environment=PRODUCTION&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=
Frame ID: 0B14F47C051F6C516EDF40747E4AC528
Requests: 1 HTTP requests in this frame

Frame: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=cvv&title=CVV%20Code&placeholder=CVC&cvvDisplay=show
Frame ID: 72C6887C518224C75926CC8808EDE238
Requests: 1 HTTP requests in this frame

Frame: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=ccnumber&title=Card%20Number&placeholder=Card%20Number&enableCardBrandPreviews=false
Frame ID: 746A8BA84CA5FDAE83878CF7827929E1
Requests: 1 HTTP requests in this frame

Frame: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=ccexp&title=Card%20Expiration&placeholder=MM%20%2F%20YY
Frame ID: D292D1B6D043959CEBF79725C731CC59
Requests: 1 HTTP requests in this frame

Frame: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=cvv&title=CVV%20Code&placeholder=CVC&cvvDisplay=show
Frame ID: F95662FB2733D84C59D7D0115A1C8DAE
Requests: 1 HTTP requests in this frame

Frame: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=ccnumber&title=Card%20Number&placeholder=Card%20Number&enableCardBrandPreviews=false
Frame ID: 16B5B4D3B396329B0A4C93DDF538869E
Requests: 1 HTTP requests in this frame

Frame: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=ccexp&title=Card%20Expiration&placeholder=MM%20%2F%20YY
Frame ID: 171211D7739E34C37AE80CE578B6938F
Requests: 1 HTTP requests in this frame

Frame: https://collectcheckout.com/token/google_pay_field.php?country=US&price=3100&currency=USD&billingAddressRequired=false&billingAddressParameters=%7B%22format%22%3A%22MIN%22%2C%22phoneNumberRequired%22%3Afalse%7D&shippingAddressRequired=false&shippingAddressParameters=%7B%22phoneNumberRequired%22%3Afalse%7D&buttonType=buy&buttonColor=default&buttonLocale=en&totalPriceStatus=FINAL&emailRequired=true&merchantId=948366&merchantName=The+Henna+Plug&cardBrands=%5B%22AMEX%22%2C%22MASTERCARD%22%2C%22VISA%22%2C%22DISCOVER%22%5D&environment=PRODUCTION&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=
Frame ID: FD259A8BACCB06F1661BC83604CF9CE1
Requests: 1 HTTP requests in this frame

Frame: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=cvv&title=CVV%20Code&placeholder=CVC&cvvDisplay=show
Frame ID: 09E797EB809E90D8882A33B1C73E8633
Requests: 6 HTTP requests in this frame

Frame: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=ccnumber&title=Card%20Number&placeholder=Card%20Number&enableCardBrandPreviews=false
Frame ID: 3FE51B313F69A1D8F930B160246B3AF6
Requests: 6 HTTP requests in this frame

Frame: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=ccexp&title=Card%20Expiration&placeholder=MM%20%2F%20YY
Frame ID: 20C20F5B903672072477A3D69A17CDD8
Requests: 6 HTTP requests in this frame

Frame: https://collectcheckout.com/token/google_pay_field.php?country=US&price=3100&currency=USD&billingAddressRequired=false&billingAddressParameters=%7B%22format%22%3A%22MIN%22%2C%22phoneNumberRequired%22%3Afalse%7D&shippingAddressRequired=false&shippingAddressParameters=%7B%22phoneNumberRequired%22%3Afalse%7D&buttonType=buy&buttonColor=default&buttonLocale=en&totalPriceStatus=FINAL&emailRequired=true&merchantId=948366&merchantName=The+Henna+Plug&cardBrands=%5B%22AMEX%22%2C%22MASTERCARD%22%2C%22VISA%22%2C%22DISCOVER%22%5D&environment=PRODUCTION&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=
Frame ID: 14BA500C40590E276511C7013B888E77
Requests: 5 HTTP requests in this frame

Frame: https://tools.luckyorange.com/core/core.js?v=0717bd0
Frame ID: 756D91D211DA2757299B4CD81DE77FB4
Requests: 3 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fcollectcheckout.com&mid=
Frame ID: F837462D2E5080E250FDA2E16E69888D
Requests: 7 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/generate_gpay_btn_img?buttonColor=default&browserLocale=en&buttonSizeMode=fill&enableGpayNewButtonAsset=false&gpayButtonVariantType=1
Frame ID: FC76A893F58E4656E92D8169D5C173F0
Requests: 5 HTTP requests in this frame

Frame: https://tools.luckyorange.com/core/frame.js?v=0717bd0
Frame ID: 8C18D2A02B02C442D8FC3396F1CA5106
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&k=6LfyULUmAAAAAJld89qgZEGDDIGnjfWqZGBkXh3t
Frame ID: FCF8E9B0E61ABDC8D35DF2D47F10C870
Requests: 13 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=77d75460-9838-4ca1-b78d-dbc657a1bb4b&u_scsid=6071a202-e5ea-40b4-bf70-7557b6f23221&u_sclid=2aff65a7-3dd9-42db-a261-0ce98913f705
Frame ID: 8E55DBF78041D7BC016E6405788007F9
Requests: 3 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1705040131734&pnid=140&pcid=5c78802c-fb1b-456f-a3a5-1777c294081e
Frame ID: 7EA73C08F0C2BE8C4B9474C1448019B9
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 887DB8F46C205EE7A2C1E729BB365DD9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Henna Cone Bottle - (Was 39.99)Return Now 31$ - (10.49$ OFF + Free Shipping) Renew Discount* | The Henna PlugCountdown Timer

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

137
Requests

92 %
HTTPS

52 %
IPv6

18
Domains

26
Subdomains

25
IPs

2
Countries

21820 kB
Transfer

27434 kB
Size

26
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 126

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1705858504602&u_scsid=0ce245de-dc9d-48f9-8d20-42e00611e269&u_sclid=5eebeb47-c0cf-478d-ab0c-b678526a160d HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1705040131734%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1705040131734%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://tr.snapchat.com/cm/p?rand=1705040131734&pnid=140&pcid=5c78802c-fb1b-456f-a3a5-1777c294081e

137 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
return.thehennaplug.com/ 756 KB
192 KB 482ms
360ms Document
text/html 54.87.111.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://return.thehennaplug.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.87.111.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-87-111-129.compute-1.amazonaws.com
Software: Caddy nginx /
Resource Hash: a63769857e04d98ae2a69302dd34bcece26537ae4fd0dc6cb0d08d482ca7b358

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000
cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 21 Jan 2024 17:35:01 GMT
server: Caddy nginx
vary: Accept-Encoding

GET
H2 200 bootstrap-2184737d7e.css
d2n844f18s487r.cloudfront.net/modules/templates/v2/shared/styles/ 135 KB
21 KB 143ms
50ms Stylesheet
text/css 2600:9000:215f:ee00:17:fa3:a5c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2n844f18s487r.cloudfront.net/modules/templates/v2/shared/styles/bootstrap-2184737d7e.css
Requested by: Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:ee00:17:fa3:a5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 18c504c84ef00962ae0d1057c10598f8f1f7f4cd90b80e1353b26ecde10ed77b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 08:44:11 GMT
content-encoding: gzip
via: 1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
last-modified: Tue, 19 Dec 2023 21:39:00 GMT
server: nginx
x-amz-cf-pop: YUL62-C2
age: 2278251
etag: W/"65820d74-21c65"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=2628000, public
x-amz-cf-id: TZYJQ5SW14GnioL525T03M9V125DypeCpLBU3BlszLPoGnuCw8XaQQ==
expires: Thu, 25 Jan 2024 18:44:11 GMT

GET
H2 200 app-ff1aed829e.css
d2n844f18s487r.cloudfront.net/modules/templates/v2/shared/styles/ 39 KB
6 KB 138ms
45ms Stylesheet
text/css 2600:9000:215f:ee00:17:fa3:a5c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2n844f18s487r.cloudfront.net/modules/templates/v2/shared/styles/app-ff1aed829e.css
Requested by: Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:ee00:17:fa3:a5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9e7a6754478b97c36c6733dc696d2cb127fc5f06accab9ec631ab457f8844bd6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:27:01 GMT
content-encoding: gzip
via: 1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
last-modified: Tue, 19 Dec 2023 21:39:00 GMT
server: nginx
x-amz-cf-pop: YUL62-C2
age: 2362081
etag: W/"65820d74-9d09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=2628000, public
x-amz-cf-id: RsXRt14g42_EKac7nv3NF2ENALFdzsHjLWYYM358eUNRRn_EvlMgbA==
expires: Wed, 24 Jan 2024 19:27:01 GMT

GET
H2 200 template-d657d2d648.css
d2n844f18s487r.cloudfront.net/modules/templates/v2/multistep/styles/ 311 KB
48 KB 167ms
74ms Stylesheet
text/css 2600:9000:215f:ee00:17:fa3:a5c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2n844f18s487r.cloudfront.net/modules/templates/v2/multistep/styles/template-d657d2d648.css
Requested by: Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:ee00:17:fa3:a5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e39ceba91d501324f97d300d26c7ced3c3c007f2afe6c9509cef9b2b7bd81155

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 06:18:42 GMT
content-encoding: gzip
via: 1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
last-modified: Tue, 26 Dec 2023 18:41:21 GMT
server: nginx
x-amz-cf-pop: YUL62-C2
age: 1595780
etag: W/"658b1e51-4dd97"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=2628000, public
x-amz-cf-id: 2-QGqMtu-2bHCHO_JhsIutpk3Wii9Zpihw9dXaBp77uNvMuauh30Iw==
expires: Fri, 02 Feb 2024 16:18:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 32 KB
2 KB 108ms
43ms Stylesheet
text/css 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700|Roboto:300,400,500,700&display=swap

Requested by

Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

67798c920869a7ddf956242c119137151c042cbbc8aaf1859ae78999e4a7c2c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 Jan 2024 17:35:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 21 Jan 2024 17:35:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Jan 2024 17:35:02 GMT

GET
H/1.1 200
OK Collect.js Show response
secure.easypaydirectgateway.com/token/ 238 KB
69 KB 187ms
58ms Script
text/javascript 104.192.33.180
GATEWAY-PROCESSIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.easypaydirectgateway.com/token/Collect.js
Requested by: Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.192.33.180 , United States, ASN33512 (GATEWAY-PROCESSING-SERVICES, US),
Reverse DNS: 104-192-33-180.safewebservices.com
Software: /
Resource Hash: dbde5e9148a0556f19e92aa5b1e159e54d6d869b2a151db46c2bd6f030dc19eb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 17:35:02 GMT
Content-Encoding: gzip
Via: 1.1 dca1-bit12044
Last-Modified: Thu, 18 Jan 2024 19:03:59 GMT
ETag: "1134e-60f3d06a285c0"
Vary: Accept-encoding,X-Unique-Id
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=30
Content-Length: 70478

GET
H2 200 lo.js Show response
tools.luckyorange.com/core/ 12 KB
5 KB 237ms
51ms Script
text/javascript 2600:9000:215f:8800:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/lo.js?site-id=2e4a6c57
Requested by: Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:8800:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 034f70bbe1abf47451eac2e31cc493e4499bcdd7f4873b469c22afe2ff491f12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:14:52 GMT
content-encoding: gzip
via: 1.1 77f3bc2c9964f50671e7151896d06648.cloudfront.net (CloudFront)
last-modified: Fri, 05 Jan 2024 15:57:09 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C2
age: 1211
etag: "d9ee60aab166c7d2a9ab5749859b7438"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 4483
x-amz-cf-id: cQUne_qX3Dw4KMFiPLN4Iz4G9-4il8C2ZI25mLTTIrX92MAejOqu-g==

GET
H2 200 fontawesome-all.css
d3uywd90fuiiyf.cloudfront.net/css/ 53 KB
12 KB 164ms
38ms Stylesheet
text/css 2600:9000:215f:6000:1d:16ba:9dc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3uywd90fuiiyf.cloudfront.net/css/fontawesome-all.css
Requested by: Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:6000:1d:16ba:9dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:30:23 GMT
content-encoding: gzip
via: 1.1 39379e6e28640430f64b963528b44426.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jul 2021 21:53:40 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C2
age: 326
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=600,must-revalidate
x-amz-cf-id: VsWFmPGCBJHRPpASn1K5u9tM3wPsoaEyjethmulfTNwco0Y76iF_SA==

GET
H2 200 index.css
d3uywd90fuiiyf.cloudfront.net/css/ 354 KB
45 KB 164ms
39ms Stylesheet
text/css 2600:9000:215f:6000:1d:16ba:9dc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3uywd90fuiiyf.cloudfront.net/css/index.css
Requested by: Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:6000:1d:16ba:9dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7207a1248aca15e64dd15b9414e651cfa278e80bd8ef78d5368cd19c2d129650

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:25:58 GMT
content-encoding: br
via: 1.1 39379e6e28640430f64b963528b44426.cloudfront.net (CloudFront)
last-modified: Tue, 14 Nov 2023 15:44:16 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C2
age: 588
x-amz-server-side-encryption: AES256
etag: W/"bc235cedb9815059d8cd97d65716cc68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: egkuKEMtwvTCk9kvbVWthdIutxgL9rCRqZemqezTcs8tca-BIp6HAA==

GET
H2 200 css
fonts.googleapis.com/ 6 KB
2 KB 44ms
42ms Stylesheet
text/css 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Bebas%20Neue|Open%20Sans

Requested by

Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

da059046f349243d0d8035a1f5c99d6acc76d76b74b5d35c8783ade30972d709

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 Jan 2024 17:35:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 21 Jan 2024 17:35:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Jan 2024 17:35:02 GMT

GET
H/1.1 200
OK d83495cb-aada-4bb4-9b1b-8002f7931b9e
samcart-foundation-prod.s3.amazonaws.com/marketplace-160733/assets/ 888 KB
889 KB 201ms
135ms Image
application/octet-stream 52.217.136.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://samcart-foundation-prod.s3.amazonaws.com/marketplace-160733/assets/d83495cb-aada-4bb4-9b1b-8002f7931b9e
Requested by: Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.136.89 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 99f31ce63aebf7737984a673d420571b65cb0e3c589dd25eef208f25721ba641

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 17:35:03 GMT
Last-Modified: Sat, 01 Jul 2023 18:01:37 GMT
Server: AmazonS3
x-amz-request-id: B8YRFEJC1JPCDGJJ
ETag: "ec601ab58607a2cd431580a416c6ed05"
x-amz-server-side-encryption: AES256
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 909633
x-amz-id-2: kpE4CMYplOYct0HRJ+VlTRSz3cfVQvIIzY8wJ1EHtUyyDTgNgN47dQYgDjnG7BB1mOAHcYKBY4I=

GET
H2 200 css
fonts.googleapis.com/ 1 KB
526 B 41ms
41ms Stylesheet
text/css 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Aleo

Requested by

Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

64bd6fc403eeb06230705cfd4fcfc171f84eceabe74a221ae36b28b117aae2f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 Jan 2024 17:35:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 21 Jan 2024 17:27:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Jan 2024 17:35:02 GMT

GET
H/1.1 200
OK 60e9e808-cf14-4cf1-b397-d88db9e4098f
samcart-foundation-prod.s3.amazonaws.com/marketplace-160733/assets/ 1 MB
1 MB 159ms
96ms Image
application/octet-stream 52.217.136.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://samcart-foundation-prod.s3.amazonaws.com/marketplace-160733/assets/60e9e808-cf14-4cf1-b397-d88db9e4098f
Requested by: Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.136.89 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: df6414e24135642fb8e226425b2402d4b2a0d21c84ec7c3956f6482eaaa763d9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 17:35:03 GMT
Last-Modified: Tue, 11 Jul 2023 18:45:48 GMT
Server: AmazonS3
x-amz-request-id: B8YMT4SSBZFKTQDQ
ETag: "0cfec0d0553f6618d88555e537fd2af7"
x-amz-server-side-encryption: AES256
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 1081124
x-amz-id-2: kEL+55jft6+VMsXi/WJrhSdB/Y6NcVYvVxZ6chmYXDka2Xla03tPhUfYUEXF+GOIzPh+OoknoY8=

GET
H/1.1 200
OK 85450677-0f5b-45ff-b70e-c372225fa414
samcart-foundation-prod.s3.amazonaws.com/marketplace-160733/assets/ 11 MB
11 MB 198ms
138ms Image
application/octet-stream 52.217.136.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://samcart-foundation-prod.s3.amazonaws.com/marketplace-160733/assets/85450677-0f5b-45ff-b70e-c372225fa414
Requested by: Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.136.89 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9baec32e103eb2b30cc4aaff66d6c1c26591d6a7a93e523f043ae714def8d79b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 17:35:03 GMT
Last-Modified: Tue, 04 Apr 2023 20:53:23 GMT
Server: AmazonS3
x-amz-request-id: B8YZDJKDFYXQHCZ1
ETag: "ba8f920bfdb04b2c8a5b86be0b9688a3-3"
x-amz-server-side-encryption: AES256
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 11262669
x-amz-id-2: razW0dDX4OqvLToWCxwiLxQSz46LGhmacLXfmHcX5oFyvpu1o37riWvoGzbMCXZoSMr5Q1LWLbc=

GET
H/1.1 200
OK d46961fb-054d-444e-89e1-ecd8fcd4c68b
samcart-foundation-prod.s3.amazonaws.com/marketplace-160733/assets/ 2 MB
2 MB 179ms
119ms Image
application/octet-stream 52.217.136.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://samcart-foundation-prod.s3.amazonaws.com/marketplace-160733/assets/d46961fb-054d-444e-89e1-ecd8fcd4c68b
Requested by: Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.136.89 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: c0184582161e66008a9f391d141d8f03a275f84f9f68e08457c8c02a591d5542

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 17:35:03 GMT
Last-Modified: Sat, 29 Jul 2023 15:55:17 GMT
Server: AmazonS3
x-amz-request-id: B8YR6RZ7PP1BT9NH
ETag: "1090a45364c42ed2bdb357c256a303fe"
x-amz-server-side-encryption: AES256
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 2540125
x-amz-id-2: kE4nGit7reXXFTfm+jYJmvtlxYCRVu/De2rUKUmfMoqqwv6LyWb+XTcHIf+Dt0KCrWOp+jf6mBU=

GET
H/1.1 200
OK 0010e50d-1e19-4b2a-a710-c5924cd71ac4
samcart-foundation-prod.s3.amazonaws.com/marketplace-160733/assets/ 3 MB
3 MB 187ms
126ms Image
application/octet-stream 52.217.136.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://samcart-foundation-prod.s3.amazonaws.com/marketplace-160733/assets/0010e50d-1e19-4b2a-a710-c5924cd71ac4
Requested by: Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.136.89 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7cbb3dfa321e6e38c3b835d7f0439209478b0b792ce1918da6c82642838c4b51

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 17:35:03 GMT
Last-Modified: Sat, 29 Jul 2023 16:05:54 GMT
Server: AmazonS3
x-amz-request-id: B8YMAX8VA5PNRBQ6
ETag: "8be48eda181f5fcc031dde252ddcaf25"
x-amz-server-side-encryption: AES256
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 3215324
x-amz-id-2: V39c1+AHuB0q8GxygquaShZw0PLc5R4xVxjCZTzZJkmJVopzzkdxWZdU7AksZoOh8CvdoMNBLEA=

GET
H/1.1 200
OK 893a56ef-874d-4f13-a98f-425a200d7a45
samcart-foundation-prod.s3.amazonaws.com/marketplace-160733/assets/ 197 KB
198 KB 195ms
111ms Image
application/octet-stream 52.217.136.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://samcart-foundation-prod.s3.amazonaws.com/marketplace-160733/assets/893a56ef-874d-4f13-a98f-425a200d7a45
Requested by: Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.136.89 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e35efd256d9485e4cd861676d976a01f09935d635293542100530b92021f55ed

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 17:35:03 GMT
Last-Modified: Sun, 06 Aug 2023 15:29:11 GMT
Server: AmazonS3
x-amz-request-id: B8YN81QKH5H0EYYS
ETag: "4b2f8dc890cbfec3e516ae4137208103"
x-amz-server-side-encryption: AES256
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 202054
x-amz-id-2: wb1PmzRzh0zQQLkY4KOi/N8pxnheAeAaR/fUph2QumBGE0b0gNhJg8lP6r2AJbByZ0fed8DZQp0=

GET
H/1.1 200
OK 8679e773-f2e7-42a4-a1cf-8963be8348db
samcart-foundation-prod.s3.amazonaws.com/marketplace-160733/assets/ 200 KB
201 KB 104ms
104ms Image
application/octet-stream 52.217.136.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://samcart-foundation-prod.s3.amazonaws.com/marketplace-160733/assets/8679e773-f2e7-42a4-a1cf-8963be8348db
Requested by: Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.136.89 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ac4b3d6835c58c04e37cf835a49d5cdd0f1b0c6fb07e8de2884bf0f7f36a5b3d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 17:35:03 GMT
Last-Modified: Sun, 06 Aug 2023 15:29:18 GMT
Server: AmazonS3
x-amz-request-id: B8YNWJ42BD30ZZH3
ETag: "54bed5a13b3b72257a3a2a727d83b617"
x-amz-server-side-encryption: AES256
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 205176
x-amz-id-2: gEEVsb1L+udUS/n5EexADPTVzjbJqHYM+1xLgCTmLm4wVl5Re9ebLk5V6HxG2Ol2qImlxH3JV1g=

GET
H2 200 restricted-shipping-error.svg
d2n844f18s487r.cloudfront.net/modules/core/images/ 681 B
1 KB 41ms
37ms Image
image/svg+xml 2600:9000:215f:ee00:17:fa3:a5c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2n844f18s487r.cloudfront.net/modules/core/images/restricted-shipping-error.svg
Requested by: Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:ee00:17:fa3:a5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6b8d640c3beaf98bd89bbc6eba69d6e1d200c9bd93f4f0caa6e2de8a0ae7fcfa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 08:12:20 GMT
via: 1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
last-modified: Tue, 19 Dec 2023 21:38:54 GMT
server: nginx
x-amz-cf-pop: YUL62-C2
age: 2539362
etag: "65820d6e-2a9"
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2628000, public
accept-ranges: bytes
content-length: 681
x-amz-cf-id: ahcY68u4OXuyeC5IhgXqhAE45EPMt1pCXQT2yXhqbiETEmP1FykxwA==
expires: Mon, 22 Jan 2024 18:12:20 GMT

GET
H2 200 mastercard-modern.svg
d2n844f18s487r.cloudfront.net/modules/frontend/img/payment/ 11 KB
5 KB 39ms
35ms Image
image/svg+xml 2600:9000:215f:ee00:17:fa3:a5c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2n844f18s487r.cloudfront.net/modules/frontend/img/payment/mastercard-modern.svg
Requested by: Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:ee00:17:fa3:a5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: fc33a96981a3da2f978750677595ef13a66252ceb0dc897981bfe9d8f65787c3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 16:19:00 GMT
content-encoding: gzip
via: 1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
last-modified: Tue, 26 Dec 2023 18:41:17 GMT
server: nginx
x-amz-cf-pop: YUL62-C2
age: 1991762
etag: W/"658b1e4d-2ad2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2628000, public
x-amz-cf-id: LZ7UbTNVoFPMQ82is6Qx5tl6lCmIKs7wEM-Ednx0GcqylBUVIDRDvQ==
expires: Mon, 29 Jan 2024 02:19:00 GMT

GET
H2 200 visa-modern.svg
d2n844f18s487r.cloudfront.net/modules/frontend/img/payment/ 2 KB
1 KB 48ms
45ms Image
image/svg+xml 2600:9000:215f:ee00:17:fa3:a5c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2n844f18s487r.cloudfront.net/modules/frontend/img/payment/visa-modern.svg
Requested by: Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:ee00:17:fa3:a5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e2652bc4f9cf00b59bc05ab7f23248696a438e329cd45f53974854630e9578be

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 02:12:08 GMT
content-encoding: gzip
via: 1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
last-modified: Tue, 26 Dec 2023 18:41:19 GMT
server: nginx
x-amz-cf-pop: YUL62-C2
age: 2215374
etag: W/"658b1e4f-6e9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2628000, public
x-amz-cf-id: 6_F8TmG4gTfFJuFvKMVz0-iEYr_TCVASaAiW3SBjc22q2jiOhl_3xw==
expires: Fri, 26 Jan 2024 12:12:08 GMT

GET
H2 200 discover-modern.svg
d2n844f18s487r.cloudfront.net/modules/frontend/img/payment/ 4 KB
2 KB 39ms
36ms Image
image/svg+xml 2600:9000:215f:ee00:17:fa3:a5c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2n844f18s487r.cloudfront.net/modules/frontend/img/payment/discover-modern.svg
Requested by: Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:ee00:17:fa3:a5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1b1a7912a36621a32fa8e8667dd5c4612fc8830551e4cad165380cdd2b8b76df

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 02:12:08 GMT
content-encoding: gzip
via: 1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
last-modified: Tue, 26 Dec 2023 18:41:17 GMT
server: nginx
x-amz-cf-pop: YUL62-C2
age: 2215374
etag: W/"658b1e4d-fbe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2628000, public
x-amz-cf-id: IRWyY9zfOG6xwB_pV5JycW4OjWfQsZPAF8dpGFX9k7AP1umAuFuY4Q==
expires: Fri, 26 Jan 2024 12:12:08 GMT

GET
H2 200 amex-modern.svg
d2n844f18s487r.cloudfront.net/modules/frontend/img/payment/ 5 KB
2 KB 39ms
37ms Image
image/svg+xml 2600:9000:215f:ee00:17:fa3:a5c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2n844f18s487r.cloudfront.net/modules/frontend/img/payment/amex-modern.svg
Requested by: Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:ee00:17:fa3:a5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b6411db4edf71d1bdf2d17e49fe72b82d2ac6aebcb8e4d9a865e3e8829d69b8b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 03:47:34 GMT
content-encoding: gzip
via: 1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
last-modified: Wed, 03 Jan 2024 16:56:55 GMT
server: nginx
x-amz-cf-pop: YUL62-C2
age: 1259248
etag: W/"659591d7-12bf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2628000, public
x-amz-cf-id: eLLMlb1Horn1tGUTnxWWGqI7udFDjz-lfZv3GStYwC4b6D1Sp0Bmtw==
expires: Tue, 06 Feb 2024 13:47:34 GMT

GET
H2 200 diners-modern.svg
d2n844f18s487r.cloudfront.net/modules/frontend/img/payment/ 78 KB
27 KB 43ms
41ms Image
image/svg+xml 2600:9000:215f:ee00:17:fa3:a5c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2n844f18s487r.cloudfront.net/modules/frontend/img/payment/diners-modern.svg
Requested by: Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:ee00:17:fa3:a5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7d9f39a391cdac16117054240a9d6f385ae34a1f4c21ac369fa1df3df708420a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 17:14:42 GMT
content-encoding: gzip
via: 1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
last-modified: Tue, 26 Dec 2023 18:41:17 GMT
server: nginx
x-amz-cf-pop: YUL62-C2
age: 1902020
etag: W/"658b1e4d-137a8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2628000, public
x-amz-cf-id: k6rHcxxlnGl4gaOLUTscpTBR9pRAFtKG7F3UAGleVHSZGua8LjpUOw==
expires: Tue, 30 Jan 2024 03:14:42 GMT

GET
H2 200 jcb-modern.svg
d2n844f18s487r.cloudfront.net/modules/frontend/img/payment/ 13 KB
4 KB 40ms
38ms Image
image/svg+xml 2600:9000:215f:ee00:17:fa3:a5c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2n844f18s487r.cloudfront.net/modules/frontend/img/payment/jcb-modern.svg
Requested by: Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:ee00:17:fa3:a5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 27a21815eba0a23ba25bd5b3ce8692cdb1edf3c9db32d7631f6b0be9eb8f9853

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 13:49:50 GMT
content-encoding: gzip
via: 1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
last-modified: Tue, 26 Dec 2023 18:41:17 GMT
server: nginx
x-amz-cf-pop: YUL62-C2
age: 2000712
etag: W/"658b1e4d-3590"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2628000, public
x-amz-cf-id: 7kTs-UAjggIInUrUiOXgDlzwp6rxIEwUT6S52P8t_WoVqlQ0FdcDEA==
expires: Sun, 28 Jan 2024 23:49:50 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 120ms
53ms Script
text/javascript 2607:f8b0:4004:c1d::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Requested by

Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a6e80aa1b3bc329d8979418014c5201c0a7eb9c0648a6f491c7e73fd9f942c20

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:35:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 21 Jan 2024 17:35:02 GMT

GET
H2 200 app-298372c089.js Show response
d2n844f18s487r.cloudfront.net/modules/templates/v2/shared/ 487 KB
146 KB 53ms
48ms Script
application/javascript 2600:9000:215f:ee00:17:fa3:a5c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2n844f18s487r.cloudfront.net/modules/templates/v2/shared/app-298372c089.js
Requested by: Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:ee00:17:fa3:a5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 51874a772c56756737a27e1554ef26c3d625aeaca8209813f45bd8dff19636e5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 07:32:58 GMT
content-encoding: gzip
via: 1.1 b7321b4add4495066f8401239ad07f94.cloudfront.net (CloudFront)
last-modified: Mon, 08 Jan 2024 16:34:43 GMT
server: nginx
x-amz-cf-pop: YUL62-C2
age: 1072924
etag: W/"659c2423-79deb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=2628000, public
x-amz-cf-id: f8g6GiDQNPbpQQ8e-1U-cznUXp0KMCcC_xB9fY0Rv5jqnqDbuFkWMA==
expires: Thu, 08 Feb 2024 17:32:58 GMT

POST
H/1.1 200
OK create Show response
secure.easypaydirectgateway.com/token/api/ 328 B
1 KB 534ms
361ms XHR
application/json 104.192.33.180
GATEWAY-PROCESSIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.easypaydirectgateway.com/token/api/create
Requested by: Host: secure.easypaydirectgateway.com
URL: https://secure.easypaydirectgateway.com/token/Collect.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.192.33.180 , United States, ASN33512 (GATEWAY-PROCESSING-SERVICES, US),
Reverse DNS: 104-192-33-180.safewebservices.com
Software: /
Resource Hash: b9a2014baf4e13170636934b88813315d7ccacaeff9a42f7e909c938b9743d04

Request headers

Accept: application/json, text/plain, */*
Referer: https://return.thehennaplug.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Sun, 21 Jan 2024 17:35:02 GMT
Via: 1.1 dca1-bit12044
Vary: X-Unique-Id
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=30

GET
H/1.1 200
OK styles.css
secure.easypaydirectgateway.com/token/ 3 KB
906 B 42ms
41ms Stylesheet
text/css 104.192.33.180
GATEWAY-PROCESSIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.easypaydirectgateway.com/token/styles.css
Requested by: Host: secure.easypaydirectgateway.com
URL: https://secure.easypaydirectgateway.com/token/Collect.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.192.33.180 , United States, ASN33512 (GATEWAY-PROCESSING-SERVICES, US),
Reverse DNS: 104-192-33-180.safewebservices.com
Software: /
Resource Hash: 89bb95574bb591c8ec6e822c04fb80c4f736c8660457490007b302bbda6af46b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 17:35:02 GMT
Content-Encoding: gzip
Via: 1.1 dca1-bit12044
Last-Modified: Thu, 18 Jan 2024 19:03:59 GMT
ETag: "23c-60f3d06a285c0"
Vary: Accept-encoding,X-Unique-Id
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=29
Content-Length: 572

GET
H2 200 qeufyfoi.js Show response
server.thehennaplug.com/ 250 KB
74 KB 937ms
377ms Script
application/javascript 34.126.138.154
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://server.thehennaplug.com/qeufyfoi.js?id=GTM-KPXHF7Z9

Requested by

Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.126.138.154 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

154.138.126.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

f979acaf2aba303e08b1e0cac61e9fdf78fb64ab92ea929020a1521bf962e581

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:35:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
x-xss-protection: 0
expires: Sun, 21 Jan 2024 17:35:02 GMT

GET
H2 200 weoiy2hd.js Show response
sockdrawer.snowstorm.samcart.com/3.13.1/ 74 KB
25 KB 177ms
67ms Script
application/javascript 13.225.195.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sockdrawer.snowstorm.samcart.com/3.13.1/weoiy2hd.js
Requested by: Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.195.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-69.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dffead6a4371e5a178facab7cf528ebad143253fefe79b6b728b9003efe0adf1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 14:05:34 GMT
content-encoding: gzip
via: 1.1 bab918d4b27bc252683dafa737d07e68.cloudfront.net (CloudFront)
x-amz-version-id: oQ6kNVb.8ZXZD06vxAoy1PasWDZWpj6u
x-amz-cf-pop: YUL62-C1
age: 1654169
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24655
last-modified: Mon, 14 Aug 2023 20:03:23 GMT
server: AmazonS3
etag: "c96219787c75e0a6f8bd5265836120a7"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: Oi48PaB8YvSAoja_Kx0pAH-1vvhxTLCFKhwNfhmP2ucGTxVw9aghew==

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 100ms
33ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700|Roboto:300,400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://return.thehennaplug.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 07:19:50 GMT
x-content-type-options: nosniff
age: 123312
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jan 2025 07:19:50 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 18 KB
18 KB 94ms
78ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bebas%20Neue|Open%20Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://return.thehennaplug.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 19:39:20 GMT
x-content-type-options: nosniff
age: 251742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18668
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 19:39:20 GMT

GET
H2 200 c4m61nF8G8_s6gHhIOX0IYBo_KJ3GlP6Fo8.woff2
fonts.gstatic.com/s/aleo/v14/ 14 KB
15 KB 107ms
92ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/aleo/v14/c4m61nF8G8_s6gHhIOX0IYBo_KJ3GlP6Fo8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Aleo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

501c4156a3477737901c60b0307e45788909054d28752d8cbe635e1ea46989d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://return.thehennaplug.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 19:39:55 GMT
x-content-type-options: nosniff
age: 251707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14792
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:03:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Jan 2025 19:39:55 GMT

GET
H2 200 JTUSjIg69CK48gW7PXoo9Wlhyw.woff2
fonts.gstatic.com/s/bebasneue/v14/ 13 KB
14 KB 113ms
98ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bebasneue/v14/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bebas%20Neue|Open%20Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02f5dfc0c21e92f3c724260f035833e627513a1b91230cc490a1ea756c95e5e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://return.thehennaplug.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 07:27:01 GMT
x-content-type-options: nosniff
age: 122881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13820
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:28:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jan 2025 07:27:01 GMT

GET
H2 200 ProximaNova-SemiboldWeb.woff
d3uywd90fuiiyf.cloudfront.net/fonts/ 90 KB
90 KB 460ms
398ms Font
font/woff 2600:9000:215f:6000:1d:16ba:9dc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3uywd90fuiiyf.cloudfront.net/fonts/ProximaNova-SemiboldWeb.woff
Requested by: Host: d3uywd90fuiiyf.cloudfront.net
URL: https://d3uywd90fuiiyf.cloudfront.net/css/index.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:6000:1d:16ba:9dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fea44fa9ec94dd1cdf7aaa11e5749e9f436ca52d13abb80b0be4602b1116725

Request headers

Referer: https://d3uywd90fuiiyf.cloudfront.net/css/index.css
Origin: https://return.thehennaplug.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:35:03 GMT
via: 1.1 ab1abc326c36ea4cd78ce117e4c20e88.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C2
x-cache: RefreshHit from cloudfront
content-length: 91992
last-modified: Wed, 28 Jul 2021 21:53:41 GMT
server: AmazonS3
etag: "7bd3ab933e3a67c1c8a84b62111d5334"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=600,must-revalidate
vary: Accept-Encoding,Origin
accept-ranges: bytes
x-amz-cf-id: XnINRhaZEFncjFi1uDN13R6GB-WTZ2QXYoz2XRyQlptxoRfkd2fQjw==

GET
H2 200 fa-solid-900.woff2
d3uywd90fuiiyf.cloudfront.net/webfonts/ 73 KB
73 KB 423ms
360ms Font
font/woff2 2600:9000:215f:6000:1d:16ba:9dc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3uywd90fuiiyf.cloudfront.net/webfonts/fa-solid-900.woff2
Requested by: Host: d3uywd90fuiiyf.cloudfront.net
URL: https://d3uywd90fuiiyf.cloudfront.net/css/fontawesome-all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:6000:1d:16ba:9dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe

Request headers

Referer: https://d3uywd90fuiiyf.cloudfront.net/css/fontawesome-all.css
Origin: https://return.thehennaplug.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:35:03 GMT
via: 1.1 ab1abc326c36ea4cd78ce117e4c20e88.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C2
x-cache: RefreshHit from cloudfront
content-length: 74256
last-modified: Wed, 28 Jul 2021 21:53:57 GMT
server: AmazonS3
etag: "418dad87601f9c8abd0e5798c0dc1feb"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600,must-revalidate
vary: Accept-Encoding,Origin
accept-ranges: bytes
x-amz-cf-id: b0_v6FT53HV384hrZWK9TxRMAvOn8P4t9lbbvYRj6KZXb0h4vPfsfA==

GET
H2 200 RadomirTinkovGilroySemiBold.woff2
d3uywd90fuiiyf.cloudfront.net/fonts/ 25 KB
26 KB 391ms
329ms Font
font/woff2 2600:9000:215f:6000:1d:16ba:9dc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3uywd90fuiiyf.cloudfront.net/fonts/RadomirTinkovGilroySemiBold.woff2
Requested by: Host: d3uywd90fuiiyf.cloudfront.net
URL: https://d3uywd90fuiiyf.cloudfront.net/css/index.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:6000:1d:16ba:9dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0712c9937ced3090efee4f37038e909eb2818dd7fdcbef19f0a4f684118dca8f

Request headers

Referer: https://d3uywd90fuiiyf.cloudfront.net/css/index.css
Origin: https://return.thehennaplug.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:35:03 GMT
via: 1.1 ab1abc326c36ea4cd78ce117e4c20e88.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C2
x-cache: RefreshHit from cloudfront
content-length: 25872
last-modified: Wed, 28 Jul 2021 21:53:41 GMT
server: AmazonS3
etag: "0f0b3d970e98922319bf7dfba66cb15c"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600,must-revalidate
vary: Accept-Encoding,Origin
accept-ranges: bytes
x-amz-cf-id: hMEsQTtoXFVZZTwGDQGAqAGpWrgbgEs77gCb4nbdX3kitpqQZHtF6w==

POST
H2 200 context Show response
return.thehennaplug.com/api/v2/checkout/ 3 KB
1 KB 318ms
318ms XHR
application/json 54.87.111.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://return.thehennaplug.com/api/v2/checkout/context
Requested by: Host: d2n844f18s487r.cloudfront.net
URL: https://d2n844f18s487r.cloudfront.net/modules/templates/v2/shared/app-298372c089.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.87.111.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-87-111-129.compute-1.amazonaws.com
Software: Caddy, nginx /
Resource Hash: 055bbe9e9a32339245919a3493cccd562264c1ec0dfc3e8959db87e331a565c1

Request headers

Accept: application/json, text/plain, */*
Referer: https://return.thehennaplug.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 21 Jan 2024 17:35:02 GMT
cache-control: no-cache, private
content-encoding: gzip
server: Caddy, nginx
alt-svc: h3=":443"; ma=2592000
vary: Accept-Encoding
content-type: application/json

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ 503 KB
202 KB 102ms
35ms Script
text/javascript 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52c308157b0f273a5f4f67bb4f28ccf47c24a68fbc7d0226d49bf4eebacfdf97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://return.thehennaplug.com/
Origin: https://return.thehennaplug.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206076
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Jan 2025 15:56:26 GMT

OPTIONS
H2 200 tp2
snowstorm.samcart.com/com.snowplowanalytics.snowplow/ Frame 0
0 215ms
118ms Preflight 52.45.193.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://snowstorm.samcart.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.193.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-193-217.compute-1.amazonaws.com
Software: akka-http/10.2.9 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://return.thehennaplug.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://return.thehennaplug.com
access-control-max-age: 5
content-length: 0
date: Sun, 21 Jan 2024 17:35:02 GMT
server: akka-http/10.2.9

POST
H2 200 tp2 Show response
snowstorm.samcart.com/com.snowplowanalytics.snowplow/ 2 B
333 B 125ms
44ms XHR
text/plain 52.45.193.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://snowstorm.samcart.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: sockdrawer.snowstorm.samcart.com
URL: https://sockdrawer.snowstorm.samcart.com/3.13.1/weoiy2hd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.193.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-193-217.compute-1.amazonaws.com
Software: akka-http/10.2.9 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://return.thehennaplug.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://return.thehennaplug.com
date: Sun, 21 Jan 2024 17:35:02 GMT
access-control-allow-credentials: true
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
server: akka-http/10.2.9
content-length: 2
content-type: text/plain; charset=UTF-8

GET
H2 200 2e4a6c57 Show response
settings.luckyorange.com/ 4 KB
2 KB 257ms
256ms Fetch
application/json 34.107.203.234
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://settings.luckyorange.com/2e4a6c57
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/lo.js?site-id=2e4a6c57
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 234.203.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 962be05f67771929cf9871a83a9698b123519681174fa9d645cb007499247123

Request headers

Referer: https://return.thehennaplug.com/
accept-language: en-US,en;q=0.9
x-lucky-uid: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
x-lucky-referrer

Response headers

date: Sun, 21 Jan 2024 17:35:02 GMT
content-encoding: gzip
via: 1.1 google
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://return.thehennaplug.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 2e4a6c57
settings.luckyorange.com/ Frame 0
0 141ms
61ms Preflight 34.107.203.234
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://settings.luckyorange.com/2e4a6c57
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 234.203.107.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-lucky-referrer,x-lucky-uid
Access-Control-Request-Method: GET
Origin: https://return.thehennaplug.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id,X-Lucky-Referrer
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://return.thehennaplug.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 21 Jan 2024 17:35:02 GMT
via: 1.1 google

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 9313 44 KB
28 KB 85ms
84ms Document
text/html 2607:f8b0:4004:c1d::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfyULUmAAAAAJld89qgZEGDDIGnjfWqZGBkXh3t&co=aHR0cHM6Ly9yZXR1cm4udGhlaGVubmFwbHVnLmNvbTo0NDM.&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=u3lnu5ospils

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b58b06dead6769a211ce93387e55d0084ce815d9eb9698bec2eb90299517ce2c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EiThgyp9scaPRX9rzUomIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://return.thehennaplug.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-EiThgyp9scaPRX9rzUomIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 17:35:02 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET google_pay_field.php
collectcheckout.com/token/ Frame 0B14 0
0

GET inline.php
secure.easypaydirectgateway.com/token/ Frame 72C6 0
0

GET inline.php
secure.easypaydirectgateway.com/token/ Frame 746A 0
0

GET inline.php
secure.easypaydirectgateway.com/token/ Frame D292 0
0

GET inline.php
secure.easypaydirectgateway.com/token/ Frame F956 0
0

GET inline.php
secure.easypaydirectgateway.com/token/ Frame 16B5 0
0

GET inline.php
secure.easypaydirectgateway.com/token/ Frame 1712 0
0

GET google_pay_field.php
collectcheckout.com/token/ Frame FD25 0
0

GET
H/1.1 200
OK inline.php Show response
secure.easypaydirectgateway.com/token/ Frame 09E7 2 KB
3 KB 1451ms
1393ms Document
text/html 104.192.33.180
GATEWAY-PROCESSIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=cvv&title=CVV%20Code&placeholder=CVC&cvvDisplay=show
Requested by: Host: secure.easypaydirectgateway.com
URL: https://secure.easypaydirectgateway.com/token/Collect.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.192.33.180 , United States, ASN33512 (GATEWAY-PROCESSING-SERVICES, US),
Reverse DNS: 104-192-33-180.safewebservices.com
Software: /
Resource Hash: 20d7be5f23d610e54239bee71dc090239a14a51f6235d75f2608502cc3b59e04

Request headers

Referer: https://return.thehennaplug.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Sun, 21 Jan 2024 17:35:02 GMT
Keep-Alive: timeout=2, max=30
Transfer-Encoding: chunked
Vary: X-Unique-Id
Via: 1.1 dca1-bit12044

GET
H/1.1 200
OK inline.php Show response
secure.easypaydirectgateway.com/token/ Frame 3FE5 3 KB
3 KB 1447ms
1392ms Document
text/html 104.192.33.180
GATEWAY-PROCESSIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=ccnumber&title=Card%20Number&placeholder=Card%20Number&enableCardBrandPreviews=false
Requested by: Host: secure.easypaydirectgateway.com
URL: https://secure.easypaydirectgateway.com/token/Collect.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.192.33.180 , United States, ASN33512 (GATEWAY-PROCESSING-SERVICES, US),
Reverse DNS: 104-192-33-180.safewebservices.com
Software: /
Resource Hash: 045dd796035584c8f4c818be703abc36ceb5048e8af42597c1bc5bbabc69e29d

Request headers

Referer: https://return.thehennaplug.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Sun, 21 Jan 2024 17:35:02 GMT
Keep-Alive: timeout=2, max=30
Transfer-Encoding: chunked
Vary: X-Unique-Id
Via: 1.1 dca1-bit12044

GET
H/1.1 200
OK inline.php Show response
secure.easypaydirectgateway.com/token/ Frame 20C2 2 KB
3 KB 1446ms
1392ms Document
text/html 104.192.33.180
GATEWAY-PROCESSIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=ccexp&title=Card%20Expiration&placeholder=MM%20%2F%20YY
Requested by: Host: secure.easypaydirectgateway.com
URL: https://secure.easypaydirectgateway.com/token/Collect.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.192.33.180 , United States, ASN33512 (GATEWAY-PROCESSING-SERVICES, US),
Reverse DNS: 104-192-33-180.safewebservices.com
Software: /
Resource Hash: ad471abcaeca48ceccf8d7365f3e0af813a0ce026855119f6bec4db68e455196

Request headers

Referer: https://return.thehennaplug.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Sun, 21 Jan 2024 17:35:02 GMT
Keep-Alive: timeout=2, max=30
Transfer-Encoding: chunked
Vary: X-Unique-Id
Via: 1.1 dca1-bit12044

GET
H/1.1 200
OK google_pay_field.php Show response
collectcheckout.com/token/ Frame 14BA 542 B
776 B 130ms
55ms Document
text/html 104.192.33.241
GATEWAY-PROCESSIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://collectcheckout.com/token/google_pay_field.php?country=US&price=3100&currency=USD&billingAddressRequired=false&billingAddressParameters=%7B%22format%22%3A%22MIN%22%2C%22phoneNumberRequired%22%3Afalse%7D&shippingAddressRequired=false&shippingAddressParameters=%7B%22phoneNumberRequired%22%3Afalse%7D&buttonType=buy&buttonColor=default&buttonLocale=en&totalPriceStatus=FINAL&emailRequired=true&merchantId=948366&merchantName=The+Henna+Plug&cardBrands=%5B%22AMEX%22%2C%22MASTERCARD%22%2C%22VISA%22%2C%22DISCOVER%22%5D&environment=PRODUCTION&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=
Requested by: Host: secure.easypaydirectgateway.com
URL: https://secure.easypaydirectgateway.com/token/Collect.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.192.33.241 , United States, ASN33512 (GATEWAY-PROCESSING-SERVICES, US),
Reverse DNS: 104-192-33-241.safewebservices.com
Software: /
Resource Hash: 12d05bb8be09626e1d1c81168d3b6000d6299714206f11a71dafdae67f3abfb5

Request headers

Referer: https://return.thehennaplug.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Sun, 21 Jan 2024 17:35:02 GMT
Keep-Alive: timeout=2, max=30
Transfer-Encoding: chunked
Vary: X-Unique-Id
Via: 1.1 dca1-bit20012

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 9313 55 KB
24 KB 98ms
34ms Stylesheet
text/css 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfyULUmAAAAAJld89qgZEGDDIGnjfWqZGBkXh3t&co=aHR0cHM6Ly9yZXR1cm4udGhlaGVubmFwbHVnLmNvbTo0NDM.&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=u3lnu5ospils

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Jan 2025 15:56:26 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 9313 503 KB
201 KB 116ms
52ms Script
text/javascript 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52c308157b0f273a5f4f67bb4f28ccf47c24a68fbc7d0226d49bf4eebacfdf97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206076
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Jan 2025 15:56:26 GMT

GET
H2 200 core.js Show response
tools.luckyorange.com/core/ Frame 756D 211 KB
64 KB 428ms
122ms Script
text/javascript 2600:9000:215f:8800:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/core.js?v=0717bd0
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/lo.js?site-id=2e4a6c57
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:8800:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bac63ad77e8f9e2c5234d5c9ebfedbf5a3472d7f66af46dc8cf54138f33b9139

Request headers

Referer
Origin: https://return.thehennaplug.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:35:04 GMT
content-encoding: gzip
via: 1.1 ab1abc326c36ea4cd78ce117e4c20e88.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 64951
last-modified: Fri, 05 Jan 2024 15:57:10 GMT
server: AmazonS3
etag: "ad552fed96a464c9eb1d28c50b25c100"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: hkFaPhael3zagqho3Fn7GL3V9KN6KTDJZo2Jg9BNq2wNDnWDcIltHQ==

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 14BA 119 KB
36 KB 392ms
75ms Script
application/javascript 2607:f8b0:4004:c06::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: collectcheckout.com
URL: https://collectcheckout.com/token/google_pay_field.php?country=US&price=3100&currency=USD&billingAddressRequired=false&billingAddressParameters=%7B%22format%22%3A%22MIN%22%2C%22phoneNumberRequired%22%3Afalse%7D&shippingAddressRequired=false&shippingAddressParameters=%7B%22phoneNumberRequired%22%3Afalse%7D&buttonType=buy&buttonColor=default&buttonLocale=en&totalPriceStatus=FINAL&emailRequired=true&merchantId=948366&merchantName=The+Henna+Plug&cardBrands=%5B%22AMEX%22%2C%22MASTERCARD%22%2C%22VISA%22%2C%22DISCOVER%22%5D&environment=PRODUCTION&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b13ac5db06aaef364bbea670ddcd08f23abd89018ced6134df333c0b35251afc

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-aN9H3CBiZCtmhPSC-18n_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://collectcheckout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:35:03 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-aN9H3CBiZCtmhPSC-18n_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjqtHikmLw1pBiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-PqSSQKI1YB4h48Hi5jPdNY34dNZ2SKms8bVTWfNAWK-ddNZNddPZ22JnsE6CYid0mewBgCxEA_H8dVb17IJTNg5dREjAOHbNvM"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sun, 21 Jan 2024 17:35:03 GMT

GET
H/1.1 200
OK google_pay_field.js Show response
collectcheckout.com/token/ Frame 14BA 38 KB
13 KB 372ms
372ms Script
text/javascript 104.192.33.241
GATEWAY-PROCESSIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://collectcheckout.com/token/google_pay_field.js?assetVersion=1705604510
Requested by: Host: collectcheckout.com
URL: https://collectcheckout.com/token/google_pay_field.php?country=US&price=3100&currency=USD&billingAddressRequired=false&billingAddressParameters=%7B%22format%22%3A%22MIN%22%2C%22phoneNumberRequired%22%3Afalse%7D&shippingAddressRequired=false&shippingAddressParameters=%7B%22phoneNumberRequired%22%3Afalse%7D&buttonType=buy&buttonColor=default&buttonLocale=en&totalPriceStatus=FINAL&emailRequired=true&merchantId=948366&merchantName=The+Henna+Plug&cardBrands=%5B%22AMEX%22%2C%22MASTERCARD%22%2C%22VISA%22%2C%22DISCOVER%22%5D&environment=PRODUCTION&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.192.33.241 , United States, ASN33512 (GATEWAY-PROCESSING-SERVICES, US),
Reverse DNS: 104-192-33-241.safewebservices.com
Software: /
Resource Hash: 24a8985a32d15bd7629b69958243de9c096ca274dbb8c1c788848248cb453b35

Request headers

accept-language: en-US,en;q=0.9
Referer: https://collectcheckout.com/token/google_pay_field.php?country=US&price=3100&currency=USD&billingAddressRequired=false&billingAddressParameters=%7B%22format%22%3A%22MIN%22%2C%22phoneNumberRequired%22%3Afalse%7D&shippingAddressRequired=false&shippingAddressParameters=%7B%22phoneNumberRequired%22%3Afalse%7D&buttonType=buy&buttonColor=default&buttonLocale=en&totalPriceStatus=FINAL&emailRequired=true&merchantId=948366&merchantName=The+Henna+Plug&cardBrands=%5B%22AMEX%22%2C%22MASTERCARD%22%2C%22VISA%22%2C%22DISCOVER%22%5D&environment=PRODUCTION&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 17:35:03 GMT
Content-Encoding: gzip
Via: 1.1 dca1-bit20012
Last-Modified: Thu, 18 Jan 2024 19:03:59 GMT
ETag: "318e-60f3d06a285c0"
Vary: Accept-encoding,X-Unique-Id
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=29
Content-Length: 12686

POST
H2 200 context Show response
return.thehennaplug.com/api/v2/checkout/ 3 KB
1 KB 231ms
230ms XHR
application/json 54.87.111.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://return.thehennaplug.com/api/v2/checkout/context
Requested by: Host: d2n844f18s487r.cloudfront.net
URL: https://d2n844f18s487r.cloudfront.net/modules/templates/v2/shared/app-298372c089.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.87.111.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-87-111-129.compute-1.amazonaws.com
Software: Caddy, nginx /
Resource Hash: 055bbe9e9a32339245919a3493cccd562264c1ec0dfc3e8959db87e331a565c1

Request headers

Accept: application/json, text/plain, */*
Referer: https://return.thehennaplug.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 21 Jan 2024 17:35:03 GMT
cache-control: no-cache, private
content-encoding: gzip
server: Caddy, nginx
alt-svc: h3=":443"; ma=2592000
vary: Accept-Encoding
content-type: application/json

GET
H3 200 -710oj34v55h_Gg58QwrAW9kZvh6rWuRmGCjJSYFrTc.js Show response
www.google.com/js/bg/ Frame 9313 17 KB
7 KB 55ms
54ms Script
text/javascript 2607:f8b0:4004:c1d::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/-710oj34v55h_Gg58QwrAW9kZvh6rWuRmGCjJSYFrTc.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbbd74a23df8bf9e61fc6839f10c2b016f6466f87aad6b919860a3252605ad37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfyULUmAAAAAJld89qgZEGDDIGnjfWqZGBkXh3t&co=aHR0cHM6Ly9yZXR1cm4udGhlaGVubmFwbHVnLmNvbTo0NDM.&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=u3lnu5ospils
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:20:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8086
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6910
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Jan 2025 15:20:17 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 9313 102 B
135 B 49ms
49ms Other
text/javascript 2607:f8b0:4004:c1d::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

28bd191bba13945f81b09f2df5f54b9208309f4da0e7bb202c1e61c7adf039b9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfyULUmAAAAAJld89qgZEGDDIGnjfWqZGBkXh3t&co=aHR0cHM6Ly9yZXR1cm4udGhlaGVubmFwbHVnLmNvbTo0NDM.&hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&size=invisible&cb=u3lnu5ospils
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:35:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 21 Jan 2024 17:35:03 GMT

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame F837 19 KB
8 KB 67ms
66ms Document
text/html 2607:f8b0:4004:c06::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fcollectcheckout.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3b827fdd15a82541ad29ed75482acbdd8e3b1c7b2d74feea6cb1a6a58936b346

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cXpKRr4pKC_TCG8Kufe7zg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://collectcheckout.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-cXpKRr4pKC_TCG8Kufe7zg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Sun, 21 Jan 2024 17:35:03 GMT
expires: Sun, 21 Jan 2024 17:35:03 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzjqtHikmLw1pBiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-PqSSQKI1YB4h48Hi5jPdNY34dNZ2SKms8bVTWfNAWK-ddNZNddPZ22JnsE6CYid0mewBgCxEA_H8dVb17IJNGyZ8JARAOHmNxg"
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 14BA 7 KB
1 KB 43ms
43ms Stylesheet
text/css 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans:500

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bd73795a36105df3f2ae20f25b799ee4e9c4d73c3671d5110d551cd2236b9847

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://collectcheckout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 21 Jan 2024 17:35:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 21 Jan 2024 16:41:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 21 Jan 2024 17:35:03 GMT

GET
H2 200 generate_gpay_btn_img Show response
pay.google.com/gp/p/ Frame FC76 25 KB
10 KB 69ms
69ms Document
text/html 2607:f8b0:4004:c06::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/generate_gpay_btn_img?buttonColor=default&browserLocale=en&buttonSizeMode=fill&enableGpayNewButtonAsset=false&gpayButtonVariantType=1

Requested by

Host: collectcheckout.com
URL: https://collectcheckout.com/token/google_pay_field.js?assetVersion=1705604510

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2331885a8848409a522268a4f9598cd161a949f8d85a4cf5c3be02f1cfec889d

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport script-src 'report-sample' 'nonce-xJ2hF4_f_N5_OUWUSXdlUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://collectcheckout.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport script-src 'report-sample' 'nonce-xJ2hF4_f_N5_OUWUSXdlUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayButtonUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Sun, 21 Jan 2024 17:35:03 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayButtonUi/web-reports?context=eJzjqtHikmLw1pBiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-PqSSQKI1YB4h48Hi5jPdNY34dNZ2SKms8bVTWfNAWK-ddNZNddPZ22JnsE6CYid0mewBgCxEA_H8dVb17IJnGjY8owRAOL0N1U"
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H3 200 payment_white_36dp.png
www.gstatic.com/images/icons/material/system/1x/ Frame 14BA 149 B
173 B 33ms
33ms Image
image/png 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/1x/payment_white_36dp.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

004d7aa90e2889f6291a71c84ac3d3e394e0cade32bd41dc214736418f769181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://collectcheckout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 16:12:25 GMT
x-content-type-options: nosniff
age: 177758
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 149
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 18 Jan 2025 16:12:25 GMT

GET
H2 200 frame.js Show response
tools.luckyorange.com/core/ Frame 3FE5 59 KB
19 KB 122ms
120ms Script
text/javascript 2600:9000:215f:8800:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/frame.js?v=0717bd0
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/core.js?v=0717bd0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:8800:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a614a9ab1cb7c3dc05826c53153c5cc0122cb32d19a86823440336bdc603d6ad

Request headers

Referer
Origin: https://return.thehennaplug.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:35:04 GMT
content-encoding: gzip
via: 1.1 ab1abc326c36ea4cd78ce117e4c20e88.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 18962
last-modified: Fri, 05 Jan 2024 15:57:09 GMT
server: AmazonS3
etag: "6542c364c781d2c0c60917aef3199ebf"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: XO2kOnbNwlTletGzwIk6Oaruj_QgBPMHl01RJxCLRLPRYpjJiR71-A==

GET
H2 200 frame.js Show response
tools.luckyorange.com/core/ Frame 20C2 59 KB
19 KB 137ms
136ms Script
text/javascript 2600:9000:215f:8800:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/frame.js?v=0717bd0
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/core.js?v=0717bd0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:8800:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a614a9ab1cb7c3dc05826c53153c5cc0122cb32d19a86823440336bdc603d6ad

Request headers

Referer
Origin: https://return.thehennaplug.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:35:04 GMT
content-encoding: gzip
via: 1.1 ab1abc326c36ea4cd78ce117e4c20e88.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 18962
last-modified: Fri, 05 Jan 2024 15:57:09 GMT
server: AmazonS3
etag: "6542c364c781d2c0c60917aef3199ebf"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: yAmCPz-l_azOFFeBbTW_Rai7WNMJGQNVcC4L2TwfzrOr2uEbzl8T-w==

GET
H2 200 frame.js Show response
tools.luckyorange.com/core/ Frame 09E7 59 KB
19 KB 132ms
131ms Script
text/javascript 2600:9000:215f:8800:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/frame.js?v=0717bd0
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/core.js?v=0717bd0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:8800:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a614a9ab1cb7c3dc05826c53153c5cc0122cb32d19a86823440336bdc603d6ad

Request headers

Referer
Origin: https://return.thehennaplug.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:35:04 GMT
content-encoding: gzip
via: 1.1 ab1abc326c36ea4cd78ce117e4c20e88.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 18962
last-modified: Fri, 05 Jan 2024 15:57:09 GMT
server: AmazonS3
etag: "6542c364c781d2c0c60917aef3199ebf"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 7v1X9oN4o7EBMKRC2Ds9h_MeS4L693-uCTv6rrTfbRzlTs5EYvxk1A==

GET
H2 200 frame.js Show response
tools.luckyorange.com/core/ Frame 8C18 59 KB
19 KB 127ms
127ms Script
text/javascript 2600:9000:215f:8800:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/frame.js?v=0717bd0
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/core.js?v=0717bd0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:8800:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a614a9ab1cb7c3dc05826c53153c5cc0122cb32d19a86823440336bdc603d6ad

Request headers

Referer
Origin: https://return.thehennaplug.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:35:04 GMT
content-encoding: gzip
via: 1.1 ab1abc326c36ea4cd78ce117e4c20e88.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 18962
last-modified: Fri, 05 Jan 2024 15:57:09 GMT
server: AmazonS3
etag: "6542c364c781d2c0c60917aef3199ebf"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: KtfD7823Qq6nzdqPAO3-qITrOnR_hlBC0meIF8gTgfJK8K9C3QRygg==

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.bOosQTfFq1k.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMi... Frame F837 159 KB
56 KB 33ms
32ms Script
text/javascript 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.bOosQTfFq1k.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhWHr0ojl6J-aeZIZzrojbgADJqqA/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fcollectcheckout.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5dd6e4e639dea5364abd4a1a4d012365c53118ebab7b4a4a2fddd0b9728dae95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 17:29:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57380
x-xss-protection: 0
last-modified: Fri, 19 Jan 2024 06:34:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 17:29:01 GMT

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.Kq_ufxf3pMM.es5.O/am=gEFg/d=1/excm=_b,_tp,generategooglepaybuttonimage/ed=1/dg=0/... Frame FC76 162 KB
57 KB 36ms
36ms Script
text/javascript 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.Kq_ufxf3pMM.es5.O/am=gEFg/d=1/excm=_b,_tp,generategooglepaybuttonimage/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjZRMoz2kzcgL9l43VsF_rjbjxrdw/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/generate_gpay_btn_img?buttonColor=default&browserLocale=en&buttonSizeMode=fill&enableGpayNewButtonAsset=false&gpayButtonVariantType=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

445865d36e511d1eb92aed23bde38b2467bbe9215bca366ab119e9704d932133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 18:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167976
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58319
x-xss-protection: 0
last-modified: Fri, 19 Jan 2024 06:34:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 18:55:27 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame F837 2 KB
2 KB 131ms
130ms Other
text/html 2607:f8b0:4004:c06::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c06::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 21 Jan 2024 17:35:03 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayButtonUi/ Frame FC76 2 KB
2 KB 130ms
130ms Other
text/html 2607:f8b0:4004:c06::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayButtonUi/cspreport
Requested by: Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4004:c06::5c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 65ff9ae6d7be23f1b0164644acc1c8af7d7daccc143c976fd133b5b19f0505ff

Request headers

Referer: https://pay.google.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 21 Jan 2024 17:35:03 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1609
content-type: text/html; charset=UTF-8

GET
H2 200 gtqeufyfoi.js Show response
server.thehennaplug.com/ 226 KB
74 KB 345ms
345ms Script
application/javascript 34.126.138.154
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://server.thehennaplug.com/gtqeufyfoi.js?id=G-714YK42R0D&l=dataLayer&cx=c

Requested by

Host: server.thehennaplug.com
URL: https://server.thehennaplug.com/qeufyfoi.js?id=GTM-KPXHF7Z9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.126.138.154 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

154.138.126.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a4538e1c9ecf0e4b188771f205a38159c0a23a1477c451713721c6979798b0f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:35:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
x-robots-tag: noindex
access-control-allow-headers: Cache-Control
x-xss-protection: 0
expires: Sun, 21 Jan 2024 17:35:04 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 41 KB
18 KB 335ms
246ms Script
application/javascript 54.230.48.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: server.thehennaplug.com
URL: https://server.thehennaplug.com/qeufyfoi.js?id=GTM-KPXHF7Z9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.48.245 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-48-245.yul62.r.cloudfront.net
Software: CloudFront /
Resource Hash: e5fdb3ea4cc4cf6b0f77fce3b54d03d78a697bec33bb1a023b964e8be16aea5f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:35:04 GMT
content-encoding: gzip
via: 1.1 d02136c452505f46a849d23f2fe25350.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: YUL62-C2
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 17883
x-amz-cf-id: aDmtrZ3GxC44YqpM6APO-kkWP418bRdIyOEXklRZDr54tet1WNC_-g==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 213 KB
57 KB 99ms
33ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: server.thehennaplug.com
URL: https://server.thehennaplug.com/qeufyfoi.js?id=GTM-KPXHF7Z9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7d32db5e7f8166ca472c3703592e17b044a0bfd5b49150c5c888a20164105b08

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 21 Jan 2024 17:35:03 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57023
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: c0pl1CnfYEHw+bXy2oI9t9ghHLOw23NZp1AZV6pux7aG3X96WVr8sEGakBNoPYC/Zi6++gEfk7ntIHpujBI22Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 103ms
34ms Script
application/javascript 2a04:4e42:77::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: server.thehennaplug.com
URL: https://server.thehennaplug.com/qeufyfoi.js?id=GTM-KPXHF7Z9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:77::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c6bba8ad5ad5ec6a4fef018600b107f518172053fdf5cb10200cac55ee23f2d1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:35:03 GMT
content-encoding: br
x-cdn: fastly
etag: "261eea34e740f104987183dec4bb78b6"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
alt-svc: h3=":443";ma=600
content-length: 1836

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame FCF8 7 KB
1 KB 48ms
47ms Document
text/html 2607:f8b0:4004:c1d::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&k=6LfyULUmAAAAAJld89qgZEGDDIGnjfWqZGBkXh3t

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

be608e0ade57ed69c7d322f841fdb1c86bcac8eeaca7845b1008deebb136fe37

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6Sn-Ut2xugdyOR5gI9WOKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://return.thehennaplug.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-6Sn-Ut2xugdyOR5gI9WOKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 21 Jan 2024 17:35:03 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET frame.js
tools.luckyorange.com/core/ Frame FCF8 0
0

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.Kq_ufxf3pMM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.p... Frame FC76 17 KB
6 KB 38ms
38ms Script
text/javascript 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.Kq_ufxf3pMM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.p2oazcT0Zhs.L.B1.O/am=gEFg/d=1/exm=_b,_tp/excm=_b,_tp,generategooglepaybuttonimage/ed=1/wt=2/ujg=1/rs=AMitfrh9LDFlEXjWgA6LZ8yyVEHKDcSpLg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.Kq_ufxf3pMM.es5.O/am=gEFg/d=1/excm=_b,_tp,generategooglepaybuttonimage/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjZRMoz2kzcgL9l43VsF_rjbjxrdw/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51e9ae6e93ec166d6ec7ba0e47484acd31f6584d20614a11d64669ea23bb167e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 20:47:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6471
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 06:44:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 20:47:14 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.Kq_ufxf3pMM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.p... Frame FC76 36 KB
14 KB 38ms
37ms Script
text/javascript 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en_US.Kq_ufxf3pMM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.p2oazcT0Zhs.L.B1.O/am=gEFg/d=1/exm=FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8,ws9Tlc/excm=_b,_tp,generategooglepaybuttonimage/ed=1/wt=2/ujg=1/rs=AMitfrh9LDFlEXjWgA6LZ8yyVEHKDcSpLg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30c9d7e636d372197dedabf44259e88b9a4af7005075439006e97b570196a107

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 20:47:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14035
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 06:44:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 20:47:14 GMT

GET
BLOB 200
OK 9eb79517-1aa5-4970-a26b-e99bc62ef396
https://return.thehennaplug.com/ Frame 756D 0
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://return.thehennaplug.com/9eb79517-1aa5-4970-a26b-e99bc62ef396
Requested by: Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 0
Content-Type

GET
BLOB 200
OK 7b32203d-cc52-414c-bc9b-a488ac9e1113
https://return.thehennaplug.com/ Frame 756D 22 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://return.thehennaplug.com/7b32203d-cc52-414c-bc9b-a488ac9e1113
Requested by: Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bdbda48bdc0153b50ab58bd701463558a613e614a3a0a822ea113180ed0a417c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 22873
Content-Type

GET
H3 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.bOosQTfFq1k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.JhA... Frame F837 74 KB
27 KB 202ms
201ms Script
text/javascript 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.bOosQTfFq1k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.JhAI_Bj2nZs.L.B1.O/am=gEEw/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriAzIvxkOa-lIcmMtpKwzYxorRsmw/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.bOosQTfFq1k.es5.O/am=gEEw/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhWHr0ojl6J-aeZIZzrojbgADJqqA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1502260992896f2c26dfa014126822b5107acd35edb5096d980cc9c496d212ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 20:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161332
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27608
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 06:44:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 20:46:12 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame FCF8 55 KB
24 KB 193ms
192ms Stylesheet
text/css 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&k=6LfyULUmAAAAAJld89qgZEGDDIGnjfWqZGBkXh3t

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Jan 2025 15:56:26 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame FCF8 503 KB
201 KB 195ms
195ms Script
text/javascript 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&k=6LfyULUmAAAAAJld89qgZEGDDIGnjfWqZGBkXh3t

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52c308157b0f273a5f4f67bb4f28ccf47c24a68fbc7d0226d49bf4eebacfdf97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206076
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Jan 2025 15:56:26 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.bOosQTfFq1k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.JhA... Frame F837 9 KB
4 KB 47ms
43ms Script
text/javascript 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.bOosQTfFq1k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.JhAI_Bj2nZs.L.B1.O/am=gEEw/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriAzIvxkOa-lIcmMtpKwzYxorRsmw/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37e67f50187a5be630a7b75fc08b62fa4fb5675143c60d6ad41570d8f6c8e2d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 20:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160969
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3747
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 06:44:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 20:52:15 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.bOosQTfFq1k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.JhA... Frame F837 37 KB
14 KB 44ms
40ms Script
text/javascript 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.bOosQTfFq1k.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.JhAI_Bj2nZs.L.B1.O/am=gEEw/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8,ws9Tlc/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriAzIvxkOa-lIcmMtpKwzYxorRsmw/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88b3eefb0eaeaaba7b8d17ba6bd12c3e9dcf4e624b5bba7f8f321d722cc44635

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 20:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160969
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14276
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 06:44:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 20:52:15 GMT

GET
H2 200 main.43c0095c.js Show response
s.pinimg.com/ct/lib/ 66 KB
19 KB 39ms
37ms Script
application/javascript 2a04:4e42:77::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.43c0095c.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:77::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2eed3688f56478253ff9082b0c34cc0e7fc12371988309e5c80edf3789bde5ae

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:35:04 GMT
content-encoding: br
x-cdn: fastly
etag: "1f52f76b492e69ca67bc930049f713de"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
alt-svc: h3=":443";ma=600
content-length: 19076

GET
H2 200 2425150421056283 Show response
connect.facebook.net/signals/config/ 134 KB
35 KB 196ms
195ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2425150421056283?v=2.9.141&r=stable&domain=return.thehennaplug.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cb2bde2214ca457677daa47ef292d15949d6c2647231eb6579ca64debe13615c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 21 Jan 2024 17:35:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: GrthDhZ6OLWJzjWKoQEjghyCGI1l/oYgP3phbuCI4+hvBPAsVeFMyBE2fkKZxrEAQHOdmKu50L+Z2oikF6CN4w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame F837 1 MB
378 KB 64ms
62ms XHR
text/html 2607:f8b0:4004:c06::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::5c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fe87be8c7846e3291a6d9530177c11497af3b99c1d90378f77ecdce5d10d0b42

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-4jvtYWsI1LU2178xEMHKuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:35:04 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-4jvtYWsI1LU2178xEMHKuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayUi/web-reports?context=eJzjqtHikmLw1pBiWFYqxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3b8XTO--vGTi-PqSSQKI1YB4h48Hi5jPdNY34dNZ2SKms8bVTWfNAWK-ddNZNddPZ22JnsE6CYid0mewBgCxEA_HidVb17IJHFi8fhYjAOK8NyA"
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sun, 21 Jan 2024 17:35:04 GMT

GET
H/1.1 200
OK polyfill.js Show response
secure.easypaydirectgateway.com/shared/js/ Frame 3FE5 8 KB
3 KB 45ms
45ms Script
text/javascript 104.192.33.180
GATEWAY-PROCESSIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.easypaydirectgateway.com/shared/js/polyfill.js?assetVersion=1651679324
Requested by: Host: secure.easypaydirectgateway.com
URL: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=ccnumber&title=Card%20Number&placeholder=Card%20Number&enableCardBrandPreviews=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.192.33.180 , United States, ASN33512 (GATEWAY-PROCESSING-SERVICES, US),
Reverse DNS: 104-192-33-180.safewebservices.com
Software: /
Resource Hash: 025723642f24978533d5b916eacb8adbfbdce1a3ad16fd09e267e96ee7a68080

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=ccnumber&title=Card%20Number&placeholder=Card%20Number&enableCardBrandPreviews=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 17:35:04 GMT
Content-Encoding: gzip
Via: 1.1 dca1-bit12044
Last-Modified: Thu, 18 Jan 2024 19:03:59 GMT
ETag: "b65-60f3d06a285c0"
Vary: Accept-encoding,X-Unique-Id
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=29
Content-Length: 2917

GET
H/1.1 200
OK payment.js Show response
secure.easypaydirectgateway.com/contrib/js/ Frame 3FE5 23 KB
5 KB 52ms
52ms Script
text/javascript 104.192.33.180
GATEWAY-PROCESSIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.easypaydirectgateway.com/contrib/js/payment.js?assetVersion=1705430346
Requested by: Host: secure.easypaydirectgateway.com
URL: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=ccnumber&title=Card%20Number&placeholder=Card%20Number&enableCardBrandPreviews=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.192.33.180 , United States, ASN33512 (GATEWAY-PROCESSING-SERVICES, US),
Reverse DNS: 104-192-33-180.safewebservices.com
Software: /
Resource Hash: 164ba0d169f42bba7e889a2c94f77fe959db2f19772b81287334a9d9d5b11051

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=ccnumber&title=Card%20Number&placeholder=Card%20Number&enableCardBrandPreviews=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 17:35:04 GMT
Content-Encoding: gzip
Via: 1.1 dca1-bit12044
Last-Modified: Thu, 18 Jan 2024 19:03:57 GMT
ETag: "144d-60f3d06840140"
Vary: Accept-encoding,X-Unique-Id
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=29
Content-Length: 5197

GET
H/1.1 200
OK ajax.js Show response
secure.easypaydirectgateway.com/shared/js/ Frame 3FE5 8 KB
3 KB 50ms
49ms Script
text/javascript 104.192.33.180
GATEWAY-PROCESSIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.easypaydirectgateway.com/shared/js/ajax.js?assetVersion=1651679324
Requested by: Host: secure.easypaydirectgateway.com
URL: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=ccnumber&title=Card%20Number&placeholder=Card%20Number&enableCardBrandPreviews=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.192.33.180 , United States, ASN33512 (GATEWAY-PROCESSING-SERVICES, US),
Reverse DNS: 104-192-33-180.safewebservices.com
Software: /
Resource Hash: bb07ba95121f777cca24c38a9c0261c419dfb81fc6f2074dabb99c580c94c759

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=ccnumber&title=Card%20Number&placeholder=Card%20Number&enableCardBrandPreviews=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 17:35:04 GMT
Content-Encoding: gzip
Via: 1.1 dca1-bit12044
Last-Modified: Thu, 18 Jan 2024 19:03:59 GMT
ETag: "94d-60f3d06a285c0"
Vary: Accept-encoding,X-Unique-Id
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=29
Content-Length: 2381

GET
H/1.1 200
OK InlineElementPage.js Show response
secure.easypaydirectgateway.com/token/ Frame 3FE5 36 KB
8 KB 46ms
46ms Script
text/javascript 104.192.33.180
GATEWAY-PROCESSIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.easypaydirectgateway.com/token/InlineElementPage.js?assetVersion=1701372363
Requested by: Host: secure.easypaydirectgateway.com
URL: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=ccnumber&title=Card%20Number&placeholder=Card%20Number&enableCardBrandPreviews=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.192.33.180 , United States, ASN33512 (GATEWAY-PROCESSING-SERVICES, US),
Reverse DNS: 104-192-33-180.safewebservices.com
Software: /
Resource Hash: 586feec3a3f3372a83b48681f11226772f168e0343f3e580f364978044175cea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=ccnumber&title=Card%20Number&placeholder=Card%20Number&enableCardBrandPreviews=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 17:35:04 GMT
Content-Encoding: gzip
Via: 1.1 dca1-bit12044
Last-Modified: Thu, 18 Jan 2024 19:03:59 GMT
ETag: "1cb2-60f3d06a285c0"
Vary: Accept-encoding,X-Unique-Id
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=30
Content-Length: 7346

GET
H/1.1 200
OK polyfill.js Show response
secure.easypaydirectgateway.com/shared/js/ Frame 09E7 8 KB
3 KB 66ms
66ms Script
text/javascript 104.192.33.180
GATEWAY-PROCESSIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.easypaydirectgateway.com/shared/js/polyfill.js?assetVersion=1651679324
Requested by: Host: secure.easypaydirectgateway.com
URL: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=cvv&title=CVV%20Code&placeholder=CVC&cvvDisplay=show
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.192.33.180 , United States, ASN33512 (GATEWAY-PROCESSING-SERVICES, US),
Reverse DNS: 104-192-33-180.safewebservices.com
Software: /
Resource Hash: 025723642f24978533d5b916eacb8adbfbdce1a3ad16fd09e267e96ee7a68080

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=cvv&title=CVV%20Code&placeholder=CVC&cvvDisplay=show
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 17:35:04 GMT
Content-Encoding: gzip
Via: 1.1 dca1-bit12044
Last-Modified: Thu, 18 Jan 2024 19:03:59 GMT
ETag: "b65-60f3d06a285c0"
Vary: Accept-encoding,X-Unique-Id
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=30
Content-Length: 2917

GET
H/1.1 200
OK payment.js Show response
secure.easypaydirectgateway.com/contrib/js/ Frame 09E7 23 KB
5 KB 67ms
67ms Script
text/javascript 104.192.33.180
GATEWAY-PROCESSIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.easypaydirectgateway.com/contrib/js/payment.js?assetVersion=1705430346
Requested by: Host: secure.easypaydirectgateway.com
URL: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=cvv&title=CVV%20Code&placeholder=CVC&cvvDisplay=show
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.192.33.180 , United States, ASN33512 (GATEWAY-PROCESSING-SERVICES, US),
Reverse DNS: 104-192-33-180.safewebservices.com
Software: /
Resource Hash: 164ba0d169f42bba7e889a2c94f77fe959db2f19772b81287334a9d9d5b11051

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=cvv&title=CVV%20Code&placeholder=CVC&cvvDisplay=show
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 17:35:04 GMT
Content-Encoding: gzip
Via: 1.1 dca1-bit12044
Last-Modified: Thu, 18 Jan 2024 19:03:57 GMT
ETag: "144d-60f3d06840140"
Vary: Accept-encoding,X-Unique-Id
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=30
Content-Length: 5197

GET
H/1.1 200
OK ajax.js Show response
secure.easypaydirectgateway.com/shared/js/ Frame 09E7 8 KB
3 KB 84ms
45ms Script
text/javascript 104.192.33.180
GATEWAY-PROCESSIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.easypaydirectgateway.com/shared/js/ajax.js?assetVersion=1651679324
Requested by: Host: secure.easypaydirectgateway.com
URL: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=cvv&title=CVV%20Code&placeholder=CVC&cvvDisplay=show
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.192.33.180 , United States, ASN33512 (GATEWAY-PROCESSING-SERVICES, US),
Reverse DNS: 104-192-33-180.safewebservices.com
Software: /
Resource Hash: bb07ba95121f777cca24c38a9c0261c419dfb81fc6f2074dabb99c580c94c759

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=cvv&title=CVV%20Code&placeholder=CVC&cvvDisplay=show
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 17:35:04 GMT
Content-Encoding: gzip
Via: 1.1 dca1-bit12044
Last-Modified: Thu, 18 Jan 2024 19:03:59 GMT
ETag: "94d-60f3d06a285c0"
Vary: Accept-encoding,X-Unique-Id
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=28
Content-Length: 2381

GET
H/1.1 200
OK InlineElementPage.js Show response
secure.easypaydirectgateway.com/token/ Frame 09E7 36 KB
8 KB 81ms
41ms Script
text/javascript 104.192.33.180
GATEWAY-PROCESSIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.easypaydirectgateway.com/token/InlineElementPage.js?assetVersion=1701372363
Requested by: Host: secure.easypaydirectgateway.com
URL: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=cvv&title=CVV%20Code&placeholder=CVC&cvvDisplay=show
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.192.33.180 , United States, ASN33512 (GATEWAY-PROCESSING-SERVICES, US),
Reverse DNS: 104-192-33-180.safewebservices.com
Software: /
Resource Hash: 586feec3a3f3372a83b48681f11226772f168e0343f3e580f364978044175cea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=cvv&title=CVV%20Code&placeholder=CVC&cvvDisplay=show
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 17:35:04 GMT
Content-Encoding: gzip
Via: 1.1 dca1-bit12044
Last-Modified: Thu, 18 Jan 2024 19:03:59 GMT
ETag: "1cb2-60f3d06a285c0"
Vary: Accept-encoding,X-Unique-Id
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=29
Content-Length: 7346

GET
H/1.1 200
OK polyfill.js Show response
secure.easypaydirectgateway.com/shared/js/ Frame 20C2 8 KB
3 KB 84ms
48ms Script
text/javascript 104.192.33.180
GATEWAY-PROCESSIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.easypaydirectgateway.com/shared/js/polyfill.js?assetVersion=1651679324
Requested by: Host: secure.easypaydirectgateway.com
URL: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=ccexp&title=Card%20Expiration&placeholder=MM%20%2F%20YY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.192.33.180 , United States, ASN33512 (GATEWAY-PROCESSING-SERVICES, US),
Reverse DNS: 104-192-33-180.safewebservices.com
Software: /
Resource Hash: 025723642f24978533d5b916eacb8adbfbdce1a3ad16fd09e267e96ee7a68080

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=ccexp&title=Card%20Expiration&placeholder=MM%20%2F%20YY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 17:35:04 GMT
Content-Encoding: gzip
Via: 1.1 dca1-bit12044
Last-Modified: Thu, 18 Jan 2024 19:03:59 GMT
ETag: "b65-60f3d06a285c0"
Vary: Accept-encoding,X-Unique-Id
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=28
Content-Length: 2917

GET
H/1.1 200
OK payment.js Show response
secure.easypaydirectgateway.com/contrib/js/ Frame 20C2 23 KB
5 KB 84ms
45ms Script
text/javascript 104.192.33.180
GATEWAY-PROCESSIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.easypaydirectgateway.com/contrib/js/payment.js?assetVersion=1705430346
Requested by: Host: secure.easypaydirectgateway.com
URL: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=ccexp&title=Card%20Expiration&placeholder=MM%20%2F%20YY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.192.33.180 , United States, ASN33512 (GATEWAY-PROCESSING-SERVICES, US),
Reverse DNS: 104-192-33-180.safewebservices.com
Software: /
Resource Hash: 164ba0d169f42bba7e889a2c94f77fe959db2f19772b81287334a9d9d5b11051

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=ccexp&title=Card%20Expiration&placeholder=MM%20%2F%20YY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 17:35:04 GMT
Content-Encoding: gzip
Via: 1.1 dca1-bit12044
Last-Modified: Thu, 18 Jan 2024 19:03:57 GMT
ETag: "144d-60f3d06840140"
Vary: Accept-encoding,X-Unique-Id
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=28
Content-Length: 5197

GET
H/1.1 200
OK ajax.js Show response
secure.easypaydirectgateway.com/shared/js/ Frame 20C2 8 KB
3 KB 115ms
48ms Script
text/javascript 104.192.33.180
GATEWAY-PROCESSIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.easypaydirectgateway.com/shared/js/ajax.js?assetVersion=1651679324
Requested by: Host: secure.easypaydirectgateway.com
URL: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=ccexp&title=Card%20Expiration&placeholder=MM%20%2F%20YY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.192.33.180 , United States, ASN33512 (GATEWAY-PROCESSING-SERVICES, US),
Reverse DNS: 104-192-33-180.safewebservices.com
Software: /
Resource Hash: bb07ba95121f777cca24c38a9c0261c419dfb81fc6f2074dabb99c580c94c759

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=ccexp&title=Card%20Expiration&placeholder=MM%20%2F%20YY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 17:35:04 GMT
Content-Encoding: gzip
Via: 1.1 dca1-bit12044
Last-Modified: Thu, 18 Jan 2024 19:03:59 GMT
ETag: "94d-60f3d06a285c0"
Vary: Accept-encoding,X-Unique-Id
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=29
Content-Length: 2381

GET
H/1.1 200
OK InlineElementPage.js Show response
secure.easypaydirectgateway.com/token/ Frame 20C2 36 KB
8 KB 114ms
48ms Script
text/javascript 104.192.33.180
GATEWAY-PROCESSIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.easypaydirectgateway.com/token/InlineElementPage.js?assetVersion=1701372363
Requested by: Host: secure.easypaydirectgateway.com
URL: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=ccexp&title=Card%20Expiration&placeholder=MM%20%2F%20YY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.192.33.180 , United States, ASN33512 (GATEWAY-PROCESSING-SERVICES, US),
Reverse DNS: 104-192-33-180.safewebservices.com
Software: /
Resource Hash: 586feec3a3f3372a83b48681f11226772f168e0343f3e580f364978044175cea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=ccexp&title=Card%20Expiration&placeholder=MM%20%2F%20YY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 21 Jan 2024 17:35:04 GMT
Content-Encoding: gzip
Via: 1.1 dca1-bit12044
Last-Modified: Thu, 18 Jan 2024 19:03:59 GMT
ETag: "1cb2-60f3d06a285c0"
Vary: Accept-encoding,X-Unique-Id
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=29
Content-Length: 7346

GET
H2 200 77d75460-9838-4ca1-b78d-dbc657a1bb4b.js Show response
tr.snapchat.com/config/com/ 185 B
474 B 169ms
103ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/77d75460-9838-4ca1-b78d-dbc657a1bb4b.js?v=3.8.0-2401042024

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

9dc66ccf5effd62b0b1d867ce075adafd3880dd37e036c29f054f28d04cd90f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://return.thehennaplug.com/
Origin: https://return.thehennaplug.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:35:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://return.thehennaplug.com
x-envoy-upstream-service-time: 35
access-control-allow-credentials: true
alt-svc: clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 185

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 8E55 672 B
891 B 149ms
87ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=77d75460-9838-4ca1-b78d-dbc657a1bb4b&u_scsid=6071a202-e5ea-40b4-bf70-7557b6f23221&u_sclid=2aff65a7-3dd9-42db-a261-0ce98913f705

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://return.thehennaplug.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: clear h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 672
content-type: text/html
date: Sun, 21 Jan 2024 17:35:04 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 10

GET
H2 200 p
tr.snapchat.com/ 68 B
455 B 122ms
66ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=77d75460-9838-4ca1-b78d-dbc657a1bb4b&ev=PAGE_VIEW&intg=gtm&pids=77d75460-9838-4ca1-b78d-dbc657a1bb4b&cdid=1705859447710_17058590723001&u_c1=37392a04-9f7c-48f5-8372-495193acc969&u_sclid=2aff65a7-3dd9-42db-a261-0ce98913f705&u_scsid=6071a202-e5ea-40b4-bf70-7557b6f23221&bt=1d53c387&d_bvs=%5B%5D&df=true&huah=true&m_dcl=892&m_fcps=889&m_pi=892&m_pl=0&m_pv=2&m_rd=2848&m_sh=1200&m_sl=0&m_sw=1600&pl=https%3A%2F%2Freturn.thehennaplug.com%2F&trackId=ec16335f-3831-408d-b521-577ccac85339&ts=1705858504351&v=3.8.0-2401042024

Requested by

Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:35:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H2 200 frame.js Show response
tools.luckyorange.com/core/ Frame 8E55 59 KB
19 KB 37ms
37ms Script
text/javascript 2600:9000:215f:8800:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/frame.js?v=0717bd0
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/core.js?v=0717bd0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:8800:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a614a9ab1cb7c3dc05826c53153c5cc0122cb32d19a86823440336bdc603d6ad

Request headers

Referer
Origin: https://return.thehennaplug.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:35:04 GMT
content-encoding: gzip
via: 1.1 ab1abc326c36ea4cd78ce117e4c20e88.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C2
age: 1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 18962
last-modified: Fri, 05 Jan 2024 15:57:09 GMT
server: AmazonS3
etag: "6542c364c781d2c0c60917aef3199ebf"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: CNbHus28dKon_u3HSRa2FeEAygqo7HT8RjIMYCDGH7GsKvw4zS43dA==

GET
H2 200 / Show response
ct.pinterest.com/user/ 298 B
291 B 120ms
75ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2612589384456&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1705858504379&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.43c0095c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8e33955f54ef8025b647a6e685fa689a9256fc5c987f7dc98590310ac3c358e5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:35:04 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 30
alt-svc: h3=":443";ma=600
x-pinterest-rid: 3159809809423980
content-length: 173
pin-unauth: dWlkPVltTTFNR0l3TVdRdFlqUTVOeTAwWm1FeUxXRmhaR1l0WVRjMFpHVm1PVEE1WXpWaQ
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://return.thehennaplug.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 2f42f8325e46d2545c0fa2a5c3e8a330e15ff2a1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 298 B
409 B 90ms
46ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22event_id%22%3A%221705859447710_17058590723001%22%2C%22np%22%3A%22gtm%22%7D&tid=2612589384456&cb=1705858504381&dep=5%2CEVENT_TAGS_ABSENT
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.43c0095c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8e33955f54ef8025b647a6e685fa689a9256fc5c987f7dc98590310ac3c358e5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:35:04 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1313249260711192
content-length: 173
pin-unauth: dWlkPU9UQmxaVEkxTkdFdE5EUXpZeTAwTkdVMkxUazJaVE10TUdFeE5ERXlOMk14TWpnMg
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://return.thehennaplug.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 2f42f8325e46d2545c0fa2a5c3e8a330e15ff2a1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
398 B 78ms
46ms Image
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2612589384456&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Freturn.thehennaplug.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2243c0095c%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1705858504392
Requested by: Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 17:35:04 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 2f42f8325e46d2545c0fa2a5c3e8a330e15ff2a1
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
alt-svc: h3=":443";ma=600
x-pinterest-rid: 2057956202462752
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame FCF8 22 KB
16 KB 77ms
76ms XHR
application/json 2607:f8b0:4004:c1d::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LfyULUmAAAAAJld89qgZEGDDIGnjfWqZGBkXh3t

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c460c4e05e00f2f75c36208265ac1af9fa2c406000c4d70b57d1f291a4460d54

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&k=6LfyULUmAAAAAJld89qgZEGDDIGnjfWqZGBkXh3t
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Sun, 21 Jan 2024 17:35:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 21 Jan 2024 17:35:04 GMT

GET
H2 200 ngtqeufyfoi Show response
server.thehennaplug.com/ 1 KB
2 KB 313ms
313ms XHR
text/plain 34.126.138.154
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://server.thehennaplug.com/ngtqeufyfoi?v=2&tid=G-714YK42R0D&gtm=45je41h0v9124647413z89138018027&_p=1705858502255&gcd=11l1l1l1l1&dma=0&cid=1753202622.1705858504&ul=en-us&sr=1600x1200&_fplc=0&ir=1&ur=US&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&sst.uc=US&sst.gse=1&sst.gcd=11l1l1l1l1&sst.tft=1705858502255&_s=1&sid=1705858504&sct=1&seg=0&dl=https%3A%2F%2Freturn.thehennaplug.com%2F&dt=Henna%20Cone%20Bottle%20-%20(Was%2039.99)Return%20Now%2031%24%20-%20(10.49%24%20OFF%20%2B%20Free%20Shipping)%20Renew%20Discount*%20%7C%20The%20Henna%20Plug&en=page_view&_fv=1&_nsi=1&_ss=1&ep.event_id=1705859447710_17058590723001&tfd=2983&richsstsse

Requested by

Host: server.thehennaplug.com
URL: https://server.thehennaplug.com/gtqeufyfoi.js?id=G-714YK42R0D&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.126.138.154 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

154.138.126.34.bc.googleusercontent.com

Software

Resource Hash

90059cfff4c486bd0f11b915f48f4ff344bccfd540a7a8c7901e871b8b70e0fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:35:04 GMT
x-content-type-options: nosniff
content-type: text/plain
access-control-allow-origin: https://return.thehennaplug.com
cache-control: no-cache
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-accel-buffering: no

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
329 B 44ms
44ms Image
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22event_id%22%3A%221705859447710_17058590723001%22%2C%22np%22%3A%22gtm%22%7D&tid=2612589384456&cb=1705858504508&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Freturn.thehennaplug.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2243c0095c%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D
Requested by: Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 17:35:04 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 2f42f8325e46d2545c0fa2a5c3e8a330e15ff2a1
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
alt-svc: h3=":443";ma=600
x-pinterest-rid: 3146654174188089
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame 8E55 41 KB
18 KB 39ms
39ms Script
application/javascript 54.230.48.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=77d75460-9838-4ca1-b78d-dbc657a1bb4b&u_scsid=6071a202-e5ea-40b4-bf70-7557b6f23221&u_sclid=2aff65a7-3dd9-42db-a261-0ce98913f705
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.48.245 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-48-245.yul62.r.cloudfront.net
Software: CloudFront /
Resource Hash: e5fdb3ea4cc4cf6b0f77fce3b54d03d78a697bec33bb1a023b964e8be16aea5f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tr.snapchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 20:48:42 GMT
content-encoding: gzip
via: 1.1 d02136c452505f46a849d23f2fe25350.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: YUL62-C2
age: 74782
etag: dc4e3509882e40c68a170453af779220
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=86400, max-age=600
access-control-allow-headers: Content-Type
content-length: 17883
x-amz-cf-id: WP1hJkan-EeDqANoZTyrQDaQtkHU9ZWREK89PUE5RbZhqdcDkKcpow==

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame FCF8 600 B
625 B 36ms
35ms Image
image/png 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 15:59:31 GMT
x-content-type-options: nosniff
age: 178533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 26 Jan 2024 15:59:31 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame FCF8 530 B
554 B 34ms
33ms Image
image/png 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 15:57:01 GMT
x-content-type-options: nosniff
age: 178683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 26 Jan 2024 15:57:01 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame FCF8 665 B
691 B 37ms
35ms Image
image/png 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 15:59:31 GMT
x-content-type-options: nosniff
age: 178533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 26 Jan 2024 15:59:31 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FCF8 15 KB
15 KB 38ms
36ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 07:05:37 GMT
x-content-type-options: nosniff
age: 124167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jan 2025 07:05:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FCF8 15 KB
15 KB 33ms
32ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 07:19:56 GMT
x-content-type-options: nosniff
age: 123308
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jan 2025 07:19:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FCF8 15 KB
15 KB 40ms
39ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 07:02:11 GMT
x-content-type-options: nosniff
age: 37973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Jan 2025 07:02:11 GMT

GET
H3 200 -710oj34v55h_Gg58QwrAW9kZvh6rWuRmGCjJSYFrTc.js Show response
www.google.com/js/bg/ Frame FCF8 17 KB
7 KB 34ms
33ms Script
text/javascript 2607:f8b0:4004:c1d::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/-710oj34v55h_Gg58QwrAW9kZvh6rWuRmGCjJSYFrTc.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbbd74a23df8bf9e61fc6839f10c2b016f6466f87aad6b919860a3252605ad37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&k=6LfyULUmAAAAAJld89qgZEGDDIGnjfWqZGBkXh3t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 15:20:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8087
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6910
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 20 Jan 2025 15:20:17 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame FCF8 33 KB
33 KB 49ms
48ms Image
image/jpeg 2607:f8b0:4004:c1d::63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AFcWeA70I4HevoriRp2PU-8kuId3QqbA_7hdJclIwO6iS2AEHj1ERBRnRbdv7__zjqZCrIkTMK15wgvG3-kV1VDJNtbVFw6fVIYRvC15lFCjOb2hLK9oqNDpkGhbpbmqcSq83_dCFkk-mqctXBp_kCzUOmkvucNJiuDaJ7bQUn3yx2BqfFfmFhjYRu9ExOYO8WBTmzDaUaS-IuJlR8XM62oS-tLCn6toQw&k=6LfyULUmAAAAAJld89qgZEGDDIGnjfWqZGBkXh3t

Requested by

Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

13794a00c5ebfcce1e75043a536aaa985f17727787166b8a598c6c47056051db

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&k=6LfyULUmAAAAAJld89qgZEGDDIGnjfWqZGBkXh3t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:35:04 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 21 Jan 2024 17:35:04 GMT

POST
H2 200 p
tr6.snapchat.com/ 0
48 B 69ms
61ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://return.thehennaplug.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 21 Jan 2024 17:35:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
via: 1.1 google, 1.1 google
server: API Gateway
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

p Show response
tr.snapchat.com/cm/ Frame 7EA7
Redirect Chain

https://tr.snapchat.com/cm/s?bt=1d53c387&pnid=140&cb=1705858504602&u_scsid=0ce245de-dc9d-48f9-8d20-42e00611e269&u_sclid=5eebeb47-c0cf-478d-ab0c-b678526a160d
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1705040131734%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1705040131734%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://tr.snapchat.com/cm/p?rand=1705040131734&pnid=140&pcid=5c78802c-fb1b-456f-a3a5-1777c294081e

0
202 B

79ms
76ms

Document
text/html

35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/p?rand=1705040131734&pnid=140&pcid=5c78802c-fb1b-456f-a3a5-1777c294081e

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://tr.snapchat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-transform
content-length: 0
content-type: text/html
date: Sun, 21 Jan 2024 17:35:05 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 11

Redirect headers

accept-ch: Sec-CH-UA Sec-CH-UA-Arch Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-Mobile Sec-CH-UA-Model Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-WoW64
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 21 Jan 2024 17:35:04 GMT
location: https://tr.snapchat.com/cm/p?rand=1705040131734&pnid=140&pcid=5c78802c-fb1b-456f-a3a5-1777c294081e
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
server: Jetty(11.0.13)
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 113ms
36ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2425150421056283&ev=PageView&dl=https%3A%2F%2Freturn.thehennaplug.com%2F&rl=&if=false&ts=1705858504721&sw=1600&sh=1200&v=2.9.141&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1705858504523.899048861&ler=empty&it=1705858504268&coo=false&eid=1705859447710_17058590723001&tm=1&cdl=&rqm=GET

Requested by

Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 21 Jan 2024 17:35:04 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 p
tr.snapchat.com/ 0
95 B 79ms
78ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://return.thehennaplug.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 21 Jan 2024 17:35:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
server: API Gateway
access-control-allow-origin: https://return.thehennaplug.com
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 collect
analytics.google.com/g/s/ 0
250 B 451ms
40ms Ping
text/plain 2607:f8b0:4004:c08::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/s/collect?dma=0&gtm=45j91e41h0v9124647413z89138018027z99137995397&_gsid=714YK42R0DuY95-ZysOKqOVTYG3-gG_w
Requested by: Host: server.thehennaplug.com
URL: https://server.thehennaplug.com/gtqeufyfoi.js?id=G-714YK42R0D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::65 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 17:35:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://return.thehennaplug.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
250 B 450ms
39ms Ping
text/plain 2607:f8b0:4004:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&dma=0&tid=G-714YK42R0D&cid=lDrjLsVYf%2FMkoxtdcCAWSDgD1lpC9CdgoZi6KIOiOSc%3D.1705858504&gtm=45j91e41h0v9124647413z89138018027z99137995397&aip=1
Requested by: Host: server.thehennaplug.com
URL: https://server.thehennaplug.com/gtqeufyfoi.js?id=G-714YK42R0D&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Jan 2024 17:35:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://return.thehennaplug.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 _set_cookie
server.thehennaplug.com/ 48 B
48 B 404ms
404ms Image
image/gif 34.126.138.154
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://server.thehennaplug.com/_set_cookie?val=WB%2F4OnKuoOwsYQUWRdiAB9YsoJ0gBxwYe7H1rLil1zZIhG8dSV6NspAsFlcBb3d0%2BmTZL0t4vhPwkWmoeqgR%2Fb5lzOr0Is1f2Cc%2B0hqroSh1vRmn9GXZ%2BXF9AiVzypOGnmYjKg%2F8CH9T8JKPdkpfluVe9ZDp0jcgKTYrTvXTeYf5aSLCqsSxJwviYSOFm2q1X%2FXdglS7QOIvd%2F1vHZVheiOWEEhT9PA%3D
Requested by: Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.126.138.154 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 154.138.126.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:35:04 GMT
x-robots-tag: noindex, nofollow
content-type: image/gif

GET
H2 200 _set_cookie
server.thehennaplug.com/ 48 B
48 B 355ms
353ms Image
image/gif 34.126.138.154
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://server.thehennaplug.com/_set_cookie?val=TCWer%2B1%2F4UNYFZOO1X%2F0tebyJ9IUGMGwsQ4REMOaBj9cSK%2Bizl6CD%2FSsB8EzkN3AO0NqJxU%2BBeHLBRNhdDtWw%2FcZTWuOWyR2bskbth9dhTiKFzwNI%2FWK%2B%2FRUZ05%2FR3pMg4SAcDt%2BOI0Wnx55022XpLdiGZ2Bn8lYjwemNNG7wYatKo%2BI3a7A%2BO8Z%2BNBa
Requested by: Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.126.138.154 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 154.138.126.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:35:05 GMT
x-robots-tag: noindex, nofollow
content-type: image/gif

GET
H2 200 _set_cookie
server.thehennaplug.com/ 48 B
48 B 355ms
353ms Image
image/gif 34.126.138.154
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://server.thehennaplug.com/_set_cookie?val=IPOS4%2FLWEwGBYUiWOZbjSQ4Am30eqqO6CaeGXEbeIXRAsMM1JmzC8ws7%2BHSgRpw2Mu2rY%2BkKeNTCwOtXciheSjucLziIxWt8QktLMwjNztxZCfvGrmeqZJelr2g8xsYqNWslmcOMfDdNlQ0sqqIi3%2B2Y45fwaLGvNf%2BBl9bR0Y7MRS5904dbLTLQ2rvziJafeCZE%2BPVcd25niyBeJtM%3D
Requested by: Host: return.thehennaplug.com
URL: https://return.thehennaplug.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.126.138.154 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 154.138.126.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://return.thehennaplug.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:35:05 GMT
x-robots-tag: noindex, nofollow
content-type: image/gif

GET
H3 200 ct.html Show response
ct.pinterest.com/ Frame 887D 565 B
516 B 42ms
41ms Document
text/html 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.43c0095c.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://return.thehennaplug.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443";ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Sun, 21 Jan 2024 17:35:05 GMT
pinterest-version: 2f42f8325e46d2545c0fa2a5c3e8a330e15ff2a1
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 6535999490263004

GET
H2 200 frame.js
tools.luckyorange.com/core/ Frame 887D 59 KB
0 35ms
35ms Script
text/javascript 2600:9000:215f:8800:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/frame.js?v=0717bd0
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/core.js?v=0717bd0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:215f:8800:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer
Origin: https://return.thehennaplug.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 21 Jan 2024 17:35:04 GMT
content-encoding: gzip
via: 1.1 ab1abc326c36ea4cd78ce117e4c20e88.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C2
age: 2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 18962
last-modified: Fri, 05 Jan 2024 15:57:09 GMT
server: AmazonS3
etag: "6542c364c781d2c0c60917aef3199ebf"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: rVrDFv2jsbb8q4OV3-m054jHRo_jlMU1SKDlMZvgoNtJz2BAeR1BTQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: collectcheckout.com
URL: https://collectcheckout.com/token/google_pay_field.php?country=US&price=3100&currency=USD&billingAddressRequired=false&billingAddressParameters=%7B%22format%22%3A%22MIN%22%2C%22phoneNumberRequired%22%3Afalse%7D&shippingAddressRequired=false&shippingAddressParameters=%7B%22phoneNumberRequired%22%3Afalse%7D&buttonType=buy&buttonColor=default&buttonLocale=en&totalPriceStatus=FINAL&emailRequired=true&merchantId=948366&merchantName=The+Henna+Plug&cardBrands=%5B%22AMEX%22%2C%22MASTERCARD%22%2C%22VISA%22%2C%22DISCOVER%22%5D&environment=PRODUCTION&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=

Domain: secure.easypaydirectgateway.com
URL: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=cvv&title=CVV%20Code&placeholder=CVC&cvvDisplay=show

Domain: secure.easypaydirectgateway.com
URL: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=ccnumber&title=Card%20Number&placeholder=Card%20Number&enableCardBrandPreviews=false

Domain: secure.easypaydirectgateway.com
URL: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=ccexp&title=Card%20Expiration&placeholder=MM%20%2F%20YY

Domain: secure.easypaydirectgateway.com
URL: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=cvv&title=CVV%20Code&placeholder=CVC&cvvDisplay=show

Domain: secure.easypaydirectgateway.com
URL: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=ccnumber&title=Card%20Number&placeholder=Card%20Number&enableCardBrandPreviews=false

Domain: secure.easypaydirectgateway.com
URL: https://secure.easypaydirectgateway.com/token/inline.php?tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&elementId=ccexp&title=Card%20Expiration&placeholder=MM%20%2F%20YY

Domain: collectcheckout.com
URL: https://collectcheckout.com/token/google_pay_field.php?country=US&price=3100&currency=USD&billingAddressRequired=false&billingAddressParameters=%7B%22format%22%3A%22MIN%22%2C%22phoneNumberRequired%22%3Afalse%7D&shippingAddressRequired=false&shippingAddressParameters=%7B%22phoneNumberRequired%22%3Afalse%7D&buttonType=buy&buttonColor=default&buttonLocale=en&totalPriceStatus=FINAL&emailRequired=true&merchantId=948366&merchantName=The+Henna+Plug&cardBrands=%5B%22AMEX%22%2C%22MASTERCARD%22%2C%22VISA%22%2C%22DISCOVER%22%5D&environment=PRODUCTION&token=B3tHk78D-V4pcT6-en7y47-5f75J88938d6&tokenizationKey=7g4k89-S7kwNg-9KzSqn-q7Y6jh&cartCorrelationId=

Domain: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/frame.js?v=0717bd0

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 17:52:24	Name: X-AB Value: dc4e3509882e40c68a170453af779220
www.google.com/recaptcha	1970-01-20 22:10:10	Name: _GRECAPTCHA Value: 09APYnBZXlJAfwJj_2QUzhE1tnJFN4HfUxgOdLNFveBrBWxO_PhFNxi8r3QnfoAs_OZvA84ldOzppwK12Gi91gAY8
.return.thehennaplug.com/	1970-01-20 17:53:51	Name: product-839147-checkout Value: eyJpdiI6IlhOUUxMWmJBbVowY0dBNC9aMFJsOWc9PSIsInZhbHVlIjoiL2VoRkJWRk5XTXI5dTA3TzhodFEzT0E5OWZUY3dwcmlOcnNUS1p2SS94VT0iLCJtYWMiOiI5OWE2Nzc4Y2U3NDM4Njk2MTljOGYzYjcyZDQzM2FkMDAyMTEwYjNiNDZiNDZmYTRkZWZhZTI3ZmZkZDAwZjNjIiwidGFnIjoiIn0%3D
.thehennaplug.com/	1970-01-20 17:51:00	Name: _sp_ses.d6a4 Value: *
.thehennaplug.com/	1970-01-21 03:26:58	Name: _sp_id.d6a4 Value: cb6c1e1a-e2c1-47ee-b020-20d7de38b516.1705858503.1.1705858503..244d39ed-ac68-497f-919e-826b9e3eb236..376823bb-bac3-4c39-a765-edd822139e23.1705858502534.1
snowstorm.samcart.com/	1970-01-21 02:36:34	Name: sp Value: 8f4cdeb9-6072-466a-b438-2380cd7a83d2
.google.com/	1970-01-20 22:14:29	Name: NID Value: 511=gtksmyvvHbwMNkH5-prgi6Wi8Tv5pqaHFA5J9f7jud7AW3UktbfutQjBzxdTL6B5cFw9hFDscn2M-R0EjpHM7R5WzoCLMthOQ0OfM7RX8GNorh6HhGM5NNfQ-4qoi-K-mMTKjzY7aDY2CXussD2ydkd57-W0jIQDaslnC8oBb9k
.thehennaplug.com/	1970-01-21 03:26:58	Name: lo-uid Value: 2e4a6c57-1705858502914-bc8c4d9a1cf52414
.thehennaplug.com/	1970-01-21 03:26:58	Name: lo-visits Value: 1
.thehennaplug.com/	1970-01-21 02:36:34	Name: _scid Value: 37392a04-9f7c-48f5-8372-495193acc969
.thehennaplug.com/	1970-01-21 03:20:45	Name: _scid_r Value: 37392a04-9f7c-48f5-8372-495193acc969
.pinterest.com/	1970-01-21 02:36:34	Name: ar_debug Value: 1
.thehennaplug.com/	1970-01-21 03:26:58	Name: _ga_714YK42R0D Value: GS1.1.1705858504.1.0.1705858504.0.0.0
.thehennaplug.com/	1970-01-21 03:26:58	Name: _ga Value: GA1.1.1753202622.1705858504
.return.thehennaplug.com/	1970-01-21 02:36:34	Name: _pin_unauth Value: dWlkPVltTTFNR0l3TVdRdFlqUTVOeTAwWm1FeUxXRmhaR1l0WVRjMFpHVm1PVEE1WXpWaQ
.ct.pinterest.com/	1970-01-21 02:36:34	Name: _pinterest_ct_ua Value: "TWc9PSZHNGZ3aUFvNVdZQXc3ekY1SURua29wSy9BZUx2ZlY1YUdUeW1idXdOdXVlSWIvNEZ2SkdaeElBb2pabnZvblpOKy85cTBrV3kyZFNab2NDeHhRdnptYlNmYjNPYTR6MDVNQjdzYkdtMHdZcz0mY0lSaFhkNEtBdzNsN0EwdjRTNlhxUldHdkhvPQ=="
.thehennaplug.com/	1970-01-21 03:26:58	Name: FPID Value: FPID2.2.lDrjLsVYf%2FMkoxtdcCAWSDgD1lpC9CdgoZi6KIOiOSc%3D.1705858504
.thehennaplug.com/	1970-01-20 17:52:10	Name: FPLC Value: alD%2FiUiHA7QEU9eodqac%2FOo2zofu6Tfov2Nm9XYu2KwNst4rbR8o65MWKKu%2F4NN%2F2EPfh%2BVf%2BBVKeixi%2B%2BoiAu3gQDle6xgOhAPLN1M9MrcKIFzBGNdp4dBRPqUKhw%3D%3D
.thehennaplug.com/	1970-01-20 17:51:00	Name: FPGSID Value: 1.1705858504.1705858504.G-714YK42R0D.uY95-ZysOKqOVTYG3-gG_w
.tapad.com/	1970-01-20 19:17:22	Name: TapAd_TS Value: 1705858504778
.tapad.com/	1970-01-20 19:17:22	Name: TapAd_DID Value: 5c78802c-fb1b-456f-a3a5-1777c294081e
.tapad.com/	1970-01-20 19:17:22	Name: TapAd_3WAY_SYNCS Value:
.thehennaplug.com/	1970-01-20 20:00:34	Name: _gtmeec Value: e30%3D
.thehennaplug.com/	1970-01-20 20:00:34	Name: _fbp Value: fb.1.1705858504690.2030023384
.snapchat.com/	1970-01-21 03:12:34	Name: sc_at Value: v2\|H4sIAAAAAAAAAEXHwQnAMAwEwYoEJ/kustKNCagKFx//zH5mo+gOypRVxmbaWhXW+U2MR8HWduL1hOYJZy/xA1KNlhZAAAAA
.thehennaplug.com/	1970-01-21 03:20:45	Name: _sctr Value: 1%7C1705831200000

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayButtonUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
collectcheckout.com
connect.facebook.net
ct.pinterest.com
d2n844f18s487r.cloudfront.net
d3uywd90fuiiyf.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
pay.google.com
pixel.tapad.com
return.thehennaplug.com
s.pinimg.com
samcart-foundation-prod.s3.amazonaws.com
sc-static.net
secure.easypaydirectgateway.com
server.thehennaplug.com
settings.luckyorange.com
snowstorm.samcart.com
sockdrawer.snowstorm.samcart.com
stats.g.doubleclick.net
tools.luckyorange.com
tr.snapchat.com
tr6.snapchat.com
www.facebook.com
www.google.com
www.gstatic.com
collectcheckout.com
secure.easypaydirectgateway.com
tools.luckyorange.com
104.192.33.180
104.192.33.241
13.225.195.69
151.101.128.84
2600:9000:215f:6000:1d:16ba:9dc0:21
2600:9000:215f:8800:18:6c16:27c0:93a1
2600:9000:215f:ee00:17:fa3:a5c0:21
2607:f8b0:4004:c06::5c
2607:f8b0:4004:c06::9c
2607:f8b0:4004:c07::5f
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c08::65
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c1d::63
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
2a04:4e42:77::84
34.107.203.234
34.111.113.62
34.126.138.154
35.190.43.134
52.217.136.89
52.45.193.217
54.230.48.245
54.87.111.129
004d7aa90e2889f6291a71c84ac3d3e394e0cade32bd41dc214736418f769181
025723642f24978533d5b916eacb8adbfbdce1a3ad16fd09e267e96ee7a68080
02f5dfc0c21e92f3c724260f035833e627513a1b91230cc490a1ea756c95e5e5
034f70bbe1abf47451eac2e31cc493e4499bcdd7f4873b469c22afe2ff491f12
045dd796035584c8f4c818be703abc36ceb5048e8af42597c1bc5bbabc69e29d
055bbe9e9a32339245919a3493cccd562264c1ec0dfc3e8959db87e331a565c1
0712c9937ced3090efee4f37038e909eb2818dd7fdcbef19f0a4f684118dca8f
12d05bb8be09626e1d1c81168d3b6000d6299714206f11a71dafdae67f3abfb5
13794a00c5ebfcce1e75043a536aaa985f17727787166b8a598c6c47056051db
1502260992896f2c26dfa014126822b5107acd35edb5096d980cc9c496d212ab
164ba0d169f42bba7e889a2c94f77fe959db2f19772b81287334a9d9d5b11051
18c504c84ef00962ae0d1057c10598f8f1f7f4cd90b80e1353b26ecde10ed77b
1b1a7912a36621a32fa8e8667dd5c4612fc8830551e4cad165380cdd2b8b76df
20d7be5f23d610e54239bee71dc090239a14a51f6235d75f2608502cc3b59e04
2331885a8848409a522268a4f9598cd161a949f8d85a4cf5c3be02f1cfec889d
24a8985a32d15bd7629b69958243de9c096ca274dbb8c1c788848248cb453b35
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27a21815eba0a23ba25bd5b3ce8692cdb1edf3c9db32d7631f6b0be9eb8f9853
28bd191bba13945f81b09f2df5f54b9208309f4da0e7bb202c1e61c7adf039b9
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2eed3688f56478253ff9082b0c34cc0e7fc12371988309e5c80edf3789bde5ae
30c9d7e636d372197dedabf44259e88b9a4af7005075439006e97b570196a107
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
37e67f50187a5be630a7b75fc08b62fa4fb5675143c60d6ad41570d8f6c8e2d3
3b827fdd15a82541ad29ed75482acbdd8e3b1c7b2d74feea6cb1a6a58936b346
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
445865d36e511d1eb92aed23bde38b2467bbe9215bca366ab119e9704d932133
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
501c4156a3477737901c60b0307e45788909054d28752d8cbe635e1ea46989d1
51874a772c56756737a27e1554ef26c3d625aeaca8209813f45bd8dff19636e5
51e9ae6e93ec166d6ec7ba0e47484acd31f6584d20614a11d64669ea23bb167e
52c308157b0f273a5f4f67bb4f28ccf47c24a68fbc7d0226d49bf4eebacfdf97
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
586feec3a3f3372a83b48681f11226772f168e0343f3e580f364978044175cea
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5dd6e4e639dea5364abd4a1a4d012365c53118ebab7b4a4a2fddd0b9728dae95
64bd6fc403eeb06230705cfd4fcfc171f84eceabe74a221ae36b28b117aae2f8
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
65ff9ae6d7be23f1b0164644acc1c8af7d7daccc143c976fd133b5b19f0505ff
67798c920869a7ddf956242c119137151c042cbbc8aaf1859ae78999e4a7c2c3
6b8d640c3beaf98bd89bbc6eba69d6e1d200c9bd93f4f0caa6e2de8a0ae7fcfa
6fea44fa9ec94dd1cdf7aaa11e5749e9f436ca52d13abb80b0be4602b1116725
7207a1248aca15e64dd15b9414e651cfa278e80bd8ef78d5368cd19c2d129650
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7cbb3dfa321e6e38c3b835d7f0439209478b0b792ce1918da6c82642838c4b51
7d32db5e7f8166ca472c3703592e17b044a0bfd5b49150c5c888a20164105b08
7d9f39a391cdac16117054240a9d6f385ae34a1f4c21ac369fa1df3df708420a
88b3eefb0eaeaaba7b8d17ba6bd12c3e9dcf4e624b5bba7f8f321d722cc44635
89bb95574bb591c8ec6e822c04fb80c4f736c8660457490007b302bbda6af46b
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8e33955f54ef8025b647a6e685fa689a9256fc5c987f7dc98590310ac3c358e5
90059cfff4c486bd0f11b915f48f4ff344bccfd540a7a8c7901e871b8b70e0fa
962be05f67771929cf9871a83a9698b123519681174fa9d645cb007499247123
99f31ce63aebf7737984a673d420571b65cb0e3c589dd25eef208f25721ba641
9baec32e103eb2b30cc4aaff66d6c1c26591d6a7a93e523f043ae714def8d79b
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
9dc66ccf5effd62b0b1d867ce075adafd3880dd37e036c29f054f28d04cd90f1
9e7a6754478b97c36c6733dc696d2cb127fc5f06accab9ec631ab457f8844bd6
a4538e1c9ecf0e4b188771f205a38159c0a23a1477c451713721c6979798b0f1
a614a9ab1cb7c3dc05826c53153c5cc0122cb32d19a86823440336bdc603d6ad
a63769857e04d98ae2a69302dd34bcece26537ae4fd0dc6cb0d08d482ca7b358
a6e80aa1b3bc329d8979418014c5201c0a7eb9c0648a6f491c7e73fd9f942c20
ac4b3d6835c58c04e37cf835a49d5cdd0f1b0c6fb07e8de2884bf0f7f36a5b3d
ad471abcaeca48ceccf8d7365f3e0af813a0ce026855119f6bec4db68e455196
b13ac5db06aaef364bbea670ddcd08f23abd89018ced6134df333c0b35251afc
b58b06dead6769a211ce93387e55d0084ce815d9eb9698bec2eb90299517ce2c
b6411db4edf71d1bdf2d17e49fe72b82d2ac6aebcb8e4d9a865e3e8829d69b8b
b9a2014baf4e13170636934b88813315d7ccacaeff9a42f7e909c938b9743d04
bac63ad77e8f9e2c5234d5c9ebfedbf5a3472d7f66af46dc8cf54138f33b9139
bb07ba95121f777cca24c38a9c0261c419dfb81fc6f2074dabb99c580c94c759
bd73795a36105df3f2ae20f25b799ee4e9c4d73c3671d5110d551cd2236b9847
bdbda48bdc0153b50ab58bd701463558a613e614a3a0a822ea113180ed0a417c
be608e0ade57ed69c7d322f841fdb1c86bcac8eeaca7845b1008deebb136fe37
c0184582161e66008a9f391d141d8f03a275f84f9f68e08457c8c02a591d5542
c460c4e05e00f2f75c36208265ac1af9fa2c406000c4d70b57d1f291a4460d54
c6bba8ad5ad5ec6a4fef018600b107f518172053fdf5cb10200cac55ee23f2d1
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
cb2bde2214ca457677daa47ef292d15949d6c2647231eb6579ca64debe13615c
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
da059046f349243d0d8035a1f5c99d6acc76d76b74b5d35c8783ade30972d709
dbde5e9148a0556f19e92aa5b1e159e54d6d869b2a151db46c2bd6f030dc19eb
df6414e24135642fb8e226425b2402d4b2a0d21c84ec7c3956f6482eaaa763d9
dffead6a4371e5a178facab7cf528ebad143253fefe79b6b728b9003efe0adf1
e2652bc4f9cf00b59bc05ab7f23248696a438e329cd45f53974854630e9578be
e35efd256d9485e4cd861676d976a01f09935d635293542100530b92021f55ed
e39ceba91d501324f97d300d26c7ced3c3c007f2afe6c9509cef9b2b7bd81155
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5fdb3ea4cc4cf6b0f77fce3b54d03d78a697bec33bb1a023b964e8be16aea5f
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f979acaf2aba303e08b1e0cac61e9fdf78fb64ab92ea929020a1521bf962e581
fbbd74a23df8bf9e61fc6839f10c2b016f6466f87aad6b919860a3252605ad37
fc33a96981a3da2f978750677595ef13a66252ceb0dc897981bfe9d8f65787c3
fe87be8c7846e3291a6d9530177c11497af3b99c1d90378f77ecdce5d10d0b42

return.thehennaplug.com Open in urlscan Pro 54.87.111.129 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

137 Requests

92 %HTTPS

52 %IPv6

18 Domains

26 Subdomains

25 IPs

2 Countries

21820 kBTransfer

27434 kBSize

26 Cookies

0 Outgoing links

Redirected requests

137 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

return.thehennaplug.com Open in urlscan Pro
54.87.111.129 Public Scan

Screenshot
Live screenshot

Full Image

137
Requests

92 %
HTTPS

52 %
IPv6

18
Domains

26
Subdomains

25
IPs

2
Countries

21820 kB
Transfer

27434 kB
Size

26
Cookies

137 HTTP transactions
0 data transactions