sovereign-grooming.com Open in urlscan Pro
5.10.25.6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://huntsman-aberdeen.com/
Effective URL:
https://sovereign-grooming.com/
Submission: On December 02 via api (December 2nd 2022, 4:05:36 pm UTC) from US — Scanned from DE

Summary HTTP 144 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 26 IPs in 7 countries across 20 domains to perform 144 HTTP transactions. The main IP is 5.10.25.6, located in Leeds, United Kingdom and belongs to EVEREST-AS, GB. The main domain is sovereign-grooming.com.
TLS certificate: Issued by R3 on November 24th 2022. Valid for: 3 months.

This is the only time sovereign-grooming.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	108.179.232.157 108.179.232.157	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
25	5.10.25.6 5.10.25.6	60610 (EVEREST-AS) (EVEREST-AS)
8	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6812:c45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
4	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
11	2606:4700::68... 2606:4700::6812:f16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	52.218.118.0 52.218.118.0	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
11	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:400c:c00::5c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
19	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
4	162.159.134.68 162.159.134.68	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1f18:24e... 2600:1f18:24e6:b901:b572:de83:bde:5bf9	14618 (AMAZON-AES) (AMAZON-AES)
4	2600:9000:205... 2600:9000:2057:b600:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	35.82.157.189 35.82.157.189	16509 (AMAZON-02) (AMAZON-02)
144	26

1 108.179.232.157 (United States) 1 redirects

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 108-179-232-157.unifiedlayer.com

huntsman-aberdeen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 5.10.25.6 (Leeds, United Kingdom)

ASN60610 (EVEREST-AS, GB)
PTR: cf.imajica.com

sovereign-grooming.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cookieless.imajica.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:c45 (United States)

ASN13335 (CLOUDFLARENET, US)

track.mailerlite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.mailerlite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mailerlite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:f16 (United States)

ASN13335 (CLOUDFLARENET, US)

widget.getsquire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wow.getsquire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.getsquire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images-prod-1.getsquire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.218.118.0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c00::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.159.134.68 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:24e6:b901:b572:de83:bde:5bf9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

session-replay.browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2057:b600:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.82.157.189 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-82-157-189.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	stripe.com js.stripe.com — Cisco Umbrella Rank: 1155 q.stripe.com — Cisco Umbrella Rank: 6759 r.stripe.com — Cisco Umbrella Rank: 4201 m.stripe.com — Cisco Umbrella Rank: 1152	374 KB
24	imajica.co.uk cookieless.imajica.co.uk	453 KB
17	google.com www.google.com — Cisco Umbrella Rank: 2 pay.google.com — Cisco Umbrella Rank: 2509 apis.google.com — Cisco Umbrella Rank: 90 play.google.com — Cisco Umbrella Rank: 22	465 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	676 KB
11	getsquire.com widget.getsquire.com — Cisco Umbrella Rank: 838264 wow.getsquire.com — Cisco Umbrella Rank: 838291 api.getsquire.com — Cisco Umbrella Rank: 271246 images-prod-1.getsquire.com — Cisco Umbrella Rank: 314239	1 MB
8	amazonaws.com s3-eu-west-1.amazonaws.com	2 MB
8	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 203	36 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37 maps.googleapis.com — Cisco Umbrella Rank: 360	186 KB
4	stripe.network m.stripe.network — Cisco Umbrella Rank: 1224	32 KB
4	shopify.com cdn.shopify.com — Cisco Umbrella Rank: 1585	19 KB
4	mailerlite.com track.mailerlite.com — Cisco Umbrella Rank: 24754 static.mailerlite.com — Cisco Umbrella Rank: 13827 cdn.mailerlite.com — Cisco Umbrella Rank: 29155	58 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	20 KB
2	browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com — Cisco Umbrella Rank: 8368	477 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	203 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 134	111 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	86 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 680	122 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 381	2 KB
1	sovereign-grooming.com sovereign-grooming.com	15 KB
1	huntsman-aberdeen.com 1 redirects huntsman-aberdeen.com	251 B
144	20

	Domain	Requested by
24	cookieless.imajica.co.uk	sovereign-grooming.com cookieless.imajica.co.uk
12	r.stripe.com	js.stripe.com
11	js.stripe.com	widget.getsquire.com wow.getsquire.com js.stripe.com
10	www.gstatic.com	www.google.com pay.google.com www.gstatic.com
8	s3-eu-west-1.amazonaws.com	sovereign-grooming.com
8	cdnjs.cloudflare.com	sovereign-grooming.com cdnjs.cloudflare.com
7	play.google.com	www.gstatic.com
7	q.stripe.com	sovereign-grooming.com
4	m.stripe.network	js.stripe.com m.stripe.network
4	cdn.shopify.com	sovereign-grooming.com
4	pay.google.com	wow.getsquire.com pay.google.com sovereign-grooming.com www.gstatic.com
4	widget.getsquire.com	sovereign-grooming.com widget.getsquire.com
4	maps.googleapis.com	sovereign-grooming.com maps.googleapis.com
4	www.google.com	sovereign-grooming.com www.gstatic.com www.google.com
3	images-prod-1.getsquire.com	wow.getsquire.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	m.stripe.com	m.stripe.network
2	session-replay.browser-intake-datadoghq.com	wow.getsquire.com
2	api.getsquire.com	wow.getsquire.com
2	apis.google.com	wow.getsquire.com apis.google.com
2	wow.getsquire.com	widget.getsquire.com wow.getsquire.com
2	www.facebook.com	sovereign-grooming.com
2	fonts.gstatic.com	fonts.googleapis.com www.google.com
2	connect.facebook.net	sovereign-grooming.com connect.facebook.net
2	static.mailerlite.com	sovereign-grooming.com static.mailerlite.com
2	www.googletagmanager.com	sovereign-grooming.com www.googletagmanager.com
1	cdn.mailerlite.com	static.mailerlite.com
1	code.jquery.com	sovereign-grooming.com
1	track.mailerlite.com	sovereign-grooming.com
1	fonts.googleapis.com	sovereign-grooming.com
1	cdn.jsdelivr.net	sovereign-grooming.com
1	sovereign-grooming.com
1	huntsman-aberdeen.com	1 redirects
144	33

This site contains links to these domains. Also see Links.

Domain
sovereign-grooming.myshopify.com
sovereign-store.com
g.page
goo.gl
www.facebook.com
www.instagram.com
imajica.com

Subject Issuer	Validity	Valid
sovereign-grooming.com R3	`2022-11-24` - `2023-02-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
cookieless.imajica.co.uk R3	`2022-10-30` - `2023-01-28`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
mailerlite.com Cloudflare Inc ECC CA-3	`2022-06-29` - `2023-06-29`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-10` - `2022-12-09`	3 months	crt.sh
getsquire.com Cloudflare Inc ECC CA-3	`2022-01-31` - `2023-01-31`	a year	crt.sh
*.s3-eu-west-1.amazonaws.com Amazon	`2022-09-21` - `2023-08-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-10-19` - `2023-01-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-12` - `2023-03-09`	4 months	crt.sh
cdn.shopify.com R3	`2022-11-14` - `2023-02-12`	3 months	crt.sh
*.browser-intake-datadoghq.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-21` - `2023-07-22`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-15` - `2023-01-26`	4 months	crt.sh

This page contains 10 frames:

Primary Page: https://sovereign-grooming.com/
Frame ID: A9F10290B85925E18523EC7FB5376147
Requests: 73 HTTP requests in this frame

Frame: https://wow.getsquire.com/brands/071e02ce-7101-4319-8440-5b7c4711e498
Frame ID: F46E0FCF7ABBCE15ABC9EFA990367347
Requests: 19 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwow.getsquire.com&mid=
Frame ID: F3F6D0CEF9DDA5C01F63ADDA736FAA28
Requests: 11 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-6807626aac0c9ec4dec377e6a032abaf.html
Frame ID: E01756B917F6D87D67E333CE959C94CB
Requests: 17 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: A121F1F7BA162AD8A1C39281E4C0E433
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD&co=aHR0cHM6Ly9zb3ZlcmVpZ24tZ3Jvb21pbmcuY29tOjQ0Mw..&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=normal&cb=jcpf5usuat8n
Frame ID: CB2D60ACE87AEDEBD0D88ED59088D080
Requests: 8 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 6F58B421A06EAD2F47A4F4E87E8AF2BF
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Km9gKuG06He-isPsP6saG8cn&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD
Frame ID: CC3D2CE22ADE68F749A605F1551A46E1
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 4F99E2C16DEF340A4A46F414A566D514
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: E83E0771EB51C6C36AE23CA2DC535F3E
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Glasgow Barber | Edinburgh Barber | Aberdeen Barber - Sovereign Grooming

Page URL History Show full URLs

http://huntsman-aberdeen.com/ HTTP 301
https://sovereign-grooming.com/ Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

144
Requests

99 %
HTTPS

73 %
IPv6

20
Domains

33
Subdomains

26
IPs

7
Countries

6114 kB
Transfer

12890 kB
Size

14
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://sovereign-grooming.myshopify.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://sovereign-store.com/products/doers-of-london-cut-out-the-fluff-shave-cream
Title: Doers of London: Cut Out The Fluff Shave Cream £14.00 buy now buy now

Search URL Search Domain Scan URL

URL: https://sovereign-store.com/products/recipe-for-men-beard-elixir
Title: Recipe for men: Beard Elixir £19.00 buy now buy now

Search URL Search Domain Scan URL

URL: https://sovereign-store.com/products/recipe-for-men-beard-shampoo-conditioner
Title: Recipe for men: Beard Shampoo & Conditioner £18.00 buy now buy now

Search URL Search Domain Scan URL

URL: https://sovereign-store.com/products/recipe-for-men-beard-balm
Title: Recipe for men: Ultra Soft Beard Balm £18.00 buy now buy now

Search URL Search Domain Scan URL

URL: https://sovereign-store.com/collections/Beard-Care
Title: shop our full range shop our full range

Search URL Search Domain Scan URL

URL: https://g.page/sovereignaberdeen?share
Title: Aberdeen Aberdeen 520 Union St, Aberdeen AB10 1TT

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/MYKeBZf8cXttxHCUA
Title: Edinburgh Edinburgh 6 Sibbald Walk, Edinburgh EH8 8FT

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/zqdDevXnRP5BkRyJ6
Title: Glasgow Glasgow 38 Renfield St, Glasgow G2 1LU

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sovereigngrooming

Search URL Search Domain Scan URL

URL: https://www.instagram.com/sovereigngrooming/

Search URL Search Domain Scan URL

URL: https://imajica.com/
Title: IMAJICA BRAND EVOLUTION

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://huntsman-aberdeen.com/ HTTP 301
https://sovereign-grooming.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

144 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
sovereign-grooming.com/
Redirect Chain

http://huntsman-aberdeen.com/
https://sovereign-grooming.com/

59 KB
15 KB

349ms
164ms

Document
text/html

5.10.25.6
EVEREST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sovereign-grooming.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),

Reverse DNS

cf.imajica.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

3453865bb979731296b6df0c7ad59fed11d969568fd988c22e91fd12390611ca

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' cookieless.imajica.co.uk .amazonaws.com .cloudflare.com .google.com code.jquery.com cdn.jsdelivr.net .googletagmanager.com .getsquire.com .stripe.com .google-analytics.com .facebook.net .googleapis.com .gstatic.com .mailerlite.com .shopify.com .facebook.com .mxpnl.com *.vimeo.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Encoding: gzip
Content-Security-Policy: default-src 'self' 'unsafe-inline' cookieless.imajica.co.uk *.amazonaws.com *.cloudflare.com *.google.com code.jquery.com cdn.jsdelivr.net *.googletagmanager.com *.getsquire.com *.stripe.com *.google-analytics.com *.facebook.net *.googleapis.com *.gstatic.com *.mailerlite.com *.shopify.com *.facebook.com *.mxpnl.com *.vimeo.com
Content-Type: text/html;charset=UTF-8
Date: Fri, 02 Dec 2022 16:05:26 GMT
Referrer-Policy: strict-origin
Server: Microsoft-IIS/10.0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: Keep-Alive
Content-Length: 239
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 02 Dec 2022 16:05:25 GMT
Keep-Alive: timeout=5, max=75
Location: https://sovereign-grooming.com/
Server: Apache

GET
H2 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 1 KB
737 B 41ms
21ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.css

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:05:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1455715
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 394
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-559"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZcjq4O1lXEKPju9hgtonNaW5ii%2Bo9P9KofvzIA8gUEuElPT5vuB5QAl0X%2FZuUhOrTtmrDz3XbIG%2BAksbFXfupAVF9Kic%2FnwkwdZzCmPOOwJOf4%2B26cXXZANwAzMXWLXfxlMaLVHcbZKl3jkZhaGU5wH"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77354dd679e29bbe-FRA
expires: Wed, 22 Nov 2023 16:05:26 GMT

GET
H2 200 slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 2 KB
977 B 47ms
27ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:05:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 78454
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 657
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-956"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FVCX%2B2mx4ZFQG%2Fdr%2F5a6VGKf%2FoFjTCLOt6EqgqrKbjTMPEz%2BbK9bulI2hQzkzRVOQA8pUjm9iHjxsp6yzWMNlPTlvnwRQ2ZPGFiNMZhp2SaiA5HBDI5aqz1CK4iF8fjnEMGoRjxk9hk5kqJPsB9W2GZb"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77354dd679e39bbe-FRA
expires: Wed, 22 Nov 2023 16:05:26 GMT

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.0/ 57 KB
4 KB 40ms
20ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.0/animate.min.css

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ed082521f47921ffff14d4ec1c6c3f1ea55114741bee23cc23d4ab6a3213642

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:05:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2583895
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3541
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d2a-e283"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zsHZD%2FnTjA4XLnGvBhU89ppkgPknpqbeuetm6faRQeSziYOoItvNouQ1dJjNsl5xowqwfasTCjT0nDpRpiI%2Bic4NhWiG6b0TPilIsxyfbVA%2BKI1HQ8T2Qi%2Br5oTHYxXvyrHbxJjGx80WzIDhhoAJ6qS3"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77354dd679e49bbe-FRA
expires: Wed, 22 Nov 2023 16:05:26 GMT

GET
H2 200 normalize.css@8.0.0
cdn.jsdelivr.net/npm/ 2 KB
2 KB 45ms
26ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/normalize.css@8.0.0

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90d0c12c22744ac07394873d3079645e9bfdc0719f79fd2983571bbb74627951

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:05:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 206076
x-jsd-version: 8.0.0
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230079-FRA, cache-yyz4523-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"857-1AVZkRVtU87ebzou6HoujkZz8yA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJdtr58PdC0Fe2B6wNbEygATtgREvz0wvG%2BT3XXqb%2FVHcJa8ks%2Fcy%2Fc14%2BFLXQ6IVcaryHkF%2FsAl5ZCst3d19ZqjlSa182M3HCnGS4b3gLS6igJYql2PgBiIUgB9QAnVsuMmikvVWwwqqxbG39w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 77354dd67c709a15-FRA

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 42ms
19ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:300,700

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3474d4e67ce243f6bfe12bcb845d69efea2339b3626202075a73b803340a1a35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 02 Dec 2022 16:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 16:05:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Dec 2022 16:05:26 GMT

GET
H/1.1 200
OK bootstrap3.3.7-grid.css
cookieless.imajica.co.uk/sovereign-live/css/ 12 KB
4 KB 161ms
23ms Stylesheet
text/css 5.10.25.6
EVEREST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cookieless.imajica.co.uk/sovereign-live/css/bootstrap3.3.7-grid.css

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),

Reverse DNS

cf.imajica.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

1959be9cbfd6e9c65d1f1a699b4ba478fbc489338c96f9ec227c7bfbad9bbc5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 16:05:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Feb 2019 18:31:53 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding,Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 3760

GET
H/1.1 200
OK main.css
cookieless.imajica.co.uk/sovereign-live/css/ 64 KB
16 KB 168ms
28ms Stylesheet
text/css 5.10.25.6
EVEREST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cookieless.imajica.co.uk/sovereign-live/css/main.css

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),

Reverse DNS

cf.imajica.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b6fde43e822a550063a852091a573de7af5c64c03d51e5b6f1a3e912073da065

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 16:05:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 19 Jul 2022 06:19:08 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding,Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 16346

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
964 B 47ms
18ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ef82fdc8be9d094c478fb5002c71151f6dde2bcaa6816e70c8a1060140482c71

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 551
x-xss-protection: 1; mode=block
expires: Fri, 02 Dec 2022 16:05:26 GMT

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 4 KB
1 KB 41ms
22ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:05:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 77854
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 975
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-fe0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dsumYL97I06Hl80I48DmCQYrcOXAU8Hy68sJjCRJINv5PAehdVeNWnQjQXkmE%2F7mF2G%2BbObP%2F5fedpraCrbQxsHBFCJJPzImLGmYgahS4tvy6jMgIB020wAZoSlZBf6FvU2oXTVkWYnT%2Fh4UGde3b63B"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77354dd679e79bbe-FRA
expires: Wed, 22 Nov 2023 16:05:26 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 20 KB
7 KB 38ms
19ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:05:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 236888
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5978
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-5148"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ss%2BWSRIxydeEGYcBvJq0cMqoO2a1jSthrgyNdyTtciEn4%2BgG3VHg80DUhCweHunvpnaq%2Bvhj68ARDqTgxFMZilv8Cb90hnrBhovCji7HDT3OhvvXVMlb0g2qoLlV6HptAzNMOp4z9%2BKpgdqpxVS4AGH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77354dd679e99bbe-FRA
expires: Wed, 22 Nov 2023 16:05:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 51ms
27ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-34216017-3

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

faeffb937d5bf99f354e4c8038df6a60cf4e701f3b2af158c84d540986440d5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:05:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43654
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 02 Dec 2022 16:05:26 GMT

GET
H/1.1 200
OK locationPin.svg
cookieless.imajica.co.uk/sovereign-live/images/ 671 B
1017 B 26ms
26ms Image
image/svg+xml 5.10.25.6
EVEREST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookieless.imajica.co.uk/sovereign-live/images/locationPin.svg

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),

Reverse DNS

cf.imajica.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e4bfbfbf6e3b6a9e14b26504a90be3ae027c3f35e686e461a5efdeacaa940771

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 16:05:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 28 Feb 2019 14:19:41 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 671

GET
H/1.1 200
OK sovereign-grooming.svg
cookieless.imajica.co.uk/sovereign-live/images/ 6 KB
6 KB 23ms
22ms Image
image/svg+xml 5.10.25.6
EVEREST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookieless.imajica.co.uk/sovereign-live/images/sovereign-grooming.svg

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),

Reverse DNS

cf.imajica.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

3189f267292a7e6bd2b9337c283c743698a61ee80a0c1c23c3d33977fcaf6723

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 16:05:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 26 Feb 2019 14:03:31 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 5811

GET
H/1.1 200
OK down.svg
cookieless.imajica.co.uk/sovereign-live/images/ 667 B
1013 B 36ms
22ms Image
image/svg+xml 5.10.25.6
EVEREST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookieless.imajica.co.uk/sovereign-live/images/down.svg

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),

Reverse DNS

cf.imajica.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

226f85bdffb915c7751d9a0bc7adee293eb9e7a2cbfaff50c71951e62e9886f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 16:05:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 28 Feb 2019 14:58:25 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 667

GET
H/1.1 200
OK arrow.svg
cookieless.imajica.co.uk/sovereign-live/images/ 476 B
822 B 22ms
22ms Image
image/svg+xml 5.10.25.6
EVEREST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookieless.imajica.co.uk/sovereign-live/images/arrow.svg

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),

Reverse DNS

cf.imajica.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

a4be01097d4a084e24b380ab1ed6d5b75425b07931a8baa1d81c5c621309ecb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 16:05:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 28 Feb 2019 11:37:41 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 476

GET
H/1.1 200
OK arrowThick.svg
cookieless.imajica.co.uk/sovereign-live/images/ 504 B
850 B 26ms
25ms Image
image/svg+xml 5.10.25.6
EVEREST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookieless.imajica.co.uk/sovereign-live/images/arrowThick.svg

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),

Reverse DNS

cf.imajica.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

0896440488004a152d26c9c80a8f111f10bc1f59139371dfc529d27785d0f515

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 16:05:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 04 Apr 2019 07:56:18 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 504

GET
H/1.1 200
OK dropdownarrow.svg
cookieless.imajica.co.uk/sovereign-live/images/ 634 B
980 B 22ms
22ms Image
image/svg+xml 5.10.25.6
EVEREST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookieless.imajica.co.uk/sovereign-live/images/dropdownarrow.svg

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),

Reverse DNS

cf.imajica.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b8b273b2aedc1b89c61ef048aae10350df6d83d553a681ca1a1a1fa3d943a9e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 16:05:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 28 Feb 2019 14:49:11 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 634

GET
H/1.1 200
OK facebook.svg
cookieless.imajica.co.uk/sovereign-live/images/ 971 B
1 KB 22ms
22ms Image
image/svg+xml 5.10.25.6
EVEREST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookieless.imajica.co.uk/sovereign-live/images/facebook.svg

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),

Reverse DNS

cf.imajica.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

8ef7c2263880b115596b765383aac5a63cf46c1d2a380fefbda15b68d847d085

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 16:05:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Feb 2019 19:16:28 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 971

GET
H/1.1 200
OK instagram.svg
cookieless.imajica.co.uk/sovereign-live/images/ 1 KB
2 KB 24ms
23ms Image
image/svg+xml 5.10.25.6
EVEREST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookieless.imajica.co.uk/sovereign-live/images/instagram.svg

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),

Reverse DNS

cf.imajica.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

abdcc8c10388d0d324de90a56eecbcd7a37537777d9615d0f4d676b61a8c4643

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 16:05:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 27 Feb 2019 18:52:33 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 1196

GET
H2 200 h0i7h1
track.mailerlite.com/webforms/o/1249538/ 43 B
138 B 44ms
33ms Image
image/gif 2606:4700::6812:c45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.mailerlite.com/webforms/o/1249538/h0i7h1?v1658180054

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:05:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77354dd7b83d9078-FRA
content-type: image/gif

GET
H2 200 webforms.min.js Show response
static.mailerlite.com/js/w/ 10 KB
3 KB 61ms
24ms Script
application/javascript 2606:4700::6812:c45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.mailerlite.com/js/w/webforms.min.js?v7316d10e2931a97c7b0f5c7e7e7be3ea

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d8be7379d2c0f194a7d4f37690e76497d090801d17607902178910f3a870dcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:05:26 GMT
strict-transport-security: max-age=63072000
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 01 Dec 2022 09:35:17 GMT
server: cloudflare
age: 595
etag: W/"63887555-26ca"
vary: Accept-Encoding
content-type: application/javascript
content-encoding: br
cache-control: public, max-age=432000
cf-ray: 77354dd7981e9078-FRA
expires: Wed, 07 Dec 2022 16:05:26 GMT

GET
H/1.1 200
OK jquery3.3.1.js Show response
cookieless.imajica.co.uk/sovereign-live/js/ 85 KB
38 KB 37ms
37ms Script
application/javascript 5.10.25.6
EVEREST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cookieless.imajica.co.uk/sovereign-live/js/jquery3.3.1.js

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),

Reverse DNS

cf.imajica.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 16:05:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 01 Mar 2019 09:43:57 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding,Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 38899

GET
H2 200 jquery-ui.js Show response
code.jquery.com/ui/1.12.1/ 509 KB
122 KB 2585ms
2049ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.js
Requested by: Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:05:27 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-7f20a"
vary: Accept-Encoding
x-hw: 1669997127.dop017.fr8.t,1669997127.cds157.fr8.hn,1669997127.cds269.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 124434

GET
H2 200 jquery.form-validator.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-form-validator/2.3.77/ 33 KB
10 KB 22ms
18ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-form-validator/2.3.77/jquery.form-validator.min.js

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cdea941254ed175a4c9d88766067052c3ba7c4eca347570ea63ba6f0dd35aa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:05:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 138511
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9179
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-8342"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nx8PFUTdY5JFRcjl4NQsK%2Bvt9IH9%2FTEUd5cUM0ZWNeuoSuqvr5Lyot6M3%2F0iLKlqpAgatf%2BHUWLd5DwPljsKBxnoiQ4qRirqOsjXCLy%2BkHpM68epWX8aCBFFH0M2H0sCogzelQ8zvIjOmh2RjQHTL8gz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77354dd77c499bbe-FRA
expires: Wed, 22 Nov 2023 16:05:26 GMT

GET
H2 200 slick.min.js Show response
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 43 KB
10 KB 21ms
17ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.js

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:05:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2989052
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9564
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-ab69"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zvBhYjcY6U%2BQcut3eecoRvWm1ImcBTpVjbKBs37el2XinMU6vxf43ki%2BemqUkACUT8YvOz8nIukVnbHBU4g0SnluuhMIV11i8yOOx3ZuCUN0Wxa8X5GLK57546bi7Q6zLD5M9JwN6oNJHXHJbAK670Oh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77354dd77c4b9bbe-FRA
expires: Wed, 22 Nov 2023 16:05:26 GMT

GET
H/1.1 200
OK matchHeight.js Show response
cookieless.imajica.co.uk/sovereign-live/js/ 12 KB
4 KB 27ms
23ms Script
application/javascript 5.10.25.6
EVEREST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cookieless.imajica.co.uk/sovereign-live/js/matchHeight.js

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),

Reverse DNS

cf.imajica.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

ff6623c532931ee98af6b9a1524ebd76c6c6e91333404d5b405286bc7d8f353d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 16:05:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 26 Feb 2019 10:49:33 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding,Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 3860

GET
H/1.1 200
OK bodyScrollLock.min.js Show response
cookieless.imajica.co.uk/sovereign-live/js/ 3 KB
2 KB 50ms
23ms Script
application/javascript 5.10.25.6
EVEREST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cookieless.imajica.co.uk/sovereign-live/js/bodyScrollLock.min.js

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),

Reverse DNS

cf.imajica.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

1ad8ee4a07deafe95a7c98ce3bc3c33c1772fcf1ca61ddb0292cb5ad9d160ab3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 16:05:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sat, 02 Mar 2019 13:12:14 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding,Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 1400

GET
H/1.1 200
OK easing.js Show response
cookieless.imajica.co.uk/sovereign-live/js/ 8 KB
3 KB 78ms
24ms Script
application/javascript 5.10.25.6
EVEREST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cookieless.imajica.co.uk/sovereign-live/js/easing.js

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),

Reverse DNS

cf.imajica.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

d2bc9c513d50deb617981195a91d357c004688ae7a90962da29814385e168dea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 16:05:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 26 Feb 2019 10:49:32 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding,Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 2542

GET
H/1.1 200
OK cookie.js Show response
cookieless.imajica.co.uk/sovereign-live/js/ 4 KB
2 KB 80ms
26ms Script
application/javascript 5.10.25.6
EVEREST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cookieless.imajica.co.uk/sovereign-live/js/cookie.js

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),

Reverse DNS

cf.imajica.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

90a6a3eb41bfed4b28ed3fff169591c1cbe2a934ca1ad7e2322c9b641cd56616

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 16:05:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 06 Mar 2019 15:47:32 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding,Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 1820

GET
H/1.1 200
OK type.js Show response
cookieless.imajica.co.uk/sovereign-live/js/ 40 KB
17 KB 83ms
29ms Script
application/javascript 5.10.25.6
EVEREST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cookieless.imajica.co.uk/sovereign-live/js/type.js

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),

Reverse DNS

cf.imajica.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

fbbf53c397922279d74e296ad6fc4727454f5c08a82b31c228aa386d4edf78e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 16:05:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 26 Mar 2019 10:56:34 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding,Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 17511

GET
H/1.1 200
OK main.js Show response
cookieless.imajica.co.uk/sovereign-live/js/ 45 KB
13 KB 41ms
40ms Script
application/javascript 5.10.25.6
EVEREST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cookieless.imajica.co.uk/sovereign-live/js/main.js

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),

Reverse DNS

cf.imajica.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b059c6578752c58366131b987184e24b7be6c781c2e600344d983436abc903f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 16:05:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Mar 2021 09:18:11 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding,Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 12408

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 168 KB
55 KB 72ms
44ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyC3Ux5uJMKOtXn7zP5BozhrK0PgP7Y1hLc&libraries=places

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

1acbdfed09e156ce09de0bc254132a64356856c2593be41c84bbb14ec311505f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:05:26 GMT
content-encoding: gzip
server: mafe
vary: Accept-Language
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=25
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56155
x-xss-protection: 0
expires: Fri, 02 Dec 2022 16:35:26 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
27 KB 38ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 02 Dec 2022 16:05:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27340
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: r+aj2m61vNOsoPAtz/8p9IYviyW7k8zj9FAA9lv0hZySEfuXtd14QY3YBwqFLKHF2qCttMvAXhet1bseyWRKTA==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 widget.js Show response
widget.getsquire.com/ 21 KB
6 KB 121ms
85ms Script
application/javascript 2606:4700::6812:f16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.getsquire.com/widget.js??1669997126309
Requested by: Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:f16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20ce5e5a04350ffa0e4d32c7b124f55601f27c1a2143f46a123aa027d4a36d47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:05:26 GMT
via: 1.1 fa544a973edca8926f95609301f23b66.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: DUS51-P2
x-cache: Hit from cloudfront
last-modified: Thu, 01 Dec 2022 21:10:21 GMT
server: cloudflare
etag: W/"ec7abdd7e9cb7dd883ac09d5cd8902f7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FsV%2Bv34jb9Mor56w6QJwOMiBn4NnmybQ7YItdyYoR7tRcxdj10nuXqSkBO%2Bp290LoykPTPDmburlra3LfCfnwHY30ZrwJ4BJQtc84jUC3Ub7rZ3DXIOBsHGnq73IrbE9sNiB5cYrPMVyHdzhdJECJdd1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 77354dd80bd0bbb6-FRA
x-amz-cf-id: _EV33jd50HsXMgmpS-jSturY034F4zuiHLtQ0uhnhKoQC2fXEpt22Q==
expires: Sat, 03 Dec 2022 16:05:26 GMT

GET
H/1.1 200
OK copper.jpg
cookieless.imajica.co.uk/sovereign-live/images/ 4 KB
4 KB 37ms
23ms Image
image/jpeg 5.10.25.6
EVEREST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookieless.imajica.co.uk/sovereign-live/images/copper.jpg

Requested by

Host: cookieless.imajica.co.uk
URL: https://cookieless.imajica.co.uk/sovereign-live/css/main.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),

Reverse DNS

cf.imajica.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

f042ce8f3b97f7c251f0ee50a175fff625805225b01161a8482cdf2373e48b9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cookieless.imajica.co.uk/sovereign-live/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 16:05:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 12 Mar 2019 09:25:25 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 3764

GET
H/1.1 200
OK large-160322SOVEREIGNGLASGOW-24.jpg
s3-eu-west-1.amazonaws.com/sovereign2019-live/images/home/slider/ 97 KB
98 KB 142ms
51ms Image
image/jpeg 52.218.118.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/sovereign2019-live/images/home/slider/large-160322SOVEREIGNGLASGOW-24.jpg?1669997125
Requested by: Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.118.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: cd2235d8f893344a27b23515ff38e97d25e55674d09b3fc28d4d22220535df9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 16:05:27 GMT
Last-Modified: Sun, 20 Mar 2022 12:10:04 GMT
Server: AmazonS3
x-amz-request-id: Y3XDSJJFC0CA2Y5W
ETag: "9c7ac2df3e9f6720f36d8a444ec02d3d"
Content-Type: image/jpeg
x-amz-meta-md5-hash: 9c7ac2df3e9f6720f36d8a444ec02d3d
Accept-Ranges: bytes
Content-Length: 99796
x-amz-id-2: OFSIItLX+HyWGP5RoCvE4zOiMzuPBlV9AJ4SK+U/9+cY0Z1N8Ojlr4TQKPyXexdcf5DsMQ7J6Cc=

GET
H/1.1 200
OK large-160322SOVEREIGNGLASGOW-15.jpg
s3-eu-west-1.amazonaws.com/sovereign2019-live/images/home/slider/ 84 KB
84 KB 94ms
47ms Image
image/jpeg 52.218.118.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/sovereign2019-live/images/home/slider/large-160322SOVEREIGNGLASGOW-15.jpg?1669997125
Requested by: Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.118.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ad28d31f434243e9c5445a39542ff8fc06a084e7cfee1016e147e851a0a2c4bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 16:05:27 GMT
Last-Modified: Sun, 20 Mar 2022 11:52:11 GMT
Server: AmazonS3
x-amz-request-id: Y3XBC8Q04TGCZ5Z1
ETag: "b74d82bd9942b3d516775b27b39e577e"
Content-Type: image/jpeg
x-amz-meta-md5-hash: b74d82bd9942b3d516775b27b39e577e
Accept-Ranges: bytes
Content-Length: 85638
x-amz-id-2: cD0eAILwbs7tQIdDPlAfrncREqUrEW6AspC5Q1/nuDPilHaon/YTZSAR1MX0xsaMe9GBx+I1t1g=

GET
H/1.1 200
OK large-160322SOVEREIGNGLASGOW-3.jpg
s3-eu-west-1.amazonaws.com/sovereign2019-live/images/home/slider/ 141 KB
141 KB 144ms
87ms Image
image/jpeg 52.218.118.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/sovereign2019-live/images/home/slider/large-160322SOVEREIGNGLASGOW-3.jpg?1669997125
Requested by: Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.118.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1a3855d1dbb188b21f56417936424e6963674612244b49de695e843a185f4469

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 16:05:27 GMT
Last-Modified: Sun, 20 Mar 2022 11:55:44 GMT
Server: AmazonS3
x-amz-request-id: Y3X4WP8P5RTA6QZV
ETag: "d1948e281345e5a5dece3663d58c0f08"
Content-Type: image/jpeg
x-amz-meta-md5-hash: d1948e281345e5a5dece3663d58c0f08
Accept-Ranges: bytes
Content-Length: 143892
x-amz-id-2: SqbAdPAJWky5wwHcQXQVswj6kV7Ta9yYxK+57QHWSIatkADeOwH5DafdCRpvMjpomW0hvLRGb0Q=

GET
H/1.1 200
OK large-160322SOVEREIGNGLASGOW-24-min-1.jpg
s3-eu-west-1.amazonaws.com/sovereign2019-live/pages/images/656/ 98 KB
98 KB 119ms
56ms Image
image/jpeg 52.218.118.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/sovereign2019-live/pages/images/656/large-160322SOVEREIGNGLASGOW-24-min-1.jpg?1669997125
Requested by: Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.118.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ec44de8bee0c0d776630ac77c750cc712e293bd010997644042a61e9b5db39f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 16:05:27 GMT
Last-Modified: Mon, 12 Sep 2022 06:23:58 GMT
Server: AmazonS3
x-amz-request-id: Y3X435BWJNQR6MNG
ETag: "ed47942002a0d755909eb09e966e4a21"
Content-Type: image/jpeg
x-amz-meta-md5-hash: ed47942002a0d755909eb09e966e4a21
Accept-Ranges: bytes
Content-Length: 100162
x-amz-id-2: u2jqeKkMfi+FOgr3c9WCP+6xWrQvQzUZDbdoaCyN6UFVT35dNDXcuroP+vs4htzpQggAhIVZ1CI=

GET
H/1.1 200
OK large-Untitled-design-24.png
s3-eu-west-1.amazonaws.com/sovereign2019-live/pages/images/655/ 1 MB
1 MB 112ms
50ms Image
image/png 52.218.118.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/sovereign2019-live/pages/images/655/large-Untitled-design-24.png?1669997125
Requested by: Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.118.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8bf5495fca815b738847f590703007ccd24d6f04a213cb13483685696425c3a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 16:05:27 GMT
Last-Modified: Sat, 13 Aug 2022 08:50:53 GMT
Server: AmazonS3
x-amz-request-id: Y3XB0J61JNX273JN
ETag: "07037ad6d5151ea3bd8ee9da3dc7f203"
Content-Type: image/png
x-amz-meta-md5-hash: 07037ad6d5151ea3bd8ee9da3dc7f203
Accept-Ranges: bytes
Content-Length: 1124468
x-amz-id-2: 5ycqwA7LK6gxGy/OUL+wGX224TbXY/e/xKLbGQ1NeKGyzH6yInpRK3rFPlynRDwb/uWhnyr4F8U=

GET
H/1.1 200
OK large-shutterstock1518402614.jpg
s3-eu-west-1.amazonaws.com/sovereign2019-live/pages/images/654/ 27 KB
27 KB 106ms
47ms Image
image/jpeg 52.218.118.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/sovereign2019-live/pages/images/654/large-shutterstock1518402614.jpg?1669997125
Requested by: Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.118.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0daf0115b718f2b334a5f44c064394cc317eb6c5cef7d9145fe7dbc64f4f6394

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 16:05:27 GMT
Last-Modified: Sun, 17 Jul 2022 09:10:02 GMT
Server: AmazonS3
x-amz-request-id: Y3X04KPX77V09D4M
ETag: "9ee091ad3df2847e61afc5b31a73145c"
Content-Type: image/jpeg
x-amz-meta-md5-hash: 9ee091ad3df2847e61afc5b31a73145c
Accept-Ranges: bytes
Content-Length: 27210
x-amz-id-2: VWCBE+dyej4ppNiprbCvi9IDdS1aKQJEy/ExMru6RDr0S25voIpiL/e0X/ldfpglIiqpxpifoHs=

GET
H/1.1 200
OK large-2JE2JW8.jpg
s3-eu-west-1.amazonaws.com/sovereign2019-live/pages/images/652/ 50 KB
51 KB 37ms
37ms Image
image/jpeg 52.218.118.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/sovereign2019-live/pages/images/652/large-2JE2JW8.jpg?1669997125
Requested by: Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.118.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a19aeb7a2ef26c0039680e69d7f9180fb9a4da6b0891583a126826dd5ff79f29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 16:05:27 GMT
Last-Modified: Sun, 10 Jul 2022 07:14:26 GMT
Server: AmazonS3
x-amz-request-id: Y3X8FKJZMT6583KY
ETag: "f967064f33c1851f65b2fd32e30b79d5"
Content-Type: image/jpeg
x-amz-meta-md5-hash: f967064f33c1851f65b2fd32e30b79d5
Accept-Ranges: bytes
Content-Length: 51587
x-amz-id-2: 1LPRb7cJp0GVwcz0zRJRa8kdWRLq6hu5i6ic4Qo99zA+fRNzPG5ilCI5Z4JnUas9NS6+Hgaa4VM=

GET
H/1.1 200
OK large-Untitled-design-16.png
s3-eu-west-1.amazonaws.com/sovereign2019-live/pages/images/651/ 272 KB
273 KB 39ms
39ms Image
image/png 52.218.118.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/sovereign2019-live/pages/images/651/large-Untitled-design-16.png?1669997125
Requested by: Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.118.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 96436bad569e4610ad9889673f0b81ef9188dda957c6434d6f1895df08af1d2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 16:05:27 GMT
Last-Modified: Sun, 03 Jul 2022 16:00:16 GMT
Server: AmazonS3
x-amz-request-id: Y3XC9WYCA16NNC7G
ETag: "286f39d3b23ca9bd7f6e874285c2a7f8"
Content-Type: image/png
x-amz-meta-md5-hash: 286f39d3b23ca9bd7f6e874285c2a7f8
Accept-Ranges: bytes
Content-Length: 278991
x-amz-id-2: IcegF1uZlCSCuy2XkxQi4HSGzmPb7Ihf080bXp2JaiJ14k4e/0YjH9obsl7xzf+bBf9lY/Lltlw=

GET
H/1.1 200
OK aberdeenMap.png
cookieless.imajica.co.uk/sovereign-live/images/ 88 KB
89 KB 32ms
31ms Image
image/png 5.10.25.6
EVEREST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookieless.imajica.co.uk/sovereign-live/images/aberdeenMap.png

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),

Reverse DNS

cf.imajica.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

2b735a24f860048746dda8712ccd3899e2ba2bcff2641065f393120544da47e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 16:05:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Aug 2021 10:02:46 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 90328

GET
H/1.1 200
OK edinburghMap.png
cookieless.imajica.co.uk/sovereign-live/images/ 83 KB
84 KB 29ms
29ms Image
image/png 5.10.25.6
EVEREST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookieless.imajica.co.uk/sovereign-live/images/edinburghMap.png

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),

Reverse DNS

cf.imajica.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

492660ee96d74563d18c5395158d1f30b556de1bf87b15eb2379436293a7eb15

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 16:05:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Aug 2021 10:02:46 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 85405

GET
H/1.1 200
OK glasgowMap.png
cookieless.imajica.co.uk/sovereign-live/images/ 67 KB
68 KB 23ms
22ms Image
image/png 5.10.25.6
EVEREST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookieless.imajica.co.uk/sovereign-live/images/glasgowMap.png

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),

Reverse DNS

cf.imajica.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

3fc5e0c7e572a7239bca482169ff266298afb784e1b28fe6039fd3eff95552ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 16:05:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Aug 2021 10:02:46 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 69073

GET
H/1.1 200
OK 38D8AB_2_0.woff2
cookieless.imajica.co.uk/sovereign-live/fonts/ 47 KB
47 KB 124ms
43ms Font
application/font-woff2 5.10.25.6
EVEREST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cookieless.imajica.co.uk/sovereign-live/fonts/38D8AB_2_0.woff2

Requested by

Host: cookieless.imajica.co.uk
URL: https://cookieless.imajica.co.uk/sovereign-live/css/main.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),

Reverse DNS

cf.imajica.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

287707d8a256042a32ad9e2ef2b5f903049aee64eb1823c554b86e146fa7b8a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cookieless.imajica.co.uk/sovereign-live/css/main.css
Origin: https://sovereign-grooming.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 16:05:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 26 Feb 2019 11:34:25 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 47726

GET
H/1.1 200
OK 38D8AB_0_0.woff2
cookieless.imajica.co.uk/sovereign-live/fonts/ 47 KB
47 KB 129ms
47ms Font
application/font-woff2 5.10.25.6
EVEREST-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cookieless.imajica.co.uk/sovereign-live/fonts/38D8AB_0_0.woff2

Requested by

Host: cookieless.imajica.co.uk
URL: https://cookieless.imajica.co.uk/sovereign-live/css/main.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),

Reverse DNS

cf.imajica.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

fa62fb523f61370f033f93232885e5221af070b2bf9e0870a1e55795b58b19d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cookieless.imajica.co.uk/sovereign-live/css/main.css
Origin: https://sovereign-grooming.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 16:05:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 26 Feb 2019 11:34:24 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 48221

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v49/ 25 KB
25 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sovereign-grooming.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 21:18:54 GMT
x-content-type-options: nosniff
age: 326792
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25372
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 21:18:54 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ 402 KB
162 KB 34ms
7ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5773240cdcd07b20f60e178a5d1bdbec55783aba224236be6a40429d1cf44998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sovereign-grooming.com/
Origin: https://sovereign-grooming.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 15:37:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164812
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 15:37:08 GMT

GET
H2 200 jquery.min.js Show response
cdn.mailerlite.com/ajax/libs/jquery/1.8.3/ 91 KB
34 KB 44ms
30ms Script
application/javascript 2606:4700::6812:c45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.mailerlite.com/ajax/libs/jquery/1.8.3/jquery.min.js

Requested by

Host: static.mailerlite.com
URL: https://static.mailerlite.com/js/w/webforms.min.js?v7316d10e2931a97c7b0f5c7e7e7be3ea

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:05:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 31 Mar 2022 13:37:35 GMT
server: cloudflare
age: 3012
etag: W/"6245ae9f-16dc4"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=432000
cf-ray: 77354dd8493b9078-FRA
expires: Wed, 07 Dec 2022 16:05:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-34216017-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 02 Dec 2022 15:24:40 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2446
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 02 Dec 2022 17:24:40 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 40ms
25ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-122856-83&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-34216017-3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bc01df28a35c4072941b86577480e01e114d389b55224f923822608f88376a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:05:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43605
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 02 Dec 2022 16:05:26 GMT

GET
H3 200 737277223310591 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 67ms
56ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/737277223310591?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3171655d10793c2d807453a2a70a6282d75aaab7c6dd2cd2e429ce9c137a0d6e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 02 Dec 2022 16:05:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: NmWDJJMjbcNq21vgmxTDoV814h0SJhTyV+MoEtQjyI93L1Kfosq9oKJVs+nBw0O4JB7CZHkLYZJ6gmc+aTihZw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ml_jQuery.inputmask.bundle.min.js Show response
static.mailerlite.com/js/w/ 69 KB
21 KB 24ms
24ms Script
application/javascript 2606:4700::6812:c45
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.mailerlite.com/js/w/ml_jQuery.inputmask.bundle.min.js?v3.3.1

Requested by

Host: static.mailerlite.com
URL: https://static.mailerlite.com/js/w/webforms.min.js?v7316d10e2931a97c7b0f5c7e7e7be3ea

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:c45 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c77ae965196f7308b827ce8cef39758740e9652e49958d866454ca1967e03dae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:05:26 GMT
strict-transport-security: max-age=63072000
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 01 Dec 2022 09:35:16 GMT
server: cloudflare
age: 3287
etag: W/"63887554-1153a"
vary: Accept-Encoding
content-type: application/javascript
content-encoding: br
cache-control: public, max-age=432000
cf-ray: 77354dd90a769078-FRA
expires: Wed, 07 Dec 2022 16:05:26 GMT

GET
H2 200 frameLoader.js Show response
widget.getsquire.com/v2/ 133 KB
45 KB 456ms
456ms Script
application/javascript 2606:4700::6812:f16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.getsquire.com/v2/frameLoader.js?1669997126581
Requested by: Host: widget.getsquire.com
URL: https://widget.getsquire.com/widget.js??1669997126309
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:f16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 718fb898d60dbe526d0e8dfd952b2ad652e923c53ac0a48d1a709a832f036130

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:05:27 GMT
via: 1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P5
x-cache: RefreshHit from cloudfront
last-modified: Thu, 01 Dec 2022 21:10:21 GMT
server: cloudflare
etag: W/"9b7fd52583ddaf44819c4b0bc636e48a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0AkCILBeauNsfcJF3us1n196ta%2FRfX9xloRY76B%2BRCQZU2iP3BuZYdI1816W3gO0nurx52K3a7lq867C%2FbO%2BBEis%2FDRP5%2BDC84HARHh%2BOb%2BKtWfuBaF3jWfCmQywBmf3uLPp1J4eMGE%2FhNfU4%2FYdoXf7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 77354dd92e4cbbb6-FRA
x-amz-cf-id: MFPkPPx3WnDn_HQs0qCkOr3QpSxNhscyYncmQZhYNurPNGDatn7YyA==
expires: Sat, 03 Dec 2022 16:05:27 GMT

GET
H2 200 v3 Show response
js.stripe.com/ 398 KB
96 KB 42ms
6ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: widget.getsquire.com
URL: https://widget.getsquire.com/widget.js??1669997126309

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e3350f0df8b8f4eccd69dfa9c449b8d8eb53bbb81d7efa83aabebb10079b9658

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 02 Dec 2022 16:05:26 GMT
via: 1.1 varnish
age: 26
x-cache: HIT
content-length: 97930
x-request-id: 7649536d-ab1e-4001-87d6-0c51ece370a7
x-served-by: cache-hhn4058-HHN
last-modified: Thu, 01 Dec 2022 21:03:56 GMT
server: Fastly
etag: "f60450f904c88c375f2155e2cc09c458"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 15

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 30ms
15ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=507119445&t=pageview&_s=1&dl=https%3A%2F%2Fsovereign-grooming.com%2F&ul=en-us&de=UTF-8&dt=Glasgow%20Barber%20%7C%20Edinburgh%20Barber%20%7C%20Aberdeen%20Barber%20-%20Sovereign%20Grooming&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1578478543&gjid=30118020&cid=402414351.1669997127&tid=UA-34216017-3&_gid=591933003.1669997127&_r=1&gtm=2oubu0&z=1367653254

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sovereign-grooming.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 16:05:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sovereign-grooming.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 26ms
14ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=507119445&t=pageview&_s=1&dl=https%3A%2F%2Fsovereign-grooming.com%2F&ul=en-us&de=UTF-8&dt=Glasgow%20Barber%20%7C%20Edinburgh%20Barber%20%7C%20Aberdeen%20Barber%20-%20Sovereign%20Grooming&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAACAAI~&jid=2103944023&gjid=481901090&cid=402414351.1669997127&tid=UA-122856-83&_gid=591933003.1669997127&_r=1&gtm=2oubu0&z=267284342

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sovereign-grooming.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 16:05:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sovereign-grooming.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 25ms
7ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=737277223310591&ev=PageView&dl=https%3A%2F%2Fsovereign-grooming.com%2F&rl=&if=false&ts=1669997126613&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669997126612.773128736&it=1669997126442&coo=false&exp=d0&rqm=GET

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 02 Dec 2022 16:05:26 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 bookButton.js Show response
widget.getsquire.com/v2/ 132 KB
45 KB 41ms
41ms Script
application/javascript 2606:4700::6812:f16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.getsquire.com/v2/bookButton.js?1669997127056
Requested by: Host: widget.getsquire.com
URL: https://widget.getsquire.com/widget.js??1669997126309
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:f16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb39d98cbacc788fbd57d93c20e46f0dbdc0c2e2a6ae31e77da8a7e3ab779283

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:05:27 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
last-modified: Thu, 01 Dec 2022 21:10:21 GMT
server: cloudflare
etag: W/"53719f23537f3b0ed18fd954b7a33180"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=65AmApKtnx0eH12vsDzFj6cvHYE7tXUn0tT75hxEy72UOxOeKjc%2F7q730gDlmwJkLXJ0qkDChXklMbvWX%2BWdSj9VHHJfsG9I5L3vaB1Nu3SvNgCAHhCwPSZgPeY9S2zmw%2BYAo9Hknq4Xa4vig8NrFpsl"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 77354ddc1cbcbbb6-FRA
x-amz-cf-id: WZbsMy56NBD6sxkGI-PfBkmHd9Mv8xbG-ESqH0037y6QhUYnRFs5tA==
expires: Sat, 03 Dec 2022 16:05:27 GMT

GET
H2 200 dataPreloader.js Show response
widget.getsquire.com/v2/ 175 KB
54 KB 91ms
91ms Script
application/javascript 2606:4700::6812:f16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.getsquire.com/v2/dataPreloader.js?1669997127056
Requested by: Host: widget.getsquire.com
URL: https://widget.getsquire.com/widget.js??1669997126309
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:f16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a380b3cfc57c0e3336f5ad21b555c689c85df52a992c466ccbb70206d95fda1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:05:27 GMT
via: 1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: DUS51-P2
x-cache: Hit from cloudfront
last-modified: Thu, 01 Dec 2022 21:10:21 GMT
server: cloudflare
etag: W/"b817e5be2567e9b987cd7763d8ed0560"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FedwECDciwepG6%2F1oc46BYl8RPr2w7xqJF245s5DJRPQA91G3H0sqR6P3jblhYjGo87vdZNxATCeA8IzRfFJVVyY6jDJo8TesnO%2Ff6JiwjJgwCAkxbZK6i5R2Q33ShJQd0oRJ0fCK0h0zPSGHA2JHRrj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 77354ddc1cc0bbb6-FRA
x-amz-cf-id: tAcSRDAAus_xAkKds3zuO66xZHY9a_ejfdn0lVHcYNgBTpqCZ3TL0Q==
expires: Sat, 03 Dec 2022 16:05:27 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 18ms
8ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=737277223310591&ev=Microdata&dl=https%3A%2F%2Fsovereign-grooming.com%2F&rl=&if=false&ts=1669997127115&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Glasgow%20Barber%20%7C%20Edinburgh%20Barber%20%7C%20Aberdeen%20Barber%20-%20Sovereign%20Grooming%22%2C%22meta%3Adescription%22%3A%22Luxury%20barber%20shops%20in%20Glasgow%2C%20Edinburgh%20and%20Aberdeen%20led%20by%20Kyle%20Ross%2C%20Best%20Barber%20UK.%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%5B%22https%3A%2F%2Fcookieless.imajica.co.uk%2Fsovereign-live%2Fimages%2FdefaultImage.png%22%2C%22https%3A%2F%2Fs3-eu-west-1.amazonaws.com%2Fsovereign2019-live%2Fimages%2Fhome%2Fslider%2Fthumbnail-160322SOVEREIGNGLASGOW-24.jpg%22%2C%22https%3A%2F%2Fs3-eu-west-1.amazonaws.com%2Fsovereign2019-live%2Fimages%2Fhome%2Fslider%2Fthumbnail-160322SOVEREIGNGLASGOW-15.jpg%22%2C%22https%3A%2F%2Fs3-eu-west-1.amazonaws.com%2Fsovereign2019-live%2Fimages%2Fhome%2Fslider%2Fthumbnail-160322SOVEREIGNGLASGOW-3.jpg%22%5D%2C%22og%3Aimage%3Awidth%22%3A%22476%22%2C%22og%3Aimage%3Aheight%22%3A%22249%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fsovereign-grooming.com%22%2C%22og%3Atitle%22%3A%22GLASGOW%20BARBER%20%7C%20EDINBURGH%20BARBER%20%7C%20ABERDEEN%20BARBER%20-%20Sovereign%20Grooming%22%2C%22og%3Asite_name%22%3A%22Sovereign%20Grooming%22%2C%22og%3Adescription%22%3A%22Luxury%20barber%20shops%20in%20Glasgow%2C%20Edinburgh%20and%20Aberdeen%20led%20by%20Kyle%20Ross%2C%20Best%20Barber%20UK.%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1669997126612.773128736&it=1669997126442&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 02 Dec 2022 16:05:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 071e02ce-7101-4319-8440-5b7c4711e498 Show response
wow.getsquire.com/brands/ Frame F46E 2 KB
1 KB 890ms
865ms Document
text/html 2606:4700::6812:f16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wow.getsquire.com/brands/071e02ce-7101-4319-8440-5b7c4711e498
Requested by: Host: widget.getsquire.com
URL: https://widget.getsquire.com/v2/frameLoader.js?1669997126581
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:f16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f16258c2d9d643228248f5fe602b203423e5309faae45a4fcfb92c5f294e609

Request headers

Referer: https://sovereign-grooming.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=300
cf-cache-status: DYNAMIC
cf-ray: 77354ddd4f0cbbb6-FRA
content-encoding: gzip
content-type: text/html
date: Fri, 02 Dec 2022 16:05:28 GMT
last-modified: Thu, 01 Dec 2022 21:10:57 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ii00D45o2aDPdIZ%2BNnNCMQPwa2CnKe4c7GT1w9simTvok0RT8a0xjxefoydB2HHJ%2Bq50DKEs5L%2B10p%2FXSl7m2uwbMgGnmY31wu1sPLMA2vEjPJHhzS4iTe6R5voD4tMuwvrwhd%2FpqvpgKUeHoIgy"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
via: 1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
x-amz-cf-id: gjX7Eif5e_xkHU-4Ak_HqiKScgtuvCpkOSCVPEdzGXe9NZ3WqrqR1g==
x-amz-cf-pop: FRA56-C2
x-cache: Error from cloudfront

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame F46E 102 KB
33 KB 181ms
130ms Script
application/javascript 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: wow.getsquire.com
URL: https://wow.getsquire.com/brands/071e02ce-7101-4319-8440-5b7c4711e498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

94fbb12d189bdafc696e17aa8cf98a377f329e1a41e51b61f2c5ad15e0f8df08

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oll_n2sZzDG7Q3hJQwGe0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wow.getsquire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:05:28 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-oll_n2sZzDG7Q3hJQwGe0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"InstantbuyFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Fri, 02 Dec 2022 16:05:28 GMT

GET
H2 200 api.js Show response
apis.google.com/js/ Frame F46E 17 KB
7 KB 52ms
30ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: wow.getsquire.com
URL: https://wow.getsquire.com/brands/071e02ce-7101-4319-8440-5b7c4711e498

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ad7ec445c350e3df6db55480ecea6e0307a0c6848efabfa53034f3c46f774bf

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wow.getsquire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 02 Dec 2022 16:05:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6892
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "c415cca8db9a84a4"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Dec 2022 16:05:28 GMT

GET
H2 200 main.b84bc5ec08ddf55c9e8e.js Show response
wow.getsquire.com/ Frame F46E 2 MB
659 KB 31ms
31ms Script
application/javascript 2606:4700::6812:f16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wow.getsquire.com/main.b84bc5ec08ddf55c9e8e.js
Requested by: Host: wow.getsquire.com
URL: https://wow.getsquire.com/brands/071e02ce-7101-4319-8440-5b7c4711e498
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:f16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 058f7702984e3052d0b9d453d4f68ccd0b474eb348cf985c7d9f632c53ba28e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wow.getsquire.com/brands/071e02ce-7101-4319-8440-5b7c4711e498
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:05:28 GMT
via: 1.1 49e78dae34a1d21beb31b4002f7ce92e.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: DUS51-C1
age: 2374
cf-polished: origSize=2145010
x-cache: Miss from cloudfront
cf-bgj: minify
last-modified: Thu, 01 Dec 2022 21:10:55 GMT
server: cloudflare
etag: W/"a73cc3884283557d3cc7846b83bab91b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1lWQhYFbfhOOUxnsmr4vpA4ZmY8wdyD6sK4%2FXkcTdQnus7%2FZky8gGsZycoBsMZOAyVZCXCPiPSuoHC53W%2Fump5QYzCzb%2FfuxkSsK6Ewn8xDrDvOp2bhfhF7OmxM1B2aBBUX3Zq6EDNOPok2ZXMbw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 77354de43d75bbb6-FRA
x-amz-cf-id: 7nXiMXrRAGJ78kAk2E3irrb38czpBNrnelxZeNph8K1Wi9WBu0gb1w==
expires: Sat, 03 Dec 2022 16:05:28 GMT

OPTIONS
H2 204 071e02ce-7101-4319-8440-5b7c4711e498
api.getsquire.com/v1/home/ Frame 0
0 291ms
229ms Preflight 2606:4700::6812:f16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getsquire.com/v1/home/071e02ce-7101-4319-8440-5b7c4711e498?include=shops,shops.staticMap,shops.address,shops.photos,shops.instagramImages&nonSquireEcosystem=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:f16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://wow.getsquire.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://wow.getsquire.com
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
cf-ray: 77354de74de2914d-FRA
content-length: 0
date: Fri, 02 Dec 2022 16:05:29 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TSgU7eJvfWLlWGMD%2B2zIcIwHsDCYAn5F0lUiaW5d62c32Y%2FMH5r1egN%2Bf2ijahl6cRk0464tahcxe5Y6%2Fc8L3gLWA7aU2sPeW07pyf%2BuPaTleYRRL%2B1dfqvGUGdj%2Fissv%2FOKoWeqKHdesKP7jM7u"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Access-Control-Request-Headers
x-powered-by: Express

GET
H2 200 071e02ce-7101-4319-8440-5b7c4711e498 Show response
api.getsquire.com/v1/home/ Frame F46E 21 KB
5 KB 243ms
243ms Fetch
application/json 2606:4700::6812:f16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.getsquire.com/v1/home/071e02ce-7101-4319-8440-5b7c4711e498?include=shops,shops.staticMap,shops.address,shops.photos,shops.instagramImages&nonSquireEcosystem=true

Requested by

Host: wow.getsquire.com
URL: https://wow.getsquire.com/main.b84bc5ec08ddf55c9e8e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f16 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b757ccf7180797d95c8585363bd3b0b08f26c7589de8a9921ef249f722b7403

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' getsquire.com *.getsquire.com;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://wow.getsquire.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 02 Dec 2022 16:05:29 GMT
content-security-policy: img-src 'self' getsquire.com *.getsquire.com;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
surrogate-control: no-store
x-dns-prefetch-control: off
x-xss-protection: 0
pragma: no-cache
referrer-policy: no-referrer
server: cloudflare
etag: W/"5433-OJ5mpMcG+/1zhlZ6eWJE2TxLWkw"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wow.getsquire.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p6fbrvkFwGLECJhwuR%2FxlMUyqh7L82DoW2dik7DdVALUGeo1zOGDwvp398xWueFxhb%2BMlUpPpU5pqOhbOddW%2BQERue5XyIXjlsiTf2fvje10WdNLouvi9NnYgEPZCirhxRYaAjujdSA0Iz%2BfuVrN"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 77354de8c920914d-FRA
expires: 0

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.K9Su0nk3cW8.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8btnHqwUVabznuJubPHkJyYc6kxA/ Frame F46E 108 KB
36 KB 66ms
8ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.K9Su0nk3cW8.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8btnHqwUVabznuJubPHkJyYc6kxA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b739d964c631b956ef432d48cdfbf1afb06504d195d26a2a1a892dc4bb11f90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wow.getsquire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 14:08:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7028
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36751
x-xss-protection: 0
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 14:08:20 GMT

GET
DATA 200
OK truncated
/ Frame F46E 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 491b7037472ff549180180085455a0a78b9662caae45e5f4ab81bfeda3c7cb55

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 v3 Show response
js.stripe.com/ Frame F46E 398 KB
96 KB 7ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: wow.getsquire.com
URL: https://wow.getsquire.com/main.b84bc5ec08ddf55c9e8e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e3350f0df8b8f4eccd69dfa9c449b8d8eb53bbb81d7efa83aabebb10079b9658

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wow.getsquire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 02 Dec 2022 16:05:28 GMT
via: 1.1 varnish
age: 22
x-cache: HIT
content-length: 97930
x-request-id: 62484d53-3cab-4373-976f-ab4dee5312f8
x-served-by: cache-hhn4058-HHN
last-modified: Thu, 01 Dec 2022 21:17:15 GMT
server: Fastly
etag: "f60450f904c88c375f2155e2cc09c458"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 23

GET
H3 200 payframe Show response
pay.google.com/gp/p/ui/ Frame F3F6 18 KB
7 KB 206ms
164ms Document
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwow.getsquire.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3e00af6c3521a2bc1b19288eb2c71730a10bbc145c4994bc6665442a57fd39a9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7MyrpVcy4mWWv3rtaVsfFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wow.getsquire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-7MyrpVcy4mWWv3rtaVsfFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin; report-to="InstantbuyFrontendBuyflowPayframeUi"
cross-origin-resource-policy: same-site
date: Fri, 02 Dec 2022 16:05:28 GMT
expires: Fri, 02 Dec 2022 16:05:28 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"InstantbuyFrontendBuyflowPayframeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayframeUi/external"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F46E 51 KB
51 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf46c4cad79f13df13fa0e1aa7ec492b2e9065c068d50a0a859a34c2d5a8e23f

Request headers

Referer
Origin: https://wow.getsquire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type: font/woff2

GET
DATA 200
OK truncated
/ Frame F46E 42 KB
42 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 02a943615e7d82863a6484ce8cc8a93ca7a789325b81febad5205d645e804876

Request headers

Referer
Origin: https://wow.getsquire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type: font/woff2

GET
BLOB 200
OK c3b2f451-6032-4059-823d-b4df783e3208
https://wow.getsquire.com/ Frame F46E 25 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://wow.getsquire.com/c3b2f451-6032-4059-823d-b4df783e3208
Requested by: Host: wow.getsquire.com
URL: https://wow.getsquire.com/brands/071e02ce-7101-4319-8440-5b7c4711e498
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eeaf0dfe446382d25cd6a6795ea20b8a9287c5a899bdc37701e099787728b0b5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Length: 25281

GET
H2 200 controller-6807626aac0c9ec4dec377e6a032abaf.html Show response
js.stripe.com/v3/ Frame E017 325 B
701 B 9ms
9ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-6807626aac0c9ec4dec377e6a032abaf.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b9791ec131156bff05f5bccfc51771d61d7d34e09114abdef87053cc6198f376

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wow.getsquire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 43
cache-control: max-age=60
content-encoding: br
content-length: 155
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 02 Dec 2022 16:05:29 GMT
etag: "6807626aac0c9ec4dec377e6a032abaf"
last-modified: Thu, 01 Dec 2022 20:24:23 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 24
x-content-type-options: nosniff
x-request-id: d4455de5-88a1-41e6-9c61-8de7e49eb55b
x-served-by: cache-hhn4058-HHN

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 58ms
27ms XHR
application/json 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyC3Ux5uJMKOtXn7zP5BozhrK0PgP7Y1hLc&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:05:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://sovereign-grooming.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23
x-xss-protection: 0

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame A121 200 B
838 B 11ms
10ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sovereign-grooming.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1627228
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 02 Dec 2022 16:05:29 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 93558
x-content-type-options: nosniff
x-request-id: 2950d824-6f83-48e6-bfbc-004f98a31ecb
x-served-by: cache-hhn4058-HHN

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame CB2D 43 KB
23 KB 52ms
25ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD&co=aHR0cHM6Ly9zb3ZlcmVpZ24tZ3Jvb21pbmcuY29tOjQ0Mw..&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=normal&cb=jcpf5usuat8n

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0b2e79aa941d9019a92d3aa7b72e2f70bd84a5580c2bf3c4ea99f253ba02560b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XQsltdsnMX5W1Q9zlCB3Kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sovereign-grooming.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 23060
content-security-policy: script-src 'report-sample' 'nonce-XQsltdsnMX5W1Q9zlCB3Kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 16:05:29 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 csp-report
q.stripe.com/ Frame E017 0
570 B 545ms
178ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 02 Dec 2022 16:05:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 8
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-f84b9718522ca43a19002d99fcb8df31.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E017 294 KB
66 KB 9ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-f84b9718522ca43a19002d99fcb8df31.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-6807626aac0c9ec4dec377e6a032abaf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

c0b991a9d607e48bc0b036196862fec5ad353194ddc5f84be0fdaf21328af45d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-6807626aac0c9ec4dec377e6a032abaf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 02 Dec 2022 16:05:29 GMT
via: 1.1 varnish
age: 70753
x-cache: HIT
content-length: 67240
x-request-id: 69fd1178-4bdb-43a7-8627-1049e0eea394
x-served-by: cache-hhn4058-HHN
last-modified: Thu, 01 Dec 2022 20:24:33 GMT
server: Fastly
etag: "832027d4f329e8e74a84506a015a58df"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 10695

GET
H2 200 controller-79f58911ba490bb99ff85cb64206068f.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E017 440 KB
106 KB 10ms
9ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-79f58911ba490bb99ff85cb64206068f.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-6807626aac0c9ec4dec377e6a032abaf.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

262443dc408d2505fdec1d2328ddfa4be1f4fca4a05339e24bab0bf9d0efb54b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-6807626aac0c9ec4dec377e6a032abaf.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 02 Dec 2022 16:05:29 GMT
via: 1.1 varnish
age: 70752
x-cache: HIT
content-length: 108705
x-request-id: 01ab9a08-7b94-45a7-b1b8-84f53b7a159c
x-served-by: cache-hhn4058-HHN
last-modified: Thu, 01 Dec 2022 20:24:31 GMT
server: Fastly
etag: "96cc675ea52eae89fd5fd8af463dbb16"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 10035

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame F3F6 2 KB
2 KB 21ms
20ms Other
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwow.getsquire.com&mid=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 02 Dec 2022 16:05:29 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.p7YkVJTFUaU.es5.O/am=xgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfr... Frame F3F6 154 KB
54 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.p7YkVJTFUaU.es5.O/am=xgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgmOibrntoosTfjgwbyFM1H9KZHEg/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwow.getsquire.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91aa408b041ced606a02fd9523087e5f789f8eb60aa7b9ca1e31072c874d9fa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 17:31:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81258
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55420
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 08:24:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Dec 2023 17:31:11 GMT

GET
H/1.1 200
OK dropdownarrow2.svg
cookieless.imajica.co.uk/sovereign-live/images/ 645 B
991 B 28ms
28ms Image
image/svg+xml 5.10.25.6
EVEREST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookieless.imajica.co.uk/sovereign-live/images/dropdownarrow2.svg

Requested by

Host: cookieless.imajica.co.uk
URL: https://cookieless.imajica.co.uk/sovereign-live/css/main.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

5.10.25.6 Leeds, United Kingdom, ASN60610 (EVEREST-AS, GB),

Reverse DNS

cf.imajica.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

47367f189d8820ebc8d5774d4bcd2f2466e36d36b546109048a1c17f91ea93af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cookieless.imajica.co.uk/sovereign-live/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 16:05:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 20 Mar 2019 15:32:35 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 645

GET
H3 200 ajax-loader.gif
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 4 KB
4 KB 16ms
16ms Image
image/gif 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ajax-loader.gif

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:05:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3003859
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3208
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-1052"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I8JwQ0qxE8NhVdddgVt%2BIT%2BDVhISPjZo9chcmHrcSAUeQYzLjAhsVhdjiMe47xPtLEEygSeAVn6nMzwGUCOEm%2F5ujTEmnfCNVA0n587U5PMOkAnY2M%2FJvAOs5EP%2BnLSwPZ43AVACPIO4foNOPzfcdCLc"}],"group":"cf-nel","max_age":604800}
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77354de91c4b5cb0-FRA
expires: Wed, 22 Nov 2023 16:05:29 GMT

GET
H2 200 1_240x240.png
cdn.shopify.com/s/files/1/0069/3613/3732/products/ 3 KB
4 KB 193ms
161ms Image
image/avif 162.159.134.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0069/3613/3732/products/1_240x240.png?v=1551607846

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.68 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a468e470fc78321a27319224bfddf0709112e7e3f3398d265e0c52d8897de2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:05:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-east1
source-type: image/png
server-timing: imagery;dur=285.111, imageryFetch;dur=84.170, imageryProcess;dur=200.236;desc="image", cfRequestDuration;dur=167.999983
source-length: 126318
content-length: 2828
x-xss-protection: 1; mode=block
x-request-id: 42d27c96-616d-469b-9b77-70d8fc9dd283
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 27 Nov 2022 21:35:40 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W7SCZdD7ABGP85Rpr9eGv52SLtY55FOUJ0nk%2FP2n1GK%2BANsKTaREyamAwnNFg2NsF%2FSZX91hj%2FxPXC%2BRlbYZhxc%2FfzP9dqA9c15%2Fdh2kW%2FE8viIbfVz0rKTRWbPSPu5LVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0069/3613/3732/products/1_240x240.png>; rel="canonical"
cf-ray: 77354de97ae8995a-FRA

GET
H2 200 Beard_Elixar_240x240.png
cdn.shopify.com/s/files/1/0069/3613/3732/products/ 5 KB
6 KB 180ms
148ms Image
image/avif 162.159.134.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0069/3613/3732/products/Beard_Elixar_240x240.png?v=1551615746

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.68 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cf98d680b3586e776734de4f8f7cd3ce46dd8930a674428453089c515716bf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:05:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-central1
source-type: image/png
server-timing: imagery;dur=245.343, imageryFetch;dur=31.361, imageryProcess;dur=213.431;desc="image", cfRequestDuration;dur=137.000084
source-length: 462420
content-length: 5442
x-xss-protection: 1; mode=block
x-request-id: 90c71037-6058-4c2c-8732-6be418048bf2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 16 Nov 2022 03:15:48 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZecWQZGm%2FMSVObDsAB6uaDsVFAVKBIO7EIyy%2F4lRoDoKSDQMKdb0l8DSLkKBNv1kE95j%2F4wyM73zElVRcE%2Buzo1aABvnG5oTjZ%2Frt3EZh9mTyE7TCKuR7W80%2BlGxeTAmew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0069/3613/3732/products/Beard_Elixar_240x240.png>; rel="canonical"
cf-ray: 77354de97aea995a-FRA

GET
H2 200 Beard_Shampoo_Conditioner_240x240.png
cdn.shopify.com/s/files/1/0069/3613/3732/products/ 4 KB
4 KB 181ms
150ms Image
image/avif 162.159.134.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0069/3613/3732/products/Beard_Shampoo_Conditioner_240x240.png?v=1551607585

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.68 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc20d33e8fa1cd59cc784d609befda02e6dc833c96f4833b5dfe56385bffe3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:05:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-east1,us-central1
source-type: image/png
server-timing: imagery;dur=344.113, imageryFetch;dur=84.036, imageryProcess;dur=259.384;desc="image", cfRequestDuration;dur=141.000032
source-length: 250232
content-length: 3969
x-xss-protection: 1; mode=block
x-request-id: 5c534837-9888-483d-89bb-6de3fd11e4ca
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 23 Nov 2022 05:14:48 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXKSrVphJYF9FxRSNe39wZ8kMuCaFaZtyRww4ghp0iHYVef7XuBtI0tV%2Fx0UtJRMAoNhgf%2FvclgFOL3KW8f11KdEaciCgF67Knp0ggkLXlvdfqueYSNBcf6rHcci4gCGaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0069/3613/3732/products/Beard_Shampoo_Conditioner_240x240.png>; rel="canonical"
cf-ray: 77354de97aec995a-FRA

GET
H2 200 Beard_Balm_240x240.png
cdn.shopify.com/s/files/1/0069/3613/3732/products/ 4 KB
5 KB 185ms
153ms Image
image/avif 162.159.134.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.shopify.com/s/files/1/0069/3613/3732/products/Beard_Balm_240x240.png?v=1551615911

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.134.68 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ebd172205f1e25c33f1d614503dd7152557ef23d65e479a80ff9c2db93a4bdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:05:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-central1
source-type: image/png
server-timing: imagery;dur=334.747, imageryFetch;dur=48.893, imageryProcess;dur=285.101;desc="image", cfRequestDuration;dur=146.000147
source-length: 269482
content-length: 4245
x-xss-protection: 1; mode=block
x-request-id: a73dcbdd-036a-41b2-8966-cd09c64b7ab0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 16 Oct 2022 12:29:57 GMT
server: cloudflare
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6WXLOlS4ZuTVLOHOJAsIhgkGT6JyigKhATyrVhcg5%2BFgnocwPPdW9N%2FCn%2FBNkkcTqiJK7YM4pQOeg9ftLuxG1vSRC2ntiqhlcSKPsQr0qjPMfyWICg4Y5%2BK%2F17NTXksgUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/avif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
accept-ranges: bytes
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0069/3613/3732/products/Beard_Balm_240x240.png>; rel="canonical"
cf-ray: 77354de97aef995a-FRA

POST
H2 200 csp-report
q.stripe.com/ Frame A121 0
570 B 470ms
177ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 02 Dec 2022 16:05:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 8
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame A121 0
570 B 470ms
178ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 02 Dec 2022 16:05:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 8
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame A121 631 B
466 B 7ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 02 Dec 2022 16:05:29 GMT
via: 1.1 varnish
age: 1627227
x-cache: HIT
content-length: 332
x-request-id: b97cb911-aad5-4490-aeda-8a95050a4422
x-served-by: cache-hhn4058-HHN
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 82860

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame CB2D 52 KB
24 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD&co=aHR0cHM6Ly9zb3ZlcmVpZ24tZ3Jvb21pbmcuY29tOjQ0Mw..&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=normal&cb=jcpf5usuat8n

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 14:58:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4046
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 14:58:03 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame CB2D 402 KB
161 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5773240cdcd07b20f60e178a5d1bdbec55783aba224236be6a40429d1cf44998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 15:37:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164812
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 15:37:08 GMT

POST
H2 202 replay Show response
session-replay.browser-intake-datadoghq.com/api/v2/ Frame F46E 53 B
239 B 915ms
328ms XHR
application/json 2600:1f18:24e6:b901:b572:de83:bde:5bf9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://session-replay.browser-intake-datadoghq.com/api/v2/replay?ddsource=browser&ddtags=sdk_version%3A4.11.5%2Cenv%3Aproduction%2Cservice%3Awow-mobile%2Cversion%3A1.2.1_8f6cebc8&dd-api-key=pubb50e3767170ef4f7c8fbb770bd3aa1ec&dd-evp-origin-version=4.11.5&dd-evp-origin=browser&dd-request-id=bd38ef5d-d5d4-4199-b853-3252dd094cad

Requested by

Host: wow.getsquire.com
URL: https://wow.getsquire.com/main.b84bc5ec08ddf55c9e8e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b901:b572:de83:bde:5bf9 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

5abfff379531bbe9d2d60eb45a11dda970c9c89ccc78b7889bc7de0a4d7a9028

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800;
X-Content-Type-Options	nosniff

Request headers

Referer: https://wow.getsquire.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary7ZSZsr3w7HWSsQ0m

Response headers

access-control-allow-origin: *
date: Fri, 02 Dec 2022 16:05:30 GMT
strict-transport-security: max-age=15724800;
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
content-length: 53
content-type: application/json

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 6F58 930 B
2 KB 44ms
9ms Document
text/html 2600:9000:2057:b600:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:b600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 38
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 02 Dec 2022 16:04:55 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
x-amz-cf-id: ct92vPP1WViI-lNb6Ac5wqL7qYTLDP-4JygzJxwsfWvIqSPtqSWKYg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame E017 474 B
588 B 22ms
7ms Fetch
application/json 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f84b9718522ca43a19002d99fcb8df31.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8149465c007a298a66a8e23a6a95fc551358fc756ae375ba8b35a5bfdb69d9c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-6807626aac0c9ec4dec377e6a032abaf.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 02 Dec 2022 16:05:29 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 50
x-cache: HIT
content-length: 279
x-request-id: 2a12d250-dde4-40e0-a1fc-578b22147fa6
x-served-by: cache-hhn4055-HHN
last-modified: Thu, 01 Dec 2022 21:17:15 GMT
server: Fastly
etag: "c5d8f307e75c8905d4004a3fc5980820"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 17

GET
H3 200 m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.p7YkVJTFUaU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q0q... Frame F3F6 69 KB
25 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.p7YkVJTFUaU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q0q0HRc5R0M.L.B1.O/am=xgAQ/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfriBOyiuU4y1K16P6dqLpFZBhWn8pA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.p7YkVJTFUaU.es5.O/am=xgAQ/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrgmOibrntoosTfjgwbyFM1H9KZHEg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad04a02a8232309e535a6e72de5b63f63723bf5463b230ab5788456c93ac18c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 17:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25997
x-xss-protection: 0
last-modified: Tue, 29 Nov 2022 02:25:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Dec 2023 17:31:20 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 6F58 0
345 B 351ms
170ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 16:05:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-robots-tag: none
content-length: 0
expires: 0

GET
DATA 200
OK truncated
/ Frame CB2D 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CB2D 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame CB2D 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 73520
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 08 Dec 2022 19:40:09 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CB2D 15 KB
15 KB 22ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 19:21:27 GMT
x-content-type-options: nosniff
age: 247442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 19:21:27 GMT

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 6F58 86 KB
14 KB 10ms
10ms Script
text/javascript 2600:9000:2057:b600:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:b600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 02 Dec 2022 16:03:28 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 124
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: terf2q0Fe7nOGAWVJ2ML-sTbfVeKvr3j7QUtRknIjloERKku0pcEfQ==

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame CB2D 102 B
134 B 15ms
15ms Other
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Km9gKuG06He-isPsP6saG8cn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4d77e58db2ca624537becef34dff8d3c24628e41592ac4106e1b5813e0a1d8a0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD&co=aHR0cHM6Ly9zb3ZlcmVpZ24tZ3Jvb21pbmcuY29tOjQ0Mw..&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=normal&cb=jcpf5usuat8n
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:05:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 02 Dec 2022 16:05:29 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame E017 0
127 B 795ms
318ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f84b9718522ca43a19002d99fcb8df31.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 02 Dec 2022 16:05:30 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame E017 0
127 B 793ms
317ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f84b9718522ca43a19002d99fcb8df31.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 02 Dec 2022 16:05:30 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame E017 0
128 B 792ms
317ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f84b9718522ca43a19002d99fcb8df31.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 02 Dec 2022 16:05:30 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame E017 0
127 B 792ms
318ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f84b9718522ca43a19002d99fcb8df31.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 02 Dec 2022 16:05:30 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame E017 0
127 B 794ms
320ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f84b9718522ca43a19002d99fcb8df31.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 02 Dec 2022 16:05:30 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame E017 0
127 B 796ms
323ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f84b9718522ca43a19002d99fcb8df31.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 02 Dec 2022 16:05:30 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame E017 0
127 B 795ms
322ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f84b9718522ca43a19002d99fcb8df31.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 02 Dec 2022 16:05:30 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame E017 0
127 B 796ms
324ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f84b9718522ca43a19002d99fcb8df31.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 02 Dec 2022 16:05:30 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame E017 0
127 B 793ms
322ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f84b9718522ca43a19002d99fcb8df31.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 02 Dec 2022 16:05:30 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame E017 0
127 B 792ms
321ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f84b9718522ca43a19002d99fcb8df31.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 02 Dec 2022 16:05:30 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame F3F6 1 MB
355 KB 136ms
135ms XHR
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab67cb38df47e27b314a811139171e45dbd7124d78bdfd4626fd73b059ede91b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-Kd2xCddFN3dZIVT3XZ550g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:05:29 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-Kd2xCddFN3dZIVT3XZ550g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none; report-to="InstantbuyFrontendBuyflowPayUi"
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
report-to: {"group":"InstantbuyFrontendBuyflowPayUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayUi/external"}]}
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Fri, 02 Dec 2022 16:05:29 GMT

GET
DATA 200
OK truncated
/ Frame F46E 318 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05822e75aef3e830d3b16740100cb4fef5e3632fea0c11bba633dbe342df47a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 1b64da75-851a-42fa-b1a1-7d3cabf5555a_untitled-design-13.png
images-prod-1.getsquire.com/ Frame F46E 236 KB
237 KB 104ms
87ms Image
image/jpeg 2606:4700::6812:f16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-prod-1.getsquire.com/1b64da75-851a-42fa-b1a1-7d3cabf5555a_untitled-design-13.png
Requested by: Host: wow.getsquire.com
URL: https://wow.getsquire.com/brands/071e02ce-7101-4319-8440-5b7c4711e498
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:f16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6be10b2a466fd187fb1c8efb1c0a315a4dace9a75e746b379580c6f67e9aadb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wow.getsquire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:05:29 GMT
x-amz-version-id: 9yuzw6zmyPKZtO_I0XNLOS6cB_IEENvq
via: 1.1 85ca8c4198fb707d10ecc2a784a315be.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P7
x-cache: Hit from cloudfront
content-length: 242158
last-modified: Sun, 20 Mar 2022 11:48:11 GMT
server: cloudflare
etag: "d0682a6dc9926290bf6973f4a5b18833"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuUF9exsn8y0oGXMcF4updpTIxLayObb0l2qKbxI95jtuHQbbfZqwqPiZQyUWY3XFZ%2FJZGxHaZVY5UZoAmXpqq85rm75OevDHz8vRwquLjnVRfueeCsbCOsc%2B3ocelQgOul%2FFynxoMoSfuR12UkecL0ob2aCyG%2FWZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77354deb5dfebbb6-FRA
x-amz-cf-id: iC6TdDFFN3SOsoT-Q8gBeMAxzrdxhGImGRWkcLzjom7BgqTSQFkdaA==
expires: Sat, 03 Dec 2022 16:05:29 GMT

GET
H2 200 dd1e65f9-2093-47b1-bb9e-a48fa14e2f02_1.png
images-prod-1.getsquire.com/ Frame F46E 134 KB
135 KB 104ms
87ms Image
image/jpeg 2606:4700::6812:f16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-prod-1.getsquire.com/dd1e65f9-2093-47b1-bb9e-a48fa14e2f02_1.png
Requested by: Host: wow.getsquire.com
URL: https://wow.getsquire.com/brands/071e02ce-7101-4319-8440-5b7c4711e498
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:f16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c9d0898b8ffd6d21f8c0d99af6d53a2ea85f5ae2fdcd4d117dd748dbc72c267

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wow.getsquire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:05:29 GMT
x-amz-version-id: s89onf7q0M9a5_G6..JEcO2EBxle6FZn
via: 1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P7
x-cache: Hit from cloudfront
content-length: 137440
last-modified: Tue, 16 Mar 2021 18:27:54 GMT
server: cloudflare
etag: "ec8339008b115ce5e35bd345e845a75e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ahxXcc5JDi%2FdVwXbh5EJq8UIDBHT%2BmOzdzRTV17553T2CEHQBaO%2B8aMA4cRHtlGEQNOWUOAzqNjMj3xSQJGR4xgWiHgn%2Fb4o%2BLEzzqHwgZyrugduzoxYj2QFgxQbUlyBYZAw9zkvjUJ4VJBAkiHOUby%2Fxcon7RfdlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77354deb5dfdbbb6-FRA
x-amz-cf-id: 6j4hqnTYJ3Fmzn-A1yI_0KRBDkt0sOwMOkppfbAGAEUMRZ6DN0kISw==
expires: Sat, 03 Dec 2022 16:05:29 GMT

GET
H2 200 a3190a93-9f8a-4d2e-8f87-0fd3709b4b01_untitled-design-12.png
images-prod-1.getsquire.com/ Frame F46E 257 KB
258 KB 93ms
77ms Image
image/jpeg 2606:4700::6812:f16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-prod-1.getsquire.com/a3190a93-9f8a-4d2e-8f87-0fd3709b4b01_untitled-design-12.png
Requested by: Host: wow.getsquire.com
URL: https://wow.getsquire.com/brands/071e02ce-7101-4319-8440-5b7c4711e498
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:f16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f28850fefc149fe6715f241a11eace9b5b37fbc03248269ee9665ce1429a8727

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wow.getsquire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 16:05:29 GMT
x-amz-version-id: VnpNXRmO8jJQ0uX3UWEUSshV.yt.knKx
via: 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P7
x-cache: Hit from cloudfront
content-length: 263296
last-modified: Sun, 20 Mar 2022 11:46:38 GMT
server: cloudflare
etag: "ff91e5030a6ed90aa4b6912010fd6560"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2F9n8F0r4U6cAJwX3n3kIpsxoN%2Bs5%2BI%2BavuDnSO2M1JXAMEnydehlXhCZ9BgcuZnVW%2FEiGm0QqeH%2Fm%2FbRcY77p0xdYBr7OHpOBek1QkUeYWFEEzoI50V8woFXjqd0vMdguu5fqTPKyyuxMX0sOQ4f3BlvCXxGGU7OA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77354deb5df7bbb6-FRA
x-amz-cf-id: pqXGbIDVKeOm-OFWo2v40lCRpzVfjiYmSQ6NEoWgPI8YD14X5VaCMw==
expires: Sat, 03 Dec 2022 16:05:29 GMT

GET
DATA 200
OK truncated
/ Frame F46E 50 KB
50 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b094b2cb09fb3d4e8971679e0d8108b49fcc6c55214b278a7c3f106e67f2b03

Request headers

Referer
Origin: https://wow.getsquire.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type: font/woff2

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame CC3D 7 KB
1 KB 19ms
18ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=Km9gKuG06He-isPsP6saG8cn&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

281c7cf266c7d31eff0db5583c45f9a195bf9f2228c894370c18fab84c541b19

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-S8okGdf0oOzypbfJaijCDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sovereign-grooming.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1116
content-security-policy: script-src 'report-sample' 'nonce-S8okGdf0oOzypbfJaijCDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 16:05:29 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.p7YkVJTFUaU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q0q... Frame F3F6 23 KB
9 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.p7YkVJTFUaU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q0q0HRc5R0M.L.B1.O/am=xgAQ/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfriBOyiuU4y1K16P6dqLpFZBhWn8pA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

137a117277e4cbf4d4deff4f6a461696dd174e5a20a00d783270519422dfad25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 17:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9235
x-xss-protection: 0
last-modified: Tue, 29 Nov 2022 02:25:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Dec 2023 17:31:20 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.p7YkVJTFUaU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q0q... Frame F3F6 37 KB
14 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.p7YkVJTFUaU.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.q0q0HRc5R0M.L.B1.O/am=xgAQ/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfriBOyiuU4y1K16P6dqLpFZBhWn8pA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93a141de2392de63e7a48b844237f1dacdf2368a261115feeb6650c1e53122c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 17:31:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13980
x-xss-protection: 0
last-modified: Tue, 29 Nov 2022 02:25:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Dec 2023 17:31:20 GMT

POST
H3 200 log Show response
play.google.com/ Frame F3F6 131 B
155 B 86ms
69ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 02 Dec 2022 16:05:29 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 02 Dec 2022 16:05:29 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 61ms
39ms Preflight
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 02 Dec 2022 16:05:29 GMT
expires: Fri, 02 Dec 2022 16:05:29 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame F3F6 131 B
155 B 60ms
44ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 02 Dec 2022 16:05:29 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 02 Dec 2022 16:05:29 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 58ms
39ms Preflight
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 02 Dec 2022 16:05:29 GMT
expires: Fri, 02 Dec 2022 16:05:29 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame F3F6 131 B
155 B 59ms
43ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 02 Dec 2022 16:05:29 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 02 Dec 2022 16:05:29 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 57ms
40ms Preflight
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 02 Dec 2022 16:05:29 GMT
expires: Fri, 02 Dec 2022 16:05:29 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 202 replay Show response
session-replay.browser-intake-datadoghq.com/api/v2/ Frame F46E 53 B
238 B 686ms
428ms XHR
application/json 2600:1f18:24e6:b901:b572:de83:bde:5bf9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: wow.getsquire.com
URL: https://wow.getsquire.com/main.b84bc5ec08ddf55c9e8e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b901:b572:de83:bde:5bf9 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

5421d4b74221cd6ca6a1f9905100a76dc789312214f5610e548c3802ef21b036

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800;
X-Content-Type-Options	nosniff

Request headers

Referer: https://wow.getsquire.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryeckfsDdAponKW5Ln

Response headers

access-control-allow-origin: *
date: Fri, 02 Dec 2022 16:05:30 GMT
strict-transport-security: max-age=15724800;
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
content-length: 53
content-type: application/json

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame CC3D 52 KB
24 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Km9gKuG06He-isPsP6saG8cn&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 14:58:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4046
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 14:58:03 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame CC3D 402 KB
161 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=Km9gKuG06He-isPsP6saG8cn&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5773240cdcd07b20f60e178a5d1bdbec55783aba224236be6a40429d1cf44998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 15:37:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164812
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 15:37:08 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 6F58 156 B
523 B 527ms
175ms XHR
application/json 35.82.157.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.82.157.189 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-82-157-189.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e76deba5c7dd37ab04a7d4902406fc46c565c8b3f1b83da69817ed967817b79d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 02 Dec 2022 16:05:30 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 4F99 200 B
857 B 7ms
7ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wow.getsquire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1627229
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 02 Dec 2022 16:05:29 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 93560
x-content-type-options: nosniff
x-request-id: 109f54b0-3255-46d2-86df-4e224987f0ee
x-served-by: cache-hhn4058-HHN

POST
H3 200 log Show response
play.google.com/ Frame F3F6 131 B
155 B 43ms
42ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 02 Dec 2022 16:05:29 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 02 Dec 2022 16:05:29 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame E017 0
127 B 491ms
324ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f84b9718522ca43a19002d99fcb8df31.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 02 Dec 2022 16:05:30 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 csp-report
q.stripe.com/ Frame 4F99 0
570 B 173ms
172ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 02 Dec 2022 16:05:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 4F99 0
570 B 172ms
171ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 02 Dec 2022 16:05:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4F99 631 B
510 B 7ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 02 Dec 2022 16:05:29 GMT
via: 1.1 varnish
age: 1627228
x-cache: HIT
content-length: 332
x-request-id: 12a89b40-dd1e-4a1a-90e9-eb5f0b2a6312
x-served-by: cache-hhn4058-HHN
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 82862

GET
H2 200 inner.html Show response
m.stripe.network/ Frame E83E 930 B
2 KB 11ms
9ms Document
text/html 2600:9000:2057:b600:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:b600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 38
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 02 Dec 2022 16:04:55 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
x-amz-cf-id: ygLG4E4H3I7ipDSRv6xe2vhPhOXLcYlZd2JTRza0gYU6Mi105uCSlA==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame E83E 0
344 B 173ms
173ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: sovereign-grooming.com
URL: https://sovereign-grooming.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 02 Dec 2022 16:05:29 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame E83E 86 KB
14 KB 20ms
20ms Script
text/javascript 2600:9000:2057:b600:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:b600:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 02 Dec 2022 16:03:28 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 08bbe291f260c2b80a00874a80ade07c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 124
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: 6YLmTab5BRoYr9Wf2Ko462N4_IV0YEkK2VSFb32VQ3RpDhl_rSMD6A==

POST
H2 200 6 Show response
m.stripe.com/ Frame E83E 156 B
521 B 316ms
220ms XHR
application/json 35.82.157.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.82.157.189 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-82-157-189.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

ce820f6da54695d1604c13638a7a8fdc6d36eae978ee27df3242f2ff7ad48ea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 02 Dec 2022 16:05:30 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/2/intl/de_ALL/ 249 KB
68 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/2/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyC3Ux5uJMKOtXn7zP5BozhrK0PgP7Y1hLc&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c786df0068c2ae08680515869726a8c52edfc4219e4f60294117f1fb397e169

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69812
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 22:32:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 09:45:45 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/2/intl/de_ALL/ 166 KB
61 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/2/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyC3Ux5uJMKOtXn7zP5BozhrK0PgP7Y1hLc&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1320702d9510099a9f4528734317b25c2697c4de93f1c239cd800e305d8f58c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sovereign-grooming.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 21:46:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62761
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 22:32:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 21:46:02 GMT

GET
H2 200 trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F46E 295 B
365 B 8ms
8ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wow.getsquire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 02 Dec 2022 16:05:34 GMT
via: 1.1 varnish
age: 146068
x-cache: HIT
content-length: 209
x-request-id: 9ccbb5a3-46dd-405c-ad95-107e1858df1b
x-served-by: cache-hhn4058-HHN
last-modified: Tue, 22 Nov 2022 03:54:48 GMT
server: Fastly
etag: "477956b204dfd45e10334fc060914d4b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8770

POST
H2 200 0 Show response
r.stripe.com/ Frame E017 0
127 B 163ms
162ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-f84b9718522ca43a19002d99fcb8df31.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 02 Dec 2022 16:05:34 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sovereign-grooming.com/	1970-01-20 17:29:17	Name: CFID Value: 30415544
sovereign-grooming.com/	1970-01-20 17:29:17	Name: CFTOKEN Value: addbbd801da2bb80-43D21B7E-FC93-2B41-C83A5B0FE243B9C2
sovereign-grooming.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 4521562E394E959C7969E74857156A11.cfusion
.getsquire.com/	1970-01-20 07:53:18	Name: __cf_bm Value: acVrtu9M_haFY0e.7aj_LmpnCyZHYJEX1o.LGDFLzcs-1669997126-0-AX8tfYZAAGts1LPNgDWGWhNzI8Zgtpg2/gpkoSRbyLpNzZ/BjM60sfM+83rS+e4Qqe56kJZC5hg928rdhS5OTOQ=
.sovereign-grooming.com/	1970-01-20 17:29:17	Name: _ga Value: GA1.2.402414351.1669997127
.sovereign-grooming.com/	1970-01-20 07:54:43	Name: _gid Value: GA1.2.591933003.1669997127
.sovereign-grooming.com/	1970-01-20 07:53:17	Name: _gat_gtag_UA_34216017_3 Value: 1
.sovereign-grooming.com/	1970-01-20 07:53:17	Name: _gat_gtag_UA_122856_83 Value: 1
.sovereign-grooming.com/	1970-01-20 10:02:53	Name: _fbp Value: fb.1.1669997126612.773128736
.google.com/	1970-01-20 12:16:48	Name: NID Value: 511=kdMUywK-_6GsGDQuuVnvBASl4YW7h80lov8OjJvTxY8WqV9tW1neChcw7B4WGB4zbLAFxtAIjcHmF1uCQuUN7YW5wtfuu2yeIrPH_0qubIM5YamRNdSeOGAfm7UEcSuDCl3ThzsfhzBAi5W3hoGg3nLvaA30K2G4oBLl3A3F0sw
.sovereign-grooming.com/	1970-01-20 16:38:53	Name: __stripe_mid Value: 3a21ec88-2dea-49d5-9c8c-cecb71e31bbaa025c2
.sovereign-grooming.com/	1970-01-20 07:53:18	Name: __stripe_sid Value: 13efb440-6565-42b4-8667-862547198df12dcc9a
m.stripe.com/	1970-01-20 17:29:17	Name: m Value: cb0962f4-2688-4ead-bb86-1a2b5b748920082208
.wow.getsquire.com/	1970-01-20 07:53:18	Name: _dd_s Value: rum=1&id=4fdc678c-8846-4e76-9082-b5baf622bb01&created=1669997128628&expire=1669998028628

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' cookieless.imajica.co.uk .amazonaws.com .cloudflare.com .google.com code.jquery.com cdn.jsdelivr.net .googletagmanager.com .getsquire.com .stripe.com .google-analytics.com .facebook.net .googleapis.com .gstatic.com .mailerlite.com .shopify.com .facebook.com .mxpnl.com *.vimeo.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.getsquire.com
apis.google.com
cdn.jsdelivr.net
cdn.mailerlite.com
cdn.shopify.com
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
cookieless.imajica.co.uk
fonts.googleapis.com
fonts.gstatic.com
huntsman-aberdeen.com
images-prod-1.getsquire.com
js.stripe.com
m.stripe.com
m.stripe.network
maps.googleapis.com
pay.google.com
play.google.com
q.stripe.com
r.stripe.com
s3-eu-west-1.amazonaws.com
session-replay.browser-intake-datadoghq.com
sovereign-grooming.com
static.mailerlite.com
track.mailerlite.com
widget.getsquire.com
wow.getsquire.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
108.179.232.157
151.101.64.176
162.159.134.68
2001:4de0:ac18::1:a:3b
2600:1f18:24e6:b901:b572:de83:bde:5bf9
2600:9000:2057:b600:19:7d10:bd80:93a1
2606:4700::6810:5514
2606:4700::6811:190e
2606:4700::6812:c45
2606:4700::6812:f16
2a00:1450:4001:801::200e
2a00:1450:4001:803::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2004
2a00:1450:4001:812::200e
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2008
2a00:1450:400c:c00::5c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.82.157.189
5.10.25.6
52.218.118.0
54.187.119.242
02a943615e7d82863a6484ce8cc8a93ca7a789325b81febad5205d645e804876
05822e75aef3e830d3b16740100cb4fef5e3632fea0c11bba633dbe342df47a1
058f7702984e3052d0b9d453d4f68ccd0b474eb348cf985c7d9f632c53ba28e6
0896440488004a152d26c9c80a8f111f10bc1f59139371dfc529d27785d0f515
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0a468e470fc78321a27319224bfddf0709112e7e3f3398d265e0c52d8897de2d
0b2e79aa941d9019a92d3aa7b72e2f70bd84a5580c2bf3c4ea99f253ba02560b
0daf0115b718f2b334a5f44c064394cc317eb6c5cef7d9145fe7dbc64f4f6394
0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849
0ebd172205f1e25c33f1d614503dd7152557ef23d65e479a80ff9c2db93a4bdd
137a117277e4cbf4d4deff4f6a461696dd174e5a20a00d783270519422dfad25
1959be9cbfd6e9c65d1f1a699b4ba478fbc489338c96f9ec227c7bfbad9bbc5d
1a3855d1dbb188b21f56417936424e6963674612244b49de695e843a185f4469
1acbdfed09e156ce09de0bc254132a64356856c2593be41c84bbb14ec311505f
1ad8ee4a07deafe95a7c98ce3bc3c33c1772fcf1ca61ddb0292cb5ad9d160ab3
1b739d964c631b956ef432d48cdfbf1afb06504d195d26a2a1a892dc4bb11f90
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1ed082521f47921ffff14d4ec1c6c3f1ea55114741bee23cc23d4ab6a3213642
20ce5e5a04350ffa0e4d32c7b124f55601f27c1a2143f46a123aa027d4a36d47
226f85bdffb915c7751d9a0bc7adee293eb9e7a2cbfaff50c71951e62e9886f4
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
262443dc408d2505fdec1d2328ddfa4be1f4fca4a05339e24bab0bf9d0efb54b
281c7cf266c7d31eff0db5583c45f9a195bf9f2228c894370c18fab84c541b19
287707d8a256042a32ad9e2ef2b5f903049aee64eb1823c554b86e146fa7b8a9
2b735a24f860048746dda8712ccd3899e2ba2bcff2641065f393120544da47e5
3171655d10793c2d807453a2a70a6282d75aaab7c6dd2cd2e429ce9c137a0d6e
3189f267292a7e6bd2b9337c283c743698a61ee80a0c1c23c3d33977fcaf6723
3453865bb979731296b6df0c7ad59fed11d969568fd988c22e91fd12390611ca
3474d4e67ce243f6bfe12bcb845d69efea2339b3626202075a73b803340a1a35
357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
3ad7ec445c350e3df6db55480ecea6e0307a0c6848efabfa53034f3c46f774bf
3e00af6c3521a2bc1b19288eb2c71730a10bbc145c4994bc6665442a57fd39a9
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fc5e0c7e572a7239bca482169ff266298afb784e1b28fe6039fd3eff95552ce
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
47367f189d8820ebc8d5774d4bcd2f2466e36d36b546109048a1c17f91ea93af
491b7037472ff549180180085455a0a78b9662caae45e5f4ab81bfeda3c7cb55
492660ee96d74563d18c5395158d1f30b556de1bf87b15eb2379436293a7eb15
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4c9d0898b8ffd6d21f8c0d99af6d53a2ea85f5ae2fdcd4d117dd748dbc72c267
4d77e58db2ca624537becef34dff8d3c24628e41592ac4106e1b5813e0a1d8a0
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
5421d4b74221cd6ca6a1f9905100a76dc789312214f5610e548c3802ef21b036
5773240cdcd07b20f60e178a5d1bdbec55783aba224236be6a40429d1cf44998
5abfff379531bbe9d2d60eb45a11dda970c9c89ccc78b7889bc7de0a4d7a9028
5c786df0068c2ae08680515869726a8c52edfc4219e4f60294117f1fb397e169
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
6b094b2cb09fb3d4e8971679e0d8108b49fcc6c55214b278a7c3f106e67f2b03
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cf98d680b3586e776734de4f8f7cd3ce46dd8930a674428453089c515716bf8
718fb898d60dbe526d0e8dfd952b2ad652e923c53ac0a48d1a709a832f036130
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
7d8be7379d2c0f194a7d4f37690e76497d090801d17607902178910f3a870dcf
8149465c007a298a66a8e23a6a95fc551358fc756ae375ba8b35a5bfdb69d9c8
8a380b3cfc57c0e3336f5ad21b555c689c85df52a992c466ccbb70206d95fda1
8b757ccf7180797d95c8585363bd3b0b08f26c7589de8a9921ef249f722b7403
8bf5495fca815b738847f590703007ccd24d6f04a213cb13483685696425c3a5
8ef7c2263880b115596b765383aac5a63cf46c1d2a380fefbda15b68d847d085
90a6a3eb41bfed4b28ed3fff169591c1cbe2a934ca1ad7e2322c9b641cd56616
90d0c12c22744ac07394873d3079645e9bfdc0719f79fd2983571bbb74627951
91aa408b041ced606a02fd9523087e5f789f8eb60aa7b9ca1e31072c874d9fa1
93a141de2392de63e7a48b844237f1dacdf2368a261115feeb6650c1e53122c2
94fbb12d189bdafc696e17aa8cf98a377f329e1a41e51b61f2c5ad15e0f8df08
96436bad569e4610ad9889673f0b81ef9188dda957c6434d6f1895df08af1d2e
9cdea941254ed175a4c9d88766067052c3ba7c4eca347570ea63ba6f0dd35aa1
9f16258c2d9d643228248f5fe602b203423e5309faae45a4fcfb92c5f294e609
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a19aeb7a2ef26c0039680e69d7f9180fb9a4da6b0891583a126826dd5ff79f29
a4be01097d4a084e24b380ab1ed6d5b75425b07931a8baa1d81c5c621309ecb0
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a6be10b2a466fd187fb1c8efb1c0a315a4dace9a75e746b379580c6f67e9aadb
ab67cb38df47e27b314a811139171e45dbd7124d78bdfd4626fd73b059ede91b
abdcc8c10388d0d324de90a56eecbcd7a37537777d9615d0f4d676b61a8c4643
ad04a02a8232309e535a6e72de5b63f63723bf5463b230ab5788456c93ac18c5
ad28d31f434243e9c5445a39542ff8fc06a084e7cfee1016e147e851a0a2c4bb
b059c6578752c58366131b987184e24b7be6c781c2e600344d983436abc903f3
b1320702d9510099a9f4528734317b25c2697c4de93f1c239cd800e305d8f58c
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b6fde43e822a550063a852091a573de7af5c64c03d51e5b6f1a3e912073da065
b8b273b2aedc1b89c61ef048aae10350df6d83d553a681ca1a1a1fa3d943a9e7
b9791ec131156bff05f5bccfc51771d61d7d34e09114abdef87053cc6198f376
bc01df28a35c4072941b86577480e01e114d389b55224f923822608f88376a3e
bf46c4cad79f13df13fa0e1aa7ec492b2e9065c068d50a0a859a34c2d5a8e23f
c0b991a9d607e48bc0b036196862fec5ad353194ddc5f84be0fdaf21328af45d
c77ae965196f7308b827ce8cef39758740e9652e49958d866454ca1967e03dae
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
cd2235d8f893344a27b23515ff38e97d25e55674d09b3fc28d4d22220535df9d
ce820f6da54695d1604c13638a7a8fdc6d36eae978ee27df3242f2ff7ad48ea0
d2bc9c513d50deb617981195a91d357c004688ae7a90962da29814385e168dea
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
dc20d33e8fa1cd59cc784d609befda02e6dc833c96f4833b5dfe56385bffe3e9
e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6
e3350f0df8b8f4eccd69dfa9c449b8d8eb53bbb81d7efa83aabebb10079b9658
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4bfbfbf6e3b6a9e14b26504a90be3ae027c3f35e686e461a5efdeacaa940771
e76deba5c7dd37ab04a7d4902406fc46c565c8b3f1b83da69817ed967817b79d
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
eb39d98cbacc788fbd57d93c20e46f0dbdc0c2e2a6ae31e77da8a7e3ab779283
ec44de8bee0c0d776630ac77c750cc712e293bd010997644042a61e9b5db39f5
eeaf0dfe446382d25cd6a6795ea20b8a9287c5a899bdc37701e099787728b0b5
ef82fdc8be9d094c478fb5002c71151f6dde2bcaa6816e70c8a1060140482c71
f042ce8f3b97f7c251f0ee50a175fff625805225b01161a8482cdf2373e48b9a
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f28850fefc149fe6715f241a11eace9b5b37fbc03248269ee9665ce1429a8727
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
fa62fb523f61370f033f93232885e5221af070b2bf9e0870a1e55795b58b19d0
faeffb937d5bf99f354e4c8038df6a60cf4e701f3b2af158c84d540986440d5e
fbbf53c397922279d74e296ad6fc4727454f5c08a82b31c228aa386d4edf78e1
ff6623c532931ee98af6b9a1524ebd76c6c6e91333404d5b405286bc7d8f353d

sovereign-grooming.com Open in urlscan Pro 5.10.25.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

144 Requests

99 %HTTPS

73 %IPv6

20 Domains

33 Subdomains

26 IPs

7 Countries

6114 kBTransfer

12890 kBSize

14 Cookies

12 Outgoing links

Page URL History

Redirected requests

144 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sovereign-grooming.com Open in urlscan Pro
5.10.25.6 Public Scan

Screenshot
Live screenshot

Full Image

144
Requests

99 %
HTTPS

73 %
IPv6

20
Domains

33
Subdomains

26
IPs

7
Countries

6114 kB
Transfer

12890 kB
Size

14
Cookies

144 HTTP transactions
7 data transactions