URL: https://42payments.com/
Submission: On March 04 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 73 HTTP transactions. The main IP is 104.19.241.93, located in and belongs to CLOUDFLARENET, US. The main domain is 42payments.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 17th 2023. Valid for: a year.
This is the only time 42payments.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
36 bubble.io
spin-the-dart.cdn.bubble.io
2 MB
13 cloudfront.net
d1muf25xaso8hp.cloudfront.net
108 KB
11 42payments.com
42payments.com
745 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
605 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
28 KB
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 87
490 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
1 KB
73 7
Domain Requested by
36 spin-the-dart.cdn.bubble.io 42payments.com
13 d1muf25xaso8hp.cloudfront.net 42payments.com
11 42payments.com 42payments.com
5 www.gstatic.com www.google.com
5 www.google.com 42payments.com
www.google.com
www.gstatic.com
2 fonts.gstatic.com fonts.googleapis.com
1 www.youtube.com 1 redirects
1 fonts.googleapis.com 42payments.com
73 8

This site contains no links.

Subject Issuer Validity Valid
42payments.com
Cloudflare Inc ECC CA-3
2023-01-17 -
2024-01-17
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
www.google.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh
bubble.io
Cloudflare Inc ECC CA-3
2022-12-17 -
2023-12-16
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh
*.google.com
GTS CA 1C3
2023-02-08 -
2023-05-03
3 months crt.sh

This page contains 4 frames:

Primary Page: https://42payments.com/
Frame ID: 816164D70AFE0F54464B05E1DED61A24
Requests: 64 HTTP requests in this frame

Frame: https://www.google.com/sorry/index?continue=https://www.youtube.com/embed/jwmS1gc9S5A&q=EhAqAxsgAAbwEQAAAAAAAABuGPvOjaAGIjCofMn3M1Sa-kCjjg30HeiWeYzYfeVLN5_Pl4VYptm7MFszIrW4NWsjiW6H46omnAMyAXI
Frame ID: CB59C40368E1EC913D3129F03D934185
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&s=gxasSFNUPU-oZOAngs40ybCsjvzZNbDG_nQrD9rw9w2H5yGYZnrP20HUxywTFy3rTuvz7ehJkyXWtEQ7bO5bM7CWKJR6lCxOFdXToRUZQgla2tyDaTjbrrDsAZkO0fqDBK2c6LfeSsVuhYJC2tPJzB7qlbZiossH0sH-0Jtz8XatsyjLUt7LnC-OajfWiUlRNagd76MS1hLmM9HSBreVuOTNZ37myWPbF_XvupficCTOjHYHg7NNZ3IN18LXJUdWG8e8Sydxlst2ZaQXm8t351i2F9nUuCg&cb=vhu72h1q8kui
Frame ID: 3DDCCFDD481B0B78845AA8BD181BB3E5
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b
Frame ID: C47CE2ADE220FC4E7F2314B280D20A5C
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

42 Payments

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

73
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

8
IPs

4
Countries

3518 kB
Transfer

7940 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://www.youtube.com/embed/jwmS1gc9S5A HTTP 302
  • https://www.google.com/sorry/index?continue=https://www.youtube.com/embed/jwmS1gc9S5A&q=EhAqAxsgAAbwEQAAAAAAAABuGPvOjaAGIjCofMn3M1Sa-kCjjg30HeiWeYzYfeVLN5_Pl4VYptm7MFszIrW4NWsjiW6H46omnAMyAXI

73 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
42payments.com/
8 KB
4 KB
Document
General
Full URL
https://42payments.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e46d206c72046feb87231ad62b0c738e5e9624b99a13cfe498c1a9dc4c6993a7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none';
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7a2b3e5b5fe72c20-FRA
Connection
keep-alive
Content-Encoding
br
Content-Type
text/html
Date
Sat, 04 Mar 2023 15:44:58 GMT
Server
cloudflare
Transfer-Encoding
chunked
cache-control
no-store
content-security-policy
frame-ancestors 'none';
referrer-policy
origin
vary
Accept-Encoding
x-bubble-capacity-limit
0 ms slower
x-bubble-capacity-used
0.053 unit-seconds used
x-bubble-perf
{"total":49,"percents":{"top":{"bubble_cpu":47,"block":51.2,"capacity_rl":0,"other_pause":0,"pre_fiber":1.8},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":30.2,"appserver_cache_misses_time":0,"redis":56.2,"fiber_queue":6.6,"capacity_wait":3.4}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":14,"derived_cache_memory_misses":14,"serverjson":29,"appserver_cache_attempts":2,"appserver_mem_cache_hits":0,"appserver_cache_hits":2,"appserver_cache_misses":0,"redis":61,"fiber_queue":53,"blocks":52},"misc":{"userdb_results":1,"userdb_data":206,"spent_time":3460053,"derived_build_time_spent":0}}
x-frame-options
DENY
x-powered-by
Express
early.js
42payments.com/package/early_js/c5bcb2b703c12cc31e5a643f3beafacd0fd83738d617fb5a9a2b524326bd2d5b/xfalse/
23 KB
10 KB
Script
General
Full URL
https://42payments.com/package/early_js/c5bcb2b703c12cc31e5a643f3beafacd0fd83738d617fb5a9a2b524326bd2d5b/xfalse/early.js
Requested by
Host: 42payments.com
URL: https://42payments.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
5e99240e0f704678d97c9bfdd715672b2dd5d6c507a1f2197babeec2577039bf

Request headers

Referer
https://42payments.com/
Origin
https://42payments.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 15:44:58 GMT
Content-Encoding
br
CF-Cache-Status
MISS
x-bubble-perf
{"total":18.8,"percents":{"top":{"bubble_cpu":20.8,"block":75.3,"capacity_rl":0,"other_pause":0,"pre_fiber":1.8},"sub":{"pp_userdb":32,"pp_wait_userdb":0,"http_request":0,"serverjson":5.8,"appserver_cache_misses_time":0,"redis":30.6,"fiber_queue":8.5,"capacity_wait":8.5}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":17,"fiber_queue":19,"blocks":18},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":6584985,"derived_build_time_spent":0}}
x-powered-by
Express
Transfer-Encoding
chunked
Connection
keep-alive
x-bubble-capacity-used
0.101 unit-seconds used
Server
cloudflare
vary
Accept-Encoding
Content-Type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
CF-RAY
7a2b3e5d0a732c20-FRA
x-bubble-capacity-limit
0 ms slower
run.css
42payments.com/package/run_css/22ef3b26d59efb2f1b9ff4e8b08de0844b87d19b8411c4e979650874bbb01539/spin-the-dart/live/index/xfalse/xfalse/
88 KB
16 KB
Stylesheet
General
Full URL
https://42payments.com/package/run_css/22ef3b26d59efb2f1b9ff4e8b08de0844b87d19b8411c4e979650874bbb01539/spin-the-dart/live/index/xfalse/xfalse/run.css
Requested by
Host: 42payments.com
URL: https://42payments.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
211d547263b2910ef3b505b0cb23f6f921ce4a6d228bb6423c33ad950b76456c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 15:44:58 GMT
Content-Encoding
br
CF-Cache-Status
MISS
x-bubble-perf
{"total":28.5,"percents":{"top":{"bubble_cpu":18.2,"block":79.2,"capacity_rl":0,"other_pause":0,"pre_fiber":1.7},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":19.6,"appserver_cache_misses_time":0,"redis":85.8,"fiber_queue":9,"capacity_wait":4.4}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":2,"derived_cache_memory_misses":2,"serverjson":11,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":21,"fiber_queue":19,"blocks":18},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":776179,"derived_build_time_spent":0}}
x-powered-by
Express
Transfer-Encoding
chunked
Connection
keep-alive
x-bubble-capacity-used
0.012 unit-seconds used
Server
cloudflare
vary
Accept-Encoding
Content-Type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
CF-RAY
7a2b3e5d2a9dbb77-FRA
x-bubble-capacity-limit
0 ms slower
run.js
42payments.com/package/run_js/d04816155af0e9a5fdb0e6d01875d93252647cd3a433addd74eefa347e04f794/xfalse/x20/
3 MB
689 KB
Script
General
Full URL
https://42payments.com/package/run_js/d04816155af0e9a5fdb0e6d01875d93252647cd3a433addd74eefa347e04f794/xfalse/x20/run.js
Requested by
Host: 42payments.com
URL: https://42payments.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
19cd2ae416e9b9603d393e832166b3e673b9052c199af7e93bdcf520000a62e1

Request headers

Referer
https://42payments.com/
Origin
https://42payments.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 15:44:58 GMT
Content-Encoding
br
CF-Cache-Status
MISS
x-bubble-perf
{"total":15.6,"percents":{"top":{"bubble_cpu":19,"block":68.4,"capacity_rl":0,"other_pause":0,"pre_fiber":3.5},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":45.9,"fiber_queue":13.2,"capacity_wait":6.6}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":11,"blocks":10},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":443461,"derived_build_time_spent":0}}
x-powered-by
Express
Transfer-Encoding
chunked
Connection
keep-alive
x-bubble-capacity-used
0.007 unit-seconds used
Server
cloudflare
vary
Accept-Encoding
Content-Type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
CF-RAY
7a2b3e5d2b812c26-FRA
x-bubble-capacity-limit
0 ms slower
static.js
42payments.com/package/static_js/857867002d8400282444a4bde49e503fd22b641d3d4a4d28a049549e30447b93/spin-the-dart/live/index/xnull/xfalse/xfalse/xfalse/
24 KB
7 KB
Script
General
Full URL
https://42payments.com/package/static_js/857867002d8400282444a4bde49e503fd22b641d3d4a4d28a049549e30447b93/spin-the-dart/live/index/xnull/xfalse/xfalse/xfalse/static.js
Requested by
Host: 42payments.com
URL: https://42payments.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
833d678b5c75c3c93d081d2fbcb39794367439805e0e592b02b8300d1d38ee87

Request headers

Referer
https://42payments.com/
Origin
https://42payments.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 15:44:58 GMT
Content-Encoding
br
CF-Cache-Status
MISS
x-bubble-perf
{"total":71.7,"percents":{"top":{"bubble_cpu":13.8,"block":85.3,"capacity_rl":0,"other_pause":0,"pre_fiber":0.6},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":5.5,"appserver_cache_misses_time":0,"redis":15.8,"fiber_queue":2.8,"capacity_wait":2}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":8,"derived_cache_memory_misses":8,"serverjson":13,"appserver_cache_attempts":2,"appserver_mem_cache_hits":0,"appserver_cache_hits":2,"appserver_cache_misses":0,"redis":32,"fiber_queue":29,"blocks":28},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1483102,"derived_build_time_spent":0}}
x-powered-by
Express
Transfer-Encoding
chunked
Connection
keep-alive
x-bubble-capacity-used
0.023 unit-seconds used
Server
cloudflare
vary
Accept-Encoding
Content-Type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
CF-RAY
7a2b3e5d296d2bac-FRA
x-bubble-capacity-limit
0 ms slower
dynamic.js
42payments.com/package/dynamic_js/8a1aa3002a9d97dcd2b8c49fc784d2a6d047095449c4b4bb1fac4be9920e3125/spin-the-dart/live/index/xnull/xfalse/xfalse/en_us/xfalse/xfalse/
97 KB
14 KB
Script
General
Full URL
https://42payments.com/package/dynamic_js/8a1aa3002a9d97dcd2b8c49fc784d2a6d047095449c4b4bb1fac4be9920e3125/spin-the-dart/live/index/xnull/xfalse/xfalse/en_us/xfalse/xfalse/dynamic.js
Requested by
Host: 42payments.com
URL: https://42payments.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
4cff7e64b5b6cb44fc86b5126bc749ce98debc349e4dbfed319fe92087eada34

Request headers

Referer
https://42payments.com/
Origin
https://42payments.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 15:44:58 GMT
Content-Encoding
br
CF-Cache-Status
MISS
x-bubble-perf
{"total":100.5,"percents":{"top":{"bubble_cpu":7.5,"block":91.7,"capacity_rl":0,"other_pause":0,"pre_fiber":0.4},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":1.9,"appserver_cache_misses_time":0,"redis":8.3,"fiber_queue":1.6,"capacity_wait":5.2}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":2,"derived_cache_memory_misses":2,"serverjson":9,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":20,"fiber_queue":17,"blocks":16},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1137188,"derived_build_time_spent":0}}
x-powered-by
Express
Transfer-Encoding
chunked
Connection
keep-alive
x-bubble-capacity-used
0.017 unit-seconds used
Server
cloudflare
vary
Accept-Encoding
Content-Type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
CF-RAY
7a2b3e5d38ae91e1-FRA
x-bubble-capacity-limit
0 ms slower
css
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Baskervville:400%7COpen+Sans:regular%7COpen+Sans:600%7COpen+Sans:700
Requested by
Host: 42payments.com
URL: https://42payments.com/package/early_js/c5bcb2b703c12cc31e5a643f3beafacd0fd83738d617fb5a9a2b524326bd2d5b/xfalse/early.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
52a241b21be6c8ae7a5dcd5144c4ff2157119f9950d9184677f8060fcc375ac5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 04 Mar 2023 15:44:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 04 Mar 2023 15:44:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 04 Mar 2023 15:44:58 GMT
data
42payments.com/api/1.1/init/
283 B
1 KB
XHR
General
Full URL
https://42payments.com/api/1.1/init/data?location=https%3A%2F%2F42payments.com%2F
Requested by
Host: 42payments.com
URL: https://42payments.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
8d2417dedeb4907f456b09758880ed69809d536776b3dc32105914ee7e93eb1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 15:44:59 GMT
CF-Cache-Status
DYNAMIC
x-bubble-perf
{"total":18.4,"percents":{"top":{"bubble_cpu":20.5,"block":72.8,"capacity_rl":0,"other_pause":0,"pre_fiber":2.9},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":11.3,"appserver_cache_misses_time":0,"redis":56,"fiber_queue":11.4,"capacity_wait":6.3}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":12,"fiber_queue":13,"blocks":12},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":566606,"derived_build_time_spent":0}}
Server
cloudflare
x-powered-by
Express
Transfer-Encoding
chunked
Connection
keep-alive
x-bubble-capacity-used
0.009 unit-seconds used
CF-RAY
7a2b3e5e9d5d2c20-FRA
x-bubble-capacity-limit
0 ms slower
YA9Ur0yU4l_XOrogbkun3kQQsJmp.woff2
fonts.gstatic.com/s/baskervville/v14/
24 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/baskervville/v14/YA9Ur0yU4l_XOrogbkun3kQQsJmp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Baskervville:400%7COpen+Sans:regular%7COpen+Sans:600%7COpen+Sans:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6008e8c59891a8122a868aa87cf03b654424c0a5c6ae0659479c4959b645c31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://42payments.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 19:18:23 GMT
x-content-type-options
nosniff
age
159995
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24448
x-xss-protection
0
last-modified
Wed, 18 Jan 2023 18:11:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 19:18:23 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Baskervville:400%7COpen+Sans:regular%7COpen+Sans:600%7COpen+Sans:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://42payments.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 19:34:57 GMT
x-content-type-options
nosniff
age
159001
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Mar 2024 19:34:57 GMT
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/gif
index
www.google.com/sorry/ Frame CB59
Redirect Chain
  • https://www.youtube.com/embed/jwmS1gc9S5A
  • https://www.google.com/sorry/index?continue=https://www.youtube.com/embed/jwmS1gc9S5A&q=EhAqAxsgAAbwEQAAAAAAAABuGPvOjaAGIjCofMn3M1Sa-kCjjg30HeiWeYzYfeVLN5_Pl4VYptm7MFszIrW4NWsjiW6H46omnAMyAXI
3 KB
3 KB
Document
General
Full URL
https://www.google.com/sorry/index?continue=https://www.youtube.com/embed/jwmS1gc9S5A&q=EhAqAxsgAAbwEQAAAAAAAABuGPvOjaAGIjCofMn3M1Sa-kCjjg30HeiWeYzYfeVLN5_Pl4VYptm7MFszIrW4NWsjiW6H46omnAMyAXI
Requested by
Host: 42payments.com
URL: https://42payments.com/package/run_js/d04816155af0e9a5fdb0e6d01875d93252647cd3a433addd74eefa347e04f794/xfalse/x20/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
d85594296af41232ac9767f8c95d0857762f63b699214ad819c56faccbca5b40
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://42payments.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store, no-cache, must-revalidate
content-length
3342
content-type
text/html
date
Sat, 04 Mar 2023 15:45:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store, no-cache, must-revalidate
content-length
392
content-type
text/html; charset=UTF-8
date
Sat, 04 Mar 2023 15:45:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://www.google.com/sorry/index?continue=https://www.youtube.com/embed/jwmS1gc9S5A&q=EhAqAxsgAAbwEQAAAAAAAABuGPvOjaAGIjCofMn3M1Sa-kCjjg30HeiWeYzYfeVLN5_Pl4VYptm7MFszIrW4NWsjiW6H46omnAMyAXI
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
hi
42payments.com/user/
57 B
1 KB
XHR
General
Full URL
https://42payments.com/user/hi
Requested by
Host: 42payments.com
URL: https://42payments.com/package/run_js/d04816155af0e9a5fdb0e6d01875d93252647cd3a433addd74eefa347e04f794/xfalse/x20/run.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0c2a39a465e85a6c52193a186c82a9fca6b4ee33ca2e86f8192f58fdb460a537

Request headers

X-Bubble-Epoch-Name
Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID
1677944699266x269445901225723100
X-Bubble-Fiber-ID
1677944699540x120349186569412850
X-Bubble-PL
1677944699540x7909
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://42payments.com/
cache-control
no-cache
Referer
https://42payments.com/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

Date
Sat, 04 Mar 2023 15:44:59 GMT
Content-Encoding
br
CF-Cache-Status
DYNAMIC
x-bubble-perf
{"total":20.3,"percents":{"top":{"bubble_cpu":14.1,"block":82.9,"capacity_rl":0,"other_pause":0,"pre_fiber":2.8},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":27,"appserver_cache_misses_time":0,"redis":48.3,"fiber_queue":10.4,"capacity_wait":25.1}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":10,"fiber_queue":11,"blocks":10},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":429317,"derived_build_time_spent":0}}
x-bubble-appname
spin-the-dart
x-powered-by
Express
Transfer-Encoding
chunked
Connection
keep-alive
x-bubble-capacity-used
0.007 unit-seconds used
Server
cloudflare
x-bubble-request-took
21
vary
Accept-Encoding
Content-Type
application/json
cache-control
no-cache
CF-RAY
7a2b3e642eae2c20-FRA
x-bubble-capacity-limit
0 ms slower
42%20Pay.svg
spin-the-dart.cdn.bubble.io/f1673927776701x922136531576426900/
3 KB
2 KB
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673927776701x922136531576426900/42%20Pay.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c972dff90bb1d01a3f3815ef7e38c685a4638d56572b1629cef8c2d77600fb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
content-encoding
br
x-amz-version-id
WeFgEyFgzidKe1FrVJ2ZAMTra4qwREnF
cf-cache-status
MISS
x-amz-request-id
A3Q272MFQHKCM48P
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
1ABQNCurkMAlrnOJP/JPmmPGxag9Q9ooObKYwwDtLHJ7WhFazUZ32b17spl08V94mrynptZgBDE=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 03:56:17 GMT
server
cloudflare
etag
W/"bfb5d9400aee56f4d72c3bcf5a134aa5"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e6469e5907c-FRA
https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1673929619679x542686700883749060%2FFrame%25202.jpg
d1muf25xaso8hp.cloudfront.net/
36 KB
37 KB
Image
General
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1673929619679x542686700883749060%2FFrame%25202.jpg?w=1536&h=889&auto=compress&dpr=1&fit=max
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3000:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
imgix /
Resource Hash
d59e254c54c77066450a88a0899c395df65c33745bcdf68115a62322d01253e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P1
age
2106
x-cache
Miss from cloudfront
x-imgix-id
fcb2079e538e5170b6dfca03daf56797249a4df1
cross-origin-resource-policy
cross-origin
content-length
37087
x-served-by
cache-sjc10035-SJC, cache-fra-eddf8230025-FRA
x-imgix-render-farm
01.9544
last-modified
Sat, 04 Mar 2023 15:09:53 GMT
server
imgix
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
MqCK0lDzvyLVr7pwCl13YVmjTCzvm3SCVOxEcK_inTo_gzdLtw6BLg==
play.fill.svg
spin-the-dart.cdn.bubble.io/f1673929825121x543031498579131600/
613 B
582 B
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673929825121x543031498579131600/play.fill.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94bace320adc6679d2b9652292e13328cf209b17a529d6657f9edc08112fd66a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
content-encoding
br
x-amz-version-id
jN17Py4qdmeEiKCgwi0IdB_De.vkxwvW
cf-cache-status
MISS
x-amz-request-id
A3Q2XFFH153WE8BR
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
h0x8y1MDmeESLgkJg4hFRRVTby8MccQM5Oqb5HiKimFLU3HNMM1/lgEtF14Ptpjgo69xVHItl2U=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 04:30:26 GMT
server
cloudflare
etag
W/"5d11d0d531465d5c5e6e976ee61528cb"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e6469e8907c-FRA
https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1673971976368x910747078082479700%2F6385b5ab39e0d6d7696c886d_1%25201.jpg
d1muf25xaso8hp.cloudfront.net/
2 KB
2 KB
Image
General
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1673971976368x910747078082479700%2F6385b5ab39e0d6d7696c886d_1%25201.jpg?w=192&h=99&auto=compress&dpr=1&fit=max
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3000:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
imgix /
Resource Hash
d173fa18e439e03fd63e4ad4e5226e3eda934fbc4bfa67746fec9a90dd37f3d5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P1
age
2107
x-cache
Miss from cloudfront
x-imgix-id
296d39993340fe306ac88b761c658adaf741bc6b
cross-origin-resource-policy
cross-origin
content-length
1600
x-served-by
cache-sjc10028-SJC, cache-fra-eddf8230101-FRA
x-imgix-render-farm
01.9032
last-modified
Sat, 04 Mar 2023 15:09:52 GMT
server
imgix
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
QCBhmig8X2WVUwGoE_VZOTmL6O9ahrXz4sZwtO3vIf5BL6XNGx8Owg==
https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1673971983970x613586649355608560%2F6385b5b52a42a3ac0055da8a_2%25201.jpg
d1muf25xaso8hp.cloudfront.net/
3 KB
3 KB
Image
General
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1673971983970x613586649355608560%2F6385b5b52a42a3ac0055da8a_2%25201.jpg?w=192&h=99&auto=compress&dpr=1&fit=max
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3000:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
imgix /
Resource Hash
45bec07470afed706b21e17365adbc172d432ab9fafd784118b4c2041b824f35
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P1
age
2107
x-cache
Miss from cloudfront
x-imgix-id
e21be580d81be7a93b69beda255d9fe402b45ed8
cross-origin-resource-policy
cross-origin
content-length
2770
x-served-by
cache-sjc10031-SJC, cache-hhn-etou8220063-HHN
x-imgix-render-farm
01.9032
last-modified
Sat, 04 Mar 2023 15:09:52 GMT
server
imgix
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
D9fdbmSu5U40K6mJfXUSw2H7Ge2RVnYDtbx3gqonRw2sxNTcYiT7nA==
https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1673971997736x831782486381014000%2F6385b5bfd8931c85a7843bbd_3%25201.jpg
d1muf25xaso8hp.cloudfront.net/
2 KB
3 KB
Image
General
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1673971997736x831782486381014000%2F6385b5bfd8931c85a7843bbd_3%25201.jpg?w=192&h=99&auto=compress&dpr=1&fit=max
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3000:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
imgix /
Resource Hash
94a34a293fc6580008768852ee7b7188929cc21b07b316c2b65c5188284c4be8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P1
age
2107
x-cache
Miss from cloudfront
x-imgix-id
8ee0b30c3656c251cc4cb97aedc92691666091e6
cross-origin-resource-policy
cross-origin
content-length
2174
x-served-by
cache-sjc10045-SJC, cache-hhn-etou8220033-HHN
x-imgix-render-farm
01.9032
last-modified
Sat, 04 Mar 2023 15:09:52 GMT
server
imgix
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
VHqGVgLWxqh5QY_DLn_NwfHp5S2AzEYSbz8ursXEkhr2pesfUY8CQw==
https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1673971990885x551631027192405600%2F6385b5d314011558589fc52d_4%25201.jpg
d1muf25xaso8hp.cloudfront.net/
2 KB
3 KB
Image
General
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1673971990885x551631027192405600%2F6385b5d314011558589fc52d_4%25201.jpg?w=192&h=99&auto=compress&dpr=1&fit=max
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3000:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
imgix /
Resource Hash
fc44022a11223bfaeabc112d87d62b7be5fae6cc4e8d1929e9c182d9d9c73608
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P1
age
2107
x-cache
Miss from cloudfront
x-imgix-id
c8bbbac5b4db9fd0a2cb856704f3b5a3d1316db8
cross-origin-resource-policy
cross-origin
content-length
2262
x-served-by
cache-sjc10031-SJC, cache-hhn-etou8220050-HHN
x-imgix-render-farm
01.9544
last-modified
Sat, 04 Mar 2023 15:09:52 GMT
server
imgix
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
hOY06JLElyV4poLfwHqIX5jXW6zZdNlpr3Dy1jtcgwdyraWjhfBQXg==
arrow.backward.svg
spin-the-dart.cdn.bubble.io/f1673977448994x874321093282319400/
757 B
616 B
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673977448994x874321093282319400/arrow.backward.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0b094f2dda4afcd5856aa1909927289ed9dc4996d316ab6e83d5daafa829f3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
content-encoding
br
x-amz-version-id
ne4GQRkyB3hG0_qhjEUeFvJzfPmCuiMZ
cf-cache-status
MISS
x-amz-request-id
A3QF8SGPJNNBZZP9
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
SI/OQ3S8VKZHZ5j+E7cnn4YylJyVCV/a+HcglG9qiH1WbsS1Nsgk7p5aADHjXRMBpH7h5LWXV34=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 17:44:10 GMT
server
cloudflare
etag
W/"6b45875bc01a6093a765ad13fdbd8ee6"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e6469e9907c-FRA
dFrame%207.svg
spin-the-dart.cdn.bubble.io/f1673979840244x918351175305731000/
1 MB
770 KB
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673979840244x918351175305731000/dFrame%207.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3616c8ecedde64f40853e660dfc44206389bf9f4788f063954e92fa6cb29039a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
x-amz-version-id
ZWzrnbKYgYV8NHoJQhLtI02ztjgR803k
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
A3QB6WKZ7889KT4W
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-id-2
WIacMvYedtkWss9pUv7neNKmEjrLKOrNQuqHArHN5bwYyeClT1/5ffY1c0uIw6yA5aZ7MzHw41w=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 18:24:01 GMT
server
cloudflare
etag
W/"c2a89ee7bea37f03133498ae3e782cca"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e6469eb907c-FRA
dFrame%205.svg
spin-the-dart.cdn.bubble.io/f1673977600931x513297926573364800/
172 KB
86 KB
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673977600931x513297926573364800/dFrame%205.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0c033904ad47ba96d5cb318e53dbbefb785ac2972f995622f8771fc36c67091

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
x-amz-version-id
syqU6ZDUQrDv1qTufxFVuC34u9D0NSRQ
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
A3Q1KQV8MFTK05VB
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-id-2
j9io8qR9vk1RQJbcnSMk4BwVJZHaAvhwyk4KC3+TZ2+Nh0mqzuSsAN9z5/sIcrtUx+xcyOX4jsA=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 17:46:42 GMT
server
cloudflare
etag
W/"24d8a7a63404502c83a19aa27b956220"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e6469ec907c-FRA
Xero.svg
spin-the-dart.cdn.bubble.io/f1673971686930x318351340258065800/
3 KB
2 KB
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673971686930x318351340258065800/Xero.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d960b7d1be66b02f706ce20a04c6c172333abfb399b2576ddfca94043cf485c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:45:00 GMT
content-encoding
br
x-amz-version-id
rC20Wo2Z8fj5RQwRY8RhXDbBsU4UcqNH
cf-cache-status
MISS
x-amz-request-id
YF6B0SCRJNJJRQ3N
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
Mj671oSHoogMS1RU6J9Ke3v0PIGfVK2mP1uyq1JcJhB1/j39z0aK28lKFJWzpJD5OqN/+HbGFug=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 16:08:08 GMT
server
cloudflare
etag
W/"8044b3eba0d7bb3f2f49dacc1fae67e8"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e657b6d907c-FRA
Sage_Intacct_Logo.svg
spin-the-dart.cdn.bubble.io/f1673971701275x841701578864136000/
803 B
656 B
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673971701275x841701578864136000/Sage_Intacct_Logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aff5a34cd731ff737dea89133d41588bd820e90d176cb6662a9362d62821bad2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
content-encoding
br
x-amz-version-id
7P6N3w127zHibS_e34kk7GpLGNo0zsWh
cf-cache-status
MISS
x-amz-request-id
A3Q3W0PVG12SP13K
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
rWEpRRIEoPdcgh25bFY3pQYmNLG6SkYco8/DMOsjIhqvJuZeM90yWZsfe9+VfQxlfmIEdKA/qxQ=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 16:08:22 GMT
server
cloudflare
etag
W/"9deab9f7da8df3dc456335af3765c306"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e657b6e907c-FRA
netsuite-mark.svg
spin-the-dart.cdn.bubble.io/f1673971706527x898722828449389000/
3 KB
1 KB
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673971706527x898722828449389000/netsuite-mark.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0125ad2dba0ac5b1e2697bdb4731784c7c081ee75d86741cd5cba977df0275ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
content-encoding
br
x-amz-version-id
8IwdQLdtszvVqzJWeucdO2ReISs_rlO2
cf-cache-status
MISS
x-amz-request-id
A3Q2GVVQ2TTGX3CN
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
DgDu9L+fcZIfKYlw13zEQG5DlEsJciFIQUnToN2ZLoSmW2IGFuNT/sV0CbMgXxSyPJ2vRkwe9E4=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 16:08:27 GMT
server
cloudflare
etag
W/"72e4f3210175d03a09376c3e7228e543"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e657b6f907c-FRA
Quickbooks.svg
spin-the-dart.cdn.bubble.io/f1673971712801x359960740951478900/
1 KB
914 B
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673971712801x359960740951478900/Quickbooks.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
824968d482efd78158f563e3963e35fae15c54b47ab1b6505b2a66af5a919b84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:45:00 GMT
content-encoding
br
x-amz-version-id
YzUcODLEi9RUaul49BAp1bBLkXM_G2Cu
cf-cache-status
MISS
x-amz-request-id
YF65KSN2XCVA97TT
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
b0mTvH0XVMT9GgyprO3YFE+wf0JtYOtFieFjnxD7h83ddBETtPzDrg/oSOloClhJXFc4Za3uO1E=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 16:08:34 GMT
server
cloudflare
etag
W/"596fc2107dff28cf61918a762b093254"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e657b70907c-FRA
https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1673971376237x127647993930562820%2FRectangle%25205.jpg
d1muf25xaso8hp.cloudfront.net/
4 KB
4 KB
Image
General
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1673971376237x127647993930562820%2FRectangle%25205.jpg?w=768&h=1062&auto=compress&fit=crop&dpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3000:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
imgix /
Resource Hash
f1fedb17057e894d54a17d80eb3c103b34e30e75d7fd666f2440e079f03da4c2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:45:00 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P1
age
0
x-cache
Miss from cloudfront
x-imgix-id
2964ac941ef5a48a01fdfb5efd79a01ba434257e
cross-origin-resource-policy
cross-origin
content-length
3869
x-served-by
cache-sjc10071-SJC, cache-hhn-etou8220039-HHN
x-imgix-render-farm
01.9032
last-modified
Sat, 04 Mar 2023 15:45:00 GMT
server
imgix
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
pkDDKkUmwOvHW1JkwLYqQuatoCbiyJvq7xj42zEbFF5H9NeHKA9DGA==
rosette.svg
spin-the-dart.cdn.bubble.io/f1673974626741x923600833752416300/
865 B
656 B
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673974626741x923600833752416300/rosette.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f821dceb948930132cd386d4204983afbfe06be7d7e4a5b041d6588bf8e9fd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
content-encoding
br
x-amz-version-id
Fo70RC0FQqqJVncclD8Kmfbwnc_PjPvw
cf-cache-status
MISS
x-amz-request-id
A3Q9V1FMS1MX415E
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
KvzHDKyE2Z2Hb1kI8MerIAXS8qUr1HoHd8bpKhE6I6o3xAvrgWR2LQHx/6U8/4SYoB3ERbauAYc=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 16:57:07 GMT
server
cloudflare
etag
W/"7ddde55ea6c96a991bc217bc144d4994"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e657b73907c-FRA
text.magnifyingglass.svg
spin-the-dart.cdn.bubble.io/f1673974689288x812966457738905500/
1 KB
896 B
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673974689288x812966457738905500/text.magnifyingglass.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f47f04c004828504c25b324713db0e91934df8e5237a7d63d316db5a44fd76e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
content-encoding
br
x-amz-version-id
nJbvWejGnFEKS9OY6wcofTOGk1CclQ9i
cf-cache-status
MISS
x-amz-request-id
A3QB763SE80ZXRBP
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
Z7kaMo3jjWSSdiEMYweZPqDg2YvBn/vg8fTyYUJQzHY5JhimqI2EPpyCeGwdNNqk0/28faUy5zk=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 16:58:10 GMT
server
cloudflare
etag
W/"19e4fea10b2cf6e6e79710ae91155761"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e657b74907c-FRA
checkmark.shield.svg
spin-the-dart.cdn.bubble.io/f1673974725447x797558332925681300/
2 KB
980 B
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673974725447x797558332925681300/checkmark.shield.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2126a61faa72d61d36d14cde42b4860627085316f877055987187a219299228

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
content-encoding
br
x-amz-version-id
lYGDEUAGOok3WZd0G52kuT.6WUCepr7M
cf-cache-status
MISS
x-amz-request-id
A3Q60PPB7B31D923
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
rf8A8Puv+WiO1xAC9QI6krwSC39tz7vN5PHOIFxeAeVcylsqhI74iRoiKVb9Yf1SOK8rXv9PxvU=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 16:58:46 GMT
server
cloudflare
etag
W/"a5d4754a0ccce61c969fec80ff2ad436"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e657b75907c-FRA
Group_112%204.svg
spin-the-dart.cdn.bubble.io/f1673993475088x472543938754682800/
435 KB
146 KB
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673993475088x472543938754682800/Group_112%204.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b834dce3f5cdb218ac4c75784dccaa117481a92d7cfc78cd8cb97875590f2e20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
x-amz-version-id
hBdJ10ZMeTpttZlhyA_eunR1CYChkUJS
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
A3QEWV78K6MVWS21
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-id-2
HDoJQnamlINkdQTcY5ZWgnvehdkTndMw+/14wLuWxypHUYsS2OCqlqWsBNBQRgONOneC5TLt7CM=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 22:11:16 GMT
server
cloudflare
etag
W/"4b5e710edc86cf7c7811d09106c9d040"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e657b77907c-FRA
doc.text.magnifyingglass.svg
spin-the-dart.cdn.bubble.io/f1673967703451x754545685329297200/
2 KB
911 B
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673967703451x754545685329297200/doc.text.magnifyingglass.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56a0872ece7049e655192f114f5d607d00b3904cbdc03655cab1eed4fc436d51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
content-encoding
br
x-amz-version-id
5_8Wjrm0P_QI_q8o1S._xwg7zgSbOtur
cf-cache-status
MISS
x-amz-request-id
A3Q806A651ZGQJK1
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
fPzBe+QIAve0EEylfZ6al4qNM8qPF2zQG2GIsHCEnGeqzNWtLbeRcCg82ibJiJ6Pj2rSEK3uJjg=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 15:01:44 GMT
server
cloudflare
etag
W/"92a4abb88ae06d20bb029f04ece7db4e"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e657b78907c-FRA
align.vertical.center.svg
spin-the-dart.cdn.bubble.io/f1673967712485x315590863301067600/
1 KB
807 B
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673967712485x315590863301067600/align.vertical.center.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faa685e7d8569eef7e8b1813fa249d779a355903b6a2225f22a9407fae965254

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
content-encoding
br
x-amz-version-id
ML3H6Svs5WwX0B1xYCrA.9CQuPYWqJQN
cf-cache-status
MISS
x-amz-request-id
A3Q5JW54K94QHG8D
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
Nkz9MQWeeiEJXEpw++l1otvMxOydZ6xXGDlEnY6ysHHR85OKm992VQI46znKl9MZw+oE1baLS4I=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 15:01:53 GMT
server
cloudflare
etag
W/"fbf3e2ec23aff03b0aca2bce7f30b63e"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e657b79907c-FRA
case.svg
spin-the-dart.cdn.bubble.io/f1673967720065x151655850736402980/
880 B
650 B
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673967720065x151655850736402980/case.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9093f174f3b17c4d9b6c9935fd84a4ca65be20de12e9d1b7e49c0460f64a5a65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
content-encoding
br
x-amz-version-id
SFuQ20Gca0GjRW6XHjxREry2.cbOMVZ9
cf-cache-status
MISS
x-amz-request-id
A3Q88DPB52PD8K1G
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
OjUVIhQNTjHpysCSqBl1hlD8b95ypAOhdnXGXkH8593g5+ba4KkDyrRjhiH+fq04pXyug9z4C4c=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 15:02:01 GMT
server
cloudflare
etag
W/"c6fae6dead1790cb3887e6344bb29ea6"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e657b7a907c-FRA
chevron.left.forwardslash.chevron.right.svg
spin-the-dart.cdn.bubble.io/f1673967728148x960060979772212900/
1 KB
751 B
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673967728148x960060979772212900/chevron.left.forwardslash.chevron.right.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
921ae9e41683511887a43f3861ba21e1fbe19c82dc6f6effdf59975ba502998d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
content-encoding
br
x-amz-version-id
SEkFOIZJWcszjYpbZQ08N7YN_6bWOp0y
cf-cache-status
MISS
x-amz-request-id
A3Q5MD4YAWSHTB6E
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
qA3fmzGEjXRfuf2R5GNC8rQA8mhv4BtXZaqRq4ICb+QXFAbakgK1+Fj3LPm2/YkDhF1ksjxZF7I=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 15:02:09 GMT
server
cloudflare
etag
W/"9b16527ab6f4d5da9ffdb2f2c1ce38e5"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e657b7b907c-FRA
w42%20Pay.svg
spin-the-dart.cdn.bubble.io/f1673968345114x993137259727213200/
3 KB
2 KB
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673968345114x993137259727213200/w42%20Pay.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
954c391ca6662953f8c2c4aaf0c380d08edcef0c13d3f6ed28a7e4ad7d742e53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
content-encoding
br
x-amz-version-id
vjPm15frqXcoKilLdI94KBiPYcfLtZER
cf-cache-status
MISS
x-amz-request-id
A3QA46A2J8735RWV
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
inGgX9C8F9eEPzkguWUkI5bGAk+4m3ptinwsQheBhXz22NUe6y5kkEKdf903khCehs0bIS9nhBg=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 15:12:26 GMT
server
cloudflare
etag
W/"7ac9cf9669bf3e6281661f839b319968"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e657b7d907c-FRA
m
42payments.com/user/
4 B
1 KB
XHR
General
Full URL
https://42payments.com/user/m
Requested by
Host: 42payments.com
URL: https://42payments.com/package/run_js/d04816155af0e9a5fdb0e6d01875d93252647cd3a433addd74eefa347e04f794/xfalse/x20/run.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

X-Bubble-Fiber-ID
1677944699662x520676689224767900
X-Bubble-PL
1677944699540x7909
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://42payments.com/
cache-control
no-cache
Referer
https://42payments.com/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

Date
Sat, 04 Mar 2023 15:44:59 GMT
Content-Encoding
br
CF-Cache-Status
DYNAMIC
x-bubble-perf
{"total":9.7,"percents":{"top":{"bubble_cpu":30.4,"block":61.7,"capacity_rl":0,"other_pause":0,"pre_fiber":6.7},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":27.6,"fiber_queue":16,"capacity_wait":21.2}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":9,"blocks":8},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":442320,"derived_build_time_spent":0}}
x-bubble-appname
spin-the-dart
x-powered-by
Express
Transfer-Encoding
chunked
Connection
keep-alive
x-bubble-capacity-used
0.007 unit-seconds used
Server
cloudflare
x-bubble-request-took
9
vary
Accept-Encoding
Content-Type
application/json
cache-control
no-cache
CF-RAY
7a2b3e64ef012c26-FRA
x-bubble-capacity-limit
0 ms slower
https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1673971983970x613586649355608560%2F6385b5b52a42a3ac0055da8a_2%25201.jpg
d1muf25xaso8hp.cloudfront.net/
3 KB
3 KB
Image
General
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1673971983970x613586649355608560%2F6385b5b52a42a3ac0055da8a_2%25201.jpg?w=192&h=99&auto=compress&dpr=1&fit=max
Requested by
Host: 42payments.com
URL: https://42payments.com/package/run_js/d04816155af0e9a5fdb0e6d01875d93252647cd3a433addd74eefa347e04f794/xfalse/x20/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3000:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
imgix /
Resource Hash
45bec07470afed706b21e17365adbc172d432ab9fafd784118b4c2041b824f35
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P1
x-cache
Hit from cloudfront
x-imgix-id
e21be580d81be7a93b69beda255d9fe402b45ed8
cross-origin-resource-policy
cross-origin
content-length
2770
x-served-by
cache-sjc10031-SJC, cache-hhn-etou8220063-HHN
x-imgix-render-farm
01.9032
last-modified
Sat, 04 Mar 2023 15:09:52 GMT
server
imgix
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
UvM2L5Nspa0JblvJRP7P2fmYKLeKLXfrvrU7ONMHM8NkgzFunrA91g==
42%20Pay.svg
spin-the-dart.cdn.bubble.io/f1673927776701x922136531576426900/
3 KB
1 KB
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673927776701x922136531576426900/42%20Pay.svg
Requested by
Host: 42payments.com
URL: https://42payments.com/package/run_js/d04816155af0e9a5fdb0e6d01875d93252647cd3a433addd74eefa347e04f794/xfalse/x20/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c972dff90bb1d01a3f3815ef7e38c685a4638d56572b1629cef8c2d77600fb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
x-amz-version-id
WeFgEyFgzidKe1FrVJ2ZAMTra4qwREnF
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
A3Q272MFQHKCM48P
age
0
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
1ABQNCurkMAlrnOJP/JPmmPGxag9Q9ooObKYwwDtLHJ7WhFazUZ32b17spl08V94mrynptZgBDE=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 03:56:17 GMT
server
cloudflare
etag
W/"bfb5d9400aee56f4d72c3bcf5a134aa5"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e657b80907c-FRA
https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1673971976368x910747078082479700%2F6385b5ab39e0d6d7696c886d_1%25201.jpg
d1muf25xaso8hp.cloudfront.net/
2 KB
2 KB
Image
General
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1673971976368x910747078082479700%2F6385b5ab39e0d6d7696c886d_1%25201.jpg?w=192&h=99&auto=compress&dpr=1&fit=max
Requested by
Host: 42payments.com
URL: https://42payments.com/package/run_js/d04816155af0e9a5fdb0e6d01875d93252647cd3a433addd74eefa347e04f794/xfalse/x20/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3000:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
imgix /
Resource Hash
d173fa18e439e03fd63e4ad4e5226e3eda934fbc4bfa67746fec9a90dd37f3d5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P1
x-cache
Hit from cloudfront
x-imgix-id
296d39993340fe306ac88b761c658adaf741bc6b
cross-origin-resource-policy
cross-origin
content-length
1600
x-served-by
cache-sjc10028-SJC, cache-fra-eddf8230101-FRA
x-imgix-render-farm
01.9032
last-modified
Sat, 04 Mar 2023 15:09:52 GMT
server
imgix
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
u5aqutFzdJtEDO4_tzg7ZpGXs1L2IlWKrWd4N9XAH4G5v1JBfd3nKQ==
play.fill.svg
spin-the-dart.cdn.bubble.io/f1673929825121x543031498579131600/
613 B
427 B
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673929825121x543031498579131600/play.fill.svg
Requested by
Host: 42payments.com
URL: https://42payments.com/package/run_js/d04816155af0e9a5fdb0e6d01875d93252647cd3a433addd74eefa347e04f794/xfalse/x20/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94bace320adc6679d2b9652292e13328cf209b17a529d6657f9edc08112fd66a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
x-amz-version-id
jN17Py4qdmeEiKCgwi0IdB_De.vkxwvW
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
A3Q2XFFH153WE8BR
age
0
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
h0x8y1MDmeESLgkJg4hFRRVTby8MccQM5Oqb5HiKimFLU3HNMM1/lgEtF14Ptpjgo69xVHItl2U=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 04:30:26 GMT
server
cloudflare
etag
W/"5d11d0d531465d5c5e6e976ee61528cb"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e657b8c907c-FRA
https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1673929619679x542686700883749060%2FFrame%25202.jpg
d1muf25xaso8hp.cloudfront.net/
36 KB
37 KB
Image
General
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1673929619679x542686700883749060%2FFrame%25202.jpg?w=1536&h=889&auto=compress&dpr=1&fit=max
Requested by
Host: 42payments.com
URL: https://42payments.com/package/run_js/d04816155af0e9a5fdb0e6d01875d93252647cd3a433addd74eefa347e04f794/xfalse/x20/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3000:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
imgix /
Resource Hash
d59e254c54c77066450a88a0899c395df65c33745bcdf68115a62322d01253e9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P1
x-cache
Hit from cloudfront
x-imgix-id
fcb2079e538e5170b6dfca03daf56797249a4df1
cross-origin-resource-policy
cross-origin
content-length
37087
x-served-by
cache-sjc10035-SJC, cache-fra-eddf8230025-FRA
x-imgix-render-farm
01.9544
last-modified
Sat, 04 Mar 2023 15:09:53 GMT
server
imgix
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
tFAXe8i11or_rXbzCN1ewkfOvvevXPhbaFRXTTNPTSU_A44iR3ocZQ==
https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1673971990885x551631027192405600%2F6385b5d314011558589fc52d_4%25201.jpg
d1muf25xaso8hp.cloudfront.net/
2 KB
3 KB
Image
General
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1673971990885x551631027192405600%2F6385b5d314011558589fc52d_4%25201.jpg?w=192&h=99&auto=compress&dpr=1&fit=max
Requested by
Host: 42payments.com
URL: https://42payments.com/package/run_js/d04816155af0e9a5fdb0e6d01875d93252647cd3a433addd74eefa347e04f794/xfalse/x20/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3000:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
imgix /
Resource Hash
fc44022a11223bfaeabc112d87d62b7be5fae6cc4e8d1929e9c182d9d9c73608
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P1
x-cache
Hit from cloudfront
x-imgix-id
c8bbbac5b4db9fd0a2cb856704f3b5a3d1316db8
cross-origin-resource-policy
cross-origin
content-length
2262
x-served-by
cache-sjc10031-SJC, cache-hhn-etou8220050-HHN
x-imgix-render-farm
01.9544
last-modified
Sat, 04 Mar 2023 15:09:52 GMT
server
imgix
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
FIqqmpgl9gWIX-6SikwwuJVcoORQeKaUq1Z6PeGWsuAk53P2dBUhrQ==
arrow.backward.svg
spin-the-dart.cdn.bubble.io/f1673977448994x874321093282319400/
757 B
457 B
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673977448994x874321093282319400/arrow.backward.svg
Requested by
Host: 42payments.com
URL: https://42payments.com/package/run_js/d04816155af0e9a5fdb0e6d01875d93252647cd3a433addd74eefa347e04f794/xfalse/x20/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0b094f2dda4afcd5856aa1909927289ed9dc4996d316ab6e83d5daafa829f3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
x-amz-version-id
ne4GQRkyB3hG0_qhjEUeFvJzfPmCuiMZ
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
A3QF8SGPJNNBZZP9
age
0
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
SI/OQ3S8VKZHZ5j+E7cnn4YylJyVCV/a+HcglG9qiH1WbsS1Nsgk7p5aADHjXRMBpH7h5LWXV34=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 17:44:10 GMT
server
cloudflare
etag
W/"6b45875bc01a6093a765ad13fdbd8ee6"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e658b90907c-FRA
https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1673971997736x831782486381014000%2F6385b5bfd8931c85a7843bbd_3%25201.jpg
d1muf25xaso8hp.cloudfront.net/
2 KB
3 KB
Image
General
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1673971997736x831782486381014000%2F6385b5bfd8931c85a7843bbd_3%25201.jpg?w=192&h=99&auto=compress&dpr=1&fit=max
Requested by
Host: 42payments.com
URL: https://42payments.com/package/run_js/d04816155af0e9a5fdb0e6d01875d93252647cd3a433addd74eefa347e04f794/xfalse/x20/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3000:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
imgix /
Resource Hash
94a34a293fc6580008768852ee7b7188929cc21b07b316c2b65c5188284c4be8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P1
x-cache
Hit from cloudfront
x-imgix-id
8ee0b30c3656c251cc4cb97aedc92691666091e6
cross-origin-resource-policy
cross-origin
content-length
2174
x-served-by
cache-sjc10045-SJC, cache-hhn-etou8220033-HHN
x-imgix-render-farm
01.9032
last-modified
Sat, 04 Mar 2023 15:09:52 GMT
server
imgix
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
0TPOOX1p9R-RzE5lYQJ3AhInAu4aL5IvIntoqOgClTvMaLGIJXxpqw==
dFrame%205.svg
spin-the-dart.cdn.bubble.io/f1673977600931x513297926573364800/
172 KB
86 KB
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673977600931x513297926573364800/dFrame%205.svg
Requested by
Host: 42payments.com
URL: https://42payments.com/package/run_js/d04816155af0e9a5fdb0e6d01875d93252647cd3a433addd74eefa347e04f794/xfalse/x20/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0c033904ad47ba96d5cb318e53dbbefb785ac2972f995622f8771fc36c67091

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
x-amz-version-id
syqU6ZDUQrDv1qTufxFVuC34u9D0NSRQ
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
A3Q1KQV8MFTK05VB
age
0
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-id-2
j9io8qR9vk1RQJbcnSMk4BwVJZHaAvhwyk4KC3+TZ2+Nh0mqzuSsAN9z5/sIcrtUx+xcyOX4jsA=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 17:46:42 GMT
server
cloudflare
etag
W/"24d8a7a63404502c83a19aa27b956220"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e65cbfe907c-FRA
https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1673971376237x127647993930562820%2FRectangle%25205.jpg
d1muf25xaso8hp.cloudfront.net/
4 KB
4 KB
Image
General
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1673971376237x127647993930562820%2FRectangle%25205.jpg?w=768&h=1058&auto=compress&fit=crop&dpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3000:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
imgix /
Resource Hash
3418e68677068d3a04c07a07286b6b4e29f8a665fbed04ed1208e6be610a6104
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:45:00 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P1
age
0
x-cache
Miss from cloudfront
x-imgix-id
8f7b2a3c0c2dab6de02e6bcc1a6e1c50e983eba3
cross-origin-resource-policy
cross-origin
content-length
3877
x-served-by
cache-sjc10036-SJC, cache-hhn-etou8220064-HHN
x-imgix-render-farm
01.9544
last-modified
Sat, 04 Mar 2023 15:45:00 GMT
server
imgix
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
-oTOhCIW5o5is-x-LIAGR9bo0kIseSjoUdqU-wYUjk_AG9TSILjnPw==
doc.text.magnifyingglass.svg
spin-the-dart.cdn.bubble.io/f1673967703451x754545685329297200/
2 KB
919 B
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673967703451x754545685329297200/doc.text.magnifyingglass.svg
Requested by
Host: 42payments.com
URL: https://42payments.com/package/run_js/d04816155af0e9a5fdb0e6d01875d93252647cd3a433addd74eefa347e04f794/xfalse/x20/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56a0872ece7049e655192f114f5d607d00b3904cbdc03655cab1eed4fc436d51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
x-amz-version-id
5_8Wjrm0P_QI_q8o1S._xwg7zgSbOtur
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
A3Q806A651ZGQJK1
age
0
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
fPzBe+QIAve0EEylfZ6al4qNM8qPF2zQG2GIsHCEnGeqzNWtLbeRcCg82ibJiJ6Pj2rSEK3uJjg=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 15:01:44 GMT
server
cloudflare
etag
W/"92a4abb88ae06d20bb029f04ece7db4e"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e66ad34907c-FRA
align.vertical.center.svg
spin-the-dart.cdn.bubble.io/f1673967712485x315590863301067600/
1 KB
954 B
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673967712485x315590863301067600/align.vertical.center.svg
Requested by
Host: 42payments.com
URL: https://42payments.com/package/run_js/d04816155af0e9a5fdb0e6d01875d93252647cd3a433addd74eefa347e04f794/xfalse/x20/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faa685e7d8569eef7e8b1813fa249d779a355903b6a2225f22a9407fae965254

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
x-amz-version-id
ML3H6Svs5WwX0B1xYCrA.9CQuPYWqJQN
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
A3Q5JW54K94QHG8D
age
0
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
Nkz9MQWeeiEJXEpw++l1otvMxOydZ6xXGDlEnY6ysHHR85OKm992VQI46znKl9MZw+oE1baLS4I=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 15:01:53 GMT
server
cloudflare
etag
W/"fbf3e2ec23aff03b0aca2bce7f30b63e"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e66ad35907c-FRA
text.magnifyingglass.svg
spin-the-dart.cdn.bubble.io/f1673974689288x812966457738905500/
1 KB
745 B
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673974689288x812966457738905500/text.magnifyingglass.svg
Requested by
Host: 42payments.com
URL: https://42payments.com/package/run_js/d04816155af0e9a5fdb0e6d01875d93252647cd3a433addd74eefa347e04f794/xfalse/x20/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f47f04c004828504c25b324713db0e91934df8e5237a7d63d316db5a44fd76e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
x-amz-version-id
nJbvWejGnFEKS9OY6wcofTOGk1CclQ9i
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
A3QB763SE80ZXRBP
age
0
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
Z7kaMo3jjWSSdiEMYweZPqDg2YvBn/vg8fTyYUJQzHY5JhimqI2EPpyCeGwdNNqk0/28faUy5zk=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 16:58:10 GMT
server
cloudflare
etag
W/"19e4fea10b2cf6e6e79710ae91155761"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e66bd3d907c-FRA
netsuite-mark.svg
spin-the-dart.cdn.bubble.io/f1673971706527x898722828449389000/
3 KB
1 KB
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673971706527x898722828449389000/netsuite-mark.svg
Requested by
Host: 42payments.com
URL: https://42payments.com/package/run_js/d04816155af0e9a5fdb0e6d01875d93252647cd3a433addd74eefa347e04f794/xfalse/x20/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0125ad2dba0ac5b1e2697bdb4731784c7c081ee75d86741cd5cba977df0275ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
x-amz-version-id
8IwdQLdtszvVqzJWeucdO2ReISs_rlO2
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
A3Q2GVVQ2TTGX3CN
age
0
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
DgDu9L+fcZIfKYlw13zEQG5DlEsJciFIQUnToN2ZLoSmW2IGFuNT/sV0CbMgXxSyPJ2vRkwe9E4=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 16:08:27 GMT
server
cloudflare
etag
W/"72e4f3210175d03a09376c3e7228e543"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e66bd3f907c-FRA
rosette.svg
spin-the-dart.cdn.bubble.io/f1673974626741x923600833752416300/
865 B
500 B
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673974626741x923600833752416300/rosette.svg
Requested by
Host: 42payments.com
URL: https://42payments.com/package/run_js/d04816155af0e9a5fdb0e6d01875d93252647cd3a433addd74eefa347e04f794/xfalse/x20/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f821dceb948930132cd386d4204983afbfe06be7d7e4a5b041d6588bf8e9fd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
x-amz-version-id
Fo70RC0FQqqJVncclD8Kmfbwnc_PjPvw
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
A3Q9V1FMS1MX415E
age
0
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
KvzHDKyE2Z2Hb1kI8MerIAXS8qUr1HoHd8bpKhE6I6o3xAvrgWR2LQHx/6U8/4SYoB3ERbauAYc=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 16:57:07 GMT
server
cloudflare
etag
W/"7ddde55ea6c96a991bc217bc144d4994"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e66bd40907c-FRA
Sage_Intacct_Logo.svg
spin-the-dart.cdn.bubble.io/f1673971701275x841701578864136000/
803 B
657 B
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673971701275x841701578864136000/Sage_Intacct_Logo.svg
Requested by
Host: 42payments.com
URL: https://42payments.com/package/run_js/d04816155af0e9a5fdb0e6d01875d93252647cd3a433addd74eefa347e04f794/xfalse/x20/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aff5a34cd731ff737dea89133d41588bd820e90d176cb6662a9362d62821bad2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
x-amz-version-id
7P6N3w127zHibS_e34kk7GpLGNo0zsWh
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
A3Q3W0PVG12SP13K
age
0
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
rWEpRRIEoPdcgh25bFY3pQYmNLG6SkYco8/DMOsjIhqvJuZeM90yWZsfe9+VfQxlfmIEdKA/qxQ=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 16:08:22 GMT
server
cloudflare
etag
W/"9deab9f7da8df3dc456335af3765c306"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e66bd43907c-FRA
checkmark.shield.svg
spin-the-dart.cdn.bubble.io/f1673974725447x797558332925681300/
2 KB
823 B
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673974725447x797558332925681300/checkmark.shield.svg
Requested by
Host: 42payments.com
URL: https://42payments.com/package/run_js/d04816155af0e9a5fdb0e6d01875d93252647cd3a433addd74eefa347e04f794/xfalse/x20/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2126a61faa72d61d36d14cde42b4860627085316f877055987187a219299228

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
x-amz-version-id
lYGDEUAGOok3WZd0G52kuT.6WUCepr7M
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
A3Q60PPB7B31D923
age
0
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
rf8A8Puv+WiO1xAC9QI6krwSC39tz7vN5PHOIFxeAeVcylsqhI74iRoiKVb9Yf1SOK8rXv9PxvU=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 16:58:46 GMT
server
cloudflare
etag
W/"a5d4754a0ccce61c969fec80ff2ad436"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e66bd45907c-FRA
chevron.left.forwardslash.chevron.right.svg
spin-the-dart.cdn.bubble.io/f1673967728148x960060979772212900/
1 KB
591 B
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673967728148x960060979772212900/chevron.left.forwardslash.chevron.right.svg
Requested by
Host: 42payments.com
URL: https://42payments.com/package/run_js/d04816155af0e9a5fdb0e6d01875d93252647cd3a433addd74eefa347e04f794/xfalse/x20/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
921ae9e41683511887a43f3861ba21e1fbe19c82dc6f6effdf59975ba502998d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
x-amz-version-id
SEkFOIZJWcszjYpbZQ08N7YN_6bWOp0y
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
A3Q5MD4YAWSHTB6E
age
0
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
qA3fmzGEjXRfuf2R5GNC8rQA8mhv4BtXZaqRq4ICb+QXFAbakgK1+Fj3LPm2/YkDhF1ksjxZF7I=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 15:02:09 GMT
server
cloudflare
etag
W/"9b16527ab6f4d5da9ffdb2f2c1ce38e5"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e66bd46907c-FRA
dFrame%207.svg
spin-the-dart.cdn.bubble.io/f1673979840244x918351175305731000/
1 MB
770 KB
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673979840244x918351175305731000/dFrame%207.svg
Requested by
Host: 42payments.com
URL: https://42payments.com/package/run_js/d04816155af0e9a5fdb0e6d01875d93252647cd3a433addd74eefa347e04f794/xfalse/x20/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3616c8ecedde64f40853e660dfc44206389bf9f4788f063954e92fa6cb29039a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
x-amz-version-id
ZWzrnbKYgYV8NHoJQhLtI02ztjgR803k
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
A3QB6WKZ7889KT4W
age
0
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-id-2
WIacMvYedtkWss9pUv7neNKmEjrLKOrNQuqHArHN5bwYyeClT1/5ffY1c0uIw6yA5aZ7MzHw41w=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 18:24:01 GMT
server
cloudflare
etag
W/"c2a89ee7bea37f03133498ae3e782cca"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e66bd48907c-FRA
w42%20Pay.svg
spin-the-dart.cdn.bubble.io/f1673968345114x993137259727213200/
3 KB
1 KB
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673968345114x993137259727213200/w42%20Pay.svg
Requested by
Host: 42payments.com
URL: https://42payments.com/package/run_js/d04816155af0e9a5fdb0e6d01875d93252647cd3a433addd74eefa347e04f794/xfalse/x20/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
954c391ca6662953f8c2c4aaf0c380d08edcef0c13d3f6ed28a7e4ad7d742e53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
x-amz-version-id
vjPm15frqXcoKilLdI94KBiPYcfLtZER
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
A3QA46A2J8735RWV
age
0
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
inGgX9C8F9eEPzkguWUkI5bGAk+4m3ptinwsQheBhXz22NUe6y5kkEKdf903khCehs0bIS9nhBg=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 15:12:26 GMT
server
cloudflare
etag
W/"7ac9cf9669bf3e6281661f839b319968"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e66bd56907c-FRA
case.svg
spin-the-dart.cdn.bubble.io/f1673967720065x151655850736402980/
880 B
528 B
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673967720065x151655850736402980/case.svg
Requested by
Host: 42payments.com
URL: https://42payments.com/package/run_js/d04816155af0e9a5fdb0e6d01875d93252647cd3a433addd74eefa347e04f794/xfalse/x20/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9093f174f3b17c4d9b6c9935fd84a4ca65be20de12e9d1b7e49c0460f64a5a65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:44:59 GMT
x-amz-version-id
SFuQ20Gca0GjRW6XHjxREry2.cbOMVZ9
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
A3Q88DPB52PD8K1G
age
0
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
OjUVIhQNTjHpysCSqBl1hlD8b95ypAOhdnXGXkH8593g5+ba4KkDyrRjhiH+fq04pXyug9z4C4c=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 15:02:01 GMT
server
cloudflare
etag
W/"c6fae6dead1790cb3887e6344bb29ea6"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e66ed84907c-FRA
Group_112%204.svg
spin-the-dart.cdn.bubble.io/f1673993475088x472543938754682800/
435 KB
146 KB
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673993475088x472543938754682800/Group_112%204.svg
Requested by
Host: 42payments.com
URL: https://42payments.com/package/run_js/d04816155af0e9a5fdb0e6d01875d93252647cd3a433addd74eefa347e04f794/xfalse/x20/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b834dce3f5cdb218ac4c75784dccaa117481a92d7cfc78cd8cb97875590f2e20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:45:00 GMT
x-amz-version-id
hBdJ10ZMeTpttZlhyA_eunR1CYChkUJS
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
A3QEWV78K6MVWS21
age
1
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-id-2
HDoJQnamlINkdQTcY5ZWgnvehdkTndMw+/14wLuWxypHUYsS2OCqlqWsBNBQRgONOneC5TLt7CM=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 22:11:16 GMT
server
cloudflare
etag
W/"4b5e710edc86cf7c7811d09106c9d040"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e675e18907c-FRA
Quickbooks.svg
spin-the-dart.cdn.bubble.io/f1673971712801x359960740951478900/
1 KB
646 B
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673971712801x359960740951478900/Quickbooks.svg
Requested by
Host: 42payments.com
URL: https://42payments.com/package/run_js/d04816155af0e9a5fdb0e6d01875d93252647cd3a433addd74eefa347e04f794/xfalse/x20/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
824968d482efd78158f563e3963e35fae15c54b47ab1b6505b2a66af5a919b84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:45:00 GMT
x-amz-version-id
YzUcODLEi9RUaul49BAp1bBLkXM_G2Cu
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
YF65KSN2XCVA97TT
age
0
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
b0mTvH0XVMT9GgyprO3YFE+wf0JtYOtFieFjnxD7h83ddBETtPzDrg/oSOloClhJXFc4Za3uO1E=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 16:08:34 GMT
server
cloudflare
etag
W/"596fc2107dff28cf61918a762b093254"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e681f27907c-FRA
Xero.svg
spin-the-dart.cdn.bubble.io/f1673971686930x318351340258065800/
3 KB
1 KB
Image
General
Full URL
https://spin-the-dart.cdn.bubble.io/f1673971686930x318351340258065800/Xero.svg
Requested by
Host: 42payments.com
URL: https://42payments.com/package/run_js/d04816155af0e9a5fdb0e6d01875d93252647cd3a433addd74eefa347e04f794/xfalse/x20/run.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d960b7d1be66b02f706ce20a04c6c172333abfb399b2576ddfca94043cf485c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:45:00 GMT
x-amz-version-id
rC20Wo2Z8fj5RQwRY8RhXDbBsU4UcqNH
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
YF6B0SCRJNJJRQ3N
age
0
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
test
x-amz-id-2
Mj671oSHoogMS1RU6J9Ke3v0PIGfVK2mP1uyq1JcJhB1/j39z0aK28lKFJWzpJD5OqN/+HbGFug=
x-amz-meta-appname
spin-the-dart
last-modified
Tue, 17 Jan 2023 16:08:08 GMT
server
cloudflare
etag
W/"8044b3eba0d7bb3f2f49dacc1fae67e8"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
7a2b3e682f57907c-FRA
api.js
www.google.com/recaptcha/ Frame CB59
850 B
816 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.google.com
URL: https://www.google.com/sorry/index?continue=https://www.youtube.com/embed/jwmS1gc9S5A&q=EhAqAxsgAAbwEQAAAAAAAABuGPvOjaAGIjCofMn3M1Sa-kCjjg30HeiWeYzYfeVLN5_Pl4VYptm7MFszIrW4NWsjiW6H46omnAMyAXI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bd9fd05593f2168a333d59615133d6fe1fe255e3fc551a9bf69d845138ecc77c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/sorry/index?continue=https://www.youtube.com/embed/jwmS1gc9S5A&q=EhAqAxsgAAbwEQAAAAAAAABuGPvOjaAGIjCofMn3M1Sa-kCjjg30HeiWeYzYfeVLN5_Pl4VYptm7MFszIrW4NWsjiW6H46omnAMyAXI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:45:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
554
x-xss-protection
1; mode=block
expires
Sat, 04 Mar 2023 15:45:00 GMT
https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1673971376237x127647993930562820%2FRectangle%25205.jpg
d1muf25xaso8hp.cloudfront.net/
4 KB
4 KB
Image
General
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fs3.amazonaws.com%2Fappforest_uf%2Ff1673971376237x127647993930562820%2FRectangle%25205.jpg?w=768&h=1058&auto=compress&fit=crop&dpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:3000:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
imgix /
Resource Hash
3418e68677068d3a04c07a07286b6b4e29f8a665fbed04ed1208e6be610a6104
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://42payments.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:45:00 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P1
x-cache
Hit from cloudfront
x-imgix-id
8f7b2a3c0c2dab6de02e6bcc1a6e1c50e983eba3
cross-origin-resource-policy
cross-origin
content-length
3877
x-served-by
cache-sjc10036-SJC, cache-hhn-etou8220064-HHN
x-imgix-render-farm
01.9544
last-modified
Sat, 04 Mar 2023 15:45:00 GMT
server
imgix
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
eTq-wiAOVehQPze9zjUZPEYVHeoxIDi4uLdYFzmpUyKAWX0zlAJ8GQ==
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame CB59
408 KB
163 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 08:40:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25500
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166391
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 05:03:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 03 Mar 2024 08:40:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 3DDC
43 KB
23 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&s=gxasSFNUPU-oZOAngs40ybCsjvzZNbDG_nQrD9rw9w2H5yGYZnrP20HUxywTFy3rTuvz7ehJkyXWtEQ7bO5bM7CWKJR6lCxOFdXToRUZQgla2tyDaTjbrrDsAZkO0fqDBK2c6LfeSsVuhYJC2tPJzB7qlbZiossH0sH-0Jtz8XatsyjLUt7LnC-OajfWiUlRNagd76MS1hLmM9HSBreVuOTNZ37myWPbF_XvupficCTOjHYHg7NNZ3IN18LXJUdWG8e8Sydxlst2ZaQXm8t351i2F9nUuCg&cb=vhu72h1q8kui
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2c99933caf9810ca8b022f6d1417cd4edf88b6d3344d53e7f6e8ff8b50f24d5f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eQiDuDF3RiwwlkFMDjfaUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/sorry/index?continue=https://www.youtube.com/embed/jwmS1gc9S5A&q=EhAqAxsgAAbwEQAAAAAAAABuGPvOjaAGIjCofMn3M1Sa-kCjjg30HeiWeYzYfeVLN5_Pl4VYptm7MFszIrW4NWsjiW6H46omnAMyAXI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
23041
content-security-policy
script-src 'report-sample' 'nonce-eQiDuDF3RiwwlkFMDjfaUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 04 Mar 2023 15:45:00 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame 3DDC
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&s=gxasSFNUPU-oZOAngs40ybCsjvzZNbDG_nQrD9rw9w2H5yGYZnrP20HUxywTFy3rTuvz7ehJkyXWtEQ7bO5bM7CWKJR6lCxOFdXToRUZQgla2tyDaTjbrrDsAZkO0fqDBK2c6LfeSsVuhYJC2tPJzB7qlbZiossH0sH-0Jtz8XatsyjLUt7LnC-OajfWiUlRNagd76MS1hLmM9HSBreVuOTNZ37myWPbF_XvupficCTOjHYHg7NNZ3IN18LXJUdWG8e8Sydxlst2ZaQXm8t351i2F9nUuCg&cb=vhu72h1q8kui
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 13:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93190
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 05:03:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Mar 2024 13:51:51 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame 3DDC
408 KB
163 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&s=gxasSFNUPU-oZOAngs40ybCsjvzZNbDG_nQrD9rw9w2H5yGYZnrP20HUxywTFy3rTuvz7ehJkyXWtEQ7bO5bM7CWKJR6lCxOFdXToRUZQgla2tyDaTjbrrDsAZkO0fqDBK2c6LfeSsVuhYJC2tPJzB7qlbZiossH0sH-0Jtz8XatsyjLUt7LnC-OajfWiUlRNagd76MS1hLmM9HSBreVuOTNZ37myWPbF_XvupficCTOjHYHg7NNZ3IN18LXJUdWG8e8Sydxlst2ZaQXm8t351i2F9nUuCg&cb=vhu72h1q8kui
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 08:40:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25501
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166391
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 05:03:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 03 Mar 2024 08:40:00 GMT
apm
42payments.com/user/
4 B
1 KB
XHR
General
Full URL
https://42payments.com/user/apm
Requested by
Host: 42payments.com
URL: https://42payments.com/package/run_js/d04816155af0e9a5fdb0e6d01875d93252647cd3a433addd74eefa347e04f794/xfalse/x20/run.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

X-Bubble-Fiber-ID
1677944701176x142823189068448590
X-Bubble-PL
1677944699540x7909
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://42payments.com/
cache-control
no-cache
Referer
https://42payments.com/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

Date
Sat, 04 Mar 2023 15:45:01 GMT
Content-Encoding
br
CF-Cache-Status
DYNAMIC
x-bubble-perf
{"total":8.4,"percents":{"top":{"bubble_cpu":34.4,"block":55.3,"capacity_rl":0,"other_pause":0,"pre_fiber":10},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":21.6,"fiber_queue":16.1,"capacity_wait":20}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":9,"blocks":8},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":431617,"derived_build_time_spent":0}}
x-bubble-appname
spin-the-dart
x-powered-by
Express
Transfer-Encoding
chunked
Connection
keep-alive
x-bubble-capacity-used
0.007 unit-seconds used
Server
cloudflare
x-bubble-request-took
8
vary
Accept-Encoding
Content-Type
application/json
cache-control
no-cache
CF-RAY
7a2b3e6e6dc92c26-FRA
x-bubble-capacity-limit
0 ms slower
webworker.js
www.google.com/recaptcha/api2/ Frame 3DDC
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&s=gxasSFNUPU-oZOAngs40ybCsjvzZNbDG_nQrD9rw9w2H5yGYZnrP20HUxywTFy3rTuvz7ehJkyXWtEQ7bO5bM7CWKJR6lCxOFdXToRUZQgla2tyDaTjbrrDsAZkO0fqDBK2c6LfeSsVuhYJC2tPJzB7qlbZiossH0sH-0Jtz8XatsyjLUt7LnC-OajfWiUlRNagd76MS1hLmM9HSBreVuOTNZ37myWPbF_XvupficCTOjHYHg7NNZ3IN18LXJUdWG8e8Sydxlst2ZaQXm8t351i2F9nUuCg&cb=vhu72h1q8kui
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
347994f2b271030fae86aa3b0de7cbc7ffcdb19b612c61cad0bea5847b1c12fe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b&co=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo0NDM.&hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=normal&s=gxasSFNUPU-oZOAngs40ybCsjvzZNbDG_nQrD9rw9w2H5yGYZnrP20HUxywTFy3rTuvz7ehJkyXWtEQ7bO5bM7CWKJR6lCxOFdXToRUZQgla2tyDaTjbrrDsAZkO0fqDBK2c6LfeSsVuhYJC2tPJzB7qlbZiossH0sH-0Jtz8XatsyjLUt7LnC-OajfWiUlRNagd76MS1hLmM9HSBreVuOTNZ37myWPbF_XvupficCTOjHYHg7NNZ3IN18LXJUdWG8e8Sydxlst2ZaQXm8t351i2F9nUuCg&cb=vhu72h1q8kui
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 15:45:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Sat, 04 Mar 2023 15:45:01 GMT
bframe
www.google.com/recaptcha/api2/ Frame C47C
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
82a82039b767fd1e0c587ba031066d5afd6e1953aa587263a5fbe0228c4b80ac
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1vwZ4nvTJPWyRSy9j5D-vg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/sorry/index?continue=https://www.youtube.com/embed/jwmS1gc9S5A&q=EhAqAxsgAAbwEQAAAAAAAABuGPvOjaAGIjCofMn3M1Sa-kCjjg30HeiWeYzYfeVLN5_Pl4VYptm7MFszIrW4NWsjiW6H46omnAMyAXI
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1118
content-security-policy
script-src 'report-sample' 'nonce-1vwZ4nvTJPWyRSy9j5D-vg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 04 Mar 2023 15:45:01 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame C47C
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 13:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93190
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 05:03:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Mar 2024 13:51:51 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ Frame C47C
408 KB
163 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Nh10qRQB5k2ucc5SCBLAQ4nA&k=6LfwuyUTAAAAAOAmoS0fdqijC2PbbdH4kjq62Y1b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 08:40:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25501
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166391
x-xss-protection
0
last-modified
Mon, 20 Feb 2023 05:03:28 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 03 Mar 2024 08:40:00 GMT
frg
42payments.com/
5 B
1 KB
XHR
General
Full URL
https://42payments.com/frg
Requested by
Host: 42payments.com
URL: https://42payments.com/package/run_js/d04816155af0e9a5fdb0e6d01875d93252647cd3a433addd74eefa347e04f794/xfalse/x20/run.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

X-Bubble-Fiber-ID
1677944702665x396112056792555800
X-Bubble-PL
1677944699540x7909
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://42payments.com/
cache-control
no-cache
Referer
https://42payments.com/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5

Response headers

Date
Sat, 04 Mar 2023 15:45:03 GMT
Content-Encoding
br
CF-Cache-Status
DYNAMIC
x-bubble-perf
{"total":96.8,"percents":{"top":{"bubble_cpu":2.4,"block":73.3,"capacity_rl":0,"other_pause":0,"pre_fiber":24.3},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":38.4,"fiber_queue":36.4,"capacity_wait":5.8}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":9,"fiber_queue":10,"blocks":9},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":352588,"derived_build_time_spent":0}}
x-bubble-appname
spin-the-dart
x-powered-by
Express
Transfer-Encoding
chunked
Connection
keep-alive
x-bubble-capacity-used
0.005 unit-seconds used
Server
cloudflare
x-bubble-request-took
96
vary
Accept-Encoding
Content-Type
application/json
cache-control
no-cache
CF-RAY
7a2b3e77bbbb2c26-FRA
x-bubble-capacity-limit
0 ms slower

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless string| bubble_session_uid object| headers_source_maps object| load_error_log object| _bubble_page_load_data object| webfont object| WebFont function| FontFaceObserver string| gm_key boolean| glrl_key_status string| _p string| bubble_page_name function| $ function| jQuery string| bubble_bundle_name object| Base64 object| BrowserDetect object| safe_require function| highlight_dom_changes function| local_storage_fallback object| u function| appquery function| google_web_fonts_active_cb function| fontface_webfonts_loaded_cb function| setImmediate function| clearImmediate function| kill_notifier_socket function| restore_notifier_socket object| client_db number| server_time_offset function| authenticate_as object| element_performance_counts object| testing object| document_ready_key function| display_page function| Lib_post_load number| bubble_version object| plugins object| bubble_run_derived object| app object| translation_data object| language_data string| application_language function| Lib boolean| google_web_fonts_active object| fontface_loaded boolean| all_fontface_loaded function| everything_ready function| wait_for_everything function| show_banner

3 Cookies

Domain/Path Name / Value
.42payments.com/ Name: spin-the-dart_live_u2main
Value: 1677944698272x738957213605756700
.42payments.com/ Name: spin-the-dart_live_u2main.sig
Value: 9L7RgAVab54U6FeZNtslq1_gGHE
.42payments.com/ Name: spin-the-dart_u1main
Value: 1677944698264x149445136599309250

2 Console Messages

Source Level URL
Text
other warning URL: https://42payments.com/package/run_js/d04816155af0e9a5fdb0e6d01875d93252647cd3a433addd74eefa347e04f794/xfalse/x20/run.js(Line 4)
Message:
Unrecognized feature: 'web-share'.
network error URL: https://www.google.com/sorry/index?continue=https://www.youtube.com/embed/jwmS1gc9S5A&q=EhAqAxsgAAbwEQAAAAAAAABuGPvOjaAGIjCofMn3M1Sa-kCjjg30HeiWeYzYfeVLN5_Pl4VYptm7MFszIrW4NWsjiW6H46omnAMyAXI
Message:
Failed to load resource: the server responded with a status of 429 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none';
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

42payments.com
d1muf25xaso8hp.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
spin-the-dart.cdn.bubble.io
www.google.com
www.gstatic.com
www.youtube.com
104.19.240.93
104.19.241.93
2600:9000:2240:3000:1c:37e5:3f40:21
2a00:1450:4001:828::200a
2a00:1450:400d:806::2003
2a00:1450:400d:806::200e
2a00:1450:400d:80a::2004
2a00:1450:400d:80d::2003
0125ad2dba0ac5b1e2697bdb4731784c7c081ee75d86741cd5cba977df0275ad
0c2a39a465e85a6c52193a186c82a9fca6b4ee33ca2e86f8192f58fdb460a537
19cd2ae416e9b9603d393e832166b3e673b9052c199af7e93bdcf520000a62e1
1f47f04c004828504c25b324713db0e91934df8e5237a7d63d316db5a44fd76e
211d547263b2910ef3b505b0cb23f6f921ce4a6d228bb6423c33ad950b76456c
2c99933caf9810ca8b022f6d1417cd4edf88b6d3344d53e7f6e8ff8b50f24d5f
2f821dceb948930132cd386d4204983afbfe06be7d7e4a5b041d6588bf8e9fd4
3418e68677068d3a04c07a07286b6b4e29f8a665fbed04ed1208e6be610a6104
347994f2b271030fae86aa3b0de7cbc7ffcdb19b612c61cad0bea5847b1c12fe
3616c8ecedde64f40853e660dfc44206389bf9f4788f063954e92fa6cb29039a
45bec07470afed706b21e17365adbc172d432ab9fafd784118b4c2041b824f35
4cff7e64b5b6cb44fc86b5126bc749ce98debc349e4dbfed319fe92087eada34
52a241b21be6c8ae7a5dcd5144c4ff2157119f9950d9184677f8060fcc375ac5
56a0872ece7049e655192f114f5d607d00b3904cbdc03655cab1eed4fc436d51
5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202
5e99240e0f704678d97c9bfdd715672b2dd5d6c507a1f2197babeec2577039bf
6c972dff90bb1d01a3f3815ef7e38c685a4638d56572b1629cef8c2d77600fb4
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
824968d482efd78158f563e3963e35fae15c54b47ab1b6505b2a66af5a919b84
82a82039b767fd1e0c587ba031066d5afd6e1953aa587263a5fbe0228c4b80ac
833d678b5c75c3c93d081d2fbcb39794367439805e0e592b02b8300d1d38ee87
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8d2417dedeb4907f456b09758880ed69809d536776b3dc32105914ee7e93eb1a
9093f174f3b17c4d9b6c9935fd84a4ca65be20de12e9d1b7e49c0460f64a5a65
921ae9e41683511887a43f3861ba21e1fbe19c82dc6f6effdf59975ba502998d
94a34a293fc6580008768852ee7b7188929cc21b07b316c2b65c5188284c4be8
94bace320adc6679d2b9652292e13328cf209b17a529d6657f9edc08112fd66a
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
954c391ca6662953f8c2c4aaf0c380d08edcef0c13d3f6ed28a7e4ad7d742e53
a2126a61faa72d61d36d14cde42b4860627085316f877055987187a219299228
aff5a34cd731ff737dea89133d41588bd820e90d176cb6662a9362d62821bad2
b6008e8c59891a8122a868aa87cf03b654424c0a5c6ae0659479c4959b645c31
b834dce3f5cdb218ac4c75784dccaa117481a92d7cfc78cd8cb97875590f2e20
bd9fd05593f2168a333d59615133d6fe1fe255e3fc551a9bf69d845138ecc77c
d173fa18e439e03fd63e4ad4e5226e3eda934fbc4bfa67746fec9a90dd37f3d5
d59e254c54c77066450a88a0899c395df65c33745bcdf68115a62322d01253e9
d85594296af41232ac9767f8c95d0857762f63b699214ad819c56faccbca5b40
d960b7d1be66b02f706ce20a04c6c172333abfb399b2576ddfca94043cf485c5
e0b094f2dda4afcd5856aa1909927289ed9dc4996d316ab6e83d5daafa829f3f
e46d206c72046feb87231ad62b0c738e5e9624b99a13cfe498c1a9dc4c6993a7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c033904ad47ba96d5cb318e53dbbefb785ac2972f995622f8771fc36c67091
f1fedb17057e894d54a17d80eb3c103b34e30e75d7fd666f2440e079f03da4c2
faa685e7d8569eef7e8b1813fa249d779a355903b6a2225f22a9407fae965254
fc44022a11223bfaeabc112d87d62b7be5fae6cc4e8d1929e9c182d9d9c73608
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa