urlscan.io logo urlscan.io
SecurityTrails logo

ridibooks.com Open in urlscan Pro
65.9.66.110  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://pay.ridibooks.com/
Effective URL: https://ridibooks.com/account/login?return_url=https%3A%2F%2Fpay.ridibooks.com%2F
Submission: On March 21 via manual from KR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 2 domains to perform 28 HTTP transactions. The main IP is 65.9.66.110, located in United States and belongs to AMAZON-02, US. The main domain is ridibooks.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on October 29th 2023. Valid for: a year.
This is the only time ridibooks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:223... 16509 (AMAZON-02)
10 2600:9000:223... 16509 (AMAZON-02)
3 65.9.66.110 16509 (AMAZON-02)
1 65.9.66.61 16509 (AMAZON-02)
28 4
Apex Domain
Subdomains		 Transfer
15 ridibooks.com
pay.ridibooks.com
pay-api.ridibooks.com
account.ridibooks.com — Cisco Umbrella Rank: 935776
ridibooks.com Failed
713 KB
0 ridicdn.net Failed
static.ridicdn.net Failed
28 2
Domain Requested by
11 pay.ridibooks.com 1 redirects pay.ridibooks.com
2 pay-api.ridibooks.com pay.ridibooks.com
1 ridibooks.com pay.ridibooks.com
1 account.ridibooks.com pay.ridibooks.com
0 static.ridicdn.net Failed ridibooks.com
28 5

This site contains no links.

Subject Issuer Validity Valid
ridibooks.com
Amazon RSA 2048 M02		 2023-10-29 -
2024-11-26		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ridibooks.com/account/login?return_url=https%3A%2F%2Fpay.ridibooks.com%2F
Frame ID: 921706A7CB83F149D060250C9936737C
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://pay.ridibooks.com/ HTTP 301
    https://pay.ridibooks.com/ Page URL
  2. https://ridibooks.com/account/login?return_url=https%3A%2F%2Fpay.ridibooks.com%2F Page URL

Page Statistics

28
Requests

50 %
HTTPS

50 %
IPv6

2
Domains

5
Subdomains

4
IPs

1
Countries

713 kB
Transfer

1968 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://pay.ridibooks.com/ HTTP 301
    https://pay.ridibooks.com/ Page URL
  2. https://ridibooks.com/account/login?return_url=https%3A%2F%2Fpay.ridibooks.com%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://pay.ridibooks.com/ HTTP 301
  • https://pay.ridibooks.com/
Request Chain 13
  • https://account.ridibooks.com/ridi/authorize/?client_id=ePgbKKRyPvdAFzTvFg2DvrS7GenfstHdkQ2uvFNd&response_type=code&redirect_uri=https:%2F%2Faccount.ridibooks.com%2Fridi%2Fcomplete%2F HTTP 302
  • https://ridibooks.com/account/login?return_url=https%3A%2F%2Faccount.ridibooks.com%2Fridi%2Fcomplete%2F

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
pay.ridibooks.com/
Redirect Chain
  • http://pay.ridibooks.com/
  • https://pay.ridibooks.com/
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.ridibooks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:e800:6:b6e7:c440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b6e8624ddc3f65480273f4a6da53b6db91cd1b2dcce3e27050a2492fc5a9223d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' account.ridibooks.com data.ridibooks.com cdnjs.cloudflare.com ajax.googleapis.com www.googletagmanager.com www.google-analytics.com connect.facebook.net; style-src 'self' 'unsafe-inline'; img-src 'self' www.google-analytics.com www.googletagmanager.com stats.g.doubleclick.net www.facebook.com; font-src 'self' data: themes.googleusercontent.com fonts.gstatic.com; connect-src pay-api.ridibooks.com account.ridibooks.com data.ridibooks.com ridibooks.com sentry.io www.google-analytics.com stats.g.doubleclick.net www.facebook.com; object-src 'none'; frame-src staticxx.facebook.com connect.facebook.net; block-all-mixed-content; report-uri https://sentry.io/api/1307887/security/?sentry_key=0bc859e1423a42dc8728690b03bcedf0&sentry_environment=production;
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-security-policy
default-src 'none'; script-src 'self' account.ridibooks.com data.ridibooks.com cdnjs.cloudflare.com ajax.googleapis.com www.googletagmanager.com www.google-analytics.com connect.facebook.net; style-src 'self' 'unsafe-inline'; img-src 'self' www.google-analytics.com www.googletagmanager.com stats.g.doubleclick.net www.facebook.com; font-src 'self' data: themes.googleusercontent.com fonts.gstatic.com; connect-src pay-api.ridibooks.com account.ridibooks.com data.ridibooks.com ridibooks.com sentry.io www.google-analytics.com stats.g.doubleclick.net www.facebook.com; object-src 'none'; frame-src staticxx.facebook.com connect.facebook.net; block-all-mixed-content; report-uri https://sentry.io/api/1307887/security/?sentry_key=0bc859e1423a42dc8728690b03bcedf0&sentry_environment=production;
content-type
text/html
date
Thu, 21 Mar 2024 03:49:35 GMT
etag
W/"3b40773d2a54c52144c2fc5077d8f591"
last-modified
Thu, 21 Sep 2023 10:08:49 GMT
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=63072000;
vary
Accept-Encoding
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
x-amz-cf-id
LU5LHhzEqKiriLaBYbhnfpl4KnZGfjiTXGzuSTosmESPiXMEGxwQ2Q==
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Thu, 21 Mar 2024 03:49:34 GMT
Location
https://pay.ridibooks.com/
Server
CloudFront
Via
1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
X-Amz-Cf-Id
I9iUbn9Vzq-kuv0v6kMxCNlVVgIv-BdyjEDFOxtly__q9eR_VyfYKA==
X-Amz-Cf-Pop
FRA56-P2
X-Cache
Redirect from cloudfront
styles.28a834ef.css
pay.ridibooks.com/ 		47 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pay.ridibooks.com/styles.28a834ef.css
Requested by
Host: pay.ridibooks.com
URL: https://pay.ridibooks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:e800:6:b6e7:c440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0a3a84549777b2c7396b61511096d02b8199ad3d7f79d0994aac5d3708c24b9
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' account.ridibooks.com data.ridibooks.com cdnjs.cloudflare.com ajax.googleapis.com www.googletagmanager.com www.google-analytics.com connect.facebook.net; style-src 'self' 'unsafe-inline'; img-src 'self' www.google-analytics.com www.googletagmanager.com stats.g.doubleclick.net www.facebook.com; font-src 'self' data: themes.googleusercontent.com fonts.gstatic.com; connect-src pay-api.ridibooks.com account.ridibooks.com data.ridibooks.com ridibooks.com sentry.io www.google-analytics.com stats.g.doubleclick.net www.facebook.com; object-src 'none'; frame-src staticxx.facebook.com connect.facebook.net; block-all-mixed-content; report-uri https://sentry.io/api/1307887/security/?sentry_key=0bc859e1423a42dc8728690b03bcedf0&sentry_environment=production;
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.ridibooks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=63072000;
content-security-policy
default-src 'none'; script-src 'self' account.ridibooks.com data.ridibooks.com cdnjs.cloudflare.com ajax.googleapis.com www.googletagmanager.com www.google-analytics.com connect.facebook.net; style-src 'self' 'unsafe-inline'; img-src 'self' www.google-analytics.com www.googletagmanager.com stats.g.doubleclick.net www.facebook.com; font-src 'self' data: themes.googleusercontent.com fonts.gstatic.com; connect-src pay-api.ridibooks.com account.ridibooks.com data.ridibooks.com ridibooks.com sentry.io www.google-analytics.com stats.g.doubleclick.net www.facebook.com; object-src 'none'; frame-src staticxx.facebook.com connect.facebook.net; block-all-mixed-content; report-uri https://sentry.io/api/1307887/security/?sentry_key=0bc859e1423a42dc8728690b03bcedf0&sentry_environment=production;
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 03:49:37 GMT
content-encoding
gzip
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 21 Sep 2023 10:08:53 GMT
server
AmazonS3
etag
W/"df6c63c0fafcbe48d314240890877787"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
x-amz-cf-id
QLdfqMO4-TgI4HBtgm-tJt0-O1YyQOS1EJs_17hrOTkAtIKDdi5srg==
styles.2955c537.css
pay.ridibooks.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pay.ridibooks.com/styles.2955c537.css
Requested by
Host: pay.ridibooks.com
URL: https://pay.ridibooks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:e800:6:b6e7:c440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bfac3d5656d44b45cc4936a34d7a526728080051bd410f9b6505ecdb5f212cf6
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' account.ridibooks.com data.ridibooks.com cdnjs.cloudflare.com ajax.googleapis.com www.googletagmanager.com www.google-analytics.com connect.facebook.net; style-src 'self' 'unsafe-inline'; img-src 'self' www.google-analytics.com www.googletagmanager.com stats.g.doubleclick.net www.facebook.com; font-src 'self' data: themes.googleusercontent.com fonts.gstatic.com; connect-src pay-api.ridibooks.com account.ridibooks.com data.ridibooks.com ridibooks.com sentry.io www.google-analytics.com stats.g.doubleclick.net www.facebook.com; object-src 'none'; frame-src staticxx.facebook.com connect.facebook.net; block-all-mixed-content; report-uri https://sentry.io/api/1307887/security/?sentry_key=0bc859e1423a42dc8728690b03bcedf0&sentry_environment=production;
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.ridibooks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 03:49:37 GMT
strict-transport-security
max-age=63072000;
x-content-type-options
nosniff
content-security-policy
default-src 'none'; script-src 'self' account.ridibooks.com data.ridibooks.com cdnjs.cloudflare.com ajax.googleapis.com www.googletagmanager.com www.google-analytics.com connect.facebook.net; style-src 'self' 'unsafe-inline'; img-src 'self' www.google-analytics.com www.googletagmanager.com stats.g.doubleclick.net www.facebook.com; font-src 'self' data: themes.googleusercontent.com fonts.gstatic.com; connect-src pay-api.ridibooks.com account.ridibooks.com data.ridibooks.com ridibooks.com sentry.io www.google-analytics.com stats.g.doubleclick.net www.facebook.com; object-src 'none'; frame-src staticxx.facebook.com connect.facebook.net; block-all-mixed-content; report-uri https://sentry.io/api/1307887/security/?sentry_key=0bc859e1423a42dc8728690b03bcedf0&sentry_environment=production;
content-encoding
gzip
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 21 Sep 2023 10:08:53 GMT
server
AmazonS3
etag
W/"1c8ebc3ee72552d583d5731d858dac51"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
x-amz-cf-id
iTEyT-c3tMdRqlcdlwdnphUIYwztE42T0FBwFouWzg-Gz9bU-D89Jg==
manifest.227248be.min.js
pay.ridibooks.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.ridibooks.com/manifest.227248be.min.js
Requested by
Host: pay.ridibooks.com
URL: https://pay.ridibooks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:e800:6:b6e7:c440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f2a062ee03f6ef66291795bbab476a99860005c990911a1d02d93d66527f4bf8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' account.ridibooks.com data.ridibooks.com cdnjs.cloudflare.com ajax.googleapis.com www.googletagmanager.com www.google-analytics.com connect.facebook.net; style-src 'self' 'unsafe-inline'; img-src 'self' www.google-analytics.com www.googletagmanager.com stats.g.doubleclick.net www.facebook.com; font-src 'self' data: themes.googleusercontent.com fonts.gstatic.com; connect-src pay-api.ridibooks.com account.ridibooks.com data.ridibooks.com ridibooks.com sentry.io www.google-analytics.com stats.g.doubleclick.net www.facebook.com; object-src 'none'; frame-src staticxx.facebook.com connect.facebook.net; block-all-mixed-content; report-uri https://sentry.io/api/1307887/security/?sentry_key=0bc859e1423a42dc8728690b03bcedf0&sentry_environment=production;
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.ridibooks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 03:49:37 GMT
strict-transport-security
max-age=63072000;
x-content-type-options
nosniff
content-security-policy
default-src 'none'; script-src 'self' account.ridibooks.com data.ridibooks.com cdnjs.cloudflare.com ajax.googleapis.com www.googletagmanager.com www.google-analytics.com connect.facebook.net; style-src 'self' 'unsafe-inline'; img-src 'self' www.google-analytics.com www.googletagmanager.com stats.g.doubleclick.net www.facebook.com; font-src 'self' data: themes.googleusercontent.com fonts.gstatic.com; connect-src pay-api.ridibooks.com account.ridibooks.com data.ridibooks.com ridibooks.com sentry.io www.google-analytics.com stats.g.doubleclick.net www.facebook.com; object-src 'none'; frame-src staticxx.facebook.com connect.facebook.net; block-all-mixed-content; report-uri https://sentry.io/api/1307887/security/?sentry_key=0bc859e1423a42dc8728690b03bcedf0&sentry_environment=production;
content-encoding
gzip
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 21 Sep 2023 10:08:49 GMT
server
AmazonS3
etag
W/"44eb51b650d4d4744f439cd83f921b99"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
x-amz-cf-id
bCazdHs6ADii5dOlI0utfwzAFnXMwCIThRe_F1PtwvG2yALbWuy3Yw==
common.28a834ef.min.js
pay.ridibooks.com/ 		648 KB
206 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.ridibooks.com/common.28a834ef.min.js
Requested by
Host: pay.ridibooks.com
URL: https://pay.ridibooks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:e800:6:b6e7:c440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46591ed41f8bc687e7a0c395fdc53152cf39bf52f729790592ad9c08d8dd8eee
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' account.ridibooks.com data.ridibooks.com cdnjs.cloudflare.com ajax.googleapis.com www.googletagmanager.com www.google-analytics.com connect.facebook.net; style-src 'self' 'unsafe-inline'; img-src 'self' www.google-analytics.com www.googletagmanager.com stats.g.doubleclick.net www.facebook.com; font-src 'self' data: themes.googleusercontent.com fonts.gstatic.com; connect-src pay-api.ridibooks.com account.ridibooks.com data.ridibooks.com ridibooks.com sentry.io www.google-analytics.com stats.g.doubleclick.net www.facebook.com; object-src 'none'; frame-src staticxx.facebook.com connect.facebook.net; block-all-mixed-content; report-uri https://sentry.io/api/1307887/security/?sentry_key=0bc859e1423a42dc8728690b03bcedf0&sentry_environment=production;
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.ridibooks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=63072000;
content-security-policy
default-src 'none'; script-src 'self' account.ridibooks.com data.ridibooks.com cdnjs.cloudflare.com ajax.googleapis.com www.googletagmanager.com www.google-analytics.com connect.facebook.net; style-src 'self' 'unsafe-inline'; img-src 'self' www.google-analytics.com www.googletagmanager.com stats.g.doubleclick.net www.facebook.com; font-src 'self' data: themes.googleusercontent.com fonts.gstatic.com; connect-src pay-api.ridibooks.com account.ridibooks.com data.ridibooks.com ridibooks.com sentry.io www.google-analytics.com stats.g.doubleclick.net www.facebook.com; object-src 'none'; frame-src staticxx.facebook.com connect.facebook.net; block-all-mixed-content; report-uri https://sentry.io/api/1307887/security/?sentry_key=0bc859e1423a42dc8728690b03bcedf0&sentry_environment=production;
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 03:49:37 GMT
content-encoding
gzip
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 21 Sep 2023 10:08:49 GMT
server
AmazonS3
etag
W/"9dccbdb8127c382f88a228c27bc2420e"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
x-amz-cf-id
V04axOvU_Fu-viZN3CpeXI_tz0lYqgNnSBCz3LISXyqcABND6e2fpA==
polyfill.dea7ac5d.min.js
pay.ridibooks.com/ 		177 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.ridibooks.com/polyfill.dea7ac5d.min.js
Requested by
Host: pay.ridibooks.com
URL: https://pay.ridibooks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:e800:6:b6e7:c440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ccd0976850e91d08f77ebbfc5e4a3fcbe4aa2ef40c1070b2baf0a8621003fb87
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' account.ridibooks.com data.ridibooks.com cdnjs.cloudflare.com ajax.googleapis.com www.googletagmanager.com www.google-analytics.com connect.facebook.net; style-src 'self' 'unsafe-inline'; img-src 'self' www.google-analytics.com www.googletagmanager.com stats.g.doubleclick.net www.facebook.com; font-src 'self' data: themes.googleusercontent.com fonts.gstatic.com; connect-src pay-api.ridibooks.com account.ridibooks.com data.ridibooks.com ridibooks.com sentry.io www.google-analytics.com stats.g.doubleclick.net www.facebook.com; object-src 'none'; frame-src staticxx.facebook.com connect.facebook.net; block-all-mixed-content; report-uri https://sentry.io/api/1307887/security/?sentry_key=0bc859e1423a42dc8728690b03bcedf0&sentry_environment=production;
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.ridibooks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=63072000;
content-security-policy
default-src 'none'; script-src 'self' account.ridibooks.com data.ridibooks.com cdnjs.cloudflare.com ajax.googleapis.com www.googletagmanager.com www.google-analytics.com connect.facebook.net; style-src 'self' 'unsafe-inline'; img-src 'self' www.google-analytics.com www.googletagmanager.com stats.g.doubleclick.net www.facebook.com; font-src 'self' data: themes.googleusercontent.com fonts.gstatic.com; connect-src pay-api.ridibooks.com account.ridibooks.com data.ridibooks.com ridibooks.com sentry.io www.google-analytics.com stats.g.doubleclick.net www.facebook.com; object-src 'none'; frame-src staticxx.facebook.com connect.facebook.net; block-all-mixed-content; report-uri https://sentry.io/api/1307887/security/?sentry_key=0bc859e1423a42dc8728690b03bcedf0&sentry_environment=production;
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 03:49:37 GMT
content-encoding
gzip
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 21 Sep 2023 10:08:49 GMT
server
AmazonS3
etag
W/"90b27caf4e34fb2b2d4a0079860c4881"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
x-amz-cf-id
DSnmuMBNk3Y7Df8SLuDrHeUwVvZCqoS71lw9JoHdnpdcd_f8SJB4Bw==
main.2955c537.min.js
pay.ridibooks.com/ 		652 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.ridibooks.com/main.2955c537.min.js
Requested by
Host: pay.ridibooks.com
URL: https://pay.ridibooks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:e800:6:b6e7:c440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1eba9de41c9b1429ba6adf83d92e517b83d535e877f2f40d6c63a594413d8c87
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' account.ridibooks.com data.ridibooks.com cdnjs.cloudflare.com ajax.googleapis.com www.googletagmanager.com www.google-analytics.com connect.facebook.net; style-src 'self' 'unsafe-inline'; img-src 'self' www.google-analytics.com www.googletagmanager.com stats.g.doubleclick.net www.facebook.com; font-src 'self' data: themes.googleusercontent.com fonts.gstatic.com; connect-src pay-api.ridibooks.com account.ridibooks.com data.ridibooks.com ridibooks.com sentry.io www.google-analytics.com stats.g.doubleclick.net www.facebook.com; object-src 'none'; frame-src staticxx.facebook.com connect.facebook.net; block-all-mixed-content; report-uri https://sentry.io/api/1307887/security/?sentry_key=0bc859e1423a42dc8728690b03bcedf0&sentry_environment=production;
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.ridibooks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=63072000;
content-security-policy
default-src 'none'; script-src 'self' account.ridibooks.com data.ridibooks.com cdnjs.cloudflare.com ajax.googleapis.com www.googletagmanager.com www.google-analytics.com connect.facebook.net; style-src 'self' 'unsafe-inline'; img-src 'self' www.google-analytics.com www.googletagmanager.com stats.g.doubleclick.net www.facebook.com; font-src 'self' data: themes.googleusercontent.com fonts.gstatic.com; connect-src pay-api.ridibooks.com account.ridibooks.com data.ridibooks.com ridibooks.com sentry.io www.google-analytics.com stats.g.doubleclick.net www.facebook.com; object-src 'none'; frame-src staticxx.facebook.com connect.facebook.net; block-all-mixed-content; report-uri https://sentry.io/api/1307887/security/?sentry_key=0bc859e1423a42dc8728690b03bcedf0&sentry_environment=production;
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 03:49:37 GMT
content-encoding
gzip
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 21 Sep 2023 10:08:49 GMT
server
AmazonS3
etag
W/"a24b859e0fbaabd21f3c7a81e429cf6b"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
x-amz-cf-id
SzTJ6qqVLpP_GaRabMmgp2S4vnHkvmNs5qeQ8-8PSV8f1DIf5s0MeA==
me
pay-api.ridibooks.com/ 		53 B
682 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay-api.ridibooks.com/me
Requested by
Host: pay.ridibooks.com
URL: https://pay.ridibooks.com/common.28a834ef.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.9.66.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-110.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
4df582bda7cda4046a8ba112e240a5f90d3d9e99e1e04708d6b6ba471726dfd8

Request headers

Accept
application/json, text/plain, */*
Referer
https://pay.ridibooks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 21 Mar 2024 03:49:39 GMT
via
1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
surrogate-control
no-store
x-cache
Error from cloudfront
x-envoy-upstream-service-time
15
alt-svc
h3=":443"; ma=86400
content-length
53
x-request-id
16c7ea66-fad4-450f-8756-748f6c2358bc
x-ridi-edge
n-uls
x-response-time
12.782ms
pragma
no-cache
server
istio-envoy
etag
W/"35-RTki580r/R3feiTM8Mvcl7dN73s"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pay.ridibooks.com
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
x-amz-cf-id
WA-RFVEHlaINKVVu3LFhscS65v0hi_7DGs-zXSZatL4qlj7YQbOeow==
expires
0
me
pay-api.ridibooks.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pay-api.ridibooks.com/me
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-110.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://pay.ridibooks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Accept-Encoding,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-CSRFToken,X-Request-Token
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://pay.ridibooks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 21 Mar 2024 03:49:38 GMT
server
istio-envoy
via
1.1 d947c3ab534102b2c9a7f0a4541d2ed8.cloudfront.net (CloudFront)
x-amz-cf-id
WC8cwgsDhJpgiFcgxVJshdbRO5T2j3EqrRQDPRBqN6Kx9uBxQ-LysA==
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
x-ridi-edge
n-uls
spinner-gray.png
pay.ridibooks.com/public/images/spinner/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pay.ridibooks.com/public/images/spinner/spinner-gray.png
Requested by
Host: pay.ridibooks.com
URL: https://pay.ridibooks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:e800:6:b6e7:c440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
739a7b4d942d477e1d4a5caa6c1882cc0553619dd98aa70f5a54750dca4f97c4
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' account.ridibooks.com data.ridibooks.com cdnjs.cloudflare.com ajax.googleapis.com www.googletagmanager.com www.google-analytics.com connect.facebook.net; style-src 'self' 'unsafe-inline'; img-src 'self' www.google-analytics.com www.googletagmanager.com stats.g.doubleclick.net www.facebook.com; font-src 'self' data: themes.googleusercontent.com fonts.gstatic.com; connect-src pay-api.ridibooks.com account.ridibooks.com data.ridibooks.com ridibooks.com sentry.io www.google-analytics.com stats.g.doubleclick.net www.facebook.com; object-src 'none'; frame-src staticxx.facebook.com connect.facebook.net; block-all-mixed-content; report-uri https://sentry.io/api/1307887/security/?sentry_key=0bc859e1423a42dc8728690b03bcedf0&sentry_environment=production;
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.ridibooks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=63072000;
content-security-policy
default-src 'none'; script-src 'self' account.ridibooks.com data.ridibooks.com cdnjs.cloudflare.com ajax.googleapis.com www.googletagmanager.com www.google-analytics.com connect.facebook.net; style-src 'self' 'unsafe-inline'; img-src 'self' www.google-analytics.com www.googletagmanager.com stats.g.doubleclick.net www.facebook.com; font-src 'self' data: themes.googleusercontent.com fonts.gstatic.com; connect-src pay-api.ridibooks.com account.ridibooks.com data.ridibooks.com ridibooks.com sentry.io www.google-analytics.com stats.g.doubleclick.net www.facebook.com; object-src 'none'; frame-src staticxx.facebook.com connect.facebook.net; block-all-mixed-content; report-uri https://sentry.io/api/1307887/security/?sentry_key=0bc859e1423a42dc8728690b03bcedf0&sentry_environment=production;
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 03:49:38 GMT
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
3177
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 21 Sep 2023 10:08:53 GMT
server
AmazonS3
etag
"8f8d3293fb984dd618316649fbbfa448"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
gXPBx4QUGQGDZYOK31_vYCp5NtoJ9EFzokuDy7d0INiJP2nCgdnK3Q==
NotoSans-Regular.woff2
pay.ridibooks.com/public/fonts/ 		191 KB
192 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pay.ridibooks.com/public/fonts/NotoSans-Regular.woff2
Requested by
Host: pay.ridibooks.com
URL: https://pay.ridibooks.com/styles.2955c537.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:e800:6:b6e7:c440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85ade9c84e0fc0bb6d920ea1e3c9231590200ba0a79264968c6b9a0fb527a2fc
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' account.ridibooks.com data.ridibooks.com cdnjs.cloudflare.com ajax.googleapis.com www.googletagmanager.com www.google-analytics.com connect.facebook.net; style-src 'self' 'unsafe-inline'; img-src 'self' www.google-analytics.com www.googletagmanager.com stats.g.doubleclick.net www.facebook.com; font-src 'self' data: themes.googleusercontent.com fonts.gstatic.com; connect-src pay-api.ridibooks.com account.ridibooks.com data.ridibooks.com ridibooks.com sentry.io www.google-analytics.com stats.g.doubleclick.net www.facebook.com; object-src 'none'; frame-src staticxx.facebook.com connect.facebook.net; block-all-mixed-content; report-uri https://sentry.io/api/1307887/security/?sentry_key=0bc859e1423a42dc8728690b03bcedf0&sentry_environment=production;
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pay.ridibooks.com/styles.2955c537.css
Origin
https://pay.ridibooks.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=63072000;
content-security-policy
default-src 'none'; script-src 'self' account.ridibooks.com data.ridibooks.com cdnjs.cloudflare.com ajax.googleapis.com www.googletagmanager.com www.google-analytics.com connect.facebook.net; style-src 'self' 'unsafe-inline'; img-src 'self' www.google-analytics.com www.googletagmanager.com stats.g.doubleclick.net www.facebook.com; font-src 'self' data: themes.googleusercontent.com fonts.gstatic.com; connect-src pay-api.ridibooks.com account.ridibooks.com data.ridibooks.com ridibooks.com sentry.io www.google-analytics.com stats.g.doubleclick.net www.facebook.com; object-src 'none'; frame-src staticxx.facebook.com connect.facebook.net; block-all-mixed-content; report-uri https://sentry.io/api/1307887/security/?sentry_key=0bc859e1423a42dc8728690b03bcedf0&sentry_environment=production;
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 03:49:38 GMT
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
195560
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 21 Sep 2023 10:08:51 GMT
server
AmazonS3
etag
"4e2910267e88d635a5b26172ee62786a"
x-frame-options
DENY
vary
Accept-Encoding
content-type
binary/octet-stream
accept-ranges
bytes
x-amz-cf-id
MfHQ2v01aPtwTXAcSbGKV2NmupZKos4vhCHiGdHL5-xCH4taLsE3Ew==
NotoSans-Bold.woff2
pay.ridibooks.com/public/fonts/ 		194 KB
195 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://pay.ridibooks.com/public/fonts/NotoSans-Bold.woff2
Requested by
Host: pay.ridibooks.com
URL: https://pay.ridibooks.com/styles.2955c537.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:e800:6:b6e7:c440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06939e852b59474a2134e644c56e8bd2bd10f2d3997ec4afb2301e8b977b61b2
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' account.ridibooks.com data.ridibooks.com cdnjs.cloudflare.com ajax.googleapis.com www.googletagmanager.com www.google-analytics.com connect.facebook.net; style-src 'self' 'unsafe-inline'; img-src 'self' www.google-analytics.com www.googletagmanager.com stats.g.doubleclick.net www.facebook.com; font-src 'self' data: themes.googleusercontent.com fonts.gstatic.com; connect-src pay-api.ridibooks.com account.ridibooks.com data.ridibooks.com ridibooks.com sentry.io www.google-analytics.com stats.g.doubleclick.net www.facebook.com; object-src 'none'; frame-src staticxx.facebook.com connect.facebook.net; block-all-mixed-content; report-uri https://sentry.io/api/1307887/security/?sentry_key=0bc859e1423a42dc8728690b03bcedf0&sentry_environment=production;
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pay.ridibooks.com/styles.2955c537.css
Origin
https://pay.ridibooks.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=63072000;
content-security-policy
default-src 'none'; script-src 'self' account.ridibooks.com data.ridibooks.com cdnjs.cloudflare.com ajax.googleapis.com www.googletagmanager.com www.google-analytics.com connect.facebook.net; style-src 'self' 'unsafe-inline'; img-src 'self' www.google-analytics.com www.googletagmanager.com stats.g.doubleclick.net www.facebook.com; font-src 'self' data: themes.googleusercontent.com fonts.gstatic.com; connect-src pay-api.ridibooks.com account.ridibooks.com data.ridibooks.com ridibooks.com sentry.io www.google-analytics.com stats.g.doubleclick.net www.facebook.com; object-src 'none'; frame-src staticxx.facebook.com connect.facebook.net; block-all-mixed-content; report-uri https://sentry.io/api/1307887/security/?sentry_key=0bc859e1423a42dc8728690b03bcedf0&sentry_environment=production;
x-content-type-options
nosniff
date
Thu, 21 Mar 2024 03:49:38 GMT
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-length
198184
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 21 Sep 2023 10:08:50 GMT
server
AmazonS3
etag
"c18403ddf95b7cb8dd61b1f2539b11dd"
x-frame-options
DENY
vary
Accept-Encoding
content-type
binary/octet-stream
accept-ranges
bytes
x-amz-cf-id
njzMLWlbStb3DomghCSqPnf_BdSGGSWB97061cHGQv9MLcyIgAkEDg==
/
account.ridibooks.com/ridi/token/ 		26 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://account.ridibooks.com/ridi/token/
Requested by
Host: pay.ridibooks.com
URL: https://pay.ridibooks.com/common.28a834ef.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-61.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
3e7db788e384631f8a9f299d1797e6f8af6d16d643a1c91f9e83ae15212de45c

Request headers

Accept
application/json, text/plain, */*
Referer
https://pay.ridibooks.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 03:49:40 GMT
via
1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
surrogate-control
no-store
x-cache
Error from cloudfront
x-envoy-upstream-service-time
14
alt-svc
h3=":443"; ma=86400
content-length
26
x-request-id
e4b9a2e0-0642-4bac-b509-a890f02a63c7
x-ridi-edge
n-uls
x-response-time
2.536ms
pragma
no-cache
server
istio-envoy
etag
W/"1a-pljHtlo127JYJR4E/RYOPb6ucbw"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://pay.ridibooks.com
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
x-amz-cf-id
RX9IWSJGCfZBA6yzGayEy8s_J_8YoU0yMM2XHbKaIiue1KfEgokx3A==
expires
0
login
ridibooks.com/account/
Redirect Chain
  • https://account.ridibooks.com/ridi/authorize/?client_id=ePgbKKRyPvdAFzTvFg2DvrS7GenfstHdkQ2uvFNd&response_type=code&redirect_uri=https:%2F%2Faccount.ridibooks.com%2Fridi%2Fcomplete%2F
  • https://ridibooks.com/account/login?return_url=https%3A%2F%2Faccount.ridibooks.com%2Fridi%2Fcomplete%2F
0
0
Primary Request login
ridibooks.com/account/ 		53 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ridibooks.com/account/login?return_url=https%3A%2F%2Fpay.ridibooks.com%2F
Requested by
Host: pay.ridibooks.com
URL: https://pay.ridibooks.com/main.2955c537.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
65.9.66.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-110.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';script-src https://fonts.googleapis.com www.google-analytics.com www.googletagmanager.com www.google.com www.google.co.kr stats.g.doubleclick.net www.googleadservices.com googleads.g.doubleclick.net https://www.gstatic.com https://accounts.google.com https://appleid.cdn-apple.com www.facebook.com staticxx.facebook.com connect.facebook.net *.sentry.io wcs.naver.net wcs.naver.com t1.kakaocdn.net kauth.kakao.com *.ads-twitter.com *.twitter.com sdk.iad-06.braze.com https://js.appboycdn.com https://appboy-images.com https://braze-images.com https://*.ridi.zone https://*.ridi.io https://*.ridi.com https://ridi.com https://*.ridibooks.com https://ridibooks.com https://books.ridibooks.com https://*.ridicdn.net https://unpkg.com https://cdn.jsdelivr.net https://use.fontawesome.com https://js.tosspayments.com https://event.tosspayments.com https://api.tosspayments.com https://log.tosspayments.com https://connect.tosspayments.com https://analytics.tiktok.com https://t1.daumcdn.net https://xpay.uplus.co.kr https://mobile.inicis.com https://stdpay.inicis.com https://stdux.inicis.com https://websdk.appsflyer.com https://api.paygate.net https://service.paygate.net 'self' 'unsafe-inline';base-uri 'none';object-src 'none';worker-src 'blob:';img-src 'self' data: https://*.amazonaws.com wcs.naver.com http://t.co https://t.co https://fonts.googleapis.com www.google-analytics.com www.googletagmanager.com www.google.com www.google.co.kr stats.g.doubleclick.net www.googleadservices.com googleads.g.doubleclick.net https://www.gstatic.com https://accounts.google.com https://appleid.cdn-apple.com www.facebook.com staticxx.facebook.com connect.facebook.net *.sentry.io wcs.naver.net wcs.naver.com t1.kakaocdn.net kauth.kakao.com *.ads-twitter.com *.twitter.com sdk.iad-06.braze.com https://js.appboycdn.com https://appboy-images.com https://braze-images.com https://*.ridi.zone https://*.ridi.io https://*.ridi.com https://ridi.com https://*.ridibooks.com https://ridibooks.com https://books.ridibooks.com https://*.ridicdn.net https://unpkg.com https://cdn.jsdelivr.net https://use.fontawesome.com https://js.tosspayments.com https://event.tosspayments.com https://api.tosspayments.com https://log.tosspayments.com https://connect.tosspayments.com https://analytics.tiktok.com https://t1.daumcdn.net https://xpay.uplus.co.kr https://mobile.inicis.com https://stdpay.inicis.com https://stdux.inicis.com https://websdk.appsflyer.com https://api.paygate.net https://service.paygate.net;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com www.google-analytics.com www.googletagmanager.com www.google.com www.google.co.kr stats.g.doubleclick.net www.googleadservices.com googleads.g.doubleclick.net https://www.gstatic.com https://accounts.google.com https://appleid.cdn-apple.com www.facebook.com staticxx.facebook.com connect.facebook.net *.sentry.io wcs.naver.net wcs.naver.com t1.kakaocdn.net kauth.kakao.com *.ads-twitter.com *.twitter.com sdk.iad-06.braze.com https://js.appboycdn.com https://appboy-images.com https://braze-images.com https://*.ridi.zone https://*.ridi.io https://*.ridi.com https://ridi.com https://*.ridibooks.com https://ridibooks.com https://books.ridibooks.com https://*.ridicdn.net https://unpkg.com https://cdn.jsdelivr.net https://use.fontawesome.com https://js.tosspayments.com https://event.tosspayments.com https://api.tosspayments.com https://log.tosspayments.com https://connect.tosspayments.com https://analytics.tiktok.com https://t1.daumcdn.net https://xpay.uplus.co.kr https://mobile.inicis.com https://stdpay.inicis.com https://stdux.inicis.com https://websdk.appsflyer.com https://api.paygate.net https://service.paygate.net;frame-src ridi: www.facebook.com staticxx.facebook.com connect.facebook.net bid.g.doubleclick.net www.google.com accounts.google.com connect.tosspayments.com stdpay.inicis.com postcode.map.daum.net;connect-src 'self' https://*.amazonaws.com https://browser-intake-datadoghq.com https://fonts.googleapis.com www.google-analytics.com www.googletagmanager.com www.google.com www.google.co.kr stats.g.doubleclick.net www.googleadservices.com googleads.g.doubleclick.net https://www.gstatic.com https://accounts.google.com https://appleid.cdn-apple.com www.facebook.com staticxx.facebook.com connect.facebook.net *.sentry.io wcs.naver.net wcs.naver.com t1.kakaocdn.net kauth.kakao.com *.ads-twitter.com *.twitter.com sdk.iad-06.braze.com https://js.appboycdn.com https://appboy-images.com https://braze-images.com https://*.ridi.zone https://*.ridi.io https://*.ridi.com https://ridi.com https://*.ridibooks.com https://ridibooks.com https://books.ridibooks.com https://*.ridicdn.net https://unpkg.com https://cdn.jsdelivr.net https://use.fontawesome.com https://js.tosspayments.com https://event.tosspayments.com https://api.tosspayments.com https://log.tosspayments.com https://connect.tosspayments.com https://analytics.tiktok.com https://t1.daumcdn.net https://xpay.uplus.co.kr https://mobile.inicis.com https://stdpay.inicis.com https://stdux.inicis.com https://websdk.appsflyer.com https://api.paygate.net https://service.paygate.net;font-src 'self' https: data:
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.ridibooks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
default-src 'self';script-src https://fonts.googleapis.com www.google-analytics.com www.googletagmanager.com www.google.com www.google.co.kr stats.g.doubleclick.net www.googleadservices.com googleads.g.doubleclick.net https://www.gstatic.com https://accounts.google.com https://appleid.cdn-apple.com www.facebook.com staticxx.facebook.com connect.facebook.net *.sentry.io wcs.naver.net wcs.naver.com t1.kakaocdn.net kauth.kakao.com *.ads-twitter.com *.twitter.com sdk.iad-06.braze.com https://js.appboycdn.com https://appboy-images.com https://braze-images.com https://*.ridi.zone https://*.ridi.io https://*.ridi.com https://ridi.com https://*.ridibooks.com https://ridibooks.com https://books.ridibooks.com https://*.ridicdn.net https://unpkg.com https://cdn.jsdelivr.net https://use.fontawesome.com https://js.tosspayments.com https://event.tosspayments.com https://api.tosspayments.com https://log.tosspayments.com https://connect.tosspayments.com https://analytics.tiktok.com https://t1.daumcdn.net https://xpay.uplus.co.kr https://mobile.inicis.com https://stdpay.inicis.com https://stdux.inicis.com https://websdk.appsflyer.com https://api.paygate.net https://service.paygate.net 'self' 'unsafe-inline';base-uri 'none';object-src 'none';worker-src 'blob:';img-src 'self' data: https://*.amazonaws.com wcs.naver.com http://t.co https://t.co https://fonts.googleapis.com www.google-analytics.com www.googletagmanager.com www.google.com www.google.co.kr stats.g.doubleclick.net www.googleadservices.com googleads.g.doubleclick.net https://www.gstatic.com https://accounts.google.com https://appleid.cdn-apple.com www.facebook.com staticxx.facebook.com connect.facebook.net *.sentry.io wcs.naver.net wcs.naver.com t1.kakaocdn.net kauth.kakao.com *.ads-twitter.com *.twitter.com sdk.iad-06.braze.com https://js.appboycdn.com https://appboy-images.com https://braze-images.com https://*.ridi.zone https://*.ridi.io https://*.ridi.com https://ridi.com https://*.ridibooks.com https://ridibooks.com https://books.ridibooks.com https://*.ridicdn.net https://unpkg.com https://cdn.jsdelivr.net https://use.fontawesome.com https://js.tosspayments.com https://event.tosspayments.com https://api.tosspayments.com https://log.tosspayments.com https://connect.tosspayments.com https://analytics.tiktok.com https://t1.daumcdn.net https://xpay.uplus.co.kr https://mobile.inicis.com https://stdpay.inicis.com https://stdux.inicis.com https://websdk.appsflyer.com https://api.paygate.net https://service.paygate.net;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com www.google-analytics.com www.googletagmanager.com www.google.com www.google.co.kr stats.g.doubleclick.net www.googleadservices.com googleads.g.doubleclick.net https://www.gstatic.com https://accounts.google.com https://appleid.cdn-apple.com www.facebook.com staticxx.facebook.com connect.facebook.net *.sentry.io wcs.naver.net wcs.naver.com t1.kakaocdn.net kauth.kakao.com *.ads-twitter.com *.twitter.com sdk.iad-06.braze.com https://js.appboycdn.com https://appboy-images.com https://braze-images.com https://*.ridi.zone https://*.ridi.io https://*.ridi.com https://ridi.com https://*.ridibooks.com https://ridibooks.com https://books.ridibooks.com https://*.ridicdn.net https://unpkg.com https://cdn.jsdelivr.net https://use.fontawesome.com https://js.tosspayments.com https://event.tosspayments.com https://api.tosspayments.com https://log.tosspayments.com https://connect.tosspayments.com https://analytics.tiktok.com https://t1.daumcdn.net https://xpay.uplus.co.kr https://mobile.inicis.com https://stdpay.inicis.com https://stdux.inicis.com https://websdk.appsflyer.com https://api.paygate.net https://service.paygate.net;frame-src ridi: www.facebook.com staticxx.facebook.com connect.facebook.net bid.g.doubleclick.net www.google.com accounts.google.com connect.tosspayments.com stdpay.inicis.com postcode.map.daum.net;connect-src 'self' https://*.amazonaws.com https://browser-intake-datadoghq.com https://fonts.googleapis.com www.google-analytics.com www.googletagmanager.com www.google.com www.google.co.kr stats.g.doubleclick.net www.googleadservices.com googleads.g.doubleclick.net https://www.gstatic.com https://accounts.google.com https://appleid.cdn-apple.com www.facebook.com staticxx.facebook.com connect.facebook.net *.sentry.io wcs.naver.net wcs.naver.com t1.kakaocdn.net kauth.kakao.com *.ads-twitter.com *.twitter.com sdk.iad-06.braze.com https://js.appboycdn.com https://appboy-images.com https://braze-images.com https://*.ridi.zone https://*.ridi.io https://*.ridi.com https://ridi.com https://*.ridibooks.com https://ridibooks.com https://books.ridibooks.com https://*.ridicdn.net https://unpkg.com https://cdn.jsdelivr.net https://use.fontawesome.com https://js.tosspayments.com https://event.tosspayments.com https://api.tosspayments.com https://log.tosspayments.com https://connect.tosspayments.com https://analytics.tiktok.com https://t1.daumcdn.net https://xpay.uplus.co.kr https://mobile.inicis.com https://stdpay.inicis.com https://stdux.inicis.com https://websdk.appsflyer.com https://api.paygate.net https://service.paygate.net;font-src 'self' https: data:
content-type
text/html; charset=utf-8
date
Thu, 21 Mar 2024 03:49:41 GMT
etag
"ma6bf31n68224f"
expect-ct
max-age=0
referrer-policy
strict-origin-when-cross-origin
server
istio-envoy
strict-transport-security
max-age=15552000
vary
Accept-Encoding
via
1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
x-amz-cf-id
Erxp22eIqDoXm1X-gWehAKRlisaGviRijZotSSriYU1rWrkzkRQzwA==
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-envoy-upstream-service-time
143
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-ridi-edge
n-uls
x-xss-protection
0
98e97ee0a98e101b.css
static.ridicdn.net/books-frontend/p/c1edde/_next/static/css/ 		0
0
webpack-6929e96232f1946f.js
static.ridicdn.net/books-frontend/p/c1edde/_next/static/chunks/ 		0
0
framework-7a284b77bd0733a3.js
static.ridicdn.net/books-frontend/p/c1edde/_next/static/chunks/ 		0
0
main-f2f9e52c97b6e526.js
static.ridicdn.net/books-frontend/p/c1edde/_next/static/chunks/ 		0
0
_app-53a2e6d296ef96c3.js
static.ridicdn.net/books-frontend/p/c1edde/_next/static/chunks/pages/ 		0
0
6070-e64cd70528b55dfb.js
static.ridicdn.net/books-frontend/p/c1edde/_next/static/chunks/ 		0
0
3775-38a9b45efc0ab0b2.js
static.ridicdn.net/books-frontend/p/c1edde/_next/static/chunks/ 		0
0
9989-89b7314b6ce10b9d.js
static.ridicdn.net/books-frontend/p/c1edde/_next/static/chunks/ 		0
0
2513-06026c8554dd0c4a.js
static.ridicdn.net/books-frontend/p/c1edde/_next/static/chunks/ 		0
0
3129-66cb552df1c38340.js
static.ridicdn.net/books-frontend/p/c1edde/_next/static/chunks/ 		0
0
login-2437c68c7d7b1a58.js
static.ridicdn.net/books-frontend/p/c1edde/_next/static/chunks/pages/account/ 		0
0
_buildManifest.js
static.ridicdn.net/books-frontend/p/c1edde/_next/static/3.8.153-c1edde8/ 		0
0
_ssgManifest.js
static.ridicdn.net/books-frontend/p/c1edde/_next/static/3.8.153-c1edde8/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ridibooks.com
URL
https://ridibooks.com/account/login?return_url=https%3A%2F%2Faccount.ridibooks.com%2Fridi%2Fcomplete%2F
Domain
static.ridicdn.net
URL
https://static.ridicdn.net/books-frontend/p/c1edde/_next/static/css/98e97ee0a98e101b.css
Domain
static.ridicdn.net
URL
https://static.ridicdn.net/books-frontend/p/c1edde/_next/static/chunks/webpack-6929e96232f1946f.js
Domain
static.ridicdn.net
URL
https://static.ridicdn.net/books-frontend/p/c1edde/_next/static/chunks/framework-7a284b77bd0733a3.js
Domain
static.ridicdn.net
URL
https://static.ridicdn.net/books-frontend/p/c1edde/_next/static/chunks/main-f2f9e52c97b6e526.js
Domain
static.ridicdn.net
URL
https://static.ridicdn.net/books-frontend/p/c1edde/_next/static/chunks/pages/_app-53a2e6d296ef96c3.js
Domain
static.ridicdn.net
URL
https://static.ridicdn.net/books-frontend/p/c1edde/_next/static/chunks/6070-e64cd70528b55dfb.js
Domain
static.ridicdn.net
URL
https://static.ridicdn.net/books-frontend/p/c1edde/_next/static/chunks/3775-38a9b45efc0ab0b2.js
Domain
static.ridicdn.net
URL
https://static.ridicdn.net/books-frontend/p/c1edde/_next/static/chunks/9989-89b7314b6ce10b9d.js
Domain
static.ridicdn.net
URL
https://static.ridicdn.net/books-frontend/p/c1edde/_next/static/chunks/2513-06026c8554dd0c4a.js
Domain
static.ridicdn.net
URL
https://static.ridicdn.net/books-frontend/p/c1edde/_next/static/chunks/3129-66cb552df1c38340.js
Domain
static.ridicdn.net
URL
https://static.ridicdn.net/books-frontend/p/c1edde/_next/static/chunks/pages/account/login-2437c68c7d7b1a58.js
Domain
static.ridicdn.net
URL
https://static.ridicdn.net/books-frontend/p/c1edde/_next/static/3.8.153-c1edde8/_buildManifest.js
Domain
static.ridicdn.net
URL
https://static.ridicdn.net/books-frontend/p/c1edde/_next/static/3.8.153-c1edde8/_ssgManifest.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Domain/Path Name / Value
.ridibooks.com/ Name: ridi-ffid
Value: 4f1ee7e0-3fc0-45e8-aaa7-800f395426bd
.ridibooks.com/ Name: user_device_type
Value: PC
ridibooks.com/ Name: ridi_auth
Value:
ridibooks.com/ Name: ridibooks.connect.sid
Value: s%3AMMrDw0Q9K9XVwPKHBNus6mUeHqyaR376.PFMWJEN1kAP3Ghf9UUE4MvS%2B%2BtIOKL8tEy33Jc5PX3s

5 Console Messages

Source Level URL
Text
network error URL: https://pay-api.ridibooks.com/me
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://account.ridibooks.com/ridi/token/
Message:
Failed to load resource: the server responded with a status of 401 ()
javascript error URL: https://pay.ridibooks.com/
Message:
Access to XMLHttpRequest at 'https://ridibooks.com/account/login?return_url=https%3A%2F%2Faccount.ridibooks.com%2Fridi%2Fcomplete%2F' (redirected from 'https://account.ridibooks.com/ridi/authorize/?client_id=ePgbKKRyPvdAFzTvFg2DvrS7GenfstHdkQ2uvFNd&response_type=code&redirect_uri=https:%2F%2Faccount.ridibooks.com%2Fridi%2Fcomplete%2F') from origin 'https://pay.ridibooks.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://ridibooks.com/account/login?return_url=https%3A%2F%2Faccount.ridibooks.com%2Fridi%2Fcomplete%2F
Message:
Failed to load resource: net::ERR_FAILED
security error URL: https://ridibooks.com/account/login?return_url=https%3A%2F%2Fpay.ridibooks.com%2F
Message:
The source list for the Content Security Policy directive 'worker-src' contains an invalid source: ''blob:''. It will be ignored.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; script-src 'self' account.ridibooks.com data.ridibooks.com cdnjs.cloudflare.com ajax.googleapis.com www.googletagmanager.com www.google-analytics.com connect.facebook.net; style-src 'self' 'unsafe-inline'; img-src 'self' www.google-analytics.com www.googletagmanager.com stats.g.doubleclick.net www.facebook.com; font-src 'self' data: themes.googleusercontent.com fonts.gstatic.com; connect-src pay-api.ridibooks.com account.ridibooks.com data.ridibooks.com ridibooks.com sentry.io www.google-analytics.com stats.g.doubleclick.net www.facebook.com; object-src 'none'; frame-src staticxx.facebook.com connect.facebook.net; block-all-mixed-content; report-uri https://sentry.io/api/1307887/security/?sentry_key=0bc859e1423a42dc8728690b03bcedf0&sentry_environment=production;
Strict-Transport-Security max-age=63072000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block