urlscan.io logo urlscan.io
SecurityTrails logo

nickelcitynitro.bottle.com Open in urlscan Pro
54.91.59.199  Public Scan

Go To Rescan Add Verdict Report
URL: https://nickelcitynitro.bottle.com/
Submission Tags: phishingrod
Submission: On September 21 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 2 countries across 9 domains to perform 36 HTTP transactions. The main IP is 54.91.59.199, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is nickelcitynitro.bottle.com.
TLS certificate: Issued by R3 on September 21st 2023. Valid for: 3 months.
This is the only time nickelcitynitro.bottle.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    54.91.59.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-59-199.compute-1.amazonaws.com
nickelcitynitro.bottle.com
3    99.86.4.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-76.fra6.r.cloudfront.net
js.stripe.com
4    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
1    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net
static.hotjar.com
1    52.222.236.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-74.fra56.r.cloudfront.net
script.hotjar.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2a09:8280:1::15:3041 (United States)

ASN40509 (FLY, US)
api.bottle.com
1    18.66.112.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-19.fra56.r.cloudfront.net
vc.hotjar.io
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
q.stripe.com
2    2600:9000:2057:7e00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
1    54.69.126.39 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-126-39.us-west-2.compute.amazonaws.com
m.stripe.com
3    2a04:4e42:400::393 (United States)

ASN54113 (FASTLY, US)
res.cloudinary.com
Apex Domain
Subdomains		 Transfer
14 bottle.com
nickelcitynitro.bottle.com
api.bottle.com
287 KB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2793
q.stripe.com — Cisco Umbrella Rank: 24792
m.stripe.com — Cisco Umbrella Rank: 2449
136 KB
5 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 778
fonts.googleapis.com — Cisco Umbrella Rank: 113
172 KB
3 cloudinary.com
res.cloudinary.com — Cisco Umbrella Rank: 4047
148 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 2971
16 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1261
script.hotjar.com — Cisco Umbrella Rank: 1629
60 KB
1 gstatic.com
fonts.gstatic.com
46 KB
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 3977
258 B
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 229
53 KB
36 9
Domain Requested by
8 api.bottle.com nickelcitynitro.bottle.com
6 nickelcitynitro.bottle.com nickelcitynitro.bottle.com
4 maps.googleapis.com nickelcitynitro.bottle.com
maps.googleapis.com
3 res.cloudinary.com
3 q.stripe.com nickelcitynitro.bottle.com
3 js.stripe.com nickelcitynitro.bottle.com
js.stripe.com
2 m.stripe.network js.stripe.com
m.stripe.network
1 m.stripe.com m.stripe.network
1 fonts.gstatic.com fonts.googleapis.com
1 vc.hotjar.io nickelcitynitro.bottle.com
1 fonts.googleapis.com nickelcitynitro.bottle.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com nickelcitynitro.bottle.com
1 connect.facebook.net nickelcitynitro.bottle.com
36 14

This site contains links to these domains. Also see Links.

Domain
bottle.com
Subject Issuer Validity Valid
nickelcitynitro.bottle.com
R3		 2023-09-21 -
2023-12-20		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-07-31 -
2023-11-30		 4 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-07 -
2023-09-28		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
api.bottle.com
R3		 2023-09-16 -
2023-12-15		 3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-08-01 -
2023-11-02		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-31 -
2023-10-26		 3 months crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2023-06-21 -
2024-06-22		 a year crt.sh

This page contains 3 frames:

Primary Page: https://nickelcitynitro.bottle.com/
Frame ID: E7CFA580281B71055BE689E5B8D3AE21
Requests: 24 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 16EECD6AF1983A6C2FC7B955BD9BB9D2
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 3DD70FED1E99E423ADE0BA94AEB6A6C9
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nickelcitynitro Checkout

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 80%
Detected patterns
  • <img[^>]+\.cloudinary\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

36
Requests

100 %
HTTPS

50 %
IPv6

9
Domains

14
Subdomains

14
IPs

2
Countries

918 kB
Transfer

3043 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nickelcitynitro.bottle.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nickelcitynitro.bottle.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
c0f35dd3bb4db667e843bdc6d272b79e53b761379e3e3174523cf5f4778d11a6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
public, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 21 Sep 2023 02:08:09 GMT
Etag
W/"851-18a675596a8"
Last-Modified
Tue, 05 Sep 2023 21:52:57 GMT
Server
Cowboy
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 vegur
X-Powered-By
Express
chunk-vendors.bb3a8271.js
nickelcitynitro.bottle.com/js/ 		642 KB
178 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nickelcitynitro.bottle.com/js/chunk-vendors.bb3a8271.js
Requested by
Host: nickelcitynitro.bottle.com
URL: https://nickelcitynitro.bottle.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
c2c7460118f444c1977f7810ad496d2d2b232a29267cb018d47c05ff9551492f

Request headers

Referer
https://nickelcitynitro.bottle.com/
Origin
https://nickelcitynitro.bottle.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 02:08:09 GMT
Content-Encoding
gzip
Via
1.1 vegur
Last-Modified
Tue, 05 Sep 2023 21:52:57 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"a066e-18a675596a8"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
app.c20b28ba.js
nickelcitynitro.bottle.com/js/ 		392 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nickelcitynitro.bottle.com/js/app.c20b28ba.js
Requested by
Host: nickelcitynitro.bottle.com
URL: https://nickelcitynitro.bottle.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
80f46fd866fde47171b14687d92734ed62ee8e7d5a2401336818d20b040e1ef8

Request headers

Referer
https://nickelcitynitro.bottle.com/
Origin
https://nickelcitynitro.bottle.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 02:08:09 GMT
Content-Encoding
gzip
Via
1.1 vegur
Last-Modified
Tue, 05 Sep 2023 21:52:57 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"6216a-18a675596a8"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
chunk-vendors.865d56e3.css
nickelcitynitro.bottle.com/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nickelcitynitro.bottle.com/css/chunk-vendors.865d56e3.css
Requested by
Host: nickelcitynitro.bottle.com
URL: https://nickelcitynitro.bottle.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
638a8bc98ee933932d6488e4d69d81d7209dc8676c6da02267ad3699a35a60e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nickelcitynitro.bottle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 02:08:09 GMT
Content-Encoding
gzip
Via
1.1 vegur
Last-Modified
Tue, 05 Sep 2023 21:52:35 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"781b-18a675540b8"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
app.40e4c6a3.css
nickelcitynitro.bottle.com/css/ 		70 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nickelcitynitro.bottle.com/css/app.40e4c6a3.css
Requested by
Host: nickelcitynitro.bottle.com
URL: https://nickelcitynitro.bottle.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
61f113973bac11c3eee1200fa5a4c8eb0edc224ec22a4f8fcc48f2258fd1555e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nickelcitynitro.bottle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 02:08:09 GMT
Content-Encoding
gzip
Via
1.1 vegur
Last-Modified
Tue, 05 Sep 2023 21:52:35 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"1178b-18a675540b8"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
/
js.stripe.com/v3/ 		529 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: nickelcitynitro.bottle.com
URL: https://nickelcitynitro.bottle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
0ff4f205a4c19ed25079a6028f245e08eccb7dbdcb629258e7b48cdd79ad9a77
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nickelcitynitro.bottle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Sep 2023 02:07:21 GMT
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
50
x-cache
Hit from cloudfront
last-modified
Wed, 20 Sep 2023 22:11:21 GMT
server
Cloudfront
etag
W/"aacf776534e7f4542f066cb62338b5d3"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
6V-wl2aAOKZAxGRkR_-jBGjw0nPx9AwQMUUZ_D0QcAxuzcm9RRt1Gw==
js
maps.googleapis.com/maps/api/ 		190 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyBQeJ3fzm_SpaFLkLYxeuhGRMVQ1Lv89UU&libraries=places
Requested by
Host: nickelcitynitro.bottle.com
URL: https://nickelcitynitro.bottle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7a2bb99bd597eab28ac98aa727ce9974a9221d4dae7c24afedbf02544236099
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nickelcitynitro.bottle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 02:08:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65777
x-xss-protection
0
fbevents.js
connect.facebook.net/en_US/ 		197 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: nickelcitynitro.bottle.com
URL: https://nickelcitynitro.bottle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
66e58d37cc4b8168a1bd6678e085b43e939eb138fe608b7faffe3b1ba76b0c7b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nickelcitynitro.bottle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 21 Sep 2023 02:08:09 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53155
x-xss-protection
0
pragma
public
x-fb-debug
qi+qgUC0zXX4mQglxtRtQtlUjan2qTOmUuNNPIzHbOUGm0tQRis3tykVwgHbuvV6anBCJ0/I+PTuT+5Nb+qXQg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
hotjar-3522853.js
static.hotjar.com/c/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3522853.js?sv=6
Requested by
Host: nickelcitynitro.bottle.com
URL: https://nickelcitynitro.bottle.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-53.fra56.r.cloudfront.net
Software
/
Resource Hash
49fd87339d28ffb03b23a0174e7da39ac54c447ef8ab4673f18b303e983d7c08
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nickelcitynitro.bottle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 02:08:09 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/8d9d244faf3786ea5896f7056c474ad8
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
WCWHVIh4utxoK29X5MYN6BmPvaPTpPlKHwWs8ClX8Ci3jSy2shPSwg==
modules.4ed09ad592101c54e9e4.js
script.hotjar.com/ 		225 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.4ed09ad592101c54e9e4.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3522853.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-74.fra56.r.cloudfront.net
Software
/
Resource Hash
3f1debe1ac6066919736837125f1f35a225efcd0f56c5cf0a9a9b86b537d656a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nickelcitynitro.bottle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Wed, 20 Sep 2023 17:13:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 71c4b07776e0b6812900664940c9d7a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
32103
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56073
last-modified
Wed, 20 Sep 2023 17:12:39 GMT
etag
"6db2a0c2bdd2e53c733e03ac81d84bb1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
WSn5r8PZNFgUPcuKe06w3WKduyfOTbaFd1C83f23T_GMarYM4POw_Q==
css2
fonts.googleapis.com/ 		58 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=EB+Garamond:ital,wght@0,400;0,500;0,600;0,700;0,800;1,400;1,500;1,600;1,700;1,800&family=Inter:wght@100;200;300;400;500;600;700;800;900&family=Manrope:wght@200;300;400;500;600;700;800&display=swap
Requested by
Host: nickelcitynitro.bottle.com
URL: https://nickelcitynitro.bottle.com/css/app.40e4c6a3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
829f8bb2f1d84f1a1edd24a96ceb306509ac6cc8e0957a61270d3f25f8854755
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nickelcitynitro.bottle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 21 Sep 2023 02:08:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 21 Sep 2023 02:08:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Sep 2023 02:08:09 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
45 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBQeJ3fzm_SpaFLkLYxeuhGRMVQ1Lv89UU&libraries=places
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nickelcitynitro.bottle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 02:08:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://nickelcitynitro.bottle.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
tokens
api.bottle.com/merchant/ 		235 B
507 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.bottle.com/merchant/tokens
Requested by
Host: nickelcitynitro.bottle.com
URL: https://nickelcitynitro.bottle.com/js/chunk-vendors.bb3a8271.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::15:3041 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/e440b950 (2023-09-20) /
Resource Hash
e58ab63f5bf83fa3fc2512ad144ebde936d51e3e4536a066f0b104f571e6d191
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://nickelcitynitro.bottle.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/json

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Sep 2023 02:08:10 GMT
via
2 fly.io
content-length
215
x-xss-protection
1; mode=block
x-request-id
0f0596f8-c97c-4e4d-bd66-554f988e00a7
x-runtime
0.011868
fly-request-id
01HATQX97MJF7P6ZZFQGZJG032-fra
server
Fly/e440b950 (2023-09-20)
etag
W/"a7ffb9e93f362e6232f843cc05c7e8af"
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, PUT, POST, DELETE, UPDATE, PATCH, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
content-type
application/json; charset=utf-8
vary
Origin
bottle-yellow.251df412.svg
nickelcitynitro.bottle.com/img/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nickelcitynitro.bottle.com/img/bottle-yellow.251df412.svg
Requested by
Host: nickelcitynitro.bottle.com
URL: https://nickelcitynitro.bottle.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-91-59-199.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
22f8a5170a390c9cb30f0e9681c9a977cb04a84c07836bc6631d9add7ab1a202

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nickelcitynitro.bottle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

Date
Thu, 21 Sep 2023 02:08:10 GMT
Content-Encoding
gzip
Via
1.1 vegur
Last-Modified
Tue, 05 Sep 2023 21:52:35 GMT
Server
Cowboy
X-Powered-By
Express
Etag
W/"b2d-18a675540b8"
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/svg+xml
Cache-Control
public, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
3522853
vc.hotjar.io/sessions/ 		0
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/3522853?s=0.25&r=0.08311501275096989
Requested by
Host: nickelcitynitro.bottle.com
URL: https://nickelcitynitro.bottle.com/js/chunk-vendors.bb3a8271.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-19.fra56.r.cloudfront.net
Software
Python/3.8 aiohttp/3.8.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nickelcitynitro.bottle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 02:08:10 GMT
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
server
Python/3.8 aiohttp/3.8.4
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
HdqwD_RkqA9NX3HDBAgTWFjoqAsPBRTLHU233J25-GKs7kw1KBYJHA==
m-outer-27c67c0d52761104439bb051c7856ab1.html
js.stripe.com/v3/ Frame 16EE 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nickelcitynitro.bottle.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
20
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 21 Sep 2023 02:07:51 GMT
etag
"27c67c0d52761104439bb051c7856ab1"
last-modified
Fri, 08 Sep 2023 21:23:50 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
x-amz-cf-id
welqg-DKo3VYJW-V_zcGxc7WK-OsoaGQVf6Y5jFp1R3bQ-UPn-UKGQ==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=EB+Garamond:ital,wght@0,400;0,500;0,600;0,700;0,800;1,400;1,500;1,600;1,700;1,800&family=Inter:wght@100;200;300;400;500;600;700;800;900&family=Manrope:wght@200;300;400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nickelcitynitro.bottle.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 18:27:54 GMT
x-content-type-options
nosniff
age
546016
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Sep 2024 18:27:54 GMT
tokens
api.bottle.com/merchant/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.bottle.com/merchant/tokens
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::15:3041 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/e440b950 (2023-09-20) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://nickelcitynitro.bottle.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, PUT, POST, DELETE, UPDATE, PATCH, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
content-length
0
date
Thu, 21 Sep 2023 02:08:10 GMT
fly-request-id
01HATQX91WJ211RYY7FN7J5R9M-fra
server
Fly/e440b950 (2023-09-20)
via
2 fly.io
m-outer-6576085ca35ee42f2f484cda6763e4aa.js
js.stripe.com/v3/fingerprinted/js/ Frame 16EE 		631 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-76.fra6.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Thu, 21 Sep 2023 02:07:51 GMT
x-content-type-options
nosniff
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
19
x-cache
Hit from cloudfront
content-length
631
last-modified
Wed, 13 Sep 2023 20:29:35 GMT
server
Cloudfront
etag
"70cacf09ae81711ac6dcbc5ee59750c4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
pfKYFlISDkCIzClenyyoVutrchQ1XMvq_urgi2fvSC_Ee_De4FeCZw==
csp-report
q.stripe.com/ Frame 16EE 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: nickelcitynitro.bottle.com
URL: https://nickelcitynitro.bottle.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 21 Sep 2023 02:08:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1695262090783993
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1695262090783572
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 16EE 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: nickelcitynitro.bottle.com
URL: https://nickelcitynitro.bottle.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 21 Sep 2023 02:08:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1695262090784160
x-envoy-upstream-service-time
0
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1695262090783882
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
inner.html
m.stripe.network/ Frame 3DD7 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7e00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
280
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Thu, 21 Sep 2023 02:03:31 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-id
YeGw0MN6jXbfQu4ime_CkZcsOXceZyDS6dz6t0oLq8bRZL08vktTaA==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame 3DD7 		0
491 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: nickelcitynitro.bottle.com
URL: https://nickelcitynitro.bottle.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Thu, 21 Sep 2023 02:08:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1695262090783898
x-envoy-upstream-service-time
0
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1695262090783569
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame 3DD7 		87 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:7e00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Sep 2023 02:07:14 GMT
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
via
1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"69cb7809b5011312e716f29b3d19dce6"
age
56
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
UFY2KjqPX6sipUzfTH0NenVHao3b6EEdAXoLytNSumq6ZAsxubuKIw==
6
m.stripe.com/ Frame 3DD7 		156 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.69.126.39 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-69-126-39.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
144f6f1eacbcc2c40f85d016a0490a817f6408aa2f547f0837765a08b8cdb43a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Thu, 21 Sep 2023 02:08:10 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1695262090889114
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1695262090888472
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
info
api.bottle.com/merchant/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.bottle.com/merchant/info
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::15:3041 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/e440b950 (2023-09-20) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,baggage,content-type,sentry-trace
Access-Control-Request-Method
GET
Origin
https://nickelcitynitro.bottle.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-headers
authorization,baggage,content-type,sentry-trace
access-control-allow-methods
GET, PUT, POST, DELETE, UPDATE, PATCH, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
content-length
0
date
Thu, 21 Sep 2023 02:08:09 GMT
fly-request-id
01HATQX9DYX7H4GPV2J2PVWY50-fra
server
Fly/e440b950 (2023-09-20)
via
2 fly.io
pages
api.bottle.com/merchant/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.bottle.com/merchant/pages
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::15:3041 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/e440b950 (2023-09-20) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,baggage,content-type,sentry-trace
Access-Control-Request-Method
GET
Origin
https://nickelcitynitro.bottle.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-headers
authorization,baggage,content-type,sentry-trace
access-control-allow-methods
GET, PUT, POST, DELETE, UPDATE, PATCH, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
content-length
0
date
Thu, 21 Sep 2023 02:08:10 GMT
fly-request-id
01HATQX9DZMSSAHMV08T456HCK-fra
server
Fly/e440b950 (2023-09-20)
via
2 fly.io
info
api.bottle.com/merchant/ 		1 KB
720 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.bottle.com/merchant/info
Requested by
Host: nickelcitynitro.bottle.com
URL: https://nickelcitynitro.bottle.com/js/chunk-vendors.bb3a8271.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::15:3041 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/e440b950 (2023-09-20) /
Resource Hash
ddb82eae7971ef2ec2f3dddf95ee37ccca1b2b8eb06e9069fcd955261adcd233
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJtZXJjaGFudCI6eyJpZCI6NjQwMjI0LCJoYW5kbGUiOiJuaWNrZWxjaXR5bml0cm8ifSwiYW5vbnltb3VzX3Rva2VuIjoiYzA3NTdiNjVmMjc4N2YwNWFlYWNmYjA3OWEwNDQ2MWEifQ.Efj_yKzhoL4_aq-dL43jsCnVSyYj6Bk10jEUIoku1rw
Content-Type
application/json
Accept
application/json
Referer
https://nickelcitynitro.bottle.com/
baggage
sentry-trace
bd43cee557f5472abac102d25da3801b-a166682564a2bb83-1

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Sep 2023 02:08:10 GMT
via
2 fly.io
content-length
584
x-xss-protection
1; mode=block
x-request-id
c0522ad7-7dc1-4db9-a270-3636840975fa
x-runtime
0.047171
fly-request-id
01HATQX9H154P3WRADZTABESVV-fra
server
Fly/e440b950 (2023-09-20)
etag
W/"a2f41e776e845ac756a9a66e3617778b"
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, PUT, POST, DELETE, UPDATE, PATCH, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
content-type
application/json; charset=utf-8
vary
Origin
pages
api.bottle.com/merchant/ 		2 KB
454 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.bottle.com/merchant/pages
Requested by
Host: nickelcitynitro.bottle.com
URL: https://nickelcitynitro.bottle.com/js/chunk-vendors.bb3a8271.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::15:3041 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/e440b950 (2023-09-20) /
Resource Hash
f5f36039659c527034c06520181e03aac78bfc256b50f3a58a3a92963061db95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJtZXJjaGFudCI6eyJpZCI6NjQwMjI0LCJoYW5kbGUiOiJuaWNrZWxjaXR5bml0cm8ifSwiYW5vbnltb3VzX3Rva2VuIjoiYzA3NTdiNjVmMjc4N2YwNWFlYWNmYjA3OWEwNDQ2MWEifQ.Efj_yKzhoL4_aq-dL43jsCnVSyYj6Bk10jEUIoku1rw
Content-Type
application/json
Accept
application/json
Referer
https://nickelcitynitro.bottle.com/
baggage
sentry-trace
bd43cee557f5472abac102d25da3801b-8f9090435078ee01-1

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Sep 2023 02:08:10 GMT
via
2 fly.io
content-length
320
x-xss-protection
1; mode=block
x-request-id
b05f30e9-2fa2-4481-9240-9e68ef1bff7a
x-runtime
0.039638
fly-request-id
01HATQX9H1EWT1MWDJV0Y61HK8-fra
server
Fly/e440b950 (2023-09-20)
etag
W/"b14a4d8e3622fcc46f5d66ddfce4300a"
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, PUT, POST, DELETE, UPDATE, PATCH, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
content-type
application/json; charset=utf-8
vary
Origin
stores
api.bottle.com/merchant/ 		5 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.bottle.com/merchant/stores?included=attachments
Requested by
Host: nickelcitynitro.bottle.com
URL: https://nickelcitynitro.bottle.com/js/chunk-vendors.bb3a8271.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::15:3041 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/e440b950 (2023-09-20) /
Resource Hash
d99be671a14c8aefa8bc40a20b011fe7e833bd6beefa6ece2cdd0ddf5935c473
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJtZXJjaGFudCI6eyJpZCI6NjQwMjI0LCJoYW5kbGUiOiJuaWNrZWxjaXR5bml0cm8ifSwiYW5vbnltb3VzX3Rva2VuIjoiYzA3NTdiNjVmMjc4N2YwNWFlYWNmYjA3OWEwNDQ2MWEifQ.Efj_yKzhoL4_aq-dL43jsCnVSyYj6Bk10jEUIoku1rw
Content-Type
application/json
Accept
application/json
Referer
https://nickelcitynitro.bottle.com/
baggage
sentry-trace
bd43cee557f5472abac102d25da3801b-808aeb2fac4ee8c9-1

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
x-content-type-options
nosniff
date
Thu, 21 Sep 2023 02:08:10 GMT
via
2 fly.io
content-length
965
x-xss-protection
1; mode=block
x-request-id
03e61ee9-038c-42a1-b8f7-2dc8911a40c1
x-runtime
0.119888
fly-request-id
01HATQX9H147Q5B3QWK0FRXX3H-fra
server
Fly/e440b950 (2023-09-20)
etag
W/"da500681e166dc0d366109698a55a623"
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, PUT, POST, DELETE, UPDATE, PATCH, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
content-type
application/json; charset=utf-8
vary
Origin
stores
api.bottle.com/merchant/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.bottle.com/merchant/stores?included=attachments
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::15:3041 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/e440b950 (2023-09-20) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,baggage,content-type,sentry-trace
Access-Control-Request-Method
GET
Origin
https://nickelcitynitro.bottle.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-headers
authorization,baggage,content-type,sentry-trace
access-control-allow-methods
GET, PUT, POST, DELETE, UPDATE, PATCH, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
content-length
0
date
Thu, 21 Sep 2023 02:08:10 GMT
fly-request-id
01HATQX9DZBWANCTJYZDRXB40D-fra
server
Fly/e440b950 (2023-09-20)
via
2 fly.io
mb7q9vhs7vzbeloaqsip.jpg
res.cloudinary.com/hpwejnwbc/image/upload/c_pad,f_auto,h_256,w_256/v1/merchant-frontend/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/hpwejnwbc/image/upload/c_pad,f_auto,h_256,w_256/v1/merchant-frontend/mb7q9vhs7vzbeloaqsip.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
6fb9a971ef4e0832df17cb811778eb3771b90b00f74f47256880839e694c3b38
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nickelcitynitro.bottle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 02:08:11 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="mb7q9vhs7vzbeloaqsip.webp"
server-timing
cld-fastly;mitm=p;dur=489;cpu=1;start=2023-09-21T02:08:10.969Z;desc=miss,rtt;dur=6,content-info;desc="width=256,height=256,owidth=487,oheight=487,obytes=39873",cloudinary;dur=118;start=2023-09-21T02:08:11.294Z
content-length
8898
last-modified
Sun, 20 Nov 2022 19:03:17 GMT
server
Cloudinary
etag
"6c8a842aff00847fd0ffa541252496e6"
vary
Accept,User-Agent
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
kvko1dzcqo4h7ipizaql.jpg
res.cloudinary.com/hpwejnwbc/image/upload/c_limit,f_auto,h_552,w_552/v1/merchant-frontend/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/hpwejnwbc/image/upload/c_limit,f_auto,h_552,w_552/v1/merchant-frontend/kvko1dzcqo4h7ipizaql.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
f7a1d2b77e1ff11f49dd82052cce82d0755f2a0b6c4a7c30f37cbd5e63b11d0e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nickelcitynitro.bottle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 02:08:11 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="kvko1dzcqo4h7ipizaql.webp"
server-timing
cld-fastly;mitm=p;dur=619;cpu=0;start=2023-09-21T02:08:11.024Z;desc=miss,rtt;dur=6,content-info;desc="width=552,height=230,owidth=2202,oheight=917,obytes=1115819",cloudinary;dur=146;start=2023-09-21T02:08:11.347Z
content-length
70556
last-modified
Mon, 22 May 2023 04:28:12 GMT
server
Cloudinary
etag
"27dca42abeec235d6fb078c314486984"
vary
Accept,User-Agent
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
wfeiqzt3jtauz5eqmgw9.jpg
res.cloudinary.com/hpwejnwbc/image/upload/c_limit,f_auto,h_552,w_552/v1/merchant-frontend/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/hpwejnwbc/image/upload/c_limit,f_auto,h_552,w_552/v1/merchant-frontend/wfeiqzt3jtauz5eqmgw9.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
f7a1d2b77e1ff11f49dd82052cce82d0755f2a0b6c4a7c30f37cbd5e63b11d0e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nickelcitynitro.bottle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 02:08:11 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="wfeiqzt3jtauz5eqmgw9.webp"
server-timing
cld-fastly;mitm=p;dur=269;cpu=0;start=2023-09-21T02:08:11.024Z;desc=miss,rtt;dur=6,content-info;desc="width=552,height=230,owidth=2202,oheight=917,obytes=1115819",cloudinary;dur=161;start=2023-09-21T02:08:11.088Z
content-length
70556
last-modified
Mon, 22 May 2023 04:28:12 GMT
server
Cloudinary
etag
"27dca42abeec235d6fb078c314486984"
vary
Accept,User-Agent
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
common.js
maps.googleapis.com/maps-api-v3/api/js/54/6/intl/de_ALL/ 		253 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/54/6/intl/de_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBQeJ3fzm_SpaFLkLYxeuhGRMVQ1Lv89UU&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
930f30b7f705805e09f223377ae0381cc427084e96b877b9299f7672b694028f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nickelcitynitro.bottle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 20:03:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
108276
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57020
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 20:18:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Sep 2024 20:03:38 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/54/6/intl/de_ALL/ 		154 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/54/6/intl/de_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBQeJ3fzm_SpaFLkLYxeuhGRMVQ1Lv89UU&libraries=places
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
158d8ab2dd5173ff28b9ee1510bed85974e13ab28350c3886b401bc8d58902c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nickelcitynitro.bottle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 20:03:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
108276
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49895
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 20:18:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Sep 2024 20:03:38 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture function| fbq function| _fbq function| hj object| _hjSettings object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| webpackChunkStripeJSouter function| noop function| Stripe object| google object| module$exports$mapsapi$geometry$spherical object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView object| webpackChunkmerchant_frontend object| intlTelInputGlobals object| intlTelInputUtils object| __SENTRY__

8 Cookies

Domain/Path Name / Value
.bottle.com/ Name: _hjSessionUser_3522853
Value: eyJpZCI6IjE3MzVjM2U2LWE4YmYtNWM3Ni1hN2M3LTQ2OWUyMzVmZGQ1NiIsImNyZWF0ZWQiOjE2OTUyNjIwOTAwMjgsImV4aXN0aW5nIjpmYWxzZX0=
.bottle.com/ Name: _hjFirstSeen
Value: 1
.bottle.com/ Name: _hjIncludedInSessionSample_3522853
Value: 0
.bottle.com/ Name: _hjSession_3522853
Value: eyJpZCI6Ijk1NGQ5MjM1LTcxYzAtNDVjZS04ZDlkLTI2YTNiNGNmNTlkZSIsImNyZWF0ZWQiOjE2OTUyNjIwOTAwMjksImluU2FtcGxlIjpmYWxzZX0=
.bottle.com/ Name: _hjAbsoluteSessionInProgress
Value: 1
m.stripe.com/ Name: m
Value: e83fbdce-20ae-4810-ad0b-73a220573fa22676bc
.nickelcitynitro.bottle.com/ Name: __stripe_mid
Value: 6eea3cd7-7cef-438a-a67e-91398e09986112c90d
.nickelcitynitro.bottle.com/ Name: __stripe_sid
Value: d55ec384-6b6c-4cff-b8ac-d59481cf238df6ddfc

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.bottle.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
m.stripe.com
m.stripe.network
maps.googleapis.com
nickelcitynitro.bottle.com
q.stripe.com
res.cloudinary.com
script.hotjar.com
static.hotjar.com
vc.hotjar.io
18.66.112.19
18.66.97.53
2600:9000:2057:7e00:19:7d10:bd80:93a1
2a00:1450:4001:812::200a
2a00:1450:4001:81c::200a
2a00:1450:4001:829::2003
2a03:2880:f083:9:face:b00c:0:3
2a04:4e42:400::393
2a09:8280:1::15:3041
52.222.236.74
54.186.23.98
54.69.126.39
54.91.59.199
99.86.4.76
0ff4f205a4c19ed25079a6028f245e08eccb7dbdcb629258e7b48cdd79ad9a77
144f6f1eacbcc2c40f85d016a0490a817f6408aa2f547f0837765a08b8cdb43a
158d8ab2dd5173ff28b9ee1510bed85974e13ab28350c3886b401bc8d58902c3
22f8a5170a390c9cb30f0e9681c9a977cb04a84c07836bc6631d9add7ab1a202
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
3f1debe1ac6066919736837125f1f35a225efcd0f56c5cf0a9a9b86b537d656a
49fd87339d28ffb03b23a0174e7da39ac54c447ef8ab4673f18b303e983d7c08
61f113973bac11c3eee1200fa5a4c8eb0edc224ec22a4f8fcc48f2258fd1555e
638a8bc98ee933932d6488e4d69d81d7209dc8676c6da02267ad3699a35a60e9
66e58d37cc4b8168a1bd6678e085b43e939eb138fe608b7faffe3b1ba76b0c7b
6fb9a971ef4e0832df17cb811778eb3771b90b00f74f47256880839e694c3b38
80f46fd866fde47171b14687d92734ed62ee8e7d5a2401336818d20b040e1ef8
829f8bb2f1d84f1a1edd24a96ceb306509ac6cc8e0957a61270d3f25f8854755
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
930f30b7f705805e09f223377ae0381cc427084e96b877b9299f7672b694028f
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
c0f35dd3bb4db667e843bdc6d272b79e53b761379e3e3174523cf5f4778d11a6
c2c7460118f444c1977f7810ad496d2d2b232a29267cb018d47c05ff9551492f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d7a2bb99bd597eab28ac98aa727ce9974a9221d4dae7c24afedbf02544236099
d99be671a14c8aefa8bc40a20b011fe7e833bd6beefa6ece2cdd0ddf5935c473
ddb82eae7971ef2ec2f3dddf95ee37ccca1b2b8eb06e9069fcd955261adcd233
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58ab63f5bf83fa3fc2512ad144ebde936d51e3e4536a066f0b104f571e6d191
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f5f36039659c527034c06520181e03aac78bfc256b50f3a58a3a92963061db95
f7a1d2b77e1ff11f49dd82052cce82d0755f2a0b6c4a7c30f37cbd5e63b11d0e