fadedkings.com Open in urlscan Pro
198.185.159.144 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://fadedkings.com/
Effective URL:
https://fadedkings.com/
Submission: On May 09 via api (May 9th 2023, 9:44:10 pm UTC) from US — Scanned from DE

Summary HTTP 105 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 26 IPs in 3 countries across 16 domains to perform 105 HTTP transactions. The main IP is 198.185.159.144, located in United States and belongs to SQUARESPACE, US. The main domain is fadedkings.com.
TLS certificate: Issued by R3 on April 28th 2023. Valid for: 3 months.

This is the only time fadedkings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	198.185.159.144 198.185.159.144	53831 (SQUARESPACE) (SQUARESPACE)
2	2a02:26f0:350... 2a02:26f0:3500:16::215:148f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
8	151.101.128.237 151.101.128.237	54113 (FASTLY) (FASTLY)
14	151.101.64.238 151.101.64.238	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
6	2606:4700:440... 2606:4700:4400::6812:2038	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
10	13.227.219.97 13.227.219.97	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c09::5c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:7b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.66.217 151.101.66.217	54113 (FASTLY) (FASTLY)
4	2606:4700:440... 2606:4700:4400::ac40:9bc8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
17	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
2	34.201.236.116 34.201.236.116	14618 (AMAZON-AES) (AMAZON-AES)
6	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
4	2600:9000:212... 2600:9000:2127:4400:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.41.55.54 52.41.55.54	16509 (AMAZON-02) (AMAZON-02)
105	26

4 198.185.159.144 (United States) 1 redirects

ASN53831 (SQUARESPACE, US)

fadedkings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.128.237 (United States)

ASN54113 (FASTLY, US)

assets.squarespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 151.101.64.238 (United States)

ASN54113 (FASTLY, US)

static1.squarespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.squarespace-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:4400::6812:2038 (United States)

ASN13335 (CLOUDFLARENET, US)

widget.getsquire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
getsquire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wow.getsquire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 13.227.219.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-97.ams54.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c09::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:7b9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.217 (United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:4400::ac40:9bc8 (United States)

ASN13335 (CLOUDFLARENET, US)

api.getsquire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.201.236.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-201-236-116.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2127:4400:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.41.55.54 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-55-54.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	stripe.com js.stripe.com — Cisco Umbrella Rank: 1202 q.stripe.com — Cisco Umbrella Rank: 7069 r.stripe.com — Cisco Umbrella Rank: 4272 m.stripe.com — Cisco Umbrella Rank: 1158	455 KB
20	squarespace.com assets.squarespace.com — Cisco Umbrella Rank: 6121 static1.squarespace.com — Cisco Umbrella Rank: 6099	1 MB
12	google.com pay.google.com — Cisco Umbrella Rank: 2786 apis.google.com — Cisco Umbrella Rank: 124 play.google.com — Cisco Umbrella Rank: 34	480 KB
10	getsquire.com widget.getsquire.com — Cisco Umbrella Rank: 858255 getsquire.com — Cisco Umbrella Rank: 258801 wow.getsquire.com — Cisco Umbrella Rank: 644197 api.getsquire.com — Cisco Umbrella Rank: 366856	812 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	137 KB
4	stripe.network m.stripe.network — Cisco Umbrella Rank: 1274	36 KB
4	fadedkings.com 1 redirects fadedkings.com	28 KB
3	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 1359 events.launchdarkly.com — Cisco Umbrella Rank: 1072
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39 region1.google-analytics.com — Cisco Umbrella Rank: 2495	21 KB
3	typekit.net use.typekit.net — Cisco Umbrella Rank: 501 p.typekit.net — Cisco Umbrella Rank: 655	25 KB
2	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 5988	6 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	233 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	114 KB
2	squarespace-cdn.com images.squarespace-cdn.com — Cisco Umbrella Rank: 5160	642 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	138 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 50	1 KB
105	16

	Domain	Requested by
12	static1.squarespace.com	fadedkings.com static1.squarespace.com
10	r.stripe.com	js.stripe.com
10	js.stripe.com	widget.getsquire.com wow.getsquire.com js.stripe.com
8	assets.squarespace.com	fadedkings.com
7	q.stripe.com	fadedkings.com
6	play.google.com	www.gstatic.com
4	m.stripe.network	js.stripe.com m.stripe.network
4	www.gstatic.com	pay.google.com www.gstatic.com
4	api.getsquire.com	wow.getsquire.com
4	pay.google.com	getsquire.com pay.google.com fadedkings.com www.gstatic.com
4	widget.getsquire.com	fadedkings.com widget.getsquire.com
4	fadedkings.com	1 redirects assets.squarespace.com
2	m.stripe.com	m.stripe.network
2	events.launchdarkly.com	wow.getsquire.com
2	challenges.cloudflare.com	1 redirects getsquire.com
2	apis.google.com	getsquire.com apis.google.com
2	www.facebook.com	fadedkings.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	fadedkings.com connect.facebook.net
2	images.squarespace-cdn.com	fadedkings.com
2	www.googletagmanager.com	fadedkings.com www.googletagmanager.com
2	use.typekit.net	fadedkings.com
1	app.launchdarkly.com	wow.getsquire.com
1	wow.getsquire.com	getsquire.com
1	getsquire.com	widget.getsquire.com
1	region1.google-analytics.com	www.googletagmanager.com
1	p.typekit.net	fadedkings.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	fadedkings.com
105	29

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.facebook.com
www.youtube.com
getsquire.com

Subject Issuer	Validity	Valid
fadedkings.com R3	`2023-04-28` - `2023-07-27`	3 months	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.squarespace.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-01` - `2024-02-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.squarespace-cdn.com R3	`2023-04-06` - `2023-07-05`	3 months	crt.sh
getsquire.com Cloudflare Inc ECC CA-3	`2023-01-01` - `2024-01-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-16` - `2023-05-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-04-20` - `2023-08-05`	4 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
events.launchdarkly.com Amazon RSA 2048 M01	`2023-02-28` - `2023-09-16`	7 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-28` - `2023-07-26`	4 months	crt.sh

This page contains 9 frames:

Primary Page: https://fadedkings.com/
Frame ID: F834323544AB027953B822AA2896FBD1
Requests: 43 HTTP requests in this frame

Frame: https://getsquire.com/booking/brands/BRAND_ID?platform=widget
Frame ID: C9EA93528BEFDD380865E5BCCC53D1DE
Requests: 13 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 5EA937DE52D38329F0F54D00C3E62F1B
Requests: 1 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fgetsquire.com&mid=
Frame ID: FD2777E3F431BF62A1844E9971F544EA
Requests: 10 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-197298e58b6a18ab3d708bf268879b68.html
Frame ID: AEEA8D9B224333050610F9452E968C89
Requests: 15 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: F1978448B6BF575B18A5DAFC9A415F26
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 2F748160C5FEDA95B2932500FB0F10CD
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 8E34EB9E0DC20EE757D195F47669B94A
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: E567B9B840F325E3D925DC2595DCB0AD
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

F a d e d K I n g s

Page URL History Show full URLs

http://fadedkings.com/ HTTP 301
https://fadedkings.com/ Page URL

Detected technologies

Squarespace (CMS) Expand

Overall confidence: 100%
Detected patterns

Bokeh (JavaScript graphics) Expand

Overall confidence: 100%
Detected patterns

bokeh.*\.js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

105
Requests

96 %
HTTPS

68 %
IPv6

16
Domains

29
Subdomains

26
IPs

3
Countries

3928 kB
Transfer

13513 kB
Size

13
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/fadedkingsbarbershop/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Faded.Kings.Barbershop/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCHi-JsJA9VknBiaBjbB7ITg

Search URL Search Domain Scan URL

URL: https://getsquire.com/barbershops/book/faded-kings-norristown
Title: Book Appointment

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://fadedkings.com/ HTTP 301
https://fadedkings.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit HTTP 302
https://challenges.cloudflare.com/turnstile/v0/g/b5e45436/api.js?render=explicit

105 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
fadedkings.com/
Redirect Chain

http://fadedkings.com/
https://fadedkings.com/

274 KB
27 KB

509ms
181ms

Document
text/html

198.185.159.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://fadedkings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.185.159.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

e104cfdb8972cd4a3998bc30a2ca6ecd57c38688cac01269e86e0e19d31eed9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 86407
content-encoding: gzip
content-length: 27535
content-type: text/html;charset=utf-8
date: Mon, 08 May 2023 21:43:57 GMT
etag: W/"175b00fffa150bf5674284b4cc75217c"
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: Squarespace
strict-transport-security: max-age=0
vary: Accept-Encoding
x-content-type-options: nosniff
x-contextid: wQ1AwfRR/lM2rRX94

Redirect headers

Age: 36621
Content-Length: 0
Date: Tue, 09 May 2023 11:33:42 GMT
Location: https://fadedkings.com/
Server: Squarespace
X-Contextid: lT9JXGSD/rU9xmly0

GET
H2 200 -R3mrNcMatYGouwLf6GCpj6NWrvBRLdbGskOmIpY08XfeCI2fFHN4UJLFRbh52jhWDmcFDJU5Qi8jcF8jRShwhFywAbuwQs8wsn_MKG0jAFu-WsoShFGZAsude80ZkoRdhXCHKoyjamTiY8Djhy8ZYmC-Ao1Oco8if37OcBDOcu8OfG0ZcBqZAbl-h80Zaw0SaBuj... Show response
use.typekit.net/ik/ 16 KB
7 KB 184ms
45ms Script
text/javascript 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ik/-R3mrNcMatYGouwLf6GCpj6NWrvBRLdbGskOmIpY08XfeCI2fFHN4UJLFRbh52jhWDmcFDJU5Qi8jcF8jRShwhFywAbuwQs8wsn_MKG0jAFu-WsoShFGZAsude80ZkoRdhXCHKoyjamTiY8Djhy8ZYmC-Ao1Oco8if37OcBDOcu8OfG0ZcBqZAbl-h80Zaw0SaBujW48Sagyjh90jhNlOfG0SaBujW48SagyjhmDjhy8ZYmC-Ao1OcFzdPUyjamTiY8Djhy8ZYmC-Ao1OcFzdPUyjamTiY8Djhy8ZYmC-Ao1Oco8ifUySkolZPUcjAs8Zfun-Ao1SkoDSWmyScmDSeBRZPoRdhXCZcBqZAsn-Ao1SkoRdhXCdeNRjAUGdaFXOYFUiABkZWF3jAF8ShFGZAsude80ZkoRdhXCiaiaOcBRiA8XpWFR-emqiAUTdcS0jhNlOYiaikoyjamTiY8Djhy8ZYmC-Ao1Oco8ifUaiaS0jWw0dA9CiaiaOcZyZemqOAlTdciDO1FUiABkZWF3jAF8OcFzdPUaiaS0ZcBqZAsn-Ao1SkoRdhXCiaiaO1FUiABkZWF3jAF8ShFGZAsude80ZkoRdhXKfA4TScFGOWFXZfGHf5kFMsMMeMb6MTMglZPGq3j.js

Requested by

Host: fadedkings.com
URL: https://fadedkings.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

69354326bce434649ed36bafe9b40187f4b911429ff76f3aeb94ef97ed6c3b0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fadedkings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Tue, 09 May 2023 21:44:05 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6633

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 137ms
50ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=PT+Serif:ital,wght@0,400;0,700;1,400;1,700

Requested by

Host: fadedkings.com
URL: https://fadedkings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

808c2438185e77840d89cb90dd4e4aa1fdbea2197cdd0745c47dadac3e1efb63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fadedkings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 09 May 2023 21:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 09 May 2023 21:31:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 May 2023 21:44:05 GMT

GET
H2 200 modern.js Show response
assets.squarespace.com/@sqs/polyfiller/1.6/ 115 KB
42 KB 149ms
39ms Script
text/javascript 151.101.128.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/@sqs/polyfiller/1.6/modern.js
Requested by: Host: fadedkings.com
URL: https://fadedkings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 54e832663426c696b1f603379026e5e15720e8c812bbbc60d63aa2ad8a479f75

Request headers

Referer: https://fadedkings.com/
Origin: https://fadedkings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-hits: 1, 129630
date: Tue, 09 May 2023 21:44:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 13230280
x-cache: HIT, HIT
content-length: 42447
x-served-by: cache-iad-kiad7000176-IAD, cache-fra-eddf8230134-FRA
last-modified: Mon, 31 Oct 2022 21:19:57 GMT
server: UploadServer
x-timer: S1683668645.315009,VS0,VE0
etag: "fe0d53a94823df972dbf107bf190771a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Dec 2023 18:39:24 GMT

GET
H2 200 extract-css-runtime-6da9fe275a2610b9a7816-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 49 KB
17 KB 40ms
40ms Script
text/javascript 151.101.128.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-6da9fe275a2610b9a7816-min.en-US.js
Requested by: Host: fadedkings.com
URL: https://fadedkings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 391364c0962ad0c25859e52891944f9647b53933f2078a762016b3636d7ca5aa

Request headers

Referer: https://fadedkings.com/
Origin: https://fadedkings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-hits: 4, 20926
date: Tue, 09 May 2023 21:44:05 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 340529
x-cache: HIT, HIT
content-length: 16715
x-served-by: cache-iad-kiad7000060-IAD, cache-fra-eddf8230134-FRA
last-modified: Fri, 05 May 2023 23:03:19 GMT
server: UploadServer
x-timer: S1683668645.398433,VS0,VE0
etag: "858aab93982d659ec42a228511c57bdf"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 May 2024 23:08:36 GMT

GET
H2 200 extract-css-moment-js-vendor-5082e2dab696b020ac83a-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 575 KB
86 KB 43ms
43ms Script
text/javascript 151.101.128.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/extract-css-moment-js-vendor-5082e2dab696b020ac83a-min.en-US.js
Requested by: Host: fadedkings.com
URL: https://fadedkings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a59acd7a8cbaf68d5d628ac09c501f01a2f3f42c9affa8f3d101f2860d1cc3f7

Request headers

Referer: https://fadedkings.com/
Origin: https://fadedkings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-hits: 1, 122071
date: Tue, 09 May 2023 21:44:05 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 14617209
x-cache: HIT, HIT
content-length: 87950
x-served-by: cache-iad-kiad7000031-IAD, cache-fra-eddf8230134-FRA
last-modified: Mon, 21 Nov 2022 16:44:05 GMT
server: UploadServer
x-timer: S1683668645.443694,VS0,VE0
etag: "c790849e8518999c8594a0bbb6597784"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Nov 2023 17:23:55 GMT

GET
H2 200 cldr-resource-pack-2bb4d8591b254af6d84d7-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 119 KB
18 KB 39ms
39ms Script
text/javascript 151.101.128.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/cldr-resource-pack-2bb4d8591b254af6d84d7-min.en-US.js
Requested by: Host: fadedkings.com
URL: https://fadedkings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c9685d58649df90b8c03167f3236174e987ca0f494ff2375e92c79f7c517343c

Request headers

Referer: https://fadedkings.com/
Origin: https://fadedkings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-hits: 30, 34986
date: Tue, 09 May 2023 21:44:05 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 372401
x-cache: HIT, HIT
content-length: 18316
x-served-by: cache-iad-kjyo7100109-IAD, cache-fra-eddf8230134-FRA
last-modified: Fri, 05 May 2023 14:11:36 GMT
server: UploadServer
x-timer: S1683668646.504845,VS0,VE0
etag: "cc7707d7c5471068b1a7f6dab0314d24"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 May 2024 14:17:25 GMT

GET
H2 200 common-vendors-stable-ded59447778e1491d87fa-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 240 KB
69 KB 43ms
41ms Script
text/javascript 151.101.128.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-ded59447778e1491d87fa-min.en-US.js
Requested by: Host: fadedkings.com
URL: https://fadedkings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a02052cb1eaf0f90100a8d53276c90b181e9a26ba962412fe649bcd41c6c7bcc

Request headers

Referer: https://fadedkings.com/
Origin: https://fadedkings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-hits: 1, 51261
date: Tue, 09 May 2023 21:44:05 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 1889615
x-cache: HIT, HIT
content-length: 70636
x-served-by: cache-iad-kjyo7100083-IAD, cache-fra-eddf8230134-FRA
last-modified: Tue, 22 Nov 2022 21:08:15 GMT
server: UploadServer
x-timer: S1683668646.528354,VS0,VE0
etag: "a2aba54ac71d7b847b67a49a66957627"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 00:50:30 GMT

GET
H2 200 common-vendors-df75bde346c99dfacf187-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 738 KB
166 KB 52ms
50ms Script
text/javascript 151.101.128.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-df75bde346c99dfacf187-min.en-US.js
Requested by: Host: fadedkings.com
URL: https://fadedkings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7f4227478d8129aeb2fb09bbe859b00c7047d7d7b592564b1cf2af956d9962c4

Request headers

Referer: https://fadedkings.com/
Origin: https://fadedkings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-hits: 20, 3
date: Tue, 09 May 2023 21:44:05 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 372401
x-cache: HIT, HIT
content-length: 169888
x-served-by: cache-iad-kiad7000029-IAD, cache-fra-eddf8230134-FRA
last-modified: Fri, 05 May 2023 14:11:43 GMT
server: UploadServer
x-timer: S1683668646.530042,VS0,VE0
etag: "751587a468179010a99cf3c22c22179e"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 May 2024 14:17:25 GMT

GET
H2 200 common-0c12810e5e51ab6163a9b-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 2 MB
377 KB 52ms
49ms Script
text/javascript 151.101.128.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-0c12810e5e51ab6163a9b-min.en-US.js
Requested by: Host: fadedkings.com
URL: https://fadedkings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 782a0eaaca15f9b2f3a09bdf774de9b4abd11e494796b1bc8a25fc4b8b078aa8

Request headers

Referer: https://fadedkings.com/
Origin: https://fadedkings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-hits: 17, 3
date: Tue, 09 May 2023 21:44:05 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 367788
x-cache: HIT, HIT
content-length: 385944
x-served-by: cache-iad-kiad7000022-IAD, cache-fra-eddf8230134-FRA
last-modified: Fri, 05 May 2023 15:27:07 GMT
server: UploadServer
x-timer: S1683668646.530025,VS0,VE0
etag: "40db2b3e9046f83c3239e5f7388f8a5a"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 May 2024 15:34:16 GMT

GET
H2 200 performance-2f007f13a36b03e0442ad-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 243 KB
52 KB 51ms
49ms Script
text/javascript 151.101.128.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/performance-2f007f13a36b03e0442ad-min.en-US.js
Requested by: Host: fadedkings.com
URL: https://fadedkings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.237 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 20fde339eebfac304b5122f7b218232dec3685eee00bd571e224fa8ab02538e2

Request headers

Referer: https://fadedkings.com/
Origin: https://fadedkings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-hits: 22, 45547
date: Tue, 09 May 2023 21:44:05 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
age: 614656
x-cache: HIT, HIT
content-length: 53201
x-served-by: cache-iad-kiad7000089-IAD, cache-fra-eddf8230134-FRA
last-modified: Tue, 02 May 2023 18:16:25 GMT
server: UploadServer
x-timer: S1683668646.530003,VS0,VE0
etag: "f144ad6c44e40e90381a914afe1c50e4"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 May 2024 18:59:49 GMT

GET
H2 200 site.css
static1.squarespace.com/static/versioned-site-css/5f72197ebceb763ca1d514e1/45/5c5a519771c10ba3470d8101/5f72197ebceb763ca1d514fa/1380/ 1 MB
107 KB 272ms
172ms Stylesheet
text/css 151.101.64.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/versioned-site-css/5f72197ebceb763ca1d514e1/45/5c5a519771c10ba3470d8101/5f72197ebceb763ca1d514fa/1380/site.css

Requested by

Host: fadedkings.com
URL: https://fadedkings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

8e936ec58d24be2a79b494955ae86880003151d3673b98d44a91cf4f2ca41fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fadedkings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-hits: 19, 0
date: Tue, 09 May 2023 21:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
age: 529786
x-cache: HIT, MISS
x-contextid: vvegWoNP/oDJKjMgd
content-length: 108663
x-served-by: cache-dfw-kdfw8210075-DFW, cache-fra-eddf8230069-FRA
pragma: cache
server: Squarespace
x-timer: S1683668645.251579,VS0,VE133
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 168 KB
62 KB 167ms
53ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-180471153-2

Requested by

Host: fadedkings.com
URL: https://fadedkings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f57d9b31814755ab886e397e177ae333a24a3f32e0094c7d80711741043e34e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fadedkings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 21:44:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63042
x-xss-protection: 0
last-modified: Tue, 09 May 2023 21:09:35 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 May 2023 21:44:05 GMT

GET
H2 200 Faded%2BKings%2B-%2BFinal%2BLogo.jpg
images.squarespace-cdn.com/content/v1/5f72197ebceb763ca1d514e1/1601313782926-BFJE109LKG3WU36EBKDD/ 252 KB
253 KB 255ms
138ms Image
image/jpeg 151.101.64.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/5f72197ebceb763ca1d514e1/1601313782926-BFJE109LKG3WU36EBKDD/Faded%2BKings%2B-%2BFinal%2BLogo.jpg?format=original
Requested by: Host: fadedkings.com
URL: https://fadedkings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 09a055c55ba90a060b0362aeeb91d54caccf35f84b4b9fdee397adb2c6a035ab

Request headers

Referer: https://fadedkings.com/
Origin: https://fadedkings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-hits: 73, 0
date: Tue, 09 May 2023 21:44:05 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 624326
x-cache: HIT, MISS
content-length: 258459
x-served-by: cache-iad-kiad7000112-IAD, cache-fra-eddf8230065-FRA
x-timer: S1683668646.645168,VS0,VE98
etag: CJyz0NqujOwCEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 site-bundle.9b819965ab181a3a4e4a2f27d93770b9.js Show response
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 175 KB
43 KB 41ms
39ms Script
application/javascript 151.101.64.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.9b819965ab181a3a4e4a2f27d93770b9.js

Requested by

Host: fadedkings.com
URL: https://fadedkings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

fb13ee189e23094692203195731644f39ae0130b661c66bf41247e44979baf56

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fadedkings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-hits: 11, 4427
date: Tue, 09 May 2023 21:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
age: 537372
x-cache: HIT, HIT
x-contextid: Oe148vum/pNu7K87t
content-length: 43759
x-served-by: cache-dfw-kdfw8210104-DFW, cache-fra-eddf8230069-FRA
pragma: cache
server: Squarespace
x-timer: S1683668646.529584,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 widget.js Show response
widget.getsquire.com/ 26 KB
7 KB 240ms
125ms Script
application/javascript 2606:4700:4400::6812:2038
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.getsquire.com/widget.js?1683668645505
Requested by: Host: fadedkings.com
URL: https://fadedkings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2038 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16c6a02890b5ce420ee1b5aabefdb360757cdba500db26970be9bc24578b5f30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fadedkings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 21:44:05 GMT
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 04 May 2023 02:04:16 GMT
server: cloudflare
etag: W/"260cd860eb1f785be3fe88f8966798c3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XfUe2YzFvuCXlvFpqcJl5IktJn%2BmjCq40txZCdRxgFgWj%2BOeTIpGH4BvG2e9oc7ngXY1WV3ZGQSmqg8hbC%2BcS9dnStbOvM4M3tSZgohkO7l26N7uWQ3BojySRpgwkb2%2BKMv%2FBuCZAYsVSBMV74o6pVUO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7c4d1f2b4e542baf-FRA
x-amz-cf-id: MybYnOnFdqTGtlcRHzcIIktRNjO_NvelxGM4z70Fxs9G1Ogew_ZHxg==
expires: Wed, 10 May 2023 01:44:05 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 124ms
40ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: fadedkings.com
URL: https://fadedkings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fadedkings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 09 May 2023 21:44:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27538
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: hCF43RXNlNlPGTTOnUb0sh2DqhNkLzvik0o8vY3iiu5jARqk6CH3L1FSTeCztFmN4K9FO9gkiFvg5uWCTCxkww==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ 32 KB
33 KB 147ms
40ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=PT+Serif:ital,wght@0,400;0,700;1,400;1,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fadedkings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 08 May 2023 18:05:27 GMT
x-content-type-options: nosniff
age: 99518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33116
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:52:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 May 2024 18:05:27 GMT

GET
H2 200 l
use.typekit.net/af/8c4723/00000000000000000001300a/27/ 18 KB
18 KB 159ms
41ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8c4723/00000000000000000001300a/27/l?subset_id=2&fvd=n4&v=3
Requested by: Host: fadedkings.com
URL: https://fadedkings.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 66fac463e35d570d048321def2d7b059f1ef5c96201f08925bd2902e4b7ec093

Request headers

Referer: https://fadedkings.com/
Origin: https://fadedkings.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 21:44:05 GMT
server: nginx
etag: "f2223460ec1efe06376ba7449e0d5170b7173733"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 18180

GET
H2 200 Shop+Photos++%286+of+6%29.jpg
images.squarespace-cdn.com/content/v1/5f72197ebceb763ca1d514e1/a529488a-8b51-4dd3-a89e-b644c8b1588d/ 389 KB
389 KB 154ms
47ms Image
image/jpeg 151.101.64.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/v1/5f72197ebceb763ca1d514e1/a529488a-8b51-4dd3-a89e-b644c8b1588d/Shop+Photos++%286+of+6%29.jpg?format=2500w
Requested by: Host: fadedkings.com
URL: https://fadedkings.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f5ab5d0485a43f7b295d2c08868f19994fdb7471a1d8552e4a9a77ebaa928d01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fadedkings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-hits: 83, 1
date: Tue, 09 May 2023 21:44:05 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 1747174
x-cache: HIT, HIT
content-length: 397994
x-served-by: cache-iad-kcgs7200161-IAD, cache-fra-eddf8230115-FRA
x-timer: S1683668646.686544,VS0,VE3
etag: CI2I6tPFhPgCEAE=
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 3291156194542471 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 167ms
166ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3291156194542471?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1fd4ad3fd6a72104c9a1cd064152a1a596a0549873fcc3907d1b3dedf4db0cde

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fadedkings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 09 May 2023 21:44:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: /H2UGmce1c+QP+pmFUVDeBgTgmmUBsFXHW9DAoQahVERpIWENbVF7rDPBhTvIZLe0s+yQbLRagUdwQUgaIRp3g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 4974.f769873cdeba9ffd68e9.js Show response
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 48 KB
13 KB 40ms
39ms Script
application/javascript 151.101.64.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/4974.f769873cdeba9ffd68e9.js

Requested by

Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.9b819965ab181a3a4e4a2f27d93770b9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

8a388005912d4c5269f98a782e08c58d0efcad2b44b64e87da8c75dbd3407879

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fadedkings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-hits: 0, 254
date: Tue, 09 May 2023 21:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
age: 537371
x-cache: MISS, HIT
x-contextid: WKpOTYC3/E23sDKIs
content-length: 13190
x-served-by: cache-dfw-kdfw8210068-DFW, cache-fra-eddf8230069-FRA
pragma: cache
server: Squarespace
x-timer: S1683668646.878235,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 9875.45a92114a75e5b38c4ea.js Show response
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 7 KB
3 KB 42ms
40ms Script
application/javascript 151.101.64.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/9875.45a92114a75e5b38c4ea.js

Requested by

Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.9b819965ab181a3a4e4a2f27d93770b9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

d9d9d2edb2215d2e7f3d565890e97ec5a09c31ba9de59be24545e906018cdf2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fadedkings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-hits: 0, 80
date: Tue, 09 May 2023 21:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
age: 537371
x-cache: MISS, HIT
x-contextid: BQrnz5Qb/F060ZX9O
content-length: 2824
x-served-by: cache-dfw-kdfw8210086-DFW, cache-fra-eddf8230069-FRA
pragma: cache
server: Squarespace
x-timer: S1683668646.878867,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 4581.dc4175c01bf49e5b4894.js Show response
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 9 KB
3 KB 42ms
41ms Script
application/javascript 151.101.64.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/4581.dc4175c01bf49e5b4894.js

Requested by

Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.9b819965ab181a3a4e4a2f27d93770b9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

13bcf500156317ce0f23b7387cf36e280dfd9f48af5665d1e0ca4e8fd8e66230

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fadedkings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-hits: 3337, 11
date: Tue, 09 May 2023 21:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
age: 618400
x-cache: HIT, HIT
x-contextid: EMGMrhhR/WWTIcZ1p
content-length: 3168
x-served-by: cache-dfw-kdfw8210112-DFW, cache-fra-eddf8230069-FRA
pragma: cache
server: Squarespace
x-timer: S1683668646.879002,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 background-image-fx-film-grain.bede8b05a9287e13c8f4.js Show response
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 9 KB
3 KB 43ms
42ms Script
application/javascript 151.101.64.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/background-image-fx-film-grain.bede8b05a9287e13c8f4.js

Requested by

Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.9b819965ab181a3a4e4a2f27d93770b9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

522d9165e3ec0f2d0419968a6eecef7e3aa33bafded17fc5bfbb6f97a927be4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fadedkings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-hits: 14052, 1
date: Tue, 09 May 2023 21:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
age: 657282
x-cache: HIT, HIT
x-contextid: c34fL9ar/6Wgp6hMd
content-length: 2915
x-served-by: cache-dfw-kdfw8210130-DFW, cache-fra-eddf8230069-FRA
pragma: cache
server: Squarespace
x-timer: S1683668646.879499,VS0,VE1
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 241.b38453ae9aa40e67c15b.js Show response
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 8 KB
3 KB 43ms
41ms Script
application/javascript 151.101.64.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/241.b38453ae9aa40e67c15b.js

Requested by

Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.9b819965ab181a3a4e4a2f27d93770b9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

4b3bfff1cb150ac30f36c06c696082a2daf6c34c57bb6d93d7a367f21d98c4c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fadedkings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-hits: 1889, 13
date: Tue, 09 May 2023 21:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
age: 434982
x-cache: HIT, HIT
x-contextid: Csqet5Rd/SuRxT8rL
content-length: 2763
x-served-by: cache-dfw-kdfw8210105-DFW, cache-fra-eddf8230069-FRA
pragma: cache
server: Squarespace
x-timer: S1683668646.880103,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 7475.51f54bc309d72c9150c7.js Show response
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 62 KB
19 KB 44ms
43ms Script
application/javascript 151.101.64.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/7475.51f54bc309d72c9150c7.js

Requested by

Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.9b819965ab181a3a4e4a2f27d93770b9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

0e934190533b24906c4e6229898283138206ba73434366048838aa7e088749a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fadedkings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-hits: 378, 8
date: Tue, 09 May 2023 21:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
age: 99440
x-cache: HIT, HIT
x-contextid: 9tjz8cRS/ZBV6pADG
content-length: 19539
x-served-by: cache-dfw-kdfw8210049-DFW, cache-fra-eddf8230069-FRA
pragma: cache
server: Squarespace
x-timer: S1683668646.881291,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 7926.752dbb871e9704568651.js Show response
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 8 KB
3 KB 43ms
42ms Script
application/javascript 151.101.64.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/7926.752dbb871e9704568651.js

Requested by

Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.9b819965ab181a3a4e4a2f27d93770b9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

2752ff1877eddaf2d291309e8b0c7d7379b531bdf6054b60d337edcd368731f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fadedkings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-hits: 11049, 3
date: Tue, 09 May 2023 21:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
age: 563824
x-cache: HIT, HIT
x-contextid: vX7oabii/wvTUUAD6
content-length: 3167
x-served-by: cache-dfw-kdfw8210065-DFW, cache-fra-eddf8230069-FRA
pragma: cache
server: Squarespace
x-timer: S1683668646.880861,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 1905.adb611da53a11b2c222d.js Show response
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 18 KB
6 KB 44ms
43ms Script
application/javascript 151.101.64.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/1905.adb611da53a11b2c222d.js

Requested by

Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.9b819965ab181a3a4e4a2f27d93770b9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

e074f7a7f4e87e6f4b41b6fea4b8c0c286f7ba299942a4d2117fe9f6f88236d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fadedkings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-hits: 1185, 1
date: Tue, 09 May 2023 21:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
age: 662826
x-cache: HIT, HIT
x-contextid: h6lycQ4i/tNYHq3NK
content-length: 5740
x-served-by: cache-dfw-kdfw8210118-DFW, cache-fra-eddf8230069-FRA
pragma: cache
server: Squarespace
x-timer: S1683668646.880510,VS0,VE1
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 background-bokeh.bc16060ba29b4d05bb2c.js Show response
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 10 KB
3 KB 44ms
44ms Script
application/javascript 151.101.64.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/background-bokeh.bc16060ba29b4d05bb2c.js

Requested by

Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.9b819965ab181a3a4e4a2f27d93770b9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

6da18eee74d772d93f588d8fc3760066c6c4efdb020231b4ad9073adc5ee34e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fadedkings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-hits: 13406, 1
date: Tue, 09 May 2023 21:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
age: 658988
x-cache: HIT, HIT
x-contextid: QRqpUsRQ/nYDmYHBk
content-length: 3096
x-served-by: cache-dfw-kdfw8210087-DFW, cache-fra-eddf8230069-FRA
pragma: cache
server: Squarespace
x-timer: S1683668646.880427,VS0,VE1
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

GET
H2 200 p.gif
p.typekit.net/ 35 B
228 B 180ms
39ms Image
image/gif 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=2&k=646866_5f72197ebceb763ca1d514e1&ht=tk&h=fadedkings.com&f=18156&a=646866&js=1.21.0&app=typekit&e=js&_=1683668645867
Requested by: Host: fadedkings.com
URL: https://fadedkings.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fadedkings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

unused62: 8096267
date: Tue, 09 May 2023 21:44:06 GMT
last-modified: Sat, 09 Oct 2021 02:10:03 GMT
server: nginx
etag: "6160f9fb-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

POST
H2 200 RecordHit Show response
fadedkings.com/api/census/ 17 B
83 B 178ms
178ms XHR
application/json 198.185.159.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://fadedkings.com/api/census/RecordHit

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-df75bde346c99dfacf187-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.185.159.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://fadedkings.com/
X-CSRF-Token: BQ4mI26AUv3KNzk2ZDczNDQzYTg3NGMzYjNmMjFhNDY4ZTY4MjM1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 09 May 2023 21:44:06 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
x-contextid: wQ1AwfRR/vsVBkP4m
content-length: 17

POST
H2 200 button-render Show response
fadedkings.com/api/census/ 17 B
135 B 172ms
172ms XHR
application/json 198.185.159.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://fadedkings.com/api/census/button-render

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-df75bde346c99dfacf187-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.185.159.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://fadedkings.com/
X-CSRF-Token: BQ4mI26AUv3KNzk2ZDczNDQzYTg3NGMzYjNmMjFhNDY4ZTY4MjM1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 09 May 2023 21:44:05 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
server: Squarespace
content-type: application/json;charset=utf-8
cache-control: no-cache, no-store, must-revalidate
x-contextid: wQ1AwfRR/HbnWyXOM
content-length: 17

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
76 KB 66ms
65ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1YZG0PB2F5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-180471153-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ef8ce241b04a2993c95ceb339a7e925a8f40421e16ff2a076b114d7c331136c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fadedkings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 21:44:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77744
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 May 2023 21:44:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 129ms
39ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-180471153-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fadedkings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 09 May 2023 20:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4107
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Tue, 09 May 2023 22:35:39 GMT

GET
H2 200 frameLoader.js Show response
widget.getsquire.com/v2/ 133 KB
45 KB 99ms
99ms Script
application/javascript 2606:4700:4400::6812:2038
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.getsquire.com/v2/frameLoader.js?1683668646002
Requested by: Host: widget.getsquire.com
URL: https://widget.getsquire.com/widget.js?1683668645505
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2038 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac7ec95f37d73aa4176c9ced8b19f834da7ff5101bc9eb3adc9d4d49b056ac49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fadedkings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 21:44:06 GMT
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 04 May 2023 02:04:16 GMT
server: cloudflare
etag: W/"be5dab111ee5caf0e1939b04164d54f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ReLvJtX3x1kw02hDR8%2FEuhhhGMIJ4wcs01xWqI23COHQrcunvE8AV7JFyqHYilwiw0LCjza5fCnzKWv9fBfzJZ%2FjLif%2BfJ94q7FOoddXaySTq3Jr%2Fo4TJuJAvLQ3EYxWZeZHr7JfLQRvR4vP0SgwdekK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7c4d1f2d98df2baf-FRA
x-amz-cf-id: He8k7RBnlDGIdOWDE8ZrkvAgkG1LcdQEo4LKSeNbQzWI-LE7ml4SqA==
expires: Wed, 10 May 2023 01:44:06 GMT

GET
H2 200 v3 Show response
js.stripe.com/ 471 KB
113 KB 186ms
52ms Script
text/javascript 13.227.219.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: widget.getsquire.com
URL: https://widget.getsquire.com/widget.js?1683668645505

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-97.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

12511c57c7a22e7503edffa1d5daad446ae9427fc7443dd7399325a5b3094538

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fadedkings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 09 May 2023 21:43:37 GMT
via: 1.1 1b0117d337408839a32bf2a49b55b3f0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 41
x-cache: Hit from cloudfront
last-modified: Tue, 09 May 2023 20:28:22 GMT
server: Cloudfront
etag: W/"b6b0babf567d09998a25825f997fdb12"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: tttNTDUAB0YvR-dk5o7yDRI5cP8qjbpHaE622v4hM3gPrf-1tied3w==

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 121ms
40ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3291156194542471&ev=PageView&dl=https%3A%2F%2Ffadedkings.com%2F&rl=&if=false&ts=1683668646013&sw=1600&sh=1200&v=2.9.104&r=stable&a=plsquarespace&ec=0&o=30&fbp=fb.1.1683668646012.612485898&it=1683668645713&coo=false&rqm=GET

Requested by

Host: fadedkings.com
URL: https://fadedkings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fadedkings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 09 May 2023 21:44:06 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 floating-cart.4814fbbf54a92e38c18f.js Show response
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 451 B
461 B 39ms
39ms Script
application/javascript 151.101.64.238
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/floating-cart.4814fbbf54a92e38c18f.js

Requested by

Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.9b819965ab181a3a4e4a2f27d93770b9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.238 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Squarespace /

Resource Hash

44730fefcc42a6a30ff8e5e876522fa745b60bf0744414838d9de76eeb705c23

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fadedkings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-hits: 49, 4151
date: Tue, 09 May 2023 21:44:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 varnish, 1.1 varnish
age: 534419
x-cache: HIT, HIT
x-contextid: 1DNAPAmn/a1MYbZ8q
content-length: 302
x-served-by: cache-dfw-kdfw8210096-DFW, cache-fra-eddf8230069-FRA
pragma: cache
server: Squarespace
x-timer: S1683668646.060102,VS0,VE0
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=94608000
accept-ranges: bytes
timing-allow-origin: *
tracepoint: Fastly

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 135ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1YZG0PB2F5&gtm=45je3580&_p=610678936&cid=1141750236.1683668646&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683668646&sct=1&seg=0&dl=https%3A%2F%2Ffadedkings.com%2F&dt=F%20a%20d%20e%20d%20K%20I%20n%20g%20s&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1YZG0PB2F5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fadedkings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 May 2023 21:44:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fadedkings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bookButton.js Show response
widget.getsquire.com/v2/ 132 KB
45 KB 103ms
102ms Script
application/javascript 2606:4700:4400::6812:2038
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.getsquire.com/v2/bookButton.js?1683668646154
Requested by: Host: widget.getsquire.com
URL: https://widget.getsquire.com/widget.js?1683668645505
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2038 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed4120f98580a76bc40d9114474758d212d33d9342755c82dffdeda90ea14bb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fadedkings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 21:44:06 GMT
via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 04 May 2023 02:04:16 GMT
server: cloudflare
etag: W/"d4a4b76e20b0dbcd54e450e5a24d2326"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ULWD%2BOPT4wd0W2Gj7LMLAmEkrgjq%2FY3Gu9rWGnfinjQam2zcfNQZmvE20CUB%2FhyGRpODPxeqJOGThaE7eF%2BxonfW73%2BWfiihIGpnQWM4T5cRjtJJYKirw%2F9jf2xvkm7Vivx2e%2B2lspV0xa1FL4CP11Og"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7c4d1f2e99ec2baf-FRA
x-amz-cf-id: Ix_qN0Iaqf4h9-dBGHPsRVDo1wbEIoYnHXyPNnldpAr0Di5rPzkERQ==
expires: Wed, 10 May 2023 01:44:06 GMT

GET
H2 200 dataPreloader.js Show response
widget.getsquire.com/v2/ 175 KB
54 KB 106ms
106ms Script
application/javascript 2606:4700:4400::6812:2038
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.getsquire.com/v2/dataPreloader.js?1683668646155
Requested by: Host: widget.getsquire.com
URL: https://widget.getsquire.com/widget.js?1683668645505
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2038 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a380b3cfc57c0e3336f5ad21b555c689c85df52a992c466ccbb70206d95fda1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fadedkings.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 21:44:06 GMT
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 04 May 2023 02:04:16 GMT
server: cloudflare
etag: W/"b817e5be2567e9b987cd7763d8ed0560"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mX5mAbdi08aXD%2F04W200BWx4mxOzXc7QU2Ew46TIDqzQRaL%2B1C8Wq6b9b7sLRjVFxcVzx7L3XnSxZl5rw78QlRfh9QKJj%2Fg2xOOq4iP5jAB7EjSqOIdNSNI1o83X%2FPC5M3lYZiLSWml7qt2aK9cRsNet"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7c4d1f2e99ef2baf-FRA
x-amz-cf-id: fyCjmBijTW6acqi4SJTRntJA4otPB64s0ZUPKjYG6djboOZeD-rdQQ==
expires: Wed, 10 May 2023 01:44:06 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
205 B 47ms
47ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=610678936&t=pageview&_s=1&dl=https%3A%2F%2Ffadedkings.com%2F&ul=en-us&de=UTF-8&dt=F%20a%20d%20e%20d%20K%20I%20n%20g%20s&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1394268448&gjid=2079958370&cid=1141750236.1683668646&tid=UA-180471153-2&_gid=326435606.1683668646&_r=1&gtm=457e3580&did=dZjQwMz&gdid=dZjQwMz&jsscut=1&z=2069815621

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fadedkings.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 May 2023 21:44:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fadedkings.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 BRAND_ID Show response
getsquire.com/booking/brands/ Frame C9EA 2 KB
1 KB 884ms
870ms Document
text/html 2606:4700:4400::6812:2038
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getsquire.com/booking/brands/BRAND_ID?platform=widget
Requested by: Host: widget.getsquire.com
URL: https://widget.getsquire.com/v2/frameLoader.js?1683668646002
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2038 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e00e6370c4fe15d70fbc3a64249719864e5229bb82efc89832e23a4117440e9e

Request headers

Referer: https://fadedkings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=300
cf-cache-status: DYNAMIC
cf-ray: 7c4d1f2fcb522baf-FRA
content-encoding: gzip
content-type: text/html
date: Tue, 09 May 2023 21:44:07 GMT
last-modified: Thu, 04 May 2023 02:05:06 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FsCJhoXzcc%2BGuZgGAbbn8idUnMXAody%2BlDaUJNYDXvzuXQpIICO1OetbzBLdxfSrZMUmVNS8jdbEwqsRLH4Dbmsxr9Olq7BDGeU2icJf3HW3rHSF37R8dSIMadiF1QMC%2FWB2y9Aq%2FfQAuus%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
x-amz-cf-id: j1PE0uWFywFjRQUJJvAGSJZVtZjlCaav9YTNv_B8Si7R5CTzx3953A==
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 5EA9 0
48 B 41ms
40ms Document
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: fadedkings.com
URL: https://fadedkings.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://fadedkings.com
Referer: https://fadedkings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://fadedkings.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 09 May 2023 21:44:06 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame C9EA 116 KB
36 KB 217ms
99ms Script
application/javascript 2a00:1450:400c:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: getsquire.com
URL: https://getsquire.com/booking/brands/BRAND_ID?platform=widget

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eb752bc50264e20fb3409303a4ddacd0bf9528f9abbfa01bb7732821ac1caf4a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-PXmKuKNObnvVG68S2WF63Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getsquire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 21:44:07 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-PXmKuKNObnvVG68S2WF63Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Tue, 09 May 2023 21:44:07 GMT

GET
H2 200 api.js Show response
apis.google.com/js/ Frame C9EA 17 KB
7 KB 150ms
48ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: getsquire.com
URL: https://getsquire.com/booking/brands/BRAND_ID?platform=widget

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fee28aa59f9dbe5fa3d892927a363bc847f0f8ddd49347456701136d9d759ed9

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getsquire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 09 May 2023 21:44:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "3de33afca9749860"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 May 2023 21:44:07 GMT

GET
H2

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/g/b5e45436/ Frame C9EA
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit
https://challenges.cloudflare.com/turnstile/v0/g/b5e45436/api.js?render=explicit

15 KB
5 KB

74ms
73ms

Script
application/javascript

2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/b5e45436/api.js?render=explicit
Requested by: Host: getsquire.com
URL: https://getsquire.com/booking/brands/BRAND_ID?platform=widget
Protocol: H2
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5205e201bbd649a3a4af0ecb9b1e8a80f73aa8ea4aee1740302b1b8f7435b27f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getsquire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 21:44:07 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7c4d1f3629f739bc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Tue, 09 May 2023 21:44:07 GMT
server: cloudflare
vary: accept-encoding
location: /turnstile/v0/g/b5e45436/api.js?render=explicit
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 7c4d1f35d99e39bc-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 main.ce16a72deaa07f8dcfae.js Show response
wow.getsquire.com/ Frame C9EA 2 MB
657 KB 93ms
65ms Script
application/javascript 2606:4700:4400::6812:2038
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wow.getsquire.com/main.ce16a72deaa07f8dcfae.js
Requested by: Host: getsquire.com
URL: https://getsquire.com/booking/brands/BRAND_ID?platform=widget
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2038 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90f27d6f6f9f1ffcac6f673e57aa3b90f78f31c5b9c6775395bbdc59912e2d19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getsquire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 21:44:07 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5059
x-amz-cf-pop: FRA56-P2
cf-polished: origSize=2122227
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Thu, 04 May 2023 02:05:04 GMT
cf-bgj: minify
server: cloudflare
etag: W/"2db1b52bc98bf3e0b8b9e7251e30c2fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=npfSUWB6o1IbeuZOvs%2FdfOXE2xA%2BADtW%2F%2BG2KAEbAZXwkfdq69HPAauMMm%2BApyWjm%2BkUer6rc3KIL7jHalzTfDdajfJskwnw5fpriCiUiVT%2BzrMgt0Pdvv9cO5jHm0ejf95tEzqOpgYOLndrG0F0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 7c4d1f36dae82baf-FRA
x-amz-cf-id: ioB4HZxNFUhoC-154KUo4PCIyTFO2JXr2d_6M0SPUrKzJMg8NB98oQ==
expires: Wed, 10 May 2023 01:44:07 GMT

OPTIONS
H2 404 /
app.launchdarkly.com/sdk/goals/ Frame 0
0 740ms
640ms Preflight
text/plain 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: GET
Origin: https://getsquire.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

accept-ranges: bytes
age: 0
content-length: 19
content-type: text/plain; charset=utf-8
date: Tue, 09 May 2023 21:44:08 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-fra-eddf8230139-FRA
x-timer: S1683668648.910712,VS0,VE599

OPTIONS
H2 204 status
api.getsquire.com/v1/ Frame 0
0 458ms
267ms Preflight 2606:4700:4400::ac40:9bc8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getsquire.com/v1/status
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9bc8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://getsquire.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://getsquire.com
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
cf-ray: 7c4d1f3a096b3659-FRA
content-length: 0
date: Tue, 09 May 2023 21:44:08 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJJRY%2F7iiqmA7qpNy6tdinoKtgRABhq6ocekX%2Fmd7jbtMQLUtTleMh%2FiV1yF5iPNjH5WgtkJ4LFFPq5HuZv39VdzaTjT1ZXzQrfvGne%2Fyfmj41TiqaFXSeIaUl%2FEL1xO%2BLqP%2F1fEcd5ZoWq3cErv"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Access-Control-Request-Headers
x-powered-by: Express

GET
DATA 200
OK truncated
/ Frame C9EA 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 491b7037472ff549180180085455a0a78b9662caae45e5f4ab81bfeda3c7cb55

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 v3 Show response
js.stripe.com/ Frame C9EA 471 KB
113 KB 50ms
50ms Script
text/javascript 13.227.219.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: wow.getsquire.com
URL: https://wow.getsquire.com/main.ce16a72deaa07f8dcfae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-97.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

12511c57c7a22e7503edffa1d5daad446ae9427fc7443dd7399325a5b3094538

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getsquire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 09 May 2023 21:43:15 GMT
via: 1.1 1b0117d337408839a32bf2a49b55b3f0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 53
x-cache: Hit from cloudfront
last-modified: Tue, 09 May 2023 20:41:44 GMT
server: Cloudfront
etag: W/"b6b0babf567d09998a25825f997fdb12"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: 2DNHcxI339T7OdWdCx_PmmjRLrErQnzPX4ARKbqGaqSEobEYFoRILw==

GET /
app.launchdarkly.com/sdk/goals/ Frame C9EA 0
0

GET
H2 200 status Show response
api.getsquire.com/v1/ Frame C9EA 11 B
1 KB 643ms
643ms Fetch
application/json 2606:4700:4400::ac40:9bc8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.getsquire.com/v1/status

Requested by

Host: wow.getsquire.com
URL: https://wow.getsquire.com/main.ce16a72deaa07f8dcfae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9bc8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' getsquire.com *.getsquire.com;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://getsquire.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 09 May 2023 21:44:08 GMT
content-security-policy: img-src 'self' getsquire.com *.getsquire.com;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
surrogate-control: no-store
x-dns-prefetch-control: off
content-length: 11
x-xss-protection: 0
pragma: no-cache
referrer-policy: no-referrer
server: cloudflare
etag: W/"b-Ai2R8hgEarLmHKwesT1qcY913ys"
expect-ct: max-age=0
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://getsquire.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tepn2eG9TYJtm31EdRPlrgXrp5NVY8LqqxzENNGhvdlcA35yTLvulW9tqdrV1jCHthEXnJ1ogWY4cqiT5ibS1LtGdYUaCH2RVZDSQcmuTJuo7ujw4k2cIBg5zKj3FOxYtDHTMpFOrkRuyiL%2FjAs9"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 7c4d1f3baace3659-FRA
expires: 0

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.quWKHAGG1QE.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ/ Frame C9EA 116 KB
40 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.quWKHAGG1QE.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f8d667b706cda220bb8cfaf9195b273ad86e71fd8ce10e9b32d9ba625f14d23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getsquire.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 05 May 2023 21:14:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 347400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40092
x-xss-protection: 0
last-modified: Sat, 01 Apr 2023 15:23:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 May 2024 21:14:07 GMT

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame FD27 18 KB
8 KB 230ms
229ms Document
text/html 2a00:1450:400c:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fgetsquire.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

be010865dec96a97e55bf716c87060010f08cb82f829ed8a044101c1ac6a8fbe

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-Oc4CrDSvR7q87e9oC2lk3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://getsquire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-Oc4CrDSvR7q87e9oC2lk3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Tue, 09 May 2023 21:44:07 GMT
expires: Tue, 09 May 2023 21:44:07 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 controller-197298e58b6a18ab3d708bf268879b68.html Show response
js.stripe.com/v3/ Frame AEEA 325 B
1 KB 46ms
46ms Document
text/html 13.227.219.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-197298e58b6a18ab3d708bf268879b68.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-97.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

87a676e226d84a8fa6b30e9b03d99c5bea88b4743b7111094cdd832f55fd90e7

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://getsquire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 34
cache-control: max-age=60
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 09 May 2023 21:43:49 GMT
etag: "197298e58b6a18ab3d708bf268879b68"
last-modified: Tue, 09 May 2023 20:03:39 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 1b0117d337408839a32bf2a49b55b3f0.cloudfront.net (CloudFront)
x-amz-cf-id: 6VDhllOEZZeApgqIkiKw9HiGLL_-rzC8v8XG1Z_smt6qqBtCVaW9_Q==
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 shared-bcf032de2a8cb204149905dcda2ed7e9.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame AEEA 446 KB
100 KB 49ms
49ms Script
text/javascript 13.227.219.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-bcf032de2a8cb204149905dcda2ed7e9.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-197298e58b6a18ab3d708bf268879b68.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-97.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

7b14d3c6cddb21148207b1d8212f25cbc07880f1738e046176b582e588bbaf9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-197298e58b6a18ab3d708bf268879b68.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 09 May 2023 21:05:10 GMT
via: 1.1 1b0117d337408839a32bf2a49b55b3f0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 2338
x-cache: Hit from cloudfront
last-modified: Tue, 09 May 2023 20:03:52 GMT
server: Cloudfront
etag: W/"7622b622e2545129e6801827389be964"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: qkmzL_jhe-HYymQaqyYcKEMk8e6S6kzYxWGgS3-mGdSOSQOr0XhW3A==

GET
H2 200 controller-b9b946fd92d4e261f61bed1a48078d36.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame AEEA 457 KB
113 KB 63ms
62ms Script
text/javascript 13.227.219.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-b9b946fd92d4e261f61bed1a48078d36.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-197298e58b6a18ab3d708bf268879b68.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-97.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

9f031122bdff18291a5b2d3e6a27c4ec21c50817aa189cee7e1214022f70311d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-197298e58b6a18ab3d708bf268879b68.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 09 May 2023 21:12:13 GMT
via: 1.1 1b0117d337408839a32bf2a49b55b3f0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 1914
x-cache: Hit from cloudfront
last-modified: Tue, 09 May 2023 17:10:44 GMT
server: Cloudfront
etag: W/"e17f9fe2fa49ad6024e57b51922199c7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: o0klrpzb1IMljdkR510-X1e5ucPuSulLHTgO0zdknEsR7G7TUrcCQw==

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.AkPvTso5b_s.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/r... Frame FD27 156 KB
56 KB 135ms
41ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.AkPvTso5b_s.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjdd9ASg0ihG25qxqfwxHdT5lKNDg/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fgetsquire.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ffa1f86da440a74b49f7e32deb99f3be3cfc70db00f1d00ddc6bd0b85c7825a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 16:35:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56491
x-xss-protection: 0
last-modified: Tue, 09 May 2023 11:23:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 May 2024 16:35:04 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame AEEA 0
716 B 651ms
213ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: fadedkings.com
URL: https://fadedkings.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 09 May 2023 21:44:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1683668648592591
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1683668648592000
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame AEEA 474 B
866 B 139ms
47ms Fetch
application/json 13.227.219.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-bcf032de2a8cb204149905dcda2ed7e9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-97.ams54.r.cloudfront.net
Software: Cloudfront /
Resource Hash: 8b8476693915de08190b5f3aef09f4c30a679efadde6040ac85ce650fc0f0aa0

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-197298e58b6a18ab3d708bf268879b68.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 09 May 2023 21:43:56 GMT
via: 1.1 b61409af370dbf025ffc910b1252c65e.cloudfront.net (CloudFront)
last-modified: Tue, 09 May 2023 20:42:32 GMT
server: Cloudfront
x-amz-cf-pop: AMS54-C1
age: 20
etag: "88aa71e2c8df50fb88ab05691760ceea"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: 5XMw81iHAhf6-312dhBUNvqS_4STJhXWExBwYWCXmeL9862ydVILbg==

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame FD27 2 KB
2 KB 151ms
151ms Other
text/html 2a00:1450:400c:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: fadedkings.com
URL: https://fadedkings.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 09 May 2023 21:44:08 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

POST
H2 200 0 Show response
r.stripe.com/ Frame AEEA 0
275 B 865ms
424ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-bcf032de2a8cb204149905dcda2ed7e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 09 May 2023 21:44:08 GMT
x-stripe-server-envoy-start-time-us: 1683668648975258
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1683668648974977
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame AEEA 0
274 B 867ms
427ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-bcf032de2a8cb204149905dcda2ed7e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 09 May 2023 21:44:08 GMT
x-stripe-server-envoy-start-time-us: 1683668648975363
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1683668648975059
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame AEEA 0
274 B 874ms
434ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-bcf032de2a8cb204149905dcda2ed7e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 09 May 2023 21:44:08 GMT
x-stripe-server-envoy-start-time-us: 1683668648975735
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1683668648975155
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame AEEA 0
274 B 874ms
434ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-bcf032de2a8cb204149905dcda2ed7e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 09 May 2023 21:44:08 GMT
x-stripe-server-envoy-start-time-us: 1683668648976282
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1683668648976020
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame AEEA 0
274 B 866ms
426ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-bcf032de2a8cb204149905dcda2ed7e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 09 May 2023 21:44:08 GMT
x-stripe-server-envoy-start-time-us: 1683668648975561
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1683668648975321
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame AEEA 0
274 B 873ms
433ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-bcf032de2a8cb204149905dcda2ed7e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 09 May 2023 21:44:08 GMT
x-stripe-server-envoy-start-time-us: 1683668648976174
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1683668648975967
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame AEEA 0
274 B 869ms
430ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-bcf032de2a8cb204149905dcda2ed7e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 09 May 2023 21:44:08 GMT
x-stripe-server-envoy-start-time-us: 1683668648976283
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1683668648976080
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame AEEA 0
274 B 863ms
424ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-bcf032de2a8cb204149905dcda2ed7e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 09 May 2023 21:44:08 GMT
x-stripe-server-envoy-start-time-us: 1683668648975621
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1683668648975266
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame AEEA 0
274 B 867ms
429ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-bcf032de2a8cb204149905dcda2ed7e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 09 May 2023 21:44:08 GMT
x-stripe-server-envoy-start-time-us: 1683668648975612
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1683668648975324
access-control-allow-credentials: true
content-length: 0

GET
H2 200 m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.AkPvTso5b_s.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fSa... Frame FD27 70 KB
26 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.AkPvTso5b_s.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fSa0xJY05bI.L.B1.O/am=wLEBQA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriSKuSUOpNasmsksmhIkJTlEqMAoA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.AkPvTso5b_s.es5.O/am=wLEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjdd9ASg0ihG25qxqfwxHdT5lKNDg/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5efad98a7d826ca3ab160f8c6776acbcb4383242eb328bbb081eeb6a98f218d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 16:35:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26153
x-xss-protection: 0
last-modified: Tue, 09 May 2023 11:23:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 May 2024 16:35:04 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame FD27 1 MB
388 KB 114ms
114ms XHR
text/html 2a00:1450:400c:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

850905e3452beda21ef9385e56a39931b1c857c72a3796fbd92c3669065180b6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-B7okiPM4Ai9EwGik-kpzPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 21:44:08 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-B7okiPM4Ai9EwGik-kpzPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Tue, 09 May 2023 21:44:08 GMT

OPTIONS
H2 404 /
events.launchdarkly.com/events/diagnostic/ Frame 0
0 383ms
123ms Preflight
application/json 34.201.236.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.201.236.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-201-236-116.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://getsquire.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-length: 0
content-type: application/json
date: Tue, 09 May 2023 21:44:08 GMT
strict-transport-security: max-age=31536000

POST /
events.launchdarkly.com/events/diagnostic/ Frame C9EA 0
0

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame F197 200 B
1 KB 46ms
46ms Document
text/html 13.227.219.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-97.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://getsquire.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2885
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 09 May 2023 20:56:08 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Thu, 04 May 2023 20:01:44 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 1b0117d337408839a32bf2a49b55b3f0.cloudfront.net (CloudFront)
x-amz-cf-id: lKSghLzmhPEmZbeIW4U1IGAdB7mLhLnaDJE6YwX0UFnjLiU3ROEmJQ==
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.AkPvTso5b_s.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fSa... Frame FD27 23 KB
9 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.AkPvTso5b_s.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fSa0xJY05bI.L.B1.O/am=wLEBQA/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriSKuSUOpNasmsksmhIkJTlEqMAoA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ebcdaa91019a18fc95cfefdb388dd2dd0dcabfacb0ba7e46eede84a9991d650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 16:35:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9407
x-xss-protection: 0
last-modified: Tue, 09 May 2023 11:23:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 May 2024 16:35:04 GMT

GET
H2 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.AkPvTso5b_s.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fSa... Frame FD27 35 KB
13 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.AkPvTso5b_s.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fSa0xJY05bI.L.B1.O/am=wLEBQA/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfriSKuSUOpNasmsksmhIkJTlEqMAoA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac26b937289bca460ff0734c8c9604a37a1306e56f39c912ed8ea3a345070549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 16:35:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13551
x-xss-protection: 0
last-modified: Tue, 09 May 2023 11:23:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 May 2024 16:35:04 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 174ms
72ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 09 May 2023 21:44:08 GMT
expires: Tue, 09 May 2023 21:44:08 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame FD27 131 B
155 B 162ms
81ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 09 May 2023 21:44:08 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 May 2023 21:44:08 GMT

POST
H3 200 log Show response
play.google.com/ Frame FD27 131 B
155 B 155ms
76ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 09 May 2023 21:44:08 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 May 2023 21:44:08 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 174ms
73ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 09 May 2023 21:44:08 GMT
expires: Tue, 09 May 2023 21:44:08 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 173ms
73ms Preflight
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 09 May 2023 21:44:08 GMT
expires: Tue, 09 May 2023 21:44:08 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame FD27 131 B
155 B 155ms
75ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 09 May 2023 21:44:08 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 May 2023 21:44:08 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame AEEA 0
274 B 752ms
433ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-bcf032de2a8cb204149905dcda2ed7e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 09 May 2023 21:44:08 GMT
x-stripe-server-envoy-start-time-us: 1683668648976101
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1683668648975834
access-control-allow-credentials: true
content-length: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F197 631 B
1 KB 47ms
46ms Script
text/javascript 13.227.219.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-97.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Tue, 09 May 2023 20:48:00 GMT
x-content-type-options: nosniff
via: 1.1 1b0117d337408839a32bf2a49b55b3f0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 3369
x-cache: Hit from cloudfront
content-length: 631
last-modified: Thu, 04 May 2023 20:01:43 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: k6h6IvwaLFRMGOLkrO7pMI6e41vUPUeiKJ01cyAwt_LucmkLpbWIUw==

POST
H2 200 csp-report
q.stripe.com/ Frame F197 0
717 B 262ms
213ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: fadedkings.com
URL: https://fadedkings.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 09 May 2023 21:44:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1683668648592398
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1683668648591915
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame F197 0
716 B 263ms
213ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: fadedkings.com
URL: https://fadedkings.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 09 May 2023 21:44:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1683668648592245
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1683668648591971
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 2F74 930 B
2 KB 188ms
42ms Document
text/html 2600:9000:2127:4400:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:4400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 47
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 09 May 2023 21:43:47 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 9ed2eeec8748ea461af0d1cbf998da0e.cloudfront.net (CloudFront)
x-amz-cf-id: Vl-SRSm7HkboUt4x0Mz1wZ6-uYuOMMjYbCsbEn0k8lrxi6Tzyheh2Q==
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 2F74 0
490 B 218ms
218ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: fadedkings.com
URL: https://fadedkings.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 09 May 2023 21:44:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1683668648741164
x-envoy-upstream-service-time: 6
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1683668648740008
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 2F74 86 KB
16 KB 48ms
47ms Script
text/javascript 2600:9000:2127:4400:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:4400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 09 May 2023 21:42:20 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 9ed2eeec8748ea461af0d1cbf998da0e.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 113
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: o61ELzioICQz0le9PR9alPKrxHvw22d6rUFQjvfvtNiDiyiaeIuxXA==

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 8E34 200 B
1 KB 48ms
47ms Document
text/html 13.227.219.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-97.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fadedkings.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2885
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 09 May 2023 20:56:08 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Thu, 04 May 2023 20:01:44 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 1b0117d337408839a32bf2a49b55b3f0.cloudfront.net (CloudFront)
x-amz-cf-id: fjkAAdA_DQxzPek2GB0eCWysYi1NXc46au6j3ycqYpmNB53eijix8A==
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST /
events.launchdarkly.com/events/diagnostic/ Frame C9EA 0
0

POST
H2 200 6 Show response
m.stripe.com/ Frame 2F74 156 B
668 B 653ms
217ms XHR
application/json 52.41.55.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.41.55.54 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-41-55-54.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

b17415748bc80ca2154adf5117291848ee8cc1c767e50087df23b56b5440a7f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 09 May 2023 21:44:09 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1683668649272161
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1683668649271841
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

OPTIONS
H2 404 /
events.launchdarkly.com/events/diagnostic/ Frame 0
0 123ms
123ms Preflight
application/json 34.201.236.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.201.236.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-201-236-116.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method: POST
Origin: https://getsquire.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-length: 0
content-type: application/json
date: Tue, 09 May 2023 21:44:08 GMT
strict-transport-security: max-age=31536000

OPTIONS
H2 204 BRAND_ID
api.getsquire.com/v1/home/ Frame 0
0 218ms
218ms Preflight 2606:4700:4400::ac40:9bc8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.getsquire.com/v1/home/BRAND_ID?include=shops,shops.staticMap,shops.address,shops.photos,shops.instagramImages&nonSquireEcosystem=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9bc8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://getsquire.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://getsquire.com
access-control-max-age: 1728000
cf-cache-status: DYNAMIC
cf-ray: 7c4d1f3fdf3e3659-FRA
content-length: 0
date: Tue, 09 May 2023 21:44:09 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tg176eQSf6%2BG4rm%2BR8wl36OJNznmhvwQYVpZYEKGj8lO46Zbfix58W%2Fi9CUImV29ARCzS9PMDRmnG85iIsD5G2StGzgSqg2jTYswSuhmku5TEAck2Txlhk8lGlA7UsAA2pK5gMhMVq%2FynMZePqjY"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Access-Control-Request-Headers
x-powered-by: Express

GET
H2 404 BRAND_ID Show response
api.getsquire.com/v1/home/ Frame C9EA 79 B
624 B 234ms
234ms Fetch
application/json 2606:4700:4400::ac40:9bc8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.getsquire.com/v1/home/BRAND_ID?include=shops,shops.staticMap,shops.address,shops.photos,shops.instagramImages&nonSquireEcosystem=true

Requested by

Host: wow.getsquire.com
URL: https://wow.getsquire.com/main.ce16a72deaa07f8dcfae.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9bc8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5410c717fc78a84adeea553edd6f60a38c30a67e75c2394661e18fd8efdcef4

Security Headers

Name	Value
Content-Security-Policy	img-src 'self' getsquire.com *.getsquire.com;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://getsquire.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 09 May 2023 21:44:09 GMT
content-security-policy: img-src 'self' getsquire.com *.getsquire.com;default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
surrogate-control: no-store
x-dns-prefetch-control: off
x-xss-protection: 0
pragma: no-cache
referrer-policy: no-referrer
server: cloudflare
etag: W/"4f-54MNj8tGQdSIDdKPAkrChss4E4A"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://getsquire.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfk%2FRKE1%2BBjCZrk75CZIncF1sOsoPNMvFttyw%2F0LEtoO9PDA6RjvygtBs%2BFF0dHkeEQCZDWUGeBKt6gOBMA52Ba3jw4Ail0Z5UdF5Mq0KB6me5wUfWe%2BQrI%2BtysFkVDV2Z77ZnlmRY7AoZ53ZvBu"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 7c4d1f4138763659-FRA
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8E34 631 B
1 KB 46ms
46ms Script
text/javascript 13.227.219.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-97.ams54.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Tue, 09 May 2023 20:48:00 GMT
x-content-type-options: nosniff
via: 1.1 1b0117d337408839a32bf2a49b55b3f0.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 3369
x-cache: Hit from cloudfront
content-length: 631
last-modified: Thu, 04 May 2023 20:01:43 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: GBEaf-Pi7HY0eELt9aF6RRs18DZJrMtHmNjzY-Rn3w-wqIwQJLNDug==

POST
H2 200 csp-report
q.stripe.com/ Frame 8E34 0
716 B 216ms
215ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: fadedkings.com
URL: https://fadedkings.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 09 May 2023 21:44:09 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1683668649105555
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1683668649105073
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 8E34 0
716 B 212ms
212ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: fadedkings.com
URL: https://fadedkings.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 09 May 2023 21:44:09 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1683668649105467
x-envoy-upstream-service-time: 0
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1683668649105154
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame E567 930 B
2 KB 42ms
42ms Document
text/html 2600:9000:2127:4400:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:4400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 48
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 09 May 2023 21:43:47 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 9ed2eeec8748ea461af0d1cbf998da0e.cloudfront.net (CloudFront)
x-amz-cf-id: OTp5C6xHQBIZosAYTiODpaogVjvFZH_AZcTaSLCSLDiTytp9GJVaHA==
x-amz-cf-pop: PRG50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame E567 0
490 B 213ms
212ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: fadedkings.com
URL: https://fadedkings.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 09 May 2023 21:44:09 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1683668649156061
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1683668649155784
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame E567 86 KB
16 KB 48ms
48ms Script
text/javascript 2600:9000:2127:4400:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:4400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 09 May 2023 21:42:20 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 9ed2eeec8748ea461af0d1cbf998da0e.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 114
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: 6HWzZn0odSn5QfHizx4eYmxMUC0dQY5t3LFRqLkpBCLs0zoKBfDvRQ==

POST
H2 200 6 Show response
m.stripe.com/ Frame E567 156 B
668 B 322ms
269ms XHR
application/json 52.41.55.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.41.55.54 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-41-55-54.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

7b0f9c78bdb3b2450afe72f8b0ae45d270c14c9f476bfa78cbeea7138a916a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 09 May 2023 21:44:09 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1683668649323025
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 4
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1683668649321644
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: app.launchdarkly.com
URL: https://app.launchdarkly.com/sdk/goals/

Domain: events.launchdarkly.com
URL: https://events.launchdarkly.com/events/diagnostic/

Domain: events.launchdarkly.com
URL: https://events.launchdarkly.com/events/diagnostic/

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
fadedkings.com/	1969-12-31 23:59:59	Name: crumb Value: BQ4mI26AUv3KNzk2ZDczNDQzYTg3NGMzYjNmMjFhNDY4ZTY4MjM1
.getsquire.com/	1970-01-20 11:41:10	Name: __cf_bm Value: CScinTYrs7oZ48LEYWpFO3wraRZEhg91brm94.2UDFc-1683668645-0-ARgl20ZoNhfvCWmbSteuwxHeagPzp/vKKAZG/gVIPgMDOxtTNcLQqQTgZzR5WcLJ2wAKDforsFuejNOUkmCquMo=
fadedkings.com/	1970-01-20 21:17:08	Name: ss_cvr Value: 6f2da6bd-0569-41ee-a159-cb78fd86c65b\|1683668645905\|1683668645905\|1683668645905\|1
fadedkings.com/	1970-01-20 11:41:10	Name: ss_cvt Value: 1683668645905
.fadedkings.com/	1970-01-20 13:50:44	Name: _fbp Value: fb.1.1683668646012.612485898
.fadedkings.com/	1970-01-20 21:17:08	Name: _ga_1YZG0PB2F5 Value: GS1.1.1683668646.1.0.1683668646.0.0.0
.fadedkings.com/	1970-01-20 21:17:08	Name: _ga Value: GA1.2.1141750236.1683668646
.fadedkings.com/	1970-01-20 11:42:35	Name: _gid Value: GA1.2.326435606.1683668646
.fadedkings.com/	1970-01-20 11:41:08	Name: _gat_gtag_UA_180471153_2 Value: 1
.google.com/	1970-01-20 16:04:39	Name: NID Value: 511=vMN4nOHye8wM5G06IkipipVc8EU46YWuFUIias0IyK5rnBELASGeeAfaB25fbhulR68Ij_KKY3PeHNSG6hRrBsu0HVf7ELCeb1iWVEA_Y7Fj1x1S3hA3TFgaVO9srj41Mkv659RiSL4NL-xGEzmgaPQyKSbV98uRMPBzlp3z4ck
m.stripe.com/	1970-01-20 21:17:08	Name: m Value: 1d3352d3-1ed1-454e-9fd0-1e5528dc6274636170
.fadedkings.com/	1970-01-20 20:26:44	Name: __stripe_mid Value: 38676a04-a07c-4215-9b71-96437c016ed4f1f9cb
.fadedkings.com/	1970-01-20 11:41:10	Name: __stripe_sid Value: b9563dea-6755-4b36-bf1e-5d276c01a4fbdd98c1

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
javascript	error	URL: https://getsquire.com/booking/brands/BRAND_ID?platform=widget Message: Access to XMLHttpRequest at 'https://app.launchdarkly.com/sdk/goals/' from origin 'https://getsquire.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://app.launchdarkly.com/sdk/goals/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://getsquire.com/booking/brands/BRAND_ID?platform=widget Message: Access to XMLHttpRequest at 'https://events.launchdarkly.com/events/diagnostic/' from origin 'https://getsquire.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://events.launchdarkly.com/events/diagnostic/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://getsquire.com/booking/brands/BRAND_ID?platform=widget Message: Access to XMLHttpRequest at 'https://events.launchdarkly.com/events/diagnostic/' from origin 'https://getsquire.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://events.launchdarkly.com/events/diagnostic/ Message: Failed to load resource: net::ERR_FAILED
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network	error	URL: https://api.getsquire.com/v1/home/BRAND_ID?include=shops,shops.staticMap,shops.address,shops.photos,shops.instagramImages&nonSquireEcosystem=true Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.getsquire.com
apis.google.com
app.launchdarkly.com
assets.squarespace.com
challenges.cloudflare.com
connect.facebook.net
events.launchdarkly.com
fadedkings.com
fonts.googleapis.com
fonts.gstatic.com
getsquire.com
images.squarespace-cdn.com
js.stripe.com
m.stripe.com
m.stripe.network
p.typekit.net
pay.google.com
play.google.com
q.stripe.com
r.stripe.com
region1.google-analytics.com
static1.squarespace.com
use.typekit.net
widget.getsquire.com
wow.getsquire.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
app.launchdarkly.com
events.launchdarkly.com
13.227.219.97
151.101.128.237
151.101.64.238
151.101.66.217
198.185.159.144
2001:4860:4802:34::36
2600:9000:2127:4400:19:7d10:bd80:93a1
2606:4700:4400::6812:2038
2606:4700:4400::ac40:9bc8
2606:4700::6812:7b9
2a00:1450:4001:80b::200a
2a00:1450:4001:810::200e
2a00:1450:4001:812::2003
2a00:1450:4001:827::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2008
2a00:1450:400c:c09::5c
2a02:26f0:3500:16::215:148f
2a02:26f0:3500:16::215:1495
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
34.201.236.116
52.41.55.54
54.187.159.182
09a055c55ba90a060b0362aeeb91d54caccf35f84b4b9fdee397adb2c6a035ab
0e934190533b24906c4e6229898283138206ba73434366048838aa7e088749a0
12511c57c7a22e7503edffa1d5daad446ae9427fc7443dd7399325a5b3094538
13bcf500156317ce0f23b7387cf36e280dfd9f48af5665d1e0ca4e8fd8e66230
16c6a02890b5ce420ee1b5aabefdb360757cdba500db26970be9bc24578b5f30
1f8d667b706cda220bb8cfaf9195b273ad86e71fd8ce10e9b32d9ba625f14d23
1fd4ad3fd6a72104c9a1cd064152a1a596a0549873fcc3907d1b3dedf4db0cde
20fde339eebfac304b5122f7b218232dec3685eee00bd571e224fa8ab02538e2
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2752ff1877eddaf2d291309e8b0c7d7379b531bdf6054b60d337edcd368731f3
391364c0962ad0c25859e52891944f9647b53933f2078a762016b3636d7ca5aa
4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
44730fefcc42a6a30ff8e5e876522fa745b60bf0744414838d9de76eeb705c23
491b7037472ff549180180085455a0a78b9662caae45e5f4ab81bfeda3c7cb55
4b3bfff1cb150ac30f36c06c696082a2daf6c34c57bb6d93d7a367f21d98c4c6
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5205e201bbd649a3a4af0ecb9b1e8a80f73aa8ea4aee1740302b1b8f7435b27f
522d9165e3ec0f2d0419968a6eecef7e3aa33bafded17fc5bfbb6f97a927be4c
54e832663426c696b1f603379026e5e15720e8c812bbbc60d63aa2ad8a479f75
66fac463e35d570d048321def2d7b059f1ef5c96201f08925bd2902e4b7ec093
69354326bce434649ed36bafe9b40187f4b911429ff76f3aeb94ef97ed6c3b0c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6da18eee74d772d93f588d8fc3760066c6c4efdb020231b4ad9073adc5ee34e6
782a0eaaca15f9b2f3a09bdf774de9b4abd11e494796b1bc8a25fc4b8b078aa8
7b0f9c78bdb3b2450afe72f8b0ae45d270c14c9f476bfa78cbeea7138a916a2a
7b14d3c6cddb21148207b1d8212f25cbc07880f1738e046176b582e588bbaf9b
7f4227478d8129aeb2fb09bbe859b00c7047d7d7b592564b1cf2af956d9962c4
7ffa1f86da440a74b49f7e32deb99f3be3cfc70db00f1d00ddc6bd0b85c7825a
808c2438185e77840d89cb90dd4e4aa1fdbea2197cdd0745c47dadac3e1efb63
850905e3452beda21ef9385e56a39931b1c857c72a3796fbd92c3669065180b6
87a676e226d84a8fa6b30e9b03d99c5bea88b4743b7111094cdd832f55fd90e7
8a380b3cfc57c0e3336f5ad21b555c689c85df52a992c466ccbb70206d95fda1
8a388005912d4c5269f98a782e08c58d0efcad2b44b64e87da8c75dbd3407879
8b8476693915de08190b5f3aef09f4c30a679efadde6040ac85ce650fc0f0aa0
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
8e936ec58d24be2a79b494955ae86880003151d3673b98d44a91cf4f2ca41fc4
8f57d9b31814755ab886e397e177ae333a24a3f32e0094c7d80711741043e34e
90f27d6f6f9f1ffcac6f673e57aa3b90f78f31c5b9c6775395bbdc59912e2d19
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9ebcdaa91019a18fc95cfefdb388dd2dd0dcabfacb0ba7e46eede84a9991d650
9f031122bdff18291a5b2d3e6a27c4ec21c50817aa189cee7e1214022f70311d
a02052cb1eaf0f90100a8d53276c90b181e9a26ba962412fe649bcd41c6c7bcc
a59acd7a8cbaf68d5d628ac09c501f01a2f3f42c9affa8f3d101f2860d1cc3f7
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
ac26b937289bca460ff0734c8c9604a37a1306e56f39c912ed8ea3a345070549
ac7ec95f37d73aa4176c9ced8b19f834da7ff5101bc9eb3adc9d4d49b056ac49
b17415748bc80ca2154adf5117291848ee8cc1c767e50087df23b56b5440a7f8
be010865dec96a97e55bf716c87060010f08cb82f829ed8a044101c1ac6a8fbe
c5efad98a7d826ca3ab160f8c6776acbcb4383242eb328bbb081eeb6a98f218d
c9685d58649df90b8c03167f3236174e987ca0f494ff2375e92c79f7c517343c
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d9d9d2edb2215d2e7f3d565890e97ec5a09c31ba9de59be24545e906018cdf2d
e00e6370c4fe15d70fbc3a64249719864e5229bb82efc89832e23a4117440e9e
e074f7a7f4e87e6f4b41b6fea4b8c0c286f7ba299942a4d2117fe9f6f88236d1
e104cfdb8972cd4a3998bc30a2ca6ecd57c38688cac01269e86e0e19d31eed9e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eb752bc50264e20fb3409303a4ddacd0bf9528f9abbfa01bb7732821ac1caf4a
ed4120f98580a76bc40d9114474758d212d33d9342755c82dffdeda90ea14bb9
ef8ce241b04a2993c95ceb339a7e925a8f40421e16ff2a076b114d7c331136c9
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f5410c717fc78a84adeea553edd6f60a38c30a67e75c2394661e18fd8efdcef4
f5ab5d0485a43f7b295d2c08868f19994fdb7471a1d8552e4a9a77ebaa928d01
fb13ee189e23094692203195731644f39ae0130b661c66bf41247e44979baf56
fee28aa59f9dbe5fa3d892927a363bc847f0f8ddd49347456701136d9d759ed9

fadedkings.com Open in urlscan Pro 198.185.159.144 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

105 Requests

96 %HTTPS

68 %IPv6

16 Domains

29 Subdomains

26 IPs

3 Countries

3928 kBTransfer

13513 kBSize

13 Cookies

4 Outgoing links

Page URL History

Redirected requests

105 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

fadedkings.com Open in urlscan Pro
198.185.159.144 Public Scan

Screenshot
Live screenshot

Full Image

105
Requests

96 %
HTTPS

68 %
IPv6

16
Domains

29
Subdomains

26
IPs

3
Countries

3928 kB
Transfer

13513 kB
Size

13
Cookies

105 HTTP transactions
1 data transactions