urlscan.io logo urlscan.io
SecurityTrails logo

client.mathlux.com Open in urlscan Pro
2606:4700:3034::ac43:b19c  Public Scan

Go To Rescan Add Verdict Report
URL: https://client.mathlux.com/
Submission: On May 20 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3034::ac43:b19c, located in United States and belongs to CLOUDFLARENET, US. The main domain is client.mathlux.com.
TLS certificate: Issued by GTS CA 1P5 on March 22nd 2023. Valid for: 3 months.
This is the only time client.mathlux.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
5 151.101.192.176 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 54.187.159.182 16509 (AMAZON-02)
1 54.148.209.95 16509 (AMAZON-02)
18 7
6    2606:4700:3034::ac43:b19c (United States)

ASN13335 (CLOUDFLARENET, US)
client.mathlux.com
1    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
5    151.101.192.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
m.stripe.network
1    2606:4700::6813:a641 (United States)

ASN13335 (CLOUDFLARENET, US)
res.cloudinary.com
3    54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com
q.stripe.com
1    54.148.209.95 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-209-95.us-west-2.compute.amazonaws.com
m.stripe.com
Apex Domain
Subdomains		 Transfer
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 968
q.stripe.com — Cisco Umbrella Rank: 5765
m.stripe.com — Cisco Umbrella Rank: 935
131 KB
6 mathlux.com
client.mathlux.com
643 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1053
17 KB
1 cloudinary.com
res.cloudinary.com — Cisco Umbrella Rank: 1886
2 MB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2230
256 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
71 KB
18 6
Domain Requested by
6 client.mathlux.com client.mathlux.com
3 q.stripe.com client.mathlux.com
3 js.stripe.com client.mathlux.com
js.stripe.com
2 m.stripe.network js.stripe.com
m.stripe.network
1 m.stripe.com m.stripe.network
1 res.cloudinary.com client.mathlux.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com client.mathlux.com
18 8

This site contains no links.

Subject Issuer Validity Valid
*.mathlux.com
GTS CA 1P5		 2023-03-22 -
2023-06-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-05-12 -
2023-08-13		 3 months crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2022-05-30 -
2023-07-01		 a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-14 -
2023-06-13		 4 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-28 -
2023-07-26		 4 months crt.sh

This page contains 3 frames:

Primary Page: https://client.mathlux.com/
Frame ID: 806AFD245EDBEAB839F56B58691A5CAC
Requests: 10 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 36E7B2B2BE5AD30BB1AFBF233F9F8547
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 432998B09269D30AFF9264ECE531B0F3
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MathLux

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

18
Requests

100 %
HTTPS

57 %
IPv6

6
Domains

8
Subdomains

7
IPs

2
Countries

3043 kB
Transfer

5065 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
client.mathlux.com/ 		845 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://client.mathlux.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b19c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c51b492bd879ead27a42f6f56f8eec5fb163eae122bd4bedfeaf40a3c5a6542d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
DYNAMIC
cf-ray
7ca60c331df75c20-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 20 May 2023 16:45:01 GMT
last-modified
Thu, 18 May 2023 11:16:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YA4yRq7p9t58fck%2BgiJCT%2FSDu7Ii9YSSBA1lGRF5CF9eHiz0AubeUJMfKV5e1OgYlq%2B6WSVjU6T5Tu82JpfaFZTyFuO3P9SX%2FOWFoc4JobvJtzAg4xRrt5rpHNFIMvFANHVf8v9TWKkz7nn%2BuERhsJg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31556926
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230044-FRA
x-timer
S1684601101.328696,VS0,VE112
js
www.googletagmanager.com/gtag/ 		196 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WCE0EKESL6
Requested by
Host: client.mathlux.com
URL: https://client.mathlux.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
27f0433a2ebd4a4db8489fca23b91ae70c763318ec6317b2cc8231b3fa45ee3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.mathlux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 16:45:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
72603
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 20 May 2023 16:45:01 GMT
index-c2572b67.js
client.mathlux.com/assets/ 		2 MB
490 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.mathlux.com/assets/index-c2572b67.js
Requested by
Host: client.mathlux.com
URL: https://client.mathlux.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b19c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e08efe9d7bb62d57ca9761bcc05d500d4ba04803dccf4bc7dc47099cc71f04cf
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://client.mathlux.com/
Origin
https://client.mathlux.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 16:45:01 GMT
strict-transport-security
max-age=31556926
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230062-FRA
last-modified
Thu, 18 May 2023 11:16:45 GMT
server
cloudflare
x-timer
S1684601102.504967,VS0,VE202
etag
W/"f064d1309ef2abe0c252f56aecfdb4675d8108b9d887a58c56a050e28797ec15"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fbhhk2xu%2FUCVs24FSGg0r4goYzb%2BKNlwb2zY78tK7wPF9lglwsUBCIvAY%2FBjPKUnXwo6Wdl60HQKHx54BCSWvd5dBj9oN%2BFUZreMVq%2Fav7z25nMIw9FUAveOQfa8Jy%2F8ye5JDwp4QsLfmHMapxYqYv0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
7ca60c342f555c20-FRA
x-cache-hits
0
index-d1556dfa.css
client.mathlux.com/assets/ 		204 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client.mathlux.com/assets/index-d1556dfa.css
Requested by
Host: client.mathlux.com
URL: https://client.mathlux.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b19c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1556dfafa7e1241404ada55bbbc91640c1d398e46d2e861aee0df53b0f79d22
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.mathlux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 16:45:01 GMT
strict-transport-security
max-age=31556926
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230089-FRA
last-modified
Thu, 18 May 2023 11:16:45 GMT
server
cloudflare
x-timer
S1684601101.497936,VS0,VE106
etag
W/"74f9ab6057dca0595f711e6eaa13fe9d475733fad3f48d771a22f721ba2316f4"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3HNkyvB%2FYDNSGgJ%2B0TaLH%2BiGyRMl5H5whOz6yrjbjopqi5Jo%2FWSldyLOs4WBsx7qscpLmERIDNb50AHy%2FjGx2IBqkFBgd1sUQokLf8jEejKt74pp1Z4Ho4E%2FQyUeEzKF9W7S16elhkzuuAv6LLO4Qmc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=14400
cf-ray
7ca60c343f565c20-FRA
x-cache-hits
0
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-WCE0EKESL6&gtm=45je35h0&_p=153166776&cid=1037791622.1684601102&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1684601101&sct=1&seg=0&dl=https%3A%2F%2Fclient.mathlux.com%2F&dt=MathLux&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WCE0EKESL6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.mathlux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 May 2023 16:45:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://client.mathlux.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v3
js.stripe.com/ 		473 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: client.mathlux.com
URL: https://client.mathlux.com/assets/index-c2572b67.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f04b5255f886a9a0f19c6547cf3031088c58cddc0a9738d633e3494ac81aa3d6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.mathlux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 20 May 2023 16:45:01 GMT
via
1.1 varnish
age
16
x-cache
HIT
content-length
129893
x-request-id
79f0d345-b0d9-4a61-ac12-df1caf40c1b7
x-served-by
cache-fra-eddf8230138-FRA
last-modified
Fri, 19 May 2023 20:41:35 GMT
server
Fastly
etag
"eb8030c25fe80fb2e58b5e0fb59c30eb"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
7
unsplash_twukN12EN7c_ipxkl3.png
res.cloudinary.com/dbqwhxipy/image/upload/v1682090829/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dbqwhxipy/image/upload/v1682090829/unsplash_twukN12EN7c_ipxkl3.png
Requested by
Host: client.mathlux.com
URL: https://client.mathlux.com/assets/index-d1556dfa.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:a641 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d04a85271fee33b9cd8345cb4c562b6f746d5b420848baa9f6d1850b5b99799f
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.mathlux.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 16:45:02 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
cld-cloudflare;dur=582;start=2023-05-20T16:45:01.943Z;desc=miss,rtt;dur=6;cloudinary;dur=194;start=2023-05-20T16:45:02.198Z
content-length
2230422
last-modified
Fri, 21 Apr 2023 15:27:10 GMT
server
cloudflare
etag
"3beee742315b3c05a1c443fc51f074ef"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control
public, no-transform, immutable, max-age=2592000
accept-ranges
bytes
cf-ray
7ca60c371d03bc01-FRA
timing-allow-origin
*
icon-cookie-968e00a5.svg
client.mathlux.com/assets/ 		43 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://client.mathlux.com/assets/icon-cookie-968e00a5.svg
Requested by
Host: client.mathlux.com
URL: https://client.mathlux.com/assets/index-d1556dfa.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b19c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
968e00a5bd00cd6c4668ccad0eed218bdd946a9c8f1e466439c6a1c03728b94a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://client.mathlux.com/assets/index-d1556dfa.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 16:45:02 GMT
strict-transport-security
max-age=31556926
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA
last-modified
Thu, 18 May 2023 11:16:45 GMT
server
cloudflare
x-timer
S1684601102.915176,VS0,VE87
etag
W/"95192c228df605b017179e2bc673d9dd0708c561a0db17aa725e022d48bbb166"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2FNPCDV%2FAKAGQDmZefpRH7WyJIlUqrTUfB5%2BNn4HQlJ3nc5gLsz5Gft8V3pDuL%2BnvO8Kwj7tEDyFK8RksQc6P3rCx%2FLTANML%2F153Zg27DLADTplj7vgYaBPM7VgYTI60RDCKWfWpIzfqkin%2B7eO%2FMTA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
7ca60c36cf0d362a-FRA
x-cache-hits
0
Nunito-Regular-45ee4fa5.woff2
client.mathlux.com/assets/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://client.mathlux.com/assets/Nunito-Regular-45ee4fa5.woff2
Requested by
Host: client.mathlux.com
URL: https://client.mathlux.com/assets/index-d1556dfa.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b19c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45ee4fa580cc27997dcb1f20dcbf98bcbcf54c47abe761932f1efdcd46a39c48
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://client.mathlux.com/assets/index-d1556dfa.css
Origin
https://client.mathlux.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 16:45:02 GMT
strict-transport-security
max-age=31556926
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230097-FRA
last-modified
Thu, 18 May 2023 11:16:45 GMT
server
cloudflare
x-timer
S1684601102.912078,VS0,VE98
etag
W/"eb83c72e7822cbc987450f4b6ec8efcff07f486c38aaf8807d4766a147a4c941"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9HWDA%2Fal4zZmPMuIYrfZeIIar2%2BvRb6I096a2DToNPlmQeD43zWwy4ENPMcCdYLPKOZZuYOCWwSysPdxjTiG61chFN8%2F6%2BD3sBzMHGOkdmoDTxPkLdGQTRaCuzR4EMpGNiQcHz0kljHXsu6UghIdHQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
cf-ray
7ca60c36cf10362a-FRA
x-cache-hits
0
Nunito-Bold-c6fbafe9.woff2
client.mathlux.com/assets/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://client.mathlux.com/assets/Nunito-Bold-c6fbafe9.woff2
Requested by
Host: client.mathlux.com
URL: https://client.mathlux.com/assets/index-d1556dfa.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:b19c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6fbafe942a20aafc069f8e089f2bf67adb05961b26a71bba56adff485422b40
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://client.mathlux.com/assets/index-d1556dfa.css
Origin
https://client.mathlux.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 16:45:02 GMT
strict-transport-security
max-age=31556926
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230043-FRA
last-modified
Thu, 18 May 2023 11:16:45 GMT
server
cloudflare
x-timer
S1684601102.916525,VS0,VE118
etag
W/"802738e2e1e9de7751bd91c86ec75a0e107f8ffd57345ce1f015b2fea131665b"
vary
x-fh-requested-host, accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=09nHAAOnh696WtuGF8svEoENy8QA8jBl92lWnazn5JTx%2FC3oLpf6Sz06PhZjzyxJrsCKCqD6%2Bu995K2Z64kBU8v6b3d3foxiWOkVbVyDNqxAdoHqxHKjNS7RARkII5IeHIUcSCwoyia1MKO9p4rS9bk%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
cf-ray
7ca60c36cf12362a-FRA
x-cache-hits
0
m-outer-93afeeb17bc37e711759584dbfc50d47.html
js.stripe.com/v3/ Frame 36E7 		200 B
810 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://client.mathlux.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
11813555
cache-control
max-age=31536000
content-encoding
br
content-length
122
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 20 May 2023 16:45:02 GMT
etag
"93afeeb17bc37e711759584dbfc50d47"
last-modified
Wed, 21 Dec 2022 18:20:45 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
716730
x-content-type-options
nosniff
x-request-id
65d91352-cc2b-4f8b-9751-ca857ba0d271
x-served-by
cache-fra-eddf8230138-FRA
m-outer-8cb24ab2d649fd36a488d04d8c457933.js
js.stripe.com/v3/fingerprinted/js/ Frame 36E7 		631 B
468 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 20 May 2023 16:45:02 GMT
via
1.1 varnish
age
16231213
x-cache
HIT
content-length
332
x-request-id
b85ec6ba-6e82-435c-9e5b-29fbc8660aca
x-served-by
cache-fra-eddf8230138-FRA
last-modified
Sun, 13 Nov 2022 20:03:40 GMT
server
Fastly
etag
"f8f6a4584135f737b26927596ce6e0a7"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
655111
csp-report
q.stripe.com/ Frame 36E7 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: client.mathlux.com
URL: https://client.mathlux.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 20 May 2023 16:45:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1684601103449568
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1684601103449144
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 36E7 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: client.mathlux.com
URL: https://client.mathlux.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 20 May 2023 16:45:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1684601103449610
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1684601103449188
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
inner.html
m.stripe.network/ Frame 4329 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
210
cache-control
max-age=300, public
content-encoding
gzip
content-length
527
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 20 May 2023 16:45:02 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
129
x-content-type-options
nosniff
x-request-id
916ec6f0-c933-4679-899d-fb79d7ffb84a
x-served-by
cache-fra-eddf8230138-FRA
x-timer
S1684601103.995050,VS0,VE0
csp-report
q.stripe.com/ Frame 4329 		0
491 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: client.mathlux.com
URL: https://client.mathlux.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 20 May 2023 16:45:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1684601103449547
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1684601103449233
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.42.js
m.stripe.network/ Frame 4329 		86 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Sat, 20 May 2023 16:45:03 GMT
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 varnish
age
40
x-cache
HIT
content-length
16031
x-request-id
9820be68-e634-4bf6-afb0-6747eb9334f6
x-served-by
cache-fra-eddf8230138-FRA
server
Fastly
x-timer
S1684601103.007207,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
25
6
m.stripe.com/ Frame 4329 		156 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.209.95 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-209-95.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
d0a40e0c036a2c5ba09f8dad6585f86cae1de9678bef7a6c3bd2d9fde2d1b7bf
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 20 May 2023 16:45:03 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1684601103554683
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1684601103554028
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| gaGlobal object| webpackChunkStripeJSouter function| noop function| Stripe

5 Cookies

Domain/Path Name / Value
.mathlux.com/ Name: _ga_WCE0EKESL6
Value: GS1.1.1684601101.1.0.1684601101.0.0.0
.mathlux.com/ Name: _ga
Value: GA1.1.1037791622.1684601102
m.stripe.com/ Name: m
Value: a57670b6-df87-49ab-aba7-670790f844766d405a
.client.mathlux.com/ Name: __stripe_mid
Value: 902bee7a-1abd-4a25-9d32-2d256b97016dcb1feb
.client.mathlux.com/ Name: __stripe_sid
Value: e41e3199-ab3d-4132-9e41-8bee04571f090c59b3

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556926