Submitted URL: http://huntsman-aberdeen.com/
Effective URL: https://sovereign-grooming.com/
Submission: On December 02 via api from US — Scanned from DE

Summary

This website contacted 26 IPs in 7 countries across 20 domains to perform 144 HTTP transactions. The main IP is 5.10.25.6, located in Leeds, United Kingdom and belongs to EVEREST-AS, GB. The main domain is sovereign-grooming.com.
TLS certificate: Issued by R3 on November 24th 2022. Valid for: 3 months.
This is the only time sovereign-grooming.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 108.179.232.157 19871 (NETWORK-S...)
25 5.10.25.6 60610 (EVEREST-AS)
8 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
11 2606:4700::68... 13335 (CLOUDFLAR...)
8 52.218.118.0 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
11 151.101.64.176 54113 (FASTLY)
2 2a03:2880:f12... 32934 (FACEBOOK)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
19 54.187.119.242 16509 (AMAZON-02)
4 162.159.134.68 13335 (CLOUDFLAR...)
2 2600:1f18:24e... 14618 (AMAZON-AES)
4 2600:9000:205... 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
2 35.82.157.189 16509 (AMAZON-02)
144 26
Apex Domain
Subdomains
Transfer
32 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1155
q.stripe.com — Cisco Umbrella Rank: 6759
r.stripe.com — Cisco Umbrella Rank: 4201
m.stripe.com — Cisco Umbrella Rank: 1152
374 KB
24 imajica.co.uk
cookieless.imajica.co.uk
453 KB
17 google.com
www.google.com — Cisco Umbrella Rank: 2
pay.google.com — Cisco Umbrella Rank: 2509
apis.google.com — Cisco Umbrella Rank: 90
play.google.com — Cisco Umbrella Rank: 22
465 KB
12 gstatic.com
fonts.gstatic.com
www.gstatic.com
676 KB
11 getsquire.com
widget.getsquire.com — Cisco Umbrella Rank: 838264
wow.getsquire.com — Cisco Umbrella Rank: 838291
api.getsquire.com — Cisco Umbrella Rank: 271246
images-prod-1.getsquire.com — Cisco Umbrella Rank: 314239
1 MB
8 amazonaws.com
s3-eu-west-1.amazonaws.com
2 MB
8 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 203
36 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
maps.googleapis.com — Cisco Umbrella Rank: 360
186 KB
4 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1224
32 KB
4 shopify.com
cdn.shopify.com — Cisco Umbrella Rank: 1585
19 KB
4 mailerlite.com
track.mailerlite.com — Cisco Umbrella Rank: 24754
static.mailerlite.com — Cisco Umbrella Rank: 13827
cdn.mailerlite.com — Cisco Umbrella Rank: 29155
58 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
20 KB
2 browser-intake-datadoghq.com
session-replay.browser-intake-datadoghq.com — Cisco Umbrella Rank: 8368
477 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
203 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 134
111 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
86 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 680
122 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
2 KB
1 sovereign-grooming.com
sovereign-grooming.com
15 KB
1 huntsman-aberdeen.com
huntsman-aberdeen.com
251 B
144 20
Domain Requested by
24 cookieless.imajica.co.uk sovereign-grooming.com
cookieless.imajica.co.uk
12 r.stripe.com js.stripe.com
11 js.stripe.com widget.getsquire.com
wow.getsquire.com
js.stripe.com
10 www.gstatic.com www.google.com
pay.google.com
www.gstatic.com
8 s3-eu-west-1.amazonaws.com sovereign-grooming.com
8 cdnjs.cloudflare.com sovereign-grooming.com
cdnjs.cloudflare.com
7 play.google.com www.gstatic.com
7 q.stripe.com sovereign-grooming.com
4 m.stripe.network js.stripe.com
m.stripe.network
4 cdn.shopify.com sovereign-grooming.com
4 pay.google.com wow.getsquire.com
pay.google.com
sovereign-grooming.com
www.gstatic.com
4 widget.getsquire.com sovereign-grooming.com
widget.getsquire.com
4 maps.googleapis.com sovereign-grooming.com
maps.googleapis.com
4 www.google.com sovereign-grooming.com
www.gstatic.com
www.google.com
3 images-prod-1.getsquire.com wow.getsquire.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 m.stripe.com m.stripe.network
2 session-replay.browser-intake-datadoghq.com wow.getsquire.com
2 api.getsquire.com wow.getsquire.com
2 apis.google.com wow.getsquire.com
apis.google.com
2 wow.getsquire.com widget.getsquire.com
wow.getsquire.com
2 www.facebook.com sovereign-grooming.com
2 fonts.gstatic.com fonts.googleapis.com
www.google.com
2 connect.facebook.net sovereign-grooming.com
connect.facebook.net
2 static.mailerlite.com sovereign-grooming.com
static.mailerlite.com
2 www.googletagmanager.com sovereign-grooming.com
www.googletagmanager.com
1 cdn.mailerlite.com static.mailerlite.com
1 code.jquery.com sovereign-grooming.com
1 track.mailerlite.com sovereign-grooming.com
1 fonts.googleapis.com sovereign-grooming.com
1 cdn.jsdelivr.net sovereign-grooming.com
1 sovereign-grooming.com
1 huntsman-aberdeen.com 1 redirects
144 33
Subject Issuer Validity Valid
sovereign-grooming.com
R3
2022-11-24 -
2023-02-22
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-08-03 -
2023-08-02
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
cookieless.imajica.co.uk
R3
2022-10-30 -
2023-01-28
3 months crt.sh
www.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
mailerlite.com
Cloudflare Inc ECC CA-3
2022-06-29 -
2023-06-29
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2022-08-03 -
2023-07-14
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-09-10 -
2022-12-09
3 months crt.sh
getsquire.com
Cloudflare Inc ECC CA-3
2022-01-31 -
2023-01-31
a year crt.sh
*.s3-eu-west-1.amazonaws.com
Amazon
2022-09-21 -
2023-08-30
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2022-10-19 -
2023-01-11
3 months crt.sh
*.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.apis.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-11-12 -
2023-03-09
4 months crt.sh
cdn.shopify.com
R3
2022-11-14 -
2023-02-12
3 months crt.sh
*.browser-intake-datadoghq.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-21 -
2023-07-22
a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1
2022-09-15 -
2023-01-26
4 months crt.sh

This page contains 10 frames:

Primary Page: https://sovereign-grooming.com/
Frame ID: A9F10290B85925E18523EC7FB5376147
Requests: 73 HTTP requests in this frame

Frame: https://wow.getsquire.com/brands/071e02ce-7101-4319-8440-5b7c4711e498
Frame ID: F46E0FCF7ABBCE15ABC9EFA990367347
Requests: 19 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwow.getsquire.com&mid=
Frame ID: F3F6D0CEF9DDA5C01F63ADDA736FAA28
Requests: 11 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-6807626aac0c9ec4dec377e6a032abaf.html
Frame ID: E01756B917F6D87D67E333CE959C94CB
Requests: 17 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: A121F1F7BA162AD8A1C39281E4C0E433
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD&co=aHR0cHM6Ly9zb3ZlcmVpZ24tZ3Jvb21pbmcuY29tOjQ0Mw..&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=normal&cb=jcpf5usuat8n
Frame ID: CB2D60ACE87AEDEBD0D88ED59088D080
Requests: 8 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 6F58B421A06EAD2F47A4F4E87E8AF2BF
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Km9gKuG06He-isPsP6saG8cn&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD
Frame ID: CC3D2CE22ADE68F749A605F1551A46E1
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 4F99E2C16DEF340A4A46F414A566D514
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: E83E0771EB51C6C36AE23CA2DC535F3E
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

Glasgow Barber | Edinburgh Barber | Aberdeen Barber - Sovereign Grooming

Page URL History Show full URLs

  1. http://huntsman-aberdeen.com/ HTTP 301
    https://sovereign-grooming.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

144
Requests

99 %
HTTPS

73 %
IPv6

20
Domains

33
Subdomains

26
IPs

7
Countries

6114 kB
Transfer

12890 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://huntsman-aberdeen.com/ HTTP 301
    https://sovereign-grooming.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

144 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
sovereign-grooming.com/
Redirect Chain
  • http://huntsman-aberdeen.com/
  • https://sovereign-grooming.com/
59 KB
15 KB
Document
General
Full URL
https://sovereign-grooming.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),
Reverse DNS
cf.imajica.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3453865bb979731296b6df0c7ad59fed11d969568fd988c22e91fd12390611ca
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' cookieless.imajica.co.uk *.amazonaws.com *.cloudflare.com *.google.com code.jquery.com cdn.jsdelivr.net *.googletagmanager.com *.getsquire.com *.stripe.com *.google-analytics.com *.facebook.net *.googleapis.com *.gstatic.com *.mailerlite.com *.shopify.com *.facebook.com *.mxpnl.com *.vimeo.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Encoding
gzip
Content-Security-Policy
default-src 'self' 'unsafe-inline' cookieless.imajica.co.uk *.amazonaws.com *.cloudflare.com *.google.com code.jquery.com cdn.jsdelivr.net *.googletagmanager.com *.getsquire.com *.stripe.com *.google-analytics.com *.facebook.net *.googleapis.com *.gstatic.com *.mailerlite.com *.shopify.com *.facebook.com *.mxpnl.com *.vimeo.com
Content-Type
text/html;charset=UTF-8
Date
Fri, 02 Dec 2022 16:05:26 GMT
Referrer-Policy
strict-origin
Server
Microsoft-IIS/10.0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Powered-By
ASP.NET
X-XSS-Protection
1; mode=block

Redirect headers

Connection
Keep-Alive
Content-Length
239
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 02 Dec 2022 16:05:25 GMT
Keep-Alive
timeout=5, max=75
Location
https://sovereign-grooming.com/
Server
Apache
slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/
1 KB
737 B
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.css
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:05:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1455715
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
394
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-559"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZcjq4O1lXEKPju9hgtonNaW5ii%2Bo9P9KofvzIA8gUEuElPT5vuB5QAl0X%2FZuUhOrTtmrDz3XbIG%2BAksbFXfupAVF9Kic%2FnwkwdZzCmPOOwJOf4%2B26cXXZANwAzMXWLXfxlMaLVHcbZKl3jkZhaGU5wH"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77354dd679e29bbe-FRA
expires
Wed, 22 Nov 2023 16:05:26 GMT
slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/
2 KB
977 B
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:05:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
78454
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
657
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-956"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FVCX%2B2mx4ZFQG%2Fdr%2F5a6VGKf%2FoFjTCLOt6EqgqrKbjTMPEz%2BbK9bulI2hQzkzRVOQA8pUjm9iHjxsp6yzWMNlPTlvnwRQ2ZPGFiNMZhp2SaiA5HBDI5aqz1CK4iF8fjnEMGoRjxk9hk5kqJPsB9W2GZb"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77354dd679e39bbe-FRA
expires
Wed, 22 Nov 2023 16:05:26 GMT
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.0/
57 KB
4 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.0/animate.min.css
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ed082521f47921ffff14d4ec1c6c3f1ea55114741bee23cc23d4ab6a3213642
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:05:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2583895
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3541
last-modified
Mon, 04 May 2020 16:04:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d2a-e283"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zsHZD%2FnTjA4XLnGvBhU89ppkgPknpqbeuetm6faRQeSziYOoItvNouQ1dJjNsl5xowqwfasTCjT0nDpRpiI%2Bic4NhWiG6b0TPilIsxyfbVA%2BKI1HQ8T2Qi%2Br5oTHYxXvyrHbxJjGx80WzIDhhoAJ6qS3"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77354dd679e49bbe-FRA
expires
Wed, 22 Nov 2023 16:05:26 GMT
normalize.css@8.0.0
cdn.jsdelivr.net/npm/
2 KB
2 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/normalize.css@8.0.0
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90d0c12c22744ac07394873d3079645e9bfdc0719f79fd2983571bbb74627951
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:05:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
206076
x-jsd-version
8.0.0
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230079-FRA, cache-yyz4523-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"857-1AVZkRVtU87ebzou6HoujkZz8yA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJdtr58PdC0Fe2B6wNbEygATtgREvz0wvG%2BT3XXqb%2FVHcJa8ks%2Fcy%2Fc14%2BFLXQ6IVcaryHkF%2FsAl5ZCst3d19ZqjlSa182M3HCnGS4b3gLS6igJYql2PgBiIUgB9QAnVsuMmikvVWwwqqxbG39w%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
77354dd67c709a15-FRA
css
fonts.googleapis.com/
3 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Oswald:300,700
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3474d4e67ce243f6bfe12bcb845d69efea2339b3626202075a73b803340a1a35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 02 Dec 2022 16:05:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 02 Dec 2022 16:05:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 02 Dec 2022 16:05:26 GMT
bootstrap3.3.7-grid.css
cookieless.imajica.co.uk/sovereign-live/css/
12 KB
4 KB
Stylesheet
General
Full URL
https://cookieless.imajica.co.uk/sovereign-live/css/bootstrap3.3.7-grid.css
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),
Reverse DNS
cf.imajica.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1959be9cbfd6e9c65d1f1a699b4ba478fbc489338c96f9ec227c7bfbad9bbc5d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:05:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 27 Feb 2019 18:31:53 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding,Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
3760
main.css
cookieless.imajica.co.uk/sovereign-live/css/
64 KB
16 KB
Stylesheet
General
Full URL
https://cookieless.imajica.co.uk/sovereign-live/css/main.css
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),
Reverse DNS
cf.imajica.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b6fde43e822a550063a852091a573de7af5c64c03d51e5b6f1a3e912073da065
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:05:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 19 Jul 2022 06:19:08 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding,Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
16346
api.js
www.google.com/recaptcha/
850 B
964 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ef82fdc8be9d094c478fb5002c71151f6dde2bcaa6816e70c8a1060140482c71
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:05:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
551
x-xss-protection
1; mode=block
expires
Fri, 02 Dec 2022 16:05:26 GMT
cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/
4 KB
1 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:05:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
77854
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
975
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-fe0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dsumYL97I06Hl80I48DmCQYrcOXAU8Hy68sJjCRJINv5PAehdVeNWnQjQXkmE%2F7mF2G%2BbObP%2F5fedpraCrbQxsHBFCJJPzImLGmYgahS4tvy6jMgIB020wAZoSlZBf6FvU2oXTVkWYnT%2Fh4UGde3b63B"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77354dd679e79bbe-FRA
expires
Wed, 22 Nov 2023 16:05:26 GMT
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/
20 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:05:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
236888
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5978
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-5148"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ss%2BWSRIxydeEGYcBvJq0cMqoO2a1jSthrgyNdyTtciEn4%2BgG3VHg80DUhCweHunvpnaq%2Bvhj68ARDqTgxFMZilv8Cb90hnrBhovCji7HDT3OhvvXVMlb0g2qoLlV6HptAzNMOp4z9%2BKpgdqpxVS4AGH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77354dd679e99bbe-FRA
expires
Wed, 22 Nov 2023 16:05:26 GMT
js
www.googletagmanager.com/gtag/
109 KB
43 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-34216017-3
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
faeffb937d5bf99f354e4c8038df6a60cf4e701f3b2af158c84d540986440d5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:05:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43654
x-xss-protection
0
last-modified
Fri, 02 Dec 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 02 Dec 2022 16:05:26 GMT
locationPin.svg
cookieless.imajica.co.uk/sovereign-live/images/
671 B
1017 B
Image
General
Full URL
https://cookieless.imajica.co.uk/sovereign-live/images/locationPin.svg
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),
Reverse DNS
cf.imajica.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e4bfbfbf6e3b6a9e14b26504a90be3ae027c3f35e686e461a5efdeacaa940771
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:05:26 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 28 Feb 2019 14:19:41 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
671
sovereign-grooming.svg
cookieless.imajica.co.uk/sovereign-live/images/
6 KB
6 KB
Image
General
Full URL
https://cookieless.imajica.co.uk/sovereign-live/images/sovereign-grooming.svg
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),
Reverse DNS
cf.imajica.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3189f267292a7e6bd2b9337c283c743698a61ee80a0c1c23c3d33977fcaf6723
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:05:26 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 26 Feb 2019 14:03:31 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
5811
down.svg
cookieless.imajica.co.uk/sovereign-live/images/
667 B
1013 B
Image
General
Full URL
https://cookieless.imajica.co.uk/sovereign-live/images/down.svg
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),
Reverse DNS
cf.imajica.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
226f85bdffb915c7751d9a0bc7adee293eb9e7a2cbfaff50c71951e62e9886f4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:05:26 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 28 Feb 2019 14:58:25 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
667
arrow.svg
cookieless.imajica.co.uk/sovereign-live/images/
476 B
822 B
Image
General
Full URL
https://cookieless.imajica.co.uk/sovereign-live/images/arrow.svg
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),
Reverse DNS
cf.imajica.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a4be01097d4a084e24b380ab1ed6d5b75425b07931a8baa1d81c5c621309ecb0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:05:26 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 28 Feb 2019 11:37:41 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
476
arrowThick.svg
cookieless.imajica.co.uk/sovereign-live/images/
504 B
850 B
Image
General
Full URL
https://cookieless.imajica.co.uk/sovereign-live/images/arrowThick.svg
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),
Reverse DNS
cf.imajica.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0896440488004a152d26c9c80a8f111f10bc1f59139371dfc529d27785d0f515
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:05:26 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 04 Apr 2019 07:56:18 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
504
dropdownarrow.svg
cookieless.imajica.co.uk/sovereign-live/images/
634 B
980 B
Image
General
Full URL
https://cookieless.imajica.co.uk/sovereign-live/images/dropdownarrow.svg
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),
Reverse DNS
cf.imajica.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b8b273b2aedc1b89c61ef048aae10350df6d83d553a681ca1a1a1fa3d943a9e7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:05:26 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 28 Feb 2019 14:49:11 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
634
facebook.svg
cookieless.imajica.co.uk/sovereign-live/images/
971 B
1 KB
Image
General
Full URL
https://cookieless.imajica.co.uk/sovereign-live/images/facebook.svg
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),
Reverse DNS
cf.imajica.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8ef7c2263880b115596b765383aac5a63cf46c1d2a380fefbda15b68d847d085
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:05:26 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 27 Feb 2019 19:16:28 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
971
instagram.svg
cookieless.imajica.co.uk/sovereign-live/images/
1 KB
2 KB
Image
General
Full URL
https://cookieless.imajica.co.uk/sovereign-live/images/instagram.svg
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),
Reverse DNS
cf.imajica.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
abdcc8c10388d0d324de90a56eecbcd7a37537777d9615d0f4d676b61a8c4643
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:05:26 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 27 Feb 2019 18:52:33 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
1196
h0i7h1
track.mailerlite.com/webforms/o/1249538/
43 B
138 B
Image
General
Full URL
https://track.mailerlite.com/webforms/o/1249538/h0i7h1?v1658180054
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:05:26 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
77354dd7b83d9078-FRA
content-type
image/gif
webforms.min.js
static.mailerlite.com/js/w/
10 KB
3 KB
Script
General
Full URL
https://static.mailerlite.com/js/w/webforms.min.js?v7316d10e2931a97c7b0f5c7e7e7be3ea
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d8be7379d2c0f194a7d4f37690e76497d090801d17607902178910f3a870dcf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:05:26 GMT
strict-transport-security
max-age=63072000
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 01 Dec 2022 09:35:17 GMT
server
cloudflare
age
595
etag
W/"63887555-26ca"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cache-control
public, max-age=432000
cf-ray
77354dd7981e9078-FRA
expires
Wed, 07 Dec 2022 16:05:26 GMT
jquery3.3.1.js
cookieless.imajica.co.uk/sovereign-live/js/
85 KB
38 KB
Script
General
Full URL
https://cookieless.imajica.co.uk/sovereign-live/js/jquery3.3.1.js
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),
Reverse DNS
cf.imajica.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:05:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 01 Mar 2019 09:43:57 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding,Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
38899
jquery-ui.js
code.jquery.com/ui/1.12.1/
509 KB
122 KB
Script
General
Full URL
https://code.jquery.com/ui/1.12.1/jquery-ui.js
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:05:27 GMT
content-encoding
gzip
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
W/"28feccc0-7f20a"
vary
Accept-Encoding
x-hw
1669997127.dop017.fr8.t,1669997127.cds157.fr8.hn,1669997127.cds269.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
124434
jquery.form-validator.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-form-validator/2.3.77/
33 KB
10 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-form-validator/2.3.77/jquery.form-validator.min.js
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cdea941254ed175a4c9d88766067052c3ba7c4eca347570ea63ba6f0dd35aa1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:05:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
138511
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9179
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-8342"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nx8PFUTdY5JFRcjl4NQsK%2Bvt9IH9%2FTEUd5cUM0ZWNeuoSuqvr5Lyot6M3%2F0iLKlqpAgatf%2BHUWLd5DwPljsKBxnoiQ4qRirqOsjXCLy%2BkHpM68epWX8aCBFFH0M2H0sCogzelQ8zvIjOmh2RjQHTL8gz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77354dd77c499bbe-FRA
expires
Wed, 22 Nov 2023 16:05:26 GMT
slick.min.js
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/
43 KB
10 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.js
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:05:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2989052
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9564
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-ab69"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zvBhYjcY6U%2BQcut3eecoRvWm1ImcBTpVjbKBs37el2XinMU6vxf43ki%2BemqUkACUT8YvOz8nIukVnbHBU4g0SnluuhMIV11i8yOOx3ZuCUN0Wxa8X5GLK57546bi7Q6zLD5M9JwN6oNJHXHJbAK670Oh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77354dd77c4b9bbe-FRA
expires
Wed, 22 Nov 2023 16:05:26 GMT
matchHeight.js
cookieless.imajica.co.uk/sovereign-live/js/
12 KB
4 KB
Script
General
Full URL
https://cookieless.imajica.co.uk/sovereign-live/js/matchHeight.js
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),
Reverse DNS
cf.imajica.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ff6623c532931ee98af6b9a1524ebd76c6c6e91333404d5b405286bc7d8f353d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:05:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 26 Feb 2019 10:49:33 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding,Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
3860
bodyScrollLock.min.js
cookieless.imajica.co.uk/sovereign-live/js/
3 KB
2 KB
Script
General
Full URL
https://cookieless.imajica.co.uk/sovereign-live/js/bodyScrollLock.min.js
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),
Reverse DNS
cf.imajica.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1ad8ee4a07deafe95a7c98ce3bc3c33c1772fcf1ca61ddb0292cb5ad9d160ab3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:05:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sat, 02 Mar 2019 13:12:14 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding,Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
1400
easing.js
cookieless.imajica.co.uk/sovereign-live/js/
8 KB
3 KB
Script
General
Full URL
https://cookieless.imajica.co.uk/sovereign-live/js/easing.js
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),
Reverse DNS
cf.imajica.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d2bc9c513d50deb617981195a91d357c004688ae7a90962da29814385e168dea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:05:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 26 Feb 2019 10:49:32 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding,Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
2542
cookie.js
cookieless.imajica.co.uk/sovereign-live/js/
4 KB
2 KB
Script
General
Full URL
https://cookieless.imajica.co.uk/sovereign-live/js/cookie.js
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),
Reverse DNS
cf.imajica.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
90a6a3eb41bfed4b28ed3fff169591c1cbe2a934ca1ad7e2322c9b641cd56616
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:05:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 06 Mar 2019 15:47:32 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding,Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
1820
type.js
cookieless.imajica.co.uk/sovereign-live/js/
40 KB
17 KB
Script
General
Full URL
https://cookieless.imajica.co.uk/sovereign-live/js/type.js
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),
Reverse DNS
cf.imajica.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fbbf53c397922279d74e296ad6fc4727454f5c08a82b31c228aa386d4edf78e1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:05:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 26 Mar 2019 10:56:34 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding,Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
17511
main.js
cookieless.imajica.co.uk/sovereign-live/js/
45 KB
13 KB
Script
General
Full URL
https://cookieless.imajica.co.uk/sovereign-live/js/main.js
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),
Reverse DNS
cf.imajica.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b059c6578752c58366131b987184e24b7be6c781c2e600344d983436abc903f3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:05:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 11 Mar 2021 09:18:11 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding,Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
12408
js
maps.googleapis.com/maps/api/
168 KB
55 KB
Script
General
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyC3Ux5uJMKOtXn7zP5BozhrK0PgP7Y1hLc&libraries=places
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
1acbdfed09e156ce09de0bc254132a64356856c2593be41c84bbb14ec311505f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:05:26 GMT
content-encoding
gzip
server
mafe
vary
Accept-Language
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=25
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56155
x-xss-protection
0
expires
Fri, 02 Dec 2022 16:35:26 GMT
fbevents.js
connect.facebook.net/en_US/
103 KB
27 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 02 Dec 2022 16:05:26 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27340
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
r+aj2m61vNOsoPAtz/8p9IYviyW7k8zj9FAA9lv0hZySEfuXtd14QY3YBwqFLKHF2qCttMvAXhet1bseyWRKTA==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
widget.js
widget.getsquire.com/
21 KB
6 KB
Script
General
Full URL
https://widget.getsquire.com/widget.js??1669997126309
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20ce5e5a04350ffa0e4d32c7b124f55601f27c1a2143f46a123aa027d4a36d47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:05:26 GMT
via
1.1 fa544a973edca8926f95609301f23b66.cloudfront.net (CloudFront)
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
DUS51-P2
x-cache
Hit from cloudfront
last-modified
Thu, 01 Dec 2022 21:10:21 GMT
server
cloudflare
etag
W/"ec7abdd7e9cb7dd883ac09d5cd8902f7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FsV%2Bv34jb9Mor56w6QJwOMiBn4NnmybQ7YItdyYoR7tRcxdj10nuXqSkBO%2Bp290LoykPTPDmburlra3LfCfnwHY30ZrwJ4BJQtc84jUC3Ub7rZ3DXIOBsHGnq73IrbE9sNiB5cYrPMVyHdzhdJECJdd1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
77354dd80bd0bbb6-FRA
x-amz-cf-id
_EV33jd50HsXMgmpS-jSturY034F4zuiHLtQ0uhnhKoQC2fXEpt22Q==
expires
Sat, 03 Dec 2022 16:05:26 GMT
copper.jpg
cookieless.imajica.co.uk/sovereign-live/images/
4 KB
4 KB
Image
General
Full URL
https://cookieless.imajica.co.uk/sovereign-live/images/copper.jpg
Requested by
Host: cookieless.imajica.co.uk
URL: https://cookieless.imajica.co.uk/sovereign-live/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),
Reverse DNS
cf.imajica.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f042ce8f3b97f7c251f0ee50a175fff625805225b01161a8482cdf2373e48b9a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cookieless.imajica.co.uk/sovereign-live/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:05:26 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 12 Mar 2019 09:25:25 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
3764
large-160322SOVEREIGNGLASGOW-24.jpg
s3-eu-west-1.amazonaws.com/sovereign2019-live/images/home/slider/
97 KB
98 KB
Image
General
Full URL
https://s3-eu-west-1.amazonaws.com/sovereign2019-live/images/home/slider/large-160322SOVEREIGNGLASGOW-24.jpg?1669997125
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.118.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
cd2235d8f893344a27b23515ff38e97d25e55674d09b3fc28d4d22220535df9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:05:27 GMT
Last-Modified
Sun, 20 Mar 2022 12:10:04 GMT
Server
AmazonS3
x-amz-request-id
Y3XDSJJFC0CA2Y5W
ETag
"9c7ac2df3e9f6720f36d8a444ec02d3d"
Content-Type
image/jpeg
x-amz-meta-md5-hash
9c7ac2df3e9f6720f36d8a444ec02d3d
Accept-Ranges
bytes
Content-Length
99796
x-amz-id-2
OFSIItLX+HyWGP5RoCvE4zOiMzuPBlV9AJ4SK+U/9+cY0Z1N8Ojlr4TQKPyXexdcf5DsMQ7J6Cc=
large-160322SOVEREIGNGLASGOW-15.jpg
s3-eu-west-1.amazonaws.com/sovereign2019-live/images/home/slider/
84 KB
84 KB
Image
General
Full URL
https://s3-eu-west-1.amazonaws.com/sovereign2019-live/images/home/slider/large-160322SOVEREIGNGLASGOW-15.jpg?1669997125
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.118.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
ad28d31f434243e9c5445a39542ff8fc06a084e7cfee1016e147e851a0a2c4bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:05:27 GMT
Last-Modified
Sun, 20 Mar 2022 11:52:11 GMT
Server
AmazonS3
x-amz-request-id
Y3XBC8Q04TGCZ5Z1
ETag
"b74d82bd9942b3d516775b27b39e577e"
Content-Type
image/jpeg
x-amz-meta-md5-hash
b74d82bd9942b3d516775b27b39e577e
Accept-Ranges
bytes
Content-Length
85638
x-amz-id-2
cD0eAILwbs7tQIdDPlAfrncREqUrEW6AspC5Q1/nuDPilHaon/YTZSAR1MX0xsaMe9GBx+I1t1g=
large-160322SOVEREIGNGLASGOW-3.jpg
s3-eu-west-1.amazonaws.com/sovereign2019-live/images/home/slider/
141 KB
141 KB
Image
General
Full URL
https://s3-eu-west-1.amazonaws.com/sovereign2019-live/images/home/slider/large-160322SOVEREIGNGLASGOW-3.jpg?1669997125
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.118.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
1a3855d1dbb188b21f56417936424e6963674612244b49de695e843a185f4469

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:05:27 GMT
Last-Modified
Sun, 20 Mar 2022 11:55:44 GMT
Server
AmazonS3
x-amz-request-id
Y3X4WP8P5RTA6QZV
ETag
"d1948e281345e5a5dece3663d58c0f08"
Content-Type
image/jpeg
x-amz-meta-md5-hash
d1948e281345e5a5dece3663d58c0f08
Accept-Ranges
bytes
Content-Length
143892
x-amz-id-2
SqbAdPAJWky5wwHcQXQVswj6kV7Ta9yYxK+57QHWSIatkADeOwH5DafdCRpvMjpomW0hvLRGb0Q=
large-160322SOVEREIGNGLASGOW-24-min-1.jpg
s3-eu-west-1.amazonaws.com/sovereign2019-live/pages/images/656/
98 KB
98 KB
Image
General
Full URL
https://s3-eu-west-1.amazonaws.com/sovereign2019-live/pages/images/656/large-160322SOVEREIGNGLASGOW-24-min-1.jpg?1669997125
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.118.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
ec44de8bee0c0d776630ac77c750cc712e293bd010997644042a61e9b5db39f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:05:27 GMT
Last-Modified
Mon, 12 Sep 2022 06:23:58 GMT
Server
AmazonS3
x-amz-request-id
Y3X435BWJNQR6MNG
ETag
"ed47942002a0d755909eb09e966e4a21"
Content-Type
image/jpeg
x-amz-meta-md5-hash
ed47942002a0d755909eb09e966e4a21
Accept-Ranges
bytes
Content-Length
100162
x-amz-id-2
u2jqeKkMfi+FOgr3c9WCP+6xWrQvQzUZDbdoaCyN6UFVT35dNDXcuroP+vs4htzpQggAhIVZ1CI=
large-Untitled-design-24.png
s3-eu-west-1.amazonaws.com/sovereign2019-live/pages/images/655/
1 MB
1 MB
Image
General
Full URL
https://s3-eu-west-1.amazonaws.com/sovereign2019-live/pages/images/655/large-Untitled-design-24.png?1669997125
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.118.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
8bf5495fca815b738847f590703007ccd24d6f04a213cb13483685696425c3a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:05:27 GMT
Last-Modified
Sat, 13 Aug 2022 08:50:53 GMT
Server
AmazonS3
x-amz-request-id
Y3XB0J61JNX273JN
ETag
"07037ad6d5151ea3bd8ee9da3dc7f203"
Content-Type
image/png
x-amz-meta-md5-hash
07037ad6d5151ea3bd8ee9da3dc7f203
Accept-Ranges
bytes
Content-Length
1124468
x-amz-id-2
5ycqwA7LK6gxGy/OUL+wGX224TbXY/e/xKLbGQ1NeKGyzH6yInpRK3rFPlynRDwb/uWhnyr4F8U=
large-shutterstock1518402614.jpg
s3-eu-west-1.amazonaws.com/sovereign2019-live/pages/images/654/
27 KB
27 KB
Image
General
Full URL
https://s3-eu-west-1.amazonaws.com/sovereign2019-live/pages/images/654/large-shutterstock1518402614.jpg?1669997125
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.118.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
0daf0115b718f2b334a5f44c064394cc317eb6c5cef7d9145fe7dbc64f4f6394

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:05:27 GMT
Last-Modified
Sun, 17 Jul 2022 09:10:02 GMT
Server
AmazonS3
x-amz-request-id
Y3X04KPX77V09D4M
ETag
"9ee091ad3df2847e61afc5b31a73145c"
Content-Type
image/jpeg
x-amz-meta-md5-hash
9ee091ad3df2847e61afc5b31a73145c
Accept-Ranges
bytes
Content-Length
27210
x-amz-id-2
VWCBE+dyej4ppNiprbCvi9IDdS1aKQJEy/ExMru6RDr0S25voIpiL/e0X/ldfpglIiqpxpifoHs=
large-2JE2JW8.jpg
s3-eu-west-1.amazonaws.com/sovereign2019-live/pages/images/652/
50 KB
51 KB
Image
General
Full URL
https://s3-eu-west-1.amazonaws.com/sovereign2019-live/pages/images/652/large-2JE2JW8.jpg?1669997125
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.118.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
a19aeb7a2ef26c0039680e69d7f9180fb9a4da6b0891583a126826dd5ff79f29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:05:27 GMT
Last-Modified
Sun, 10 Jul 2022 07:14:26 GMT
Server
AmazonS3
x-amz-request-id
Y3X8FKJZMT6583KY
ETag
"f967064f33c1851f65b2fd32e30b79d5"
Content-Type
image/jpeg
x-amz-meta-md5-hash
f967064f33c1851f65b2fd32e30b79d5
Accept-Ranges
bytes
Content-Length
51587
x-amz-id-2
1LPRb7cJp0GVwcz0zRJRa8kdWRLq6hu5i6ic4Qo99zA+fRNzPG5ilCI5Z4JnUas9NS6+Hgaa4VM=
large-Untitled-design-16.png
s3-eu-west-1.amazonaws.com/sovereign2019-live/pages/images/651/
272 KB
273 KB
Image
General
Full URL
https://s3-eu-west-1.amazonaws.com/sovereign2019-live/pages/images/651/large-Untitled-design-16.png?1669997125
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.118.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-eu-west-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
96436bad569e4610ad9889673f0b81ef9188dda957c6434d6f1895df08af1d2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:05:27 GMT
Last-Modified
Sun, 03 Jul 2022 16:00:16 GMT
Server
AmazonS3
x-amz-request-id
Y3XC9WYCA16NNC7G
ETag
"286f39d3b23ca9bd7f6e874285c2a7f8"
Content-Type
image/png
x-amz-meta-md5-hash
286f39d3b23ca9bd7f6e874285c2a7f8
Accept-Ranges
bytes
Content-Length
278991
x-amz-id-2
IcegF1uZlCSCuy2XkxQi4HSGzmPb7Ihf080bXp2JaiJ14k4e/0YjH9obsl7xzf+bBf9lY/Lltlw=
aberdeenMap.png
cookieless.imajica.co.uk/sovereign-live/images/
88 KB
89 KB
Image
General
Full URL
https://cookieless.imajica.co.uk/sovereign-live/images/aberdeenMap.png
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),
Reverse DNS
cf.imajica.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2b735a24f860048746dda8712ccd3899e2ba2bcff2641065f393120544da47e5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:05:26 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 16 Aug 2021 10:02:46 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
90328
edinburghMap.png
cookieless.imajica.co.uk/sovereign-live/images/
83 KB
84 KB
Image
General
Full URL
https://cookieless.imajica.co.uk/sovereign-live/images/edinburghMap.png
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),
Reverse DNS
cf.imajica.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
492660ee96d74563d18c5395158d1f30b556de1bf87b15eb2379436293a7eb15
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:05:26 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 16 Aug 2021 10:02:46 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
85405
glasgowMap.png
cookieless.imajica.co.uk/sovereign-live/images/
67 KB
68 KB
Image
General
Full URL
https://cookieless.imajica.co.uk/sovereign-live/images/glasgowMap.png
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),
Reverse DNS
cf.imajica.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
3fc5e0c7e572a7239bca482169ff266298afb784e1b28fe6039fd3eff95552ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:05:26 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 16 Aug 2021 10:02:46 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
69073
38D8AB_2_0.woff2
cookieless.imajica.co.uk/sovereign-live/fonts/
47 KB
47 KB
Font
General
Full URL
https://cookieless.imajica.co.uk/sovereign-live/fonts/38D8AB_2_0.woff2
Requested by
Host: cookieless.imajica.co.uk
URL: https://cookieless.imajica.co.uk/sovereign-live/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),
Reverse DNS
cf.imajica.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
287707d8a256042a32ad9e2ef2b5f903049aee64eb1823c554b86e146fa7b8a9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cookieless.imajica.co.uk/sovereign-live/css/main.css
Origin
https://sovereign-grooming.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:05:26 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 26 Feb 2019 11:34:25 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
47726
38D8AB_0_0.woff2
cookieless.imajica.co.uk/sovereign-live/fonts/
47 KB
47 KB
Font
General
Full URL
https://cookieless.imajica.co.uk/sovereign-live/fonts/38D8AB_0_0.woff2
Requested by
Host: cookieless.imajica.co.uk
URL: https://cookieless.imajica.co.uk/sovereign-live/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),
Reverse DNS
cf.imajica.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fa62fb523f61370f033f93232885e5221af070b2bf9e0870a1e55795b58b19d0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cookieless.imajica.co.uk/sovereign-live/css/main.css
Origin
https://sovereign-grooming.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:05:26 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 26 Feb 2019 11:34:24 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
48221
TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v49/
25 KB
25 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:300,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://sovereign-grooming.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 21:18:54 GMT
x-content-type-options
nosniff
age
326792
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25372
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:24:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 21:18:54 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/
402 KB
162 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5773240cdcd07b20f60e178a5d1bdbec55783aba224236be6a40429d1cf44998
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sovereign-grooming.com/
Origin
https://sovereign-grooming.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 15:37:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1698
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
164812
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 03:01:59 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 15:37:08 GMT
jquery.min.js
cdn.mailerlite.com/ajax/libs/jquery/1.8.3/
91 KB
34 KB
Script
General
Full URL
https://cdn.mailerlite.com/ajax/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: static.mailerlite.com
URL: https://static.mailerlite.com/js/w/webforms.min.js?v7316d10e2931a97c7b0f5c7e7e7be3ea
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:05:26 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 31 Mar 2022 13:37:35 GMT
server
cloudflare
age
3012
etag
W/"6245ae9f-16dc4"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=432000
cf-ray
77354dd8493b9078-FRA
expires
Wed, 07 Dec 2022 16:05:26 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-34216017-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 02 Dec 2022 15:24:40 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2446
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 02 Dec 2022 17:24:40 GMT
js
www.googletagmanager.com/gtag/
109 KB
43 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-122856-83&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-34216017-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bc01df28a35c4072941b86577480e01e114d389b55224f923822608f88376a3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:05:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43605
x-xss-protection
0
last-modified
Fri, 02 Dec 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 02 Dec 2022 16:05:26 GMT
737277223310591
connect.facebook.net/signals/config/
293 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/737277223310591?v=2.9.89&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3171655d10793c2d807453a2a70a6282d75aaab7c6dd2cd2e429ce9c137a0d6e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 02 Dec 2022 16:05:26 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
NmWDJJMjbcNq21vgmxTDoV814h0SJhTyV+MoEtQjyI93L1Kfosq9oKJVs+nBw0O4JB7CZHkLYZJ6gmc+aTihZw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ml_jQuery.inputmask.bundle.min.js
static.mailerlite.com/js/w/
69 KB
21 KB
Script
General
Full URL
https://static.mailerlite.com/js/w/ml_jQuery.inputmask.bundle.min.js?v3.3.1
Requested by
Host: static.mailerlite.com
URL: https://static.mailerlite.com/js/w/webforms.min.js?v7316d10e2931a97c7b0f5c7e7e7be3ea
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c77ae965196f7308b827ce8cef39758740e9652e49958d866454ca1967e03dae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:05:26 GMT
strict-transport-security
max-age=63072000
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 01 Dec 2022 09:35:16 GMT
server
cloudflare
age
3287
etag
W/"63887554-1153a"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cache-control
public, max-age=432000
cf-ray
77354dd90a769078-FRA
expires
Wed, 07 Dec 2022 16:05:26 GMT
frameLoader.js
widget.getsquire.com/v2/
133 KB
45 KB
Script
General
Full URL
https://widget.getsquire.com/v2/frameLoader.js?1669997126581
Requested by
Host: widget.getsquire.com
URL: https://widget.getsquire.com/widget.js??1669997126309
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
718fb898d60dbe526d0e8dfd952b2ad652e923c53ac0a48d1a709a832f036130

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:05:27 GMT
via
1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P5
x-cache
RefreshHit from cloudfront
last-modified
Thu, 01 Dec 2022 21:10:21 GMT
server
cloudflare
etag
W/"9b7fd52583ddaf44819c4b0bc636e48a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0AkCILBeauNsfcJF3us1n196ta%2FRfX9xloRY76B%2BRCQZU2iP3BuZYdI1816W3gO0nurx52K3a7lq867C%2FbO%2BBEis%2FDRP5%2BDC84HARHh%2BOb%2BKtWfuBaF3jWfCmQywBmf3uLPp1J4eMGE%2FhNfU4%2FYdoXf7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
77354dd92e4cbbb6-FRA
x-amz-cf-id
MFPkPPx3WnDn_HQs0qCkOr3QpSxNhscyYncmQZhYNurPNGDatn7YyA==
expires
Sat, 03 Dec 2022 16:05:27 GMT
v3
js.stripe.com/
398 KB
96 KB
Script
General
Full URL
https://js.stripe.com/v3
Requested by
Host: widget.getsquire.com
URL: https://widget.getsquire.com/widget.js??1669997126309
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e3350f0df8b8f4eccd69dfa9c449b8d8eb53bbb81d7efa83aabebb10079b9658
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 02 Dec 2022 16:05:26 GMT
via
1.1 varnish
age
26
x-cache
HIT
content-length
97930
x-request-id
7649536d-ab1e-4001-87d6-0c51ece370a7
x-served-by
cache-hhn4058-HHN
last-modified
Thu, 01 Dec 2022 21:03:56 GMT
server
Fastly
etag
"f60450f904c88c375f2155e2cc09c458"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
15
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=507119445&t=pageview&_s=1&dl=https%3A%2F%2Fsovereign-grooming.com%2F&ul=en-us&de=UTF-8&dt=Glasgow%20Barber%20%7C%20Edinburgh%20Barber%20%7C%20Aberdeen%20Barber%20-%20Sovereign%20Grooming&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1578478543&gjid=30118020&cid=402414351.1669997127&tid=UA-34216017-3&_gid=591933003.1669997127&_r=1&gtm=2oubu0&z=1367653254
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sovereign-grooming.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Dec 2022 16:05:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sovereign-grooming.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=507119445&t=pageview&_s=1&dl=https%3A%2F%2Fsovereign-grooming.com%2F&ul=en-us&de=UTF-8&dt=Glasgow%20Barber%20%7C%20Edinburgh%20Barber%20%7C%20Aberdeen%20Barber%20-%20Sovereign%20Grooming&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=2103944023&gjid=481901090&cid=402414351.1669997127&tid=UA-122856-83&_gid=591933003.1669997127&_r=1&gtm=2oubu0&z=267284342
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://sovereign-grooming.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Dec 2022 16:05:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://sovereign-grooming.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=737277223310591&ev=PageView&dl=https%3A%2F%2Fsovereign-grooming.com%2F&rl=&if=false&ts=1669997126613&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669997126612.773128736&it=1669997126442&coo=false&exp=d0&rqm=GET
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 02 Dec 2022 16:05:26 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
bookButton.js
widget.getsquire.com/v2/
132 KB
45 KB
Script
General
Full URL
https://widget.getsquire.com/v2/bookButton.js?1669997127056
Requested by
Host: widget.getsquire.com
URL: https://widget.getsquire.com/widget.js??1669997126309
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb39d98cbacc788fbd57d93c20e46f0dbdc0c2e2a6ae31e77da8a7e3ab779283

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:05:27 GMT
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront
last-modified
Thu, 01 Dec 2022 21:10:21 GMT
server
cloudflare
etag
W/"53719f23537f3b0ed18fd954b7a33180"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=65AmApKtnx0eH12vsDzFj6cvHYE7tXUn0tT75hxEy72UOxOeKjc%2F7q730gDlmwJkLXJ0qkDChXklMbvWX%2BWdSj9VHHJfsG9I5L3vaB1Nu3SvNgCAHhCwPSZgPeY9S2zmw%2BYAo9Hknq4Xa4vig8NrFpsl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
77354ddc1cbcbbb6-FRA
x-amz-cf-id
WZbsMy56NBD6sxkGI-PfBkmHd9Mv8xbG-ESqH0037y6QhUYnRFs5tA==
expires
Sat, 03 Dec 2022 16:05:27 GMT
dataPreloader.js
widget.getsquire.com/v2/
175 KB
54 KB
Script
General
Full URL
https://widget.getsquire.com/v2/dataPreloader.js?1669997127056
Requested by
Host: widget.getsquire.com
URL: https://widget.getsquire.com/widget.js??1669997126309
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a380b3cfc57c0e3336f5ad21b555c689c85df52a992c466ccbb70206d95fda1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:05:27 GMT
via
1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
DUS51-P2
x-cache
Hit from cloudfront
last-modified
Thu, 01 Dec 2022 21:10:21 GMT
server
cloudflare
etag
W/"b817e5be2567e9b987cd7763d8ed0560"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FedwECDciwepG6%2F1oc46BYl8RPr2w7xqJF245s5DJRPQA91G3H0sqR6P3jblhYjGo87vdZNxATCeA8IzRfFJVVyY6jDJo8TesnO%2Ff6JiwjJgwCAkxbZK6i5R2Q33ShJQd0oRJ0fCK0h0zPSGHA2JHRrj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
77354ddc1cc0bbb6-FRA
x-amz-cf-id
tAcSRDAAus_xAkKds3zuO66xZHY9a_ejfdn0lVHcYNgBTpqCZ3TL0Q==
expires
Sat, 03 Dec 2022 16:05:27 GMT
/
www.facebook.com/tr/
0
18 B
Image
General
Full URL
https://www.facebook.com/tr/?id=737277223310591&ev=Microdata&dl=https%3A%2F%2Fsovereign-grooming.com%2F&rl=&if=false&ts=1669997127115&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Glasgow%20Barber%20%7C%20Edinburgh%20Barber%20%7C%20Aberdeen%20Barber%20-%20Sovereign%20Grooming%22%2C%22meta%3Adescription%22%3A%22Luxury%20barber%20shops%20in%20Glasgow%2C%20Edinburgh%20and%20Aberdeen%20led%20by%20Kyle%20Ross%2C%20Best%20Barber%20UK.%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%5B%22https%3A%2F%2Fcookieless.imajica.co.uk%2Fsovereign-live%2Fimages%2FdefaultImage.png%22%2C%22https%3A%2F%2Fs3-eu-west-1.amazonaws.com%2Fsovereign2019-live%2Fimages%2Fhome%2Fslider%2Fthumbnail-160322SOVEREIGNGLASGOW-24.jpg%22%2C%22https%3A%2F%2Fs3-eu-west-1.amazonaws.com%2Fsovereign2019-live%2Fimages%2Fhome%2Fslider%2Fthumbnail-160322SOVEREIGNGLASGOW-15.jpg%22%2C%22https%3A%2F%2Fs3-eu-west-1.amazonaws.com%2Fsovereign2019-live%2Fimages%2Fhome%2Fslider%2Fthumbnail-160322SOVEREIGNGLASGOW-3.jpg%22%5D%2C%22og%3Aimage%3Awidth%22%3A%22476%22%2C%22og%3Aimage%3Aheight%22%3A%22249%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fsovereign-grooming.com%22%2C%22og%3Atitle%22%3A%22GLASGOW%20BARBER%20%7C%20EDINBURGH%20BARBER%20%7C%20ABERDEEN%20BARBER%20-%20Sovereign%20Grooming%22%2C%22og%3Asite_name%22%3A%22Sovereign%20Grooming%22%2C%22og%3Adescription%22%3A%22Luxury%20barber%20shops%20in%20Glasgow%2C%20Edinburgh%20and%20Aberdeen%20led%20by%20Kyle%20Ross%2C%20Best%20Barber%20UK.%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1669997126612.773128736&it=1669997126442&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 02 Dec 2022 16:05:27 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
071e02ce-7101-4319-8440-5b7c4711e498
wow.getsquire.com/brands/ Frame F46E
2 KB
1 KB
Document
General
Full URL
https://wow.getsquire.com/brands/071e02ce-7101-4319-8440-5b7c4711e498
Requested by
Host: widget.getsquire.com
URL: https://widget.getsquire.com/v2/frameLoader.js?1669997126581
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f16258c2d9d643228248f5fe602b203423e5309faae45a4fcfb92c5f294e609

Request headers

Referer
https://sovereign-grooming.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=300
cf-cache-status
DYNAMIC
cf-ray
77354ddd4f0cbbb6-FRA
content-encoding
gzip
content-type
text/html
date
Fri, 02 Dec 2022 16:05:28 GMT
last-modified
Thu, 01 Dec 2022 21:10:57 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ii00D45o2aDPdIZ%2BNnNCMQPwa2CnKe4c7GT1w9simTvok0RT8a0xjxefoydB2HHJ%2Bq50DKEs5L%2B10p%2FXSl7m2uwbMgGnmY31wu1sPLMA2vEjPJHhzS4iTe6R5voD4tMuwvrwhd%2FpqvpgKUeHoIgy"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
via
1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
x-amz-cf-id
gjX7Eif5e_xkHU-4Ak_HqiKScgtuvCpkOSCVPEdzGXe9NZ3WqrqR1g==
x-amz-cf-pop
FRA56-C2
x-cache
Error from cloudfront
pay.js
pay.google.com/gp/p/js/ Frame F46E
102 KB
33 KB
Script
General
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: wow.getsquire.com
URL: https://wow.getsquire.com/brands/071e02ce-7101-4319-8440-5b7c4711e498
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
94fbb12d189bdafc696e17aa8cf98a377f329e1a41e51b61f2c5ad15e0f8df08
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-oll_n2sZzDG7Q3hJQwGe0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wow.getsquire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:05:28 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-oll_n2sZzDG7Q3hJQwGe0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin; report-to="InstantbuyFrontendHttp"
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"InstantbuyFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendHttp/external"}]}
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Fri, 02 Dec 2022 16:05:28 GMT
api.js
apis.google.com/js/ Frame F46E
17 KB
7 KB
Script
General
Full URL
https://apis.google.com/js/api.js
Requested by
Host: wow.getsquire.com
URL: https://wow.getsquire.com/brands/071e02ce-7101-4319-8440-5b7c4711e498
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ad7ec445c350e3df6db55480ecea6e0307a0c6848efabfa53034f3c46f774bf
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wow.getsquire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 02 Dec 2022 16:05:28 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6892
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"c415cca8db9a84a4"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Dec 2022 16:05:28 GMT
main.b84bc5ec08ddf55c9e8e.js
wow.getsquire.com/ Frame F46E
2 MB
659 KB
Script
General
Full URL
https://wow.getsquire.com/main.b84bc5ec08ddf55c9e8e.js
Requested by
Host: wow.getsquire.com
URL: https://wow.getsquire.com/brands/071e02ce-7101-4319-8440-5b7c4711e498
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
058f7702984e3052d0b9d453d4f68ccd0b474eb348cf985c7d9f632c53ba28e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wow.getsquire.com/brands/071e02ce-7101-4319-8440-5b7c4711e498
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:05:28 GMT
via
1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
DUS51-C1
age
2374
cf-polished
origSize=2145010
x-cache
Miss from cloudfront
cf-bgj
minify
last-modified
Thu, 01 Dec 2022 21:10:55 GMT
server
cloudflare
etag
W/"a73cc3884283557d3cc7846b83bab91b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1lWQhYFbfhOOUxnsmr4vpA4ZmY8wdyD6sK4%2FXkcTdQnus7%2FZky8gGsZycoBsMZOAyVZCXCPiPSuoHC53W%2Fump5QYzCzb%2FfuxkSsK6Ewn8xDrDvOp2bhfhF7OmxM1B2aBBUX3Zq6EDNOPok2ZXMbw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
77354de43d75bbb6-FRA
x-amz-cf-id
7nXiMXrRAGJ78kAk2E3irrb38czpBNrnelxZeNph8K1Wi9WBu0gb1w==
expires
Sat, 03 Dec 2022 16:05:28 GMT
071e02ce-7101-4319-8440-5b7c4711e498
api.getsquire.com/v1/home/ Frame
0
0
Preflight
General
Full URL
https://api.getsquire.com/v1/home/071e02ce-7101-4319-8440-5b7c4711e498?include=shops,shops.staticMap,shops.address,shops.photos,shops.instagramImages&nonSquireEcosystem=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://wow.getsquire.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://wow.getsquire.com
access-control-max-age
1728000
cf-cache-status
DYNAMIC
cf-ray
77354de74de2914d-FRA
content-length
0
date
Fri, 02 Dec 2022 16:05:29 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TSgU7eJvfWLlWGMD%2B2zIcIwHsDCYAn5F0lUiaW5d62c32Y%2FMH5r1egN%2Bf2ijahl6cRk0464tahcxe5Y6%2Fc8L3gLWA7aU2sPeW07pyf%2BuPaTleYRRL%2B1dfqvGUGdj%2Fissv%2FOKoWeqKHdesKP7jM7u"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Access-Control-Request-Headers
x-powered-by
Express
071e02ce-7101-4319-8440-5b7c4711e498
api.getsquire.com/v1/home/ Frame F46E
21 KB
5 KB
Fetch
General
Full URL
https://api.getsquire.com/v1/home/071e02ce-7101-4319-8440-5b7c4711e498?include=shops,shops.staticMap,shops.address,shops.photos,shops.instagramImages&nonSquireEcosystem=true
Requested by
Host: wow.getsquire.com
URL: https://wow.getsquire.com/main.b84bc5ec08ddf55c9e8e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b757ccf7180797d95c8585363bd3b0b08f26c7589de8a9921ef249f722b7403
Security Headers
Name Value
Content-Security-Policy img-src 'self' getsquire.com *.getsquire.com;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://wow.getsquire.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 02 Dec 2022 16:05:29 GMT
content-security-policy
img-src 'self' getsquire.com *.getsquire.com;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
surrogate-control
no-store
x-dns-prefetch-control
off
x-xss-protection
0
pragma
no-cache
referrer-policy
no-referrer
server
cloudflare
etag
W/"5433-OJ5mpMcG+/1zhlZ6eWJE2TxLWkw"
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wow.getsquire.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p6fbrvkFwGLECJhwuR%2FxlMUyqh7L82DoW2dik7DdVALUGeo1zOGDwvp398xWueFxhb%2BMlUpPpU5pqOhbOddW%2BQERue5XyIXjlsiTf2fvje10WdNLouvi9NnYgEPZCirhxRYaAjujdSA0Iz%2BfuVrN"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray
77354de8c920914d-FRA
expires
0
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.K9Su0nk3cW8.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8btnHqwUVabznuJubPHkJyYc6kxA/ Frame F46E
108 KB
36 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.K9Su0nk3cW8.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8btnHqwUVabznuJubPHkJyYc6kxA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b739d964c631b956ef432d48cdfbf1afb06504d195d26a2a1a892dc4bb11f90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wow.getsquire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 14:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7028
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36751
x-xss-protection
0
last-modified
Tue, 01 Nov 2022 15:24:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 14:08:20 GMT
truncated
/ Frame F46E
14 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
491b7037472ff549180180085455a0a78b9662caae45e5f4ab81bfeda3c7cb55

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
image/png
v3
js.stripe.com/ Frame F46E
398 KB
96 KB
Script
General
Full URL
https://js.stripe.com/v3
Requested by
Host: wow.getsquire.com
URL: https://wow.getsquire.com/main.b84bc5ec08ddf55c9e8e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e3350f0df8b8f4eccd69dfa9c449b8d8eb53bbb81d7efa83aabebb10079b9658
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wow.getsquire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 02 Dec 2022 16:05:28 GMT
via
1.1 varnish
age
22
x-cache
HIT
content-length
97930
x-request-id
62484d53-3cab-4373-976f-ab4dee5312f8
x-served-by
cache-hhn4058-HHN
last-modified
Thu, 01 Dec 2022 21:17:15 GMT
server
Fastly
etag
"f60450f904c88c375f2155e2cc09c458"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
23
payframe
pay.google.com/gp/p/ui/ Frame F3F6
18 KB
7 KB
Document
General
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwow.getsquire.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3e00af6c3521a2bc1b19288eb2c71730a10bbc145c4994bc6665442a57fd39a9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7MyrpVcy4mWWv3rtaVsfFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wow.getsquire.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-7MyrpVcy4mWWv3rtaVsfFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin; report-to="InstantbuyFrontendBuyflowPayframeUi"
cross-origin-resource-policy
same-site
date
Fri, 02 Dec 2022 16:05:28 GMT
expires
Fri, 02 Dec 2022 16:05:28 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to
{"group":"InstantbuyFrontendBuyflowPayframeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayframeUi/external"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
truncated
/ Frame F46E
51 KB
51 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bf46c4cad79f13df13fa0e1aa7ec492b2e9065c068d50a0a859a34c2d5a8e23f

Request headers

Referer
Origin
https://wow.getsquire.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
font/woff2
truncated
/ Frame F46E
42 KB
42 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02a943615e7d82863a6484ce8cc8a93ca7a789325b81febad5205d645e804876

Request headers

Referer
Origin
https://wow.getsquire.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
font/woff2
c3b2f451-6032-4059-823d-b4df783e3208
https://wow.getsquire.com/ Frame F46E
25 KB
0
Other
General
Full URL
blob:https://wow.getsquire.com/c3b2f451-6032-4059-823d-b4df783e3208
Requested by
Host: wow.getsquire.com
URL: https://wow.getsquire.com/brands/071e02ce-7101-4319-8440-5b7c4711e498
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eeaf0dfe446382d25cd6a6795ea20b8a9287c5a899bdc37701e099787728b0b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Length
25281
controller-6807626aac0c9ec4dec377e6a032abaf.html
js.stripe.com/v3/ Frame E017
325 B
701 B
Document
General
Full URL
https://js.stripe.com/v3/controller-6807626aac0c9ec4dec377e6a032abaf.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
b9791ec131156bff05f5bccfc51771d61d7d34e09114abdef87053cc6198f376
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wow.getsquire.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
43
cache-control
max-age=60
content-encoding
br
content-length
155
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 02 Dec 2022 16:05:29 GMT
etag
"6807626aac0c9ec4dec377e6a032abaf"
last-modified
Thu, 01 Dec 2022 20:24:23 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
24
x-content-type-options
nosniff
x-request-id
d4455de5-88a1-41e6-9c61-8de7e49eb55b
x-served-by
cache-hhn4058-HHN
gen_204
maps.googleapis.com/maps/api/mapsjs/
3 B
45 B
XHR
General
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyC3Ux5uJMKOtXn7zP5BozhrK0PgP7Y1hLc&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:05:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://sovereign-grooming.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23
x-xss-protection
0
m-outer-93afeeb17bc37e711759584dbfc50d47.html
js.stripe.com/v3/ Frame A121
200 B
838 B
Document
General
Full URL
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sovereign-grooming.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1627228
cache-control
max-age=31536000
content-encoding
br
content-length
122
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 02 Dec 2022 16:05:29 GMT
etag
"93afeeb17bc37e711759584dbfc50d47"
last-modified
Sun, 13 Nov 2022 20:03:40 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
93558
x-content-type-options
nosniff
x-request-id
2950d824-6f83-48e6-bfbc-004f98a31ecb
x-served-by
cache-hhn4058-HHN
anchor
www.google.com/recaptcha/api2/ Frame CB2D
43 KB
23 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD&co=aHR0cHM6Ly9zb3ZlcmVpZ24tZ3Jvb21pbmcuY29tOjQ0Mw..&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=normal&cb=jcpf5usuat8n
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0b2e79aa941d9019a92d3aa7b72e2f70bd84a5580c2bf3c4ea99f253ba02560b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XQsltdsnMX5W1Q9zlCB3Kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sovereign-grooming.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
23060
content-security-policy
script-src 'report-sample' 'nonce-XQsltdsnMX5W1Q9zlCB3Kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 02 Dec 2022 16:05:29 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
csp-report
q.stripe.com/ Frame E017
0
570 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 02 Dec 2022 16:05:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
8
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
shared-f84b9718522ca43a19002d99fcb8df31.js
js.stripe.com/v3/fingerprinted/js/ Frame E017
294 KB
66 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-f84b9718522ca43a19002d99fcb8df31.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-6807626aac0c9ec4dec377e6a032abaf.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
c0b991a9d607e48bc0b036196862fec5ad353194ddc5f84be0fdaf21328af45d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-6807626aac0c9ec4dec377e6a032abaf.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 02 Dec 2022 16:05:29 GMT
via
1.1 varnish
age
70753
x-cache
HIT
content-length
67240
x-request-id
69fd1178-4bdb-43a7-8627-1049e0eea394
x-served-by
cache-hhn4058-HHN
last-modified
Thu, 01 Dec 2022 20:24:33 GMT
server
Fastly
etag
"832027d4f329e8e74a84506a015a58df"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
10695
controller-79f58911ba490bb99ff85cb64206068f.js
js.stripe.com/v3/fingerprinted/js/ Frame E017
440 KB
106 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-79f58911ba490bb99ff85cb64206068f.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-6807626aac0c9ec4dec377e6a032abaf.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
262443dc408d2505fdec1d2328ddfa4be1f4fca4a05339e24bab0bf9d0efb54b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-6807626aac0c9ec4dec377e6a032abaf.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 02 Dec 2022 16:05:29 GMT
via
1.1 varnish
age
70752
x-cache
HIT
content-length
108705
x-request-id
01ab9a08-7b94-45a7-b1b8-84f53b7a159c
x-served-by
cache-hhn4058-HHN
last-modified
Thu, 01 Dec 2022 20:24:31 GMT
server
Fastly
etag
"96cc675ea52eae89fd5fd8af463dbb16"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
10035
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame F3F6
2 KB
2 KB
Other
General
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwow.getsquire.com&mid=
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 02 Dec 2022 16:05:29 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1608
content-type
text/html; charset=UTF-8
m=_b,_tp,_r
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.p7YkVJTFUaU.es5.O/am=xgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfr... Frame F3F6
154 KB
54 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.p7YkVJTFUaU.es5.O/am=xgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgmOibrntoosTfjgwbyFM1H9KZHEg/m=_b,_tp,_r
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwow.getsquire.com&mid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91aa408b041ced606a02fd9523087e5f789f8eb60aa7b9ca1e31072c874d9fa1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 17:31:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81258
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55420
x-xss-protection
0
last-modified
Thu, 01 Dec 2022 08:24:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 01 Dec 2023 17:31:11 GMT
dropdownarrow2.svg
cookieless.imajica.co.uk/sovereign-live/images/
645 B
991 B
Image
General
Full URL
https://cookieless.imajica.co.uk/sovereign-live/images/dropdownarrow2.svg
Requested by
Host: cookieless.imajica.co.uk
URL: https://cookieless.imajica.co.uk/sovereign-live/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),
Reverse DNS
cf.imajica.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
47367f189d8820ebc8d5774d4bcd2f2466e36d36b546109048a1c17f91ea93af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cookieless.imajica.co.uk/sovereign-live/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Fri, 02 Dec 2022 16:05:28 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 20 Mar 2019 15:32:35 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
645
ajax-loader.gif
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/
4 KB
4 KB
Image
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ajax-loader.gif
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:05:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3003859
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3208
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-1052"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I8JwQ0qxE8NhVdddgVt%2BIT%2BDVhISPjZo9chcmHrcSAUeQYzLjAhsVhdjiMe47xPtLEEygSeAVn6nMzwGUCOEm%2F5ujTEmnfCNVA0n587U5PMOkAnY2M%2FJvAOs5EP%2BnLSwPZ43AVACPIO4foNOPzfcdCLc"}],"group":"cf-nel","max_age":604800}
content-type
image/gif; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77354de91c4b5cb0-FRA
expires
Wed, 22 Nov 2023 16:05:29 GMT
1_240x240.png
cdn.shopify.com/s/files/1/0069/3613/3732/products/
3 KB
4 KB
Image
General
Full URL
https://cdn.shopify.com/s/files/1/0069/3613/3732/products/1_240x240.png?v=1551607846
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.134.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a468e470fc78321a27319224bfddf0709112e7e3f3398d265e0c52d8897de2d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:05:29 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,us-east1
source-type
image/png
server-timing
imagery;dur=285.111, imageryFetch;dur=84.170, imageryProcess;dur=200.236;desc="image", cfRequestDuration;dur=167.999983
source-length
126318
content-length
2828
x-xss-protection
1; mode=block
x-request-id
42d27c96-616d-469b-9b77-70d8fc9dd283
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 27 Nov 2022 21:35:40 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W7SCZdD7ABGP85Rpr9eGv52SLtY55FOUJ0nk%2FP2n1GK%2BANsKTaREyamAwnNFg2NsF%2FSZX91hj%2FxPXC%2BRlbYZhxc%2FfzP9dqA9c15%2Fdh2kW%2FE8viIbfVz0rKTRWbPSPu5LVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0069/3613/3732/products/1_240x240.png>; rel="canonical"
cf-ray
77354de97ae8995a-FRA
Beard_Elixar_240x240.png
cdn.shopify.com/s/files/1/0069/3613/3732/products/
5 KB
6 KB
Image
General
Full URL
https://cdn.shopify.com/s/files/1/0069/3613/3732/products/Beard_Elixar_240x240.png?v=1551615746
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.134.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cf98d680b3586e776734de4f8f7cd3ce46dd8930a674428453089c515716bf8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:05:29 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,us-central1
source-type
image/png
server-timing
imagery;dur=245.343, imageryFetch;dur=31.361, imageryProcess;dur=213.431;desc="image", cfRequestDuration;dur=137.000084
source-length
462420
content-length
5442
x-xss-protection
1; mode=block
x-request-id
90c71037-6058-4c2c-8732-6be418048bf2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 16 Nov 2022 03:15:48 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZecWQZGm%2FMSVObDsAB6uaDsVFAVKBIO7EIyy%2F4lRoDoKSDQMKdb0l8DSLkKBNv1kE95j%2F4wyM73zElVRcE%2Buzo1aABvnG5oTjZ%2Frt3EZh9mTyE7TCKuR7W80%2BlGxeTAmew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0069/3613/3732/products/Beard_Elixar_240x240.png>; rel="canonical"
cf-ray
77354de97aea995a-FRA
Beard_Shampoo_Conditioner_240x240.png
cdn.shopify.com/s/files/1/0069/3613/3732/products/
4 KB
4 KB
Image
General
Full URL
https://cdn.shopify.com/s/files/1/0069/3613/3732/products/Beard_Shampoo_Conditioner_240x240.png?v=1551607585
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.134.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc20d33e8fa1cd59cc784d609befda02e6dc833c96f4833b5dfe56385bffe3e9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:05:29 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-east1,us-central1
source-type
image/png
server-timing
imagery;dur=344.113, imageryFetch;dur=84.036, imageryProcess;dur=259.384;desc="image", cfRequestDuration;dur=141.000032
source-length
250232
content-length
3969
x-xss-protection
1; mode=block
x-request-id
5c534837-9888-483d-89bb-6de3fd11e4ca
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 23 Nov 2022 05:14:48 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXKSrVphJYF9FxRSNe39wZ8kMuCaFaZtyRww4ghp0iHYVef7XuBtI0tV%2Fx0UtJRMAoNhgf%2FvclgFOL3KW8f11KdEaciCgF67Knp0ggkLXlvdfqueYSNBcf6rHcci4gCGaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0069/3613/3732/products/Beard_Shampoo_Conditioner_240x240.png>; rel="canonical"
cf-ray
77354de97aec995a-FRA
Beard_Balm_240x240.png
cdn.shopify.com/s/files/1/0069/3613/3732/products/
4 KB
5 KB
Image
General
Full URL
https://cdn.shopify.com/s/files/1/0069/3613/3732/products/Beard_Balm_240x240.png?v=1551615911
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.134.68 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ebd172205f1e25c33f1d614503dd7152557ef23d65e479a80ff9c2db93a4bdd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:05:29 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc
gcp-us-central1,us-central1
source-type
image/png
server-timing
imagery;dur=334.747, imageryFetch;dur=48.893, imageryProcess;dur=285.101;desc="image", cfRequestDuration;dur=146.000147
source-length
269482
content-length
4245
x-xss-protection
1; mode=block
x-request-id
a73dcbdd-036a-41b2-8966-cd09c64b7ab0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 16 Oct 2022 12:29:57 GMT
server
cloudflare
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6WXLOlS4ZuTVLOHOJAsIhgkGT6JyigKhATyrVhcg5%2BFgnocwPPdW9N%2FCn%2FBNkkcTqiJK7YM4pQOeg9ftLuxG1vSRC2ntiqhlcSKPsQr0qjPMfyWICg4Y5%2BK%2F17NTXksgUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0069/3613/3732/products/Beard_Balm_240x240.png>; rel="canonical"
cf-ray
77354de97aef995a-FRA
csp-report
q.stripe.com/ Frame A121
0
570 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 02 Dec 2022 16:05:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
8
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame A121
0
570 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 02 Dec 2022 16:05:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
8
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-8cb24ab2d649fd36a488d04d8c457933.js
js.stripe.com/v3/fingerprinted/js/ Frame A121
631 B
466 B
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 02 Dec 2022 16:05:29 GMT
via
1.1 varnish
age
1627227
x-cache
HIT
content-length
332
x-request-id
b97cb911-aad5-4490-aeda-8a95050a4422
x-served-by
cache-hhn4058-HHN
last-modified
Sun, 13 Nov 2022 20:03:40 GMT
server
Fastly
etag
"f8f6a4584135f737b26927596ce6e0a7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
82860
styles__ltr.css
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame CB2D
52 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD&co=aHR0cHM6Ly9zb3ZlcmVpZ24tZ3Jvb21pbmcuY29tOjQ0Mw..&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=normal&cb=jcpf5usuat8n
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 14:58:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4046
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 03:01:59 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 14:58:03 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame CB2D
402 KB
161 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD&co=aHR0cHM6Ly9zb3ZlcmVpZ24tZ3Jvb21pbmcuY29tOjQ0Mw..&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=normal&cb=jcpf5usuat8n
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5773240cdcd07b20f60e178a5d1bdbec55783aba224236be6a40429d1cf44998
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 15:37:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1701
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
164812
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 03:01:59 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 15:37:08 GMT
replay
session-replay.browser-intake-datadoghq.com/api/v2/ Frame F46E
53 B
239 B
XHR
General
Full URL
https://session-replay.browser-intake-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A4.11.5%2Cenv%3Aproduction%2Cservice%3Awow-mobile%2Cversion%3A1.2.1_8f6cebc8&dd-api-key=pubb50e3767170ef4f7c8fbb770bd3aa1ec&dd-evp-origin-version=4.11.5&dd-evp-origin=browser&dd-request-id=bd38ef5d-d5d4-4199-b853-3252dd094cad
Requested by
Host: wow.getsquire.com
URL: https://wow.getsquire.com/main.b84bc5ec08ddf55c9e8e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:b572:de83:bde:5bf9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
5abfff379531bbe9d2d60eb45a11dda970c9c89ccc78b7889bc7de0a4d7a9028
Security Headers
Name Value
Strict-Transport-Security max-age=15724800;
X-Content-Type-Options nosniff

Request headers

Referer
https://wow.getsquire.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary7ZSZsr3w7HWSsQ0m

Response headers

access-control-allow-origin
*
date
Fri, 02 Dec 2022 16:05:30 GMT
strict-transport-security
max-age=15724800;
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
content-length
53
content-type
application/json
inner.html
m.stripe.network/ Frame 6F58
930 B
2 KB
Document
General
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:b600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
38
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 02 Dec 2022 16:04:55 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
x-amz-cf-id
ct92vPP1WViI-lNb6Ac5wqL7qYTLDP-4JygzJxwsfWvIqSPtqSWKYg==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
.deploy_status_henson.json
js.stripe.com/v3/ Frame E017
474 B
588 B
Fetch
General
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f84b9718522ca43a19002d99fcb8df31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
8149465c007a298a66a8e23a6a95fc551358fc756ae375ba8b35a5bfdb69d9c8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-6807626aac0c9ec4dec377e6a032abaf.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 02 Dec 2022 16:05:29 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
50
x-cache
HIT
content-length
279
x-request-id
2a12d250-dde4-40e0-a1fc-578b22147fa6
x-served-by
cache-hhn4055-HHN
last-modified
Thu, 01 Dec 2022 21:17:15 GMT
server
Fastly
etag
"c5d8f307e75c8905d4004a3fc5980820"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
17
m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.p7YkVJTFUaU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q0q... Frame F3F6
69 KB
25 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.p7YkVJTFUaU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q0q0HRc5R0M.L.B1.O/am=xgAQ/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfriBOyiuU4y1K16P6dqLpFZBhWn8pA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.p7YkVJTFUaU.es5.O/am=xgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgmOibrntoosTfjgwbyFM1H9KZHEg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad04a02a8232309e535a6e72de5b63f63723bf5463b230ab5788456c93ac18c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 17:31:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25997
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 02:25:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 01 Dec 2023 17:31:20 GMT
csp-report
q.stripe.com/ Frame 6F58
0
345 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Fri, 02 Dec 2022 16:05:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
cross-origin-opener-policy
same-origin
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
x-robots-tag
none
content-length
0
expires
0
truncated
/ Frame CB2D
14 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame CB2D
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame CB2D
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 19:40:09 GMT
x-content-type-options
nosniff
age
73520
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 08 Dec 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CB2D
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD&co=aHR0cHM6Ly9zb3ZlcmVpZ24tZ3Jvb21pbmcuY29tOjQ0Mw..&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=normal&cb=jcpf5usuat8n
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 19:21:27 GMT
x-content-type-options
nosniff
age
247442
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Nov 2023 19:21:27 GMT
out-4.5.42.js
m.stripe.network/ Frame 6F58
86 KB
14 KB
Script
General
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:b600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 02 Dec 2022 16:03:28 GMT
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
via
1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
age
124
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
terf2q0Fe7nOGAWVJ2ML-sTbfVeKvr3j7QUtRknIjloERKku0pcEfQ==
webworker.js
www.google.com/recaptcha/api2/ Frame CB2D
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Km9gKuG06He-isPsP6saG8cn
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD&co=aHR0cHM6Ly9zb3ZlcmVpZ24tZ3Jvb21pbmcuY29tOjQ0Mw..&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=normal&cb=jcpf5usuat8n
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4d77e58db2ca624537becef34dff8d3c24628e41592ac4106e1b5813e0a1d8a0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD&co=aHR0cHM6Ly9zb3ZlcmVpZ24tZ3Jvb21pbmcuY29tOjQ0Mw..&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=normal&cb=jcpf5usuat8n
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:05:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Fri, 02 Dec 2022 16:05:29 GMT
0
r.stripe.com/ Frame E017
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f84b9718522ca43a19002d99fcb8df31.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Fri, 02 Dec 2022 16:05:30 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame E017
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f84b9718522ca43a19002d99fcb8df31.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Fri, 02 Dec 2022 16:05:30 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame E017
0
128 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f84b9718522ca43a19002d99fcb8df31.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Fri, 02 Dec 2022 16:05:30 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame E017
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f84b9718522ca43a19002d99fcb8df31.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Fri, 02 Dec 2022 16:05:30 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame E017
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f84b9718522ca43a19002d99fcb8df31.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Fri, 02 Dec 2022 16:05:30 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame E017
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f84b9718522ca43a19002d99fcb8df31.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Fri, 02 Dec 2022 16:05:30 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame E017
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f84b9718522ca43a19002d99fcb8df31.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Fri, 02 Dec 2022 16:05:30 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame E017
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f84b9718522ca43a19002d99fcb8df31.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Fri, 02 Dec 2022 16:05:30 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame E017
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f84b9718522ca43a19002d99fcb8df31.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Fri, 02 Dec 2022 16:05:30 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame E017
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f84b9718522ca43a19002d99fcb8df31.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Fri, 02 Dec 2022 16:05:30 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
pay
pay.google.com/gp/p/ui/ Frame F3F6
1 MB
355 KB
XHR
General
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.p7YkVJTFUaU.es5.O/am=xgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgmOibrntoosTfjgwbyFM1H9KZHEg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab67cb38df47e27b314a811139171e45dbd7124d78bdfd4626fd73b059ede91b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-Kd2xCddFN3dZIVT3XZ550g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:05:29 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-Kd2xCddFN3dZIVT3XZ550g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
unsafe-none; report-to="InstantbuyFrontendBuyflowPayUi"
server
ESF
x-frame-options
DENY
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
report-to
{"group":"InstantbuyFrontendBuyflowPayUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayUi/external"}]}
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Fri, 02 Dec 2022 16:05:29 GMT
truncated
/ Frame F46E
318 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05822e75aef3e830d3b16740100cb4fef5e3632fea0c11bba633dbe342df47a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
image/png
1b64da75-851a-42fa-b1a1-7d3cabf5555a_untitled-design-13.png
images-prod-1.getsquire.com/ Frame F46E
236 KB
237 KB
Image
General
Full URL
https://images-prod-1.getsquire.com/1b64da75-851a-42fa-b1a1-7d3cabf5555a_untitled-design-13.png
Requested by
Host: wow.getsquire.com
URL: https://wow.getsquire.com/brands/071e02ce-7101-4319-8440-5b7c4711e498
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6be10b2a466fd187fb1c8efb1c0a315a4dace9a75e746b379580c6f67e9aadb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wow.getsquire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:05:29 GMT
x-amz-version-id
9yuzw6zmyPKZtO_I0XNLOS6cB_IEENvq
via
1.1 85ca8c4198fb707d10ecc2a784a315be.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P7
x-cache
Hit from cloudfront
content-length
242158
last-modified
Sun, 20 Mar 2022 11:48:11 GMT
server
cloudflare
etag
"d0682a6dc9926290bf6973f4a5b18833"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuUF9exsn8y0oGXMcF4updpTIxLayObb0l2qKbxI95jtuHQbbfZqwqPiZQyUWY3XFZ%2FJZGxHaZVY5UZoAmXpqq85rm75OevDHz8vRwquLjnVRfueeCsbCOsc%2B3ocelQgOul%2FFynxoMoSfuR12UkecL0ob2aCyG%2FWZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77354deb5dfebbb6-FRA
x-amz-cf-id
iC6TdDFFN3SOsoT-Q8gBeMAxzrdxhGImGRWkcLzjom7BgqTSQFkdaA==
expires
Sat, 03 Dec 2022 16:05:29 GMT
dd1e65f9-2093-47b1-bb9e-a48fa14e2f02_1.png
images-prod-1.getsquire.com/ Frame F46E
134 KB
135 KB
Image
General
Full URL
https://images-prod-1.getsquire.com/dd1e65f9-2093-47b1-bb9e-a48fa14e2f02_1.png
Requested by
Host: wow.getsquire.com
URL: https://wow.getsquire.com/brands/071e02ce-7101-4319-8440-5b7c4711e498
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c9d0898b8ffd6d21f8c0d99af6d53a2ea85f5ae2fdcd4d117dd748dbc72c267

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wow.getsquire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:05:29 GMT
x-amz-version-id
s89onf7q0M9a5_G6..JEcO2EBxle6FZn
via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P7
x-cache
Hit from cloudfront
content-length
137440
last-modified
Tue, 16 Mar 2021 18:27:54 GMT
server
cloudflare
etag
"ec8339008b115ce5e35bd345e845a75e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ahxXcc5JDi%2FdVwXbh5EJq8UIDBHT%2BmOzdzRTV17553T2CEHQBaO%2B8aMA4cRHtlGEQNOWUOAzqNjMj3xSQJGR4xgWiHgn%2Fb4o%2BLEzzqHwgZyrugduzoxYj2QFgxQbUlyBYZAw9zkvjUJ4VJBAkiHOUby%2Fxcon7RfdlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77354deb5dfdbbb6-FRA
x-amz-cf-id
6j4hqnTYJ3Fmzn-A1yI_0KRBDkt0sOwMOkppfbAGAEUMRZ6DN0kISw==
expires
Sat, 03 Dec 2022 16:05:29 GMT
a3190a93-9f8a-4d2e-8f87-0fd3709b4b01_untitled-design-12.png
images-prod-1.getsquire.com/ Frame F46E
257 KB
258 KB
Image
General
Full URL
https://images-prod-1.getsquire.com/a3190a93-9f8a-4d2e-8f87-0fd3709b4b01_untitled-design-12.png
Requested by
Host: wow.getsquire.com
URL: https://wow.getsquire.com/brands/071e02ce-7101-4319-8440-5b7c4711e498
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f28850fefc149fe6715f241a11eace9b5b37fbc03248269ee9665ce1429a8727

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wow.getsquire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 16:05:29 GMT
x-amz-version-id
VnpNXRmO8jJQ0uX3UWEUSshV.yt.knKx
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P7
x-cache
Hit from cloudfront
content-length
263296
last-modified
Sun, 20 Mar 2022 11:46:38 GMT
server
cloudflare
etag
"ff91e5030a6ed90aa4b6912010fd6560"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2F9n8F0r4U6cAJwX3n3kIpsxoN%2Bs5%2BI%2BavuDnSO2M1JXAMEnydehlXhCZ9BgcuZnVW%2FEiGm0QqeH%2Fm%2FbRcY77p0xdYBr7OHpOBek1QkUeYWFEEzoI50V8woFXjqd0vMdguu5fqTPKyyuxMX0sOQ4f3BlvCXxGGU7OA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77354deb5df7bbb6-FRA
x-amz-cf-id
pqXGbIDVKeOm-OFWo2v40lCRpzVfjiYmSQ6NEoWgPI8YD14X5VaCMw==
expires
Sat, 03 Dec 2022 16:05:29 GMT
truncated
/ Frame F46E
50 KB
50 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b094b2cb09fb3d4e8971679e0d8108b49fcc6c55214b278a7c3f106e67f2b03

Request headers

Referer
Origin
https://wow.getsquire.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type
font/woff2
bframe
www.google.com/recaptcha/api2/ Frame CC3D
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=Km9gKuG06He-isPsP6saG8cn&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
281c7cf266c7d31eff0db5583c45f9a195bf9f2228c894370c18fab84c541b19
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-S8okGdf0oOzypbfJaijCDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sovereign-grooming.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1116
content-security-policy
script-src 'report-sample' 'nonce-S8okGdf0oOzypbfJaijCDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 02 Dec 2022 16:05:29 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.p7YkVJTFUaU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q0q... Frame F3F6
23 KB
9 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.p7YkVJTFUaU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q0q0HRc5R0M.L.B1.O/am=xgAQ/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfriBOyiuU4y1K16P6dqLpFZBhWn8pA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.p7YkVJTFUaU.es5.O/am=xgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgmOibrntoosTfjgwbyFM1H9KZHEg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
137a117277e4cbf4d4deff4f6a461696dd174e5a20a00d783270519422dfad25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 17:31:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9235
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 02:25:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 01 Dec 2023 17:31:20 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.p7YkVJTFUaU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q0q... Frame F3F6
37 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.p7YkVJTFUaU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q0q0HRc5R0M.L.B1.O/am=xgAQ/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfriBOyiuU4y1K16P6dqLpFZBhWn8pA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.p7YkVJTFUaU.es5.O/am=xgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgmOibrntoosTfjgwbyFM1H9KZHEg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93a141de2392de63e7a48b844237f1dacdf2368a261115feeb6650c1e53122c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 17:31:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13980
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 02:25:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 01 Dec 2023 17:31:20 GMT
log
play.google.com/ Frame F3F6
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.p7YkVJTFUaU.es5.O/am=xgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgmOibrntoosTfjgwbyFM1H9KZHEg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 02 Dec 2022 16:05:29 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 02 Dec 2022 16:05:29 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 02 Dec 2022 16:05:29 GMT
expires
Fri, 02 Dec 2022 16:05:29 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame F3F6
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.p7YkVJTFUaU.es5.O/am=xgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgmOibrntoosTfjgwbyFM1H9KZHEg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 02 Dec 2022 16:05:29 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 02 Dec 2022 16:05:29 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 02 Dec 2022 16:05:29 GMT
expires
Fri, 02 Dec 2022 16:05:29 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame F3F6
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.p7YkVJTFUaU.es5.O/am=xgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgmOibrntoosTfjgwbyFM1H9KZHEg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 02 Dec 2022 16:05:29 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 02 Dec 2022 16:05:29 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Fri, 02 Dec 2022 16:05:29 GMT
expires
Fri, 02 Dec 2022 16:05:29 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
replay
session-replay.browser-intake-datadoghq.com/api/v2/ Frame F46E
53 B
238 B
XHR
General
Full URL
https://session-replay.browser-intake-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A4.11.5%2Cenv%3Aproduction%2Cservice%3Awow-mobile%2Cversion%3A1.2.1_8f6cebc8&dd-api-key=pubb50e3767170ef4f7c8fbb770bd3aa1ec&dd-evp-origin-version=4.11.5&dd-evp-origin=browser&dd-request-id=77b67467-d16e-4990-afaf-cb8dfdb8988d
Requested by
Host: wow.getsquire.com
URL: https://wow.getsquire.com/main.b84bc5ec08ddf55c9e8e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:b572:de83:bde:5bf9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
5421d4b74221cd6ca6a1f9905100a76dc789312214f5610e548c3802ef21b036
Security Headers
Name Value
Strict-Transport-Security max-age=15724800;
X-Content-Type-Options nosniff

Request headers

Referer
https://wow.getsquire.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryeckfsDdAponKW5Ln

Response headers

access-control-allow-origin
*
date
Fri, 02 Dec 2022 16:05:30 GMT
strict-transport-security
max-age=15724800;
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
content-length
53
content-type
application/json
styles__ltr.css
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame CC3D
52 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Km9gKuG06He-isPsP6saG8cn&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 14:58:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4046
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24262
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 03:01:59 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 14:58:03 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame CC3D
402 KB
161 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Km9gKuG06He-isPsP6saG8cn&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5773240cdcd07b20f60e178a5d1bdbec55783aba224236be6a40429d1cf44998
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 15:37:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1701
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
164812
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 03:01:59 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 15:37:08 GMT
6
m.stripe.com/ Frame 6F58
156 B
523 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.157.189 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-157-189.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e76deba5c7dd37ab04a7d4902406fc46c565c8b3f1b83da69817ed967817b79d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 02 Dec 2022 16:05:30 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
server
nginx
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
m-outer-93afeeb17bc37e711759584dbfc50d47.html
js.stripe.com/v3/ Frame 4F99
200 B
857 B
Document
General
Full URL
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wow.getsquire.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1627229
cache-control
max-age=31536000
content-encoding
br
content-length
122
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 02 Dec 2022 16:05:29 GMT
etag
"93afeeb17bc37e711759584dbfc50d47"
last-modified
Sun, 13 Nov 2022 20:03:40 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
93560
x-content-type-options
nosniff
x-request-id
109f54b0-3255-46d2-86df-4e224987f0ee
x-served-by
cache-hhn4058-HHN
log
play.google.com/ Frame F3F6
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.p7YkVJTFUaU.es5.O/am=xgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgmOibrntoosTfjgwbyFM1H9KZHEg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Fri, 02 Dec 2022 16:05:29 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pay.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 02 Dec 2022 16:05:29 GMT
0
r.stripe.com/ Frame E017
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f84b9718522ca43a19002d99fcb8df31.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Fri, 02 Dec 2022 16:05:30 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
csp-report
q.stripe.com/ Frame 4F99
0
570 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 02 Dec 2022 16:05:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 4F99
0
570 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Fri, 02 Dec 2022 16:05:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-8cb24ab2d649fd36a488d04d8c457933.js
js.stripe.com/v3/fingerprinted/js/ Frame 4F99
631 B
510 B
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 02 Dec 2022 16:05:29 GMT
via
1.1 varnish
age
1627228
x-cache
HIT
content-length
332
x-request-id
12a89b40-dd1e-4a1a-90e9-eb5f0b2a6312
x-served-by
cache-hhn4058-HHN
last-modified
Sun, 13 Nov 2022 20:03:40 GMT
server
Fastly
etag
"f8f6a4584135f737b26927596ce6e0a7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
82862
inner.html
m.stripe.network/ Frame E83E
930 B
2 KB
Document
General
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:b600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
38
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Fri, 02 Dec 2022 16:04:55 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
x-amz-cf-id
ygLG4E4H3I7ipDSRv6xe2vhPhOXLcYlZd2JTRza0gYU6Mi105uCSlA==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame E83E
0
344 B
Other
General
Full URL
https://q.stripe.com/csp-report
Requested by
Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Fri, 02 Dec 2022 16:05:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
nginx
cross-origin-opener-policy
same-origin
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
x-robots-tag
none
content-length
0
expires
0
out-4.5.42.js
m.stripe.network/ Frame E83E
86 KB
14 KB
Script
General
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:b600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 02 Dec 2022 16:03:28 GMT
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
via
1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
age
124
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
6YLmTab5BRoYr9Wf2Ko462N4_IV0YEkK2VSFb32VQ3RpDhl_rSMD6A==
6
m.stripe.com/ Frame E83E
156 B
521 B
XHR
General
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.82.157.189 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-82-157-189.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
ce820f6da54695d1604c13638a7a8fdc6d36eae978ee27df3242f2ff7ad48ea0
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 02 Dec 2022 16:05:30 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
server
nginx
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
common.js
maps.googleapis.com/maps-api-v3/api/js/51/2/intl/de_ALL/
249 KB
68 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/51/2/intl/de_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyC3Ux5uJMKOtXn7zP5BozhrK0PgP7Y1hLc&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c786df0068c2ae08680515869726a8c52edfc4219e4f60294117f1fb397e169
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 09:45:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22789
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69812
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 22:32:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 09:45:45 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/51/2/intl/de_ALL/
166 KB
61 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/51/2/intl/de_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyC3Ux5uJMKOtXn7zP5BozhrK0PgP7Y1hLc&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1320702d9510099a9f4528734317b25c2697c4de93f1c239cd800e305d8f58c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sovereign-grooming.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Wed, 30 Nov 2022 21:46:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152372
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62761
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 22:32:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Nov 2023 21:46:02 GMT
trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js
js.stripe.com/v3/fingerprinted/js/ Frame F46E
295 B
365 B
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wow.getsquire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 02 Dec 2022 16:05:34 GMT
via
1.1 varnish
age
146068
x-cache
HIT
content-length
209
x-request-id
9ccbb5a3-46dd-405c-ad95-107e1858df1b
x-served-by
cache-hhn4058-HHN
last-modified
Tue, 22 Nov 2022 03:54:48 GMT
server
Fastly
etag
"477956b204dfd45e10334fc060914d4b"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
8770
0
r.stripe.com/ Frame E017
0
127 B
Fetch
General
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f84b9718522ca43a19002d99fcb8df31.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Fri, 02 Dec 2022 16:05:34 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontentvisibilityautostatechange object| cookieconsent function| gtag object| dataLayer function| fbq function| _fbq function| initMap object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| ml_webform_success_1249538 function| ml_guid function| $ function| jQuery object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| recaptcha function| ml_jQuery object| _squireWidgetConfig object| gaplugins object| gaGlobal object| gaData function| Inputmask object| webpackChunkStripeJSouter function| Stripe function| _squireMountWidgetSetup object| SquireWidget object| _squireQueryClient function| _preloadSquireWidgetSetup object| bodyScrollLock function| Cookies object| core function| Typewriter function| isYouMobile function| isYouIpad function| sliderHeight function| mobileNav function| customPanelHeight function| buttonWidth function| detectmob function| Blazy object| google object| module$contents$mapsapi$overlay$overlayView_OverlayView object| closure_lm_859128 boolean| isMobile string| whichDevice string| clickType boolean| isIpad

14 Cookies

Domain/Path Name / Value
sovereign-grooming.com/ Name: CFID
Value: 30415544
sovereign-grooming.com/ Name: CFTOKEN
Value: addbbd801da2bb80-43D21B7E-FC93-2B41-C83A5B0FE243B9C2
sovereign-grooming.com/ Name: JSESSIONID
Value: 4521562E394E959C7969E74857156A11.cfusion
.getsquire.com/ Name: __cf_bm
Value: acVrtu9M_haFY0e.7aj_LmpnCyZHYJEX1o.LGDFLzcs-1669997126-0-AX8tfYZAAGts1LPNgDWGWhNzI8Zgtpg2/gpkoSRbyLpNzZ/BjM60sfM+83rS+e4Qqe56kJZC5hg928rdhS5OTOQ=
.sovereign-grooming.com/ Name: _ga
Value: GA1.2.402414351.1669997127
.sovereign-grooming.com/ Name: _gid
Value: GA1.2.591933003.1669997127
.sovereign-grooming.com/ Name: _gat_gtag_UA_34216017_3
Value: 1
.sovereign-grooming.com/ Name: _gat_gtag_UA_122856_83
Value: 1
.sovereign-grooming.com/ Name: _fbp
Value: fb.1.1669997126612.773128736
.google.com/ Name: NID
Value: 511=kdMUywK-_6GsGDQuuVnvBASl4YW7h80lov8OjJvTxY8WqV9tW1neChcw7B4WGB4zbLAFxtAIjcHmF1uCQuUN7YW5wtfuu2yeIrPH_0qubIM5YamRNdSeOGAfm7UEcSuDCl3ThzsfhzBAi5W3hoGg3nLvaA30K2G4oBLl3A3F0sw
.sovereign-grooming.com/ Name: __stripe_mid
Value: 3a21ec88-2dea-49d5-9c8c-cecb71e31bbaa025c2
.sovereign-grooming.com/ Name: __stripe_sid
Value: 13efb440-6565-42b4-8667-862547198df12dcc9a
m.stripe.com/ Name: m
Value: cb0962f4-2688-4ead-bb86-1a2b5b748920082208
.wow.getsquire.com/ Name: _dd_s
Value: rum=1&id=4fdc678c-8846-4e76-9082-b5baf622bb01&created=1669997128628&expire=1669998028628

4 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-inline' cookieless.imajica.co.uk *.amazonaws.com *.cloudflare.com *.google.com code.jquery.com cdn.jsdelivr.net *.googletagmanager.com *.getsquire.com *.stripe.com *.google-analytics.com *.facebook.net *.googleapis.com *.gstatic.com *.mailerlite.com *.shopify.com *.facebook.com *.mxpnl.com *.vimeo.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.getsquire.com
apis.google.com
cdn.jsdelivr.net
cdn.mailerlite.com
cdn.shopify.com
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
cookieless.imajica.co.uk
fonts.googleapis.com
fonts.gstatic.com
huntsman-aberdeen.com
images-prod-1.getsquire.com
js.stripe.com
m.stripe.com
m.stripe.network
maps.googleapis.com
pay.google.com
play.google.com
q.stripe.com
r.stripe.com
s3-eu-west-1.amazonaws.com
session-replay.browser-intake-datadoghq.com
sovereign-grooming.com
static.mailerlite.com
track.mailerlite.com
widget.getsquire.com
wow.getsquire.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
108.179.232.157
151.101.64.176
162.159.134.68
2001:4de0:ac18::1:a:3b
2600:1f18:24e6:b901:b572:de83:bde:5bf9
2600:9000:2057:b600:19:7d10:bd80:93a1
2606:4700::6810:5514
2606:4700::6811:190e
2606:4700::6812:c45
2606:4700::6812:f16
2a00:1450:4001:801::200e
2a00:1450:4001:803::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2004
2a00:1450:4001:812::200e
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2008
2a00:1450:400c:c00::5c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.82.157.189
5.10.25.6
52.218.118.0
54.187.119.242
02a943615e7d82863a6484ce8cc8a93ca7a789325b81febad5205d645e804876
05822e75aef3e830d3b16740100cb4fef5e3632fea0c11bba633dbe342df47a1
058f7702984e3052d0b9d453d4f68ccd0b474eb348cf985c7d9f632c53ba28e6
0896440488004a152d26c9c80a8f111f10bc1f59139371dfc529d27785d0f515
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0a468e470fc78321a27319224bfddf0709112e7e3f3398d265e0c52d8897de2d
0b2e79aa941d9019a92d3aa7b72e2f70bd84a5580c2bf3c4ea99f253ba02560b
0daf0115b718f2b334a5f44c064394cc317eb6c5cef7d9145fe7dbc64f4f6394
0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849
0ebd172205f1e25c33f1d614503dd7152557ef23d65e479a80ff9c2db93a4bdd
137a117277e4cbf4d4deff4f6a461696dd174e5a20a00d783270519422dfad25
1959be9cbfd6e9c65d1f1a699b4ba478fbc489338c96f9ec227c7bfbad9bbc5d
1a3855d1dbb188b21f56417936424e6963674612244b49de695e843a185f4469
1acbdfed09e156ce09de0bc254132a64356856c2593be41c84bbb14ec311505f
1ad8ee4a07deafe95a7c98ce3bc3c33c1772fcf1ca61ddb0292cb5ad9d160ab3
1b739d964c631b956ef432d48cdfbf1afb06504d195d26a2a1a892dc4bb11f90
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1ed082521f47921ffff14d4ec1c6c3f1ea55114741bee23cc23d4ab6a3213642
20ce5e5a04350ffa0e4d32c7b124f55601f27c1a2143f46a123aa027d4a36d47
226f85bdffb915c7751d9a0bc7adee293eb9e7a2cbfaff50c71951e62e9886f4
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
262443dc408d2505fdec1d2328ddfa4be1f4fca4a05339e24bab0bf9d0efb54b
281c7cf266c7d31eff0db5583c45f9a195bf9f2228c894370c18fab84c541b19
287707d8a256042a32ad9e2ef2b5f903049aee64eb1823c554b86e146fa7b8a9
2b735a24f860048746dda8712ccd3899e2ba2bcff2641065f393120544da47e5
3171655d10793c2d807453a2a70a6282d75aaab7c6dd2cd2e429ce9c137a0d6e
3189f267292a7e6bd2b9337c283c743698a61ee80a0c1c23c3d33977fcaf6723
3453865bb979731296b6df0c7ad59fed11d969568fd988c22e91fd12390611ca
3474d4e67ce243f6bfe12bcb845d69efea2339b3626202075a73b803340a1a35
357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
3ad7ec445c350e3df6db55480ecea6e0307a0c6848efabfa53034f3c46f774bf
3e00af6c3521a2bc1b19288eb2c71730a10bbc145c4994bc6665442a57fd39a9
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fc5e0c7e572a7239bca482169ff266298afb784e1b28fe6039fd3eff95552ce
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
47367f189d8820ebc8d5774d4bcd2f2466e36d36b546109048a1c17f91ea93af
491b7037472ff549180180085455a0a78b9662caae45e5f4ab81bfeda3c7cb55
492660ee96d74563d18c5395158d1f30b556de1bf87b15eb2379436293a7eb15
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4c9d0898b8ffd6d21f8c0d99af6d53a2ea85f5ae2fdcd4d117dd748dbc72c267
4d77e58db2ca624537becef34dff8d3c24628e41592ac4106e1b5813e0a1d8a0
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
5421d4b74221cd6ca6a1f9905100a76dc789312214f5610e548c3802ef21b036
5773240cdcd07b20f60e178a5d1bdbec55783aba224236be6a40429d1cf44998
5abfff379531bbe9d2d60eb45a11dda970c9c89ccc78b7889bc7de0a4d7a9028
5c786df0068c2ae08680515869726a8c52edfc4219e4f60294117f1fb397e169
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
6b094b2cb09fb3d4e8971679e0d8108b49fcc6c55214b278a7c3f106e67f2b03
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cf98d680b3586e776734de4f8f7cd3ce46dd8930a674428453089c515716bf8
718fb898d60dbe526d0e8dfd952b2ad652e923c53ac0a48d1a709a832f036130
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
7d8be7379d2c0f194a7d4f37690e76497d090801d17607902178910f3a870dcf
8149465c007a298a66a8e23a6a95fc551358fc756ae375ba8b35a5bfdb69d9c8
8a380b3cfc57c0e3336f5ad21b555c689c85df52a992c466ccbb70206d95fda1
8b757ccf7180797d95c8585363bd3b0b08f26c7589de8a9921ef249f722b7403
8bf5495fca815b738847f590703007ccd24d6f04a213cb13483685696425c3a5
8ef7c2263880b115596b765383aac5a63cf46c1d2a380fefbda15b68d847d085
90a6a3eb41bfed4b28ed3fff169591c1cbe2a934ca1ad7e2322c9b641cd56616
90d0c12c22744ac07394873d3079645e9bfdc0719f79fd2983571bbb74627951
91aa408b041ced606a02fd9523087e5f789f8eb60aa7b9ca1e31072c874d9fa1
93a141de2392de63e7a48b844237f1dacdf2368a261115feeb6650c1e53122c2
94fbb12d189bdafc696e17aa8cf98a377f329e1a41e51b61f2c5ad15e0f8df08
96436bad569e4610ad9889673f0b81ef9188dda957c6434d6f1895df08af1d2e
9cdea941254ed175a4c9d88766067052c3ba7c4eca347570ea63ba6f0dd35aa1
9f16258c2d9d643228248f5fe602b203423e5309faae45a4fcfb92c5f294e609
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a19aeb7a2ef26c0039680e69d7f9180fb9a4da6b0891583a126826dd5ff79f29
a4be01097d4a084e24b380ab1ed6d5b75425b07931a8baa1d81c5c621309ecb0
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a6be10b2a466fd187fb1c8efb1c0a315a4dace9a75e746b379580c6f67e9aadb
ab67cb38df47e27b314a811139171e45dbd7124d78bdfd4626fd73b059ede91b
abdcc8c10388d0d324de90a56eecbcd7a37537777d9615d0f4d676b61a8c4643
ad04a02a8232309e535a6e72de5b63f63723bf5463b230ab5788456c93ac18c5
ad28d31f434243e9c5445a39542ff8fc06a084e7cfee1016e147e851a0a2c4bb
b059c6578752c58366131b987184e24b7be6c781c2e600344d983436abc903f3
b1320702d9510099a9f4528734317b25c2697c4de93f1c239cd800e305d8f58c
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b6fde43e822a550063a852091a573de7af5c64c03d51e5b6f1a3e912073da065
b8b273b2aedc1b89c61ef048aae10350df6d83d553a681ca1a1a1fa3d943a9e7
b9791ec131156bff05f5bccfc51771d61d7d34e09114abdef87053cc6198f376
bc01df28a35c4072941b86577480e01e114d389b55224f923822608f88376a3e
bf46c4cad79f13df13fa0e1aa7ec492b2e9065c068d50a0a859a34c2d5a8e23f
c0b991a9d607e48bc0b036196862fec5ad353194ddc5f84be0fdaf21328af45d
c77ae965196f7308b827ce8cef39758740e9652e49958d866454ca1967e03dae
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
cd2235d8f893344a27b23515ff38e97d25e55674d09b3fc28d4d22220535df9d
ce820f6da54695d1604c13638a7a8fdc6d36eae978ee27df3242f2ff7ad48ea0
d2bc9c513d50deb617981195a91d357c004688ae7a90962da29814385e168dea
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
dc20d33e8fa1cd59cc784d609befda02e6dc833c96f4833b5dfe56385bffe3e9
e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6
e3350f0df8b8f4eccd69dfa9c449b8d8eb53bbb81d7efa83aabebb10079b9658
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4bfbfbf6e3b6a9e14b26504a90be3ae027c3f35e686e461a5efdeacaa940771
e76deba5c7dd37ab04a7d4902406fc46c565c8b3f1b83da69817ed967817b79d
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
eb39d98cbacc788fbd57d93c20e46f0dbdc0c2e2a6ae31e77da8a7e3ab779283
ec44de8bee0c0d776630ac77c750cc712e293bd010997644042a61e9b5db39f5
eeaf0dfe446382d25cd6a6795ea20b8a9287c5a899bdc37701e099787728b0b5
ef82fdc8be9d094c478fb5002c71151f6dde2bcaa6816e70c8a1060140482c71
f042ce8f3b97f7c251f0ee50a175fff625805225b01161a8482cdf2373e48b9a
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f28850fefc149fe6715f241a11eace9b5b37fbc03248269ee9665ce1429a8727
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
fa62fb523f61370f033f93232885e5221af070b2bf9e0870a1e55795b58b19d0
faeffb937d5bf99f354e4c8038df6a60cf4e701f3b2af158c84d540986440d5e
fbbf53c397922279d74e296ad6fc4727454f5c08a82b31c228aa386d4edf78e1
ff6623c532931ee98af6b9a1524ebd76c6c6e91333404d5b405286bc7d8f353d