urlscan.io logo urlscan.io
SecurityTrails logo

sp-web.pages.dev Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sp-web.pages.dev/
Effective URL: https://sp-web.pages.dev/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On November 17 via api from IT — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 7 domains to perform 27 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is sp-web.pages.dev.
TLS certificate: Issued by WE1 on November 15th 2024. Valid for: 3 months.
This is the only time sp-web.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
sp-web.pages.dev
1    2600:9000:225e:3800:1b:348c:b140:93a1 (United States)

ASN16509 (AMAZON-02, US)
r.wdfl.co
2    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
sp-web.pages.dev
1    18.245.31.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-10.fra56.r.cloudfront.net
js.stripe.com
2    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebase.googleapis.com
2    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebaseinstallations.googleapis.com
2    18.245.31.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-85.fra56.r.cloudfront.net
js.stripe.com
1    142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net
fonts.gstatic.com
6    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
9 pages.dev
sp-web.pages.dev
992 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
118 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
firebase.googleapis.com — Cisco Umbrella Rank: 3887
firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 590
3 KB
3 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1073
180 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
1 gstatic.com
fonts.gstatic.com
30 KB
1 wdfl.co
r.wdfl.co — Cisco Umbrella Rank: 20355
5 KB
27 7
Domain Requested by
9 sp-web.pages.dev sp-web.pages.dev
6 www.googletagmanager.com sp-web.pages.dev
3 js.stripe.com sp-web.pages.dev
js.stripe.com
2 firebaseinstallations.googleapis.com sp-web.pages.dev
2 firebase.googleapis.com sp-web.pages.dev
2 fonts.googleapis.com sp-web.pages.dev
1 region1.google-analytics.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 r.wdfl.co sp-web.pages.dev
27 9

This site contains no links.

Subject Issuer Validity Valid
sp-web.pages.dev
WE1		 2024-11-15 -
2025-02-13		 3 months crt.sh
r.wdfl.co
Amazon RSA 2048 M02		 2024-08-02 -
2025-08-30		 a year crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-10-30 -
2025-02-06		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://sp-web.pages.dev/
Frame ID: 0CED32579222EDE0E655ED8B15DA0421
Requests: 23 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-b277c2478f2234c23c8ffbbfddc2447e.html
Frame ID: 234846ADA63F4B042B9EFCA3DACE9866
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: A1A2A07ED0414614A8029DB5BAD6D12A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Selfpause

Page URL History Show full URLs

  1. http://sp-web.pages.dev/ HTTP 307
    https://sp-web.pages.dev/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • r\.wdfl\.co
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • r\.wdfl\.co

Page Statistics

27
Requests

100 %
HTTPS

64 %
IPv6

7
Domains

9
Subdomains

11
IPs

3
Countries

1329 kB
Transfer

2671 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sp-web.pages.dev/ HTTP 307
    https://sp-web.pages.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sp-web.pages.dev/
Redirect Chain
  • http://sp-web.pages.dev/
  • https://sp-web.pages.dev/
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sp-web.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b81e892e42bd7edc5971b37545c8fc9a436390844a26db63c08078801ec5981
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
8e3dcfa67e1466af-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 17 Nov 2024 06:54:44 GMT
link
<https://fonts.googleapis.com>; rel="preconnect"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2kT7Xy9iohFJjCDNyVvRU5Rhsl6SojEfayAGJgsZ8kg2IwGrqAqYaUquPij40iA%2B94OrabH%2BnwM3GBrm7EqV4089XOyo7gIaTlWzYQHV36IUyw0LiSMzGXQpftlm92wEiSrE6ZG%2FonyB96i3UxD%2F"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=14648&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3989&recv_bytes=2384&delivery_rate=267606&cwnd=254&unsent_bytes=0&cid=ed9c347767d1ce0f&ts=54&x=0"
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://sp-web.pages.dev/
Non-Authoritative-Reason
HSTS
rw.js
r.wdfl.co/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r.wdfl.co/rw.js
Requested by
Host: sp-web.pages.dev
URL: https://sp-web.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:3800:1b:348c:b140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e6fc94615dfb1bea7d5d2c0eb3b473773613b14b116c460fa455646246731881

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sp-web.pages.dev/

Response headers

vary
accept-encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"df39bbdbfd997e8f4fa2cf75a3f47823"
age
526
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
LuEvPIVloUuoxxNRd7Raki_H57zo9QKxA-0OjYUIFOYf3If9tBBZaQ==
date
Sun, 17 Nov 2024 06:45:59 GMT
content-type
text/javascript
last-modified
Mon, 11 Nov 2024 14:42:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
x-amz-server-side-encryption
AES256
css2
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Comfortaa:wght@300;400;500;600;700&display=swap
Requested by
Host: sp-web.pages.dev
URL: https://sp-web.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2d72a419e2ce8fe46a6cc2058a148e6d6fbdd5c9b7729bfebca2e05d5d27c4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sp-web.pages.dev/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 17 Nov 2024 06:54:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 06:54:44 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 17 Nov 2024 05:11:05 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/ 		9 KB
885 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Requested by
Host: sp-web.pages.dev
URL: https://sp-web.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8e878b38c0c357b63eb23d45c6182fd4f1ac0e92a5601a7e27f04edcfad5b4af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sp-web.pages.dev/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 17 Nov 2024 06:54:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 06:54:44 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sun, 17 Nov 2024 06:32:22 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
main.048654a8.js
sp-web.pages.dev/static/js/ 		793 KB
233 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sp-web.pages.dev/static/js/main.048654a8.js
Requested by
Host: sp-web.pages.dev
URL: https://sp-web.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0352b0cbbd87e30c93388e947a688cd94586e32296d2207d7d9b02957c364eb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sp-web.pages.dev/

Response headers

content-encoding
br
etag
W/"2ac0dbc4df1a49a410b0e16b9642149f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iRwNsd8ZmIvriTq7VLCZInVgsx%2BIs%2B9pXTXRbc%2FuMAYvaj%2BCW5mQPph1siN%2BQ2ixWCuKAbLyE0ppE%2Fzp70WiiT4qP9tPg4neAsnZBbKyDj4wShfCSDs%2FzrG8nClre4wPEtxh"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15828&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4245&recv_bytes=4379&delivery_rate=643&cwnd=12000&unsent_bytes=0&cid=c879ef7989f493a7&ts=192&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 06:54:44 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e3dcfa7afbf0bc5-AMS
access-control-allow-origin
*
server
cloudflare
main.e9192646.css
sp-web.pages.dev/static/css/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sp-web.pages.dev/static/css/main.e9192646.css
Requested by
Host: sp-web.pages.dev
URL: https://sp-web.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b00505b2651928d7d5f9ac54f64ded5243d777f25616966af323fdb4770bc4da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sp-web.pages.dev/

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"1a63ab7b88aa071a6b3e84cbbffaa645"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lYiy%2F2MXYNqufO2N0rn%2Fv%2FwWHAbgGObtUnwlSbB0y9OFAe4MeXxGBrkz8EJZPq92BHIqwcJzNr01BEXauZemRbkOMS7xc7WIpO%2FgTObGWjgCzC0ZH%2B%2F1WXjxR5nwqyTG0fM6DUV4cXNzytY2D%2Fpg"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e3dcfa77ed466af-AMS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=17402&sent=14&recv=15&lost=0&retrans=1&sent_bytes=5369&recv_bytes=2516&delivery_rate=267606&cwnd=257&unsent_bytes=0&cid=ed9c347767d1ce0f&ts=328&x=0"
date
Sun, 17 Nov 2024 06:54:44 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
server
cloudflare
v3
js.stripe.com/ 		689 KB
180 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: sp-web.pages.dev
URL: https://sp-web.pages.dev/static/js/main.048654a8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-10.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
1a46b36ec6301f7bda40b07d288c844903e321bf24a9805145e8f0495d3a3f69
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sp-web.pages.dev/

Response headers

content-encoding
br
etag
W/"0402471902b989a3d0ea87b6a6ed787f"
age
47
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
6alpwCdLboxkVDkMVoXLBuw5KjWULx9z1on-1B0cdpVWjT_qOaHdQg==
date
Sun, 17 Nov 2024 06:53:58 GMT
content-type
text/javascript; charset=utf-8
last-modified
Fri, 15 Nov 2024 21:52:40 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
max-age=60
timing-allow-origin
*
via
1.1 193d38535c6cb246e365763e9c32e672.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P8
server
Cloudfront
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:1044371968440:web:741faceca640ac1b2abf4d/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:1044371968440:web:741faceca640ac1b2abf4d/webConfig
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-api-key
Access-Control-Request-Method
GET
Origin
https://sp-web.pages.dev
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://sp-web.pages.dev
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sun, 17 Nov 2024 06:54:44 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:1044371968440:web:741faceca640ac1b2abf4d/ 		359 B
427 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:1044371968440:web:741faceca640ac1b2abf4d/webConfig
Requested by
Host: sp-web.pages.dev
URL: https://sp-web.pages.dev/static/js/main.048654a8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c9aa7da2ea35849f064b613d2b3b4e17ab5abfa6ef19948f1db0d9cbd4a4ff2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-goog-api-key
AIzaSyC5MJSqr-IEevUCfufDnZvOHUIHlqJVFPw
Referer
https://sp-web.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept
application/json

Response headers

cache-control
private
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://sp-web.pages.dev
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
236
date
Sun, 17 Nov 2024 06:54:45 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
ESF
x-frame-options
SAMEORIGIN
installations
firebaseinstallations.googleapis.com/v1/projects/selfpause-10e5a/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/selfpause-10e5a/installations
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-firebase-client,x-goog-api-key
Access-Control-Request-Method
POST
Origin
https://sp-web.pages.dev
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-firebase-client,x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://sp-web.pages.dev
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sun, 17 Nov 2024 06:54:44 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/selfpause-10e5a/ 		629 B
684 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/selfpause-10e5a/installations
Requested by
Host: sp-web.pages.dev
URL: https://sp-web.pages.dev/static/js/main.048654a8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6a3fe79da03e1940cbf82cfc51cee29d5b0be523e8195bca2abab4195d2eae8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

x-firebase-client
eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjcuMzAgZmlyZS1jb3JlLWVzbTIwMTcvMC43LjMwIGZpcmUtanMvIGZpcmUtanMtYWxsLWFwcC85LjkuMiBmaXJlLWlpZC8wLjUuMTIgZmlyZS1paWQtZXNtMjAxNy8wLjUuMTIgZmlyZS1hbmFseXRpY3MvMC44LjAgZmlyZS1hbmFseXRpY3MtZXNtMjAxNy8wLjguMCBmaXJlLWZzdC8zLjQuMTQgZmlyZS1mc3QtZXNtMjAxNy8zLjQuMTQgZmlyZS1hdXRoLzAuMjAuNSBmaXJlLWF1dGgtZXNtMjAxNy8wLjIwLjUiLCJkYXRlcyI6WyIyMDI0LTExLTE3Il19XX0
x-goog-api-key
AIzaSyC5MJSqr-IEevUCfufDnZvOHUIHlqJVFPw
Referer
https://sp-web.pages.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept
application/json
content-type
application/json

Response headers

access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://sp-web.pages.dev
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
501
date
Sun, 17 Nov 2024 06:54:45 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
ESF
x-frame-options
SAMEORIGIN
controller-with-preconnect-b277c2478f2234c23c8ffbbfddc2447e.html
js.stripe.com/v3/ Frame 2348 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-with-preconnect-b277c2478f2234c23c8ffbbfddc2447e.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-85.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sp-web.pages.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
55
alt-svc
h3=":443"; ma=86400
cache-control
max-age=60, stale-while-revalidate=900
content-length
651
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sun, 17 Nov 2024 06:54:18 GMT
etag
"b277c2478f2234c23c8ffbbfddc2447e"
last-modified
Fri, 15 Nov 2024 21:14:10 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 a4079c0a5989b4b7af98433fdd07f680.cloudfront.net (CloudFront)
x-amz-cf-id
lxwdOcuY0ZMis4rGRdA05pJhZHhTNarJxcmnA3Qfa3EeiGPtDwusMQ==
x-amz-cf-pop
FRA56-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff
favicon.png
sp-web.pages.dev/ 		62 KB
62 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://sp-web.pages.dev/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eef23635c4f02e23b2d0064f5689d82ffc5f9296d42dcf38059ee92f34b3ac7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sp-web.pages.dev/

Response headers

etag
"52ee6022f163eb2b0716969c5799d5ac"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Xe8EO5mPdNpq38GegFjO2Tcjq9J18OPpmw%2BoAZL062a9fvXRimMpQBwpU3sgCUW06YHYyOVEPNmQN%2Bg6oQcCuPUwsqwj5Z8lc6yoH8C59IGPOnajlKAT9XcPiVlQSLf4rZH"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16161&sent=218&recv=74&lost=0&retrans=0&sent_bytes=247718&recv_bytes=9084&delivery_rate=5503697&cwnd=132000&unsent_bytes=0&cid=c879ef7989f493a7&ts=998&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 06:54:45 GMT
content-type
image/png
vary
Accept-Encoding
priority
u=1,i
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e3dcfaccc390bc5-AMS
access-control-allow-origin
*
content-length
63168
server
cloudflare
logo.35300097dd0922c1e19b.png
sp-web.pages.dev/static/media/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp-web.pages.dev/static/media/logo.35300097dd0922c1e19b.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eef23635c4f02e23b2d0064f5689d82ffc5f9296d42dcf38059ee92f34b3ac7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sp-web.pages.dev/

Response headers

etag
"52ee6022f163eb2b0716969c5799d5ac"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IWgkGpLkHb9Yxu9yRxQR2p4nffaqPhaqSWF25M4eUCf1G5lQV2mwx1vAJlNoCRWtuCyVdOzBKypFRb1cbuhoeNcZHu3v8MsyRrQL6j8%2Fbzo5Miv1OGjjgY125wCJ7kpKLWmI"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16073&sent=273&recv=80&lost=0&retrans=0&sent_bytes=312971&recv_bytes=9349&delivery_rate=395179&cwnd=132000&unsent_bytes=0&cid=c879ef7989f493a7&ts=1122&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 06:54:45 GMT
content-type
image/png
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e3dcfacfc720bc5-AMS
access-control-allow-origin
*
content-length
63168
server
cloudflare
onboarding.d7eaed8d75ea83c61fc0.png
sp-web.pages.dev/static/media/ 		510 KB
510 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp-web.pages.dev/static/media/onboarding.d7eaed8d75ea83c61fc0.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cf8b5963a0ce8325a29105fb5ba3346e718d67ac4e84b5a30ec454b23642baf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sp-web.pages.dev/

Response headers

etag
"d206ed65341195256bf1d65222476813"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AgUj3TSjMmsxv%2BrWcZCzLYk5yN742vOR5it5Lob%2BZnQDkQtwE7xDL8wYVh6zQoYQkL7tCNl9WePI4YLouUt0aKDClzYSsFD6weaohsdfcBOHC2GD%2FNzAk5gokUBXMKUoRvaq"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=15569&sent=435&recv=98&lost=0&retrans=0&sent_bytes=502579&recv_bytes=10167&delivery_rate=3351950&cwnd=132000&unsent_bytes=0&cid=c879ef7989f493a7&ts=1700&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 06:54:46 GMT
content-type
image/png
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e3dcfacfc770bc5-AMS
access-control-allow-origin
*
content-length
521740
server
cloudflare
Affirmations.cd063aca2808edb7fb0b.png
sp-web.pages.dev/static/media/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp-web.pages.dev/static/media/Affirmations.cd063aca2808edb7fb0b.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55bc5e8e71d1f66d70fc796e8ca5e23896fdc8ca44fc62935fe7d76fb166c11a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sp-web.pages.dev/

Response headers

etag
"f0f63d20060f8e6d93843bc8def51c87"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OCQYFwy4h%2B0k8E%2FVM7bm8AyDBD4MSUwTLeded9NB%2Fkech54ffbcjcAdMu8BNG7K2PoCI1qnK7JZS9x6Ir2I%2FCBDVhKLokEhObi3P%2FUhyAAXTr0PWRtH40UdtqhkSHs%2B8cWWR"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16073&sent=328&recv=80&lost=0&retrans=0&sent_bytes=378222&recv_bytes=9349&delivery_rate=395179&cwnd=132000&unsent_bytes=0&cid=c879ef7989f493a7&ts=1123&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 06:54:45 GMT
content-type
image/png
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e3dcfacfc780bc5-AMS
access-control-allow-origin
*
content-length
37021
server
cloudflare
Recordings.26327eed265087646577.png
sp-web.pages.dev/static/media/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp-web.pages.dev/static/media/Recordings.26327eed265087646577.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ca9ffe51806b6ec201d202a667f0a172c449cd9969660001075802bd964a20d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sp-web.pages.dev/

Response headers

etag
"e1458b9b13a895b2691732e4d8226bb6"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NeRpSSeL2yAvASwc5wA5tw6ODKrSoaDIigdnRQb1n6RQvQrEDWJhnubotzYBj%2Bvb5o5VhFUvdux3d6UzFqMIZDhBu7HZgSSDrelAL9QKGsM6xupkBuJWJ1bSvpC3MXfZ%2Bwnc"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16530&sent=361&recv=89&lost=0&retrans=0&sent_bytes=416760&recv_bytes=9755&delivery_rate=6791768&cwnd=132000&unsent_bytes=0&cid=c879ef7989f493a7&ts=1160&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 06:54:45 GMT
content-type
image/png
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e3dcfacfc790bc5-AMS
access-control-allow-origin
*
content-length
34988
server
cloudflare
Ambient.5f19943949168d78f52e.png
sp-web.pages.dev/static/media/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp-web.pages.dev/static/media/Ambient.5f19943949168d78f52e.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8a2bb5489997bcaa19acb55aec58687456cdcfef448470b715efaa0c726c4cd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sp-web.pages.dev/

Response headers

etag
"99888914380cac0bc605b65f29002a23"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9X7%2FY9TAeFFeryrJCuGr05KgNeb8He8a1p%2B8zNPESezeMVLpeLYoCLVFpT1lNxrcaOFbZsCxM76Fn3%2FyVQ0gRm5bEOnxsUjubLKqZsYpdqXH%2Bhph34xKlSBNX4ejU%2BsB2IgD"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16026&sent=392&recv=93&lost=0&retrans=0&sent_bytes=453209&recv_bytes=9936&delivery_rate=2432625&cwnd=132000&unsent_bytes=0&cid=c879ef7989f493a7&ts=1199&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 06:54:45 GMT
content-type
image/png
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e3dcfacfc7a0bc5-AMS
access-control-allow-origin
*
content-length
47597
server
cloudflare
1Ptsg8LJRfWJmhDAuUs4TYFq.woff2
fonts.gstatic.com/s/comfortaa/v45/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/comfortaa/v45/1Ptsg8LJRfWJmhDAuUs4TYFq.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Comfortaa:wght@300;400;500;600;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f3.1e100.net
Software
sffe /
Resource Hash
2b4fc84ee04adaaab536bfd9e79fd2d30cf6c16eb85e4ac25c692b3a4a2b91e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://sp-web.pages.dev
Referer
https://fonts.googleapis.com/

Response headers

age
182062
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 15 Nov 2025 04:20:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 15 Nov 2024 04:20:23 GMT
last-modified
Thu, 24 Aug 2023 20:50:19 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
30512
x-xss-protection
0
server
sffe
js
www.googletagmanager.com/gtag/ 		347 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-0KCGBEPL30
Requested by
Host: sp-web.pages.dev
URL: https://sp-web.pages.dev/static/js/main.048654a8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d44fd5bb9d2e0c8a90e05f1640a083897d95f3ac2e8e57d3b972393301f2691c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sp-web.pages.dev/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 17 Nov 2024 06:54:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 06:54:45 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
119580
x-xss-protection
0
server
Google Tag Manager
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-0KCGBEPL30&gtm=45je4bc0v892100599za200&_p=1731826485567&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&_fid=evUuNHKYXNVk-51kx4grXe&cid=496741029.1731826486&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731826485&sct=1&seg=0&dl=https%3A%2F%2Fsp-web.pages.dev%2F&dt=Selfpause&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.origin=firebase&tfd=1590
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-0KCGBEPL30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sp-web.pages.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://sp-web.pages.dev
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 06:54:45 GMT
content-type
text/plain
server
Golfe2
a
www.googletagmanager.com/ 		0
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-0KCGBEPL30&v=3&t=t&pid=1910937490&cv=1&rv=4bc0&tc=9&tag_exp=101925629~102067555~102067808~102077855&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAACA&h=Ag&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sp-web.pages.dev/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Sun, 17 Nov 2024 06:54:45 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
a
www.googletagmanager.com/ 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-0KCGBEPL30&v=3&t=t&pid=1910937490&cv=1&rv=4bc0&tc=9&tag_exp=101925629~102067555~102067808~102077855&es=1&e=gtm.init&eid=0&u=AAAAAAAAAAAAAACA&h=Ag&tr=1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ccdgaadslink.1ccdgaregscope.1ccdconversionmarking.1ccdautoredact.1ccdgalast&ti=2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ccdgaadslink.2ccdgaregscope.2ccdconversionmarking.2ccdautoredact.2ccdgalast&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sp-web.pages.dev/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Sun, 17 Nov 2024 06:54:45 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
a
www.googletagmanager.com/ 		0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-0KCGBEPL30&v=3&t=t&pid=1910937490&cv=1&rv=4bc0&tc=9&tag_exp=101925629~102067555~102067808~102077855&es=1&e=gtm.js&eid=1&u=AAAAAAAAAAAAAACA&h=Ag&tr=1gct&ti=1gct&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sp-web.pages.dev/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Sun, 17 Nov 2024 06:54:45 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
a
www.googletagmanager.com/ 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-0KCGBEPL30&v=3&t=t&pid=1910937490&cv=1&rv=4bc0&tc=9&tag_exp=101925629~102067555~102067808~102077855&es=1&e=gtag.config&eid=2&u=AAAAAAAAAAAAACCA&ut=Ag&h=Ag&epr=1G.2G&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sp-web.pages.dev/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Sun, 17 Nov 2024 06:54:45 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
a
www.googletagmanager.com/ 		0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-0KCGBEPL30&v=3&t=t&pid=1910937490&cv=1&rv=4bc0&tc=9&tag_exp=101925629~102067555~102067808~102077855&es=1&e=gtm.dom&eid=3&u=AAAAAAAAAAAAACCA&ut=Ag&h=Ag&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://sp-web.pages.dev/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:654:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:654:0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Sun, 17 Nov 2024 06:54:45 GMT
x-xss-protection
0
content-type
text/html
server
Google Tag Manager
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame A1A2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.245.31.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-85.fra56.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sp-web.pages.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2824
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sun, 17 Nov 2024 06:07:50 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Thu, 14 Nov 2024 21:08:55 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
x-amz-cf-id
etjguWu83KZ_wIktSg7n2WwnniLiapl736VP9kY85dlMQx_CvtEtZg==
x-amz-cf-pop
FRA56-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| _rwq function| rewardful boolean| _rewardful_loaded function| Rewardful object| dataLayer function| gtag object| webpackChunkStripeJSouter function| noop function| Stripe object| google_tag_manager object| google_tag_data object| gaGlobal

2 Cookies

Domain/Path Name / Value
.sp-web.pages.dev/ Name: _ga_0KCGBEPL30
Value: GS1.1.1731826485.1.0.1731826485.0.0.0
.sp-web.pages.dev/ Name: _ga
Value: GA1.1.496741029.1731826486

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

firebase.googleapis.com
firebaseinstallations.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
r.wdfl.co
region1.google-analytics.com
sp-web.pages.dev
www.googletagmanager.com
142.250.184.227
18.245.31.10
18.245.31.85
188.114.96.3
2001:4860:4802:34::36
2600:9000:225e:3800:1b:348c:b140:93a1
2a00:1450:4001:802::200a
2a00:1450:4001:809::200a
2a00:1450:4001:80e::200a
2a00:1450:4001:827::2008
2a06:98c1:3120::3
0cf8b5963a0ce8325a29105fb5ba3346e718d67ac4e84b5a30ec454b23642baf
1a46b36ec6301f7bda40b07d288c844903e321bf24a9805145e8f0495d3a3f69
2b4fc84ee04adaaab536bfd9e79fd2d30cf6c16eb85e4ac25c692b3a4a2b91e5
2ca9ffe51806b6ec201d202a667f0a172c449cd9969660001075802bd964a20d
55bc5e8e71d1f66d70fc796e8ca5e23896fdc8ca44fc62935fe7d76fb166c11a
6a3fe79da03e1940cbf82cfc51cee29d5b0be523e8195bca2abab4195d2eae8c
7b81e892e42bd7edc5971b37545c8fc9a436390844a26db63c08078801ec5981
8e878b38c0c357b63eb23d45c6182fd4f1ac0e92a5601a7e27f04edcfad5b4af
b00505b2651928d7d5f9ac54f64ded5243d777f25616966af323fdb4770bc4da
c0352b0cbbd87e30c93388e947a688cd94586e32296d2207d7d9b02957c364eb
c2d72a419e2ce8fe46a6cc2058a148e6d6fbdd5c9b7729bfebca2e05d5d27c4d
c9aa7da2ea35849f064b613d2b3b4e17ab5abfa6ef19948f1db0d9cbd4a4ff2d
d44fd5bb9d2e0c8a90e05f1640a083897d95f3ac2e8e57d3b972393301f2691c
d8a2bb5489997bcaa19acb55aec58687456cdcfef448470b715efaa0c726c4cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6fc94615dfb1bea7d5d2c0eb3b473773613b14b116c460fa455646246731881
eef23635c4f02e23b2d0064f5689d82ffc5f9296d42dcf38059ee92f34b3ac7c