www.underluckystars.com Open in urlscan Pro
52.3.53.111 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Submission: On March 25 via manual (March 25th 2020, 8:05:32 pm UTC) from DE

Summary HTTP 130 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 38 IPs in 8 countries across 30 domains to perform 130 HTTP transactions. The main IP is 52.3.53.111, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.underluckystars.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 4th 2020. Valid for: 3 months.

This is the only time www.underluckystars.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.3.53.111 52.3.53.111	14618 (AMAZON-AES) (AMAZON-AES)
16	2600:9000:20c... 2600:9000:20c3:fc00:1a:5a9d:d440:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
30	2600:9000:213... 2600:9000:2134:1200:1d:3b60:a940:21	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:600... 2a04:4e42:600::729	54113 (FASTLY) (FASTLY)
6	23.45.110.210 23.45.110.210	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	199.232.53.140 199.232.53.140	54113 (FASTLY) (FASTLY)
1	13.227.156.118 13.227.156.118	16509 (AMAZON-02) (AMAZON-02)
1	95.101.27.35 95.101.27.35	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:6c0... 2a02:26f0:6c00:18c::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	147.75.100.245 147.75.100.245	54825 (PACKET) (PACKET)
3	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
1	52.218.41.136 52.218.41.136	16509 (AMAZON-02) (AMAZON-02)
2	204.109.13.121 204.109.13.121	22510 (BRAINTREE...) (BRAINTREEPAYMENTSOLUTIONS)
1 2	104.18.74.113 104.18.74.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	104.18.73.113 104.18.73.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
2	3.223.182.220 3.223.182.220	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
1 7	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	147.75.102.231 147.75.102.231	54825 (PACKET) (PACKET)
1	147.75.102.13 147.75.102.13	54825 (PACKET) (PACKET)
4	23.210.248.189 23.210.248.189	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a03:2880:f02... 2a03:2880:f02d:5:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
8	3.137.39.162 3.137.39.162	16509 (AMAZON-02) (AMAZON-02)
1	151.101.14.133 151.101.14.133	54113 (FASTLY) (FASTLY)
2	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
2	99.86.162.48 99.86.162.48	16509 (AMAZON-02) (AMAZON-02)
4	72.246.168.118 72.246.168.118	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.45.98.207 23.45.98.207	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	104.16.52.111 104.16.52.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	130.44.212.166 130.44.212.166	396986 (BYTEDANCE) (BYTEDANCE)
130	38

1 52.3.53.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-53-111.compute-1.amazonaws.com

www.underluckystars.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2600:9000:20c3:fc00:1a:5a9d:d440:21 (United States)

ASN16509 (AMAZON-02, US)

d3j4c7e2o820k1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2600:9000:2134:1200:1d:3b60:a940:21 (United States)

ASN16509 (AMAZON-02, US)

d1tcpqtzfohdid.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::729 (Ascension Island)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.45.110.210 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-45-110-210.deploy.static.akamaitechnologies.com

js.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:817::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.53.140 (Manchester, United Kingdom)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.156.118 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-156-118.muc51.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.27.35 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a95-101-27-35.deploy.static.akamaitechnologies.com

static.bytedance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:18c::1931 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.100.245 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress15

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.41.136 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com

underluckystars.s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 204.109.13.121 (United States)

ASN22510 (BRAINTREEPAYMENTSOLUTIONS, US)
PTR: api.braintreegateway.com

api.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.74.113 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

assets.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.73.113 (United States)

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.223.182.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-182-220.compute-1.amazonaws.com

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f12d:83:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.102.231 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress10

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.102.13 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress1

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.210.248.189 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-189.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:5:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK, US)

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.137.39.162 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-137-39-162.us-east-2.compute.amazonaws.com

client-analytics.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.226.184 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.162.48 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-162-48.mxp64.r.cloudfront.net

s0.ipstatp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 72.246.168.118 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-168-118.deploy.static.akamaitechnologies.com

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.98.207 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-45-98-207.deploy.static.akamaitechnologies.com

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.16.52.111 (United States)

ASN13335 (CLOUDFLARENET, US)

underluckystars.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.44.212.166 (United States)

ASN396986 (BYTEDANCE, US)

business.topbuzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	cloudfront.net d3j4c7e2o820k1.cloudfront.net d1tcpqtzfohdid.cloudfront.net	166 KB
16	braintreegateway.com js.braintreegateway.com api.braintreegateway.com client-analytics.braintreegateway.com assets.braintreegateway.com	70 KB
8	zdassets.com static.zdassets.com ekr.zdassets.com	543 KB
7	facebook.com 1 redirects www.facebook.com	1 KB
7	zendesk.com 1 redirects assets.zendesk.com underluckystars.zendesk.com	2 KB
6	facebook.net connect.facebook.net	382 KB
5	paypal.com www.paypal.com t.paypal.com	11 KB
4	pinterest.com ct.pinterest.com	1 KB
3	gstatic.com fonts.gstatic.com	33 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	71 KB
3	google-analytics.com 1 redirects www.google-analytics.com	45 KB
2	ipstatp.com s0.ipstatp.com	10 KB
2	snapchat.com tr.snapchat.com
2	google.de www.google.de	219 B
2	google.com 1 redirects www.google.com	296 B
2	reddit.com alb.reddit.com	678 B
2	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net	1 KB
2	pinimg.com s.pinimg.com	17 KB
2	googletagmanager.com www.googletagmanager.com	28 KB
1	topbuzz.com business.topbuzz.com
1	paypalobjects.com www.paypalobjects.com	126 KB
1	atdmt.com cx.atdmt.com	432 B
1	amazonaws.com underluckystars.s3-eu-west-1.amazonaws.com	211 KB
1	googleadservices.com www.googleadservices.com	10 KB
1	bytedance.com static.bytedance.com	5 KB
1	sc-static.net sc-static.net	6 KB
1	redditstatic.com www.redditstatic.com	6 KB
1	sentry-cdn.com browser.sentry-cdn.com	16 KB
1	googleapis.com fonts.googleapis.com	839 B
1	underluckystars.com www.underluckystars.com	13 KB
130	30

	Domain	Requested by
30	d1tcpqtzfohdid.cloudfront.net	www.underluckystars.com
16	d3j4c7e2o820k1.cloudfront.net	www.underluckystars.com
8	client-analytics.braintreegateway.com	browser.sentry-cdn.com www.underluckystars.com
7	www.facebook.com	1 redirects www.underluckystars.com
7	static.zdassets.com	www.underluckystars.com static.zdassets.com
6	underluckystars.zendesk.com	static.zdassets.com
6	connect.facebook.net	www.underluckystars.com connect.facebook.net
5	assets.braintreegateway.com	js.braintreegateway.com
4	www.paypal.com	www.paypalobjects.com browser.sentry-cdn.com www.underluckystars.com
4	ct.pinterest.com	browser.sentry-cdn.com www.underluckystars.com
3	fonts.gstatic.com	www.underluckystars.com
3	www.google-analytics.com	1 redirects www.underluckystars.com www.google-analytics.com
2	s0.ipstatp.com	static.bytedance.com s0.ipstatp.com
2	tr.snapchat.com	sc-static.net
2	www.google.de	www.underluckystars.com
2	www.google.com	1 redirects www.underluckystars.com
2	alb.reddit.com	www.underluckystars.com
2	api.braintreegateway.com	browser.sentry-cdn.com www.underluckystars.com
2	s.pinimg.com	www.underluckystars.com s.pinimg.com
2	www.googletagmanager.com	www.underluckystars.com
1	business.topbuzz.com	www.underluckystars.com
1	t.paypal.com	www.underluckystars.com
1	www.paypalobjects.com	js.braintreegateway.com
1	cx.atdmt.com	www.underluckystars.com
1	ekr.zdassets.com	static.zdassets.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	stats.g.doubleclick.net	1 redirects
1	googleads.g.doubleclick.net	www.googleadservices.com
1	assets.zendesk.com	1 redirects
1	underluckystars.s3-eu-west-1.amazonaws.com	www.underluckystars.com
1	www.googleadservices.com	www.googletagmanager.com
1	static.hotjar.com	www.underluckystars.com
1	static.bytedance.com	www.underluckystars.com
1	sc-static.net	www.underluckystars.com
1	www.redditstatic.com	www.underluckystars.com
1	js.braintreegateway.com	www.underluckystars.com
1	browser.sentry-cdn.com	www.underluckystars.com
1	fonts.googleapis.com	www.underluckystars.com
1	www.underluckystars.com
130	40

This site contains links to these domains. Also see Links.

Domain
www.google.com
www.mozilla.org
www.apple.com
www.facebook.com
instagram.com
blog.underluckystars.com
www.underluckystars.es
www.underluckystars.de
www.underluckystars.fr
www.underluckystars.it
www.underluckystars.pt
www.underluckystars.ja
support.underluckystars.com

Subject Issuer	Validity	Valid
underluckystars.fr Let's Encrypt Authority X3	`2020-03-04` - `2020-06-02`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
v2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-03-23` - `2021-02-05`	10 months	crt.sh
checkout.paypal.com DigiCert SHA2 Extended Validation Server CA	`2019-07-31` - `2021-09-29`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-03-01` - `2020-05-30`	3 months	crt.sh
*.reddit.com DigiCert SHA2 Secure Server CA	`2018-08-17` - `2020-09-02`	2 years	crt.sh
sc-static.net DigiCert SHA2 Secure Server CA	`2019-03-11` - `2021-03-15`	2 years	crt.sh
*.bytedance.com RapidSSL RSA CA 2018	`2019-08-19` - `2021-08-18`	2 years	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2019-06-05` - `2020-07-22`	a year	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.s3-eu-west-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-10`	a year	crt.sh
api.braintreegateway.com DigiCert Global CA G2	`2018-06-21` - `2020-06-21`	2 years	crt.sh
*.zdassets.com Sectigo RSA Domain Validation Secure Server CA	`2019-06-25` - `2021-05-31`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
alb.reddit.com Amazon	`2019-05-20` - `2020-06-20`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2020-06-03`	3 months	crt.sh
client-analytics.braintreegateway.com DigiCert Global CA G2	`2018-06-18` - `2020-06-17`	2 years	crt.sh
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA	`2019-12-09` - `2021-12-13`	2 years	crt.sh
tr.snapchat.com DigiCert SHA2 Secure Server CA	`2019-02-19` - `2021-02-23`	2 years	crt.sh
*.sgpstatp.com Amazon	`2019-07-23` - `2020-08-23`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-01-09` - `2022-01-12`	2 years	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-01-09` - `2022-01-12`	2 years	crt.sh
underluckystars.zendesk.com CloudFlare Inc ECC CA-2	`2019-08-04` - `2020-08-03`	a year	crt.sh
*.topbuzz.com RapidSSL RSA CA 2018	`2019-08-02` - `2021-09-30`	2 years	crt.sh

This page contains 12 frames:

Primary Page: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Frame ID: 3B79074541158C4E17AC94C570E3E4A4
Requests: 109 HTTP requests in this frame

Frame: https://static.zdassets.com/ekr/asset_composer.js
Frame ID: 1B4787F31DC64253CC425F7C377F18D8
Requests: 3 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: BA74430CC4BDDAC7056D176A747A3666
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=eda2b568-c489-4298-9afc-850b0d216edd
Frame ID: C0AD21693E92244F61B676145264377D
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 2492E39C54E8BADAA5B8D4BE05567946
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/webapps/hermes/button?version=4.0.166&env=production&style.color=blue&style.shape=rect&style.size=medium&locale.x=en_US&sessionID=6e88e51bd3_giydumbvhiyte&buttonSessionID=dd99a36546_giydumbvhiyte&funding.disallowed=venmo&logLevel=warn&uid=58fd817d1d&xcomponent=1
Frame ID: AD54A0294DF8DD0A9533FBCDA94420CA
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 330E6AA9D774E945B12D1CD622B5A3D7
Requests: 2 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.26.0/html/hosted-fields-frame.min.html
Frame ID: D92C22BFD8962B76E8D57FC197688840
Requests: 1 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.26.0/html/hosted-fields-frame.min.html
Frame ID: 70A3E555E9A8E287E1F8E514251D7A08
Requests: 1 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.26.0/html/hosted-fields-frame.min.html
Frame ID: D83C546D2428E4D70173197D2A766912
Requests: 1 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.26.0/html/hosted-fields-frame.min.html
Frame ID: BDDDE6B6668B8AED27AFB60F44D88C16
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/preload.70869d246782da5b3daf.js
Frame ID: B5BDCF19778BDA3A59238CD4665931D1
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

130
Requests

100 %
HTTPS

39 %
IPv6

30
Domains

40
Subdomains

38
IPs

8
Countries

1775 kB
Transfer

6375 kB
Size

2
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/chrome/browser/desktop/index.html
Title: Google Chrome

Search URL Search Domain Scan URL

URL: https://www.mozilla.org/en-US/firefox/desktop/
Title: Firefox

Search URL Search Domain Scan URL

URL: http://www.apple.com/safari/
Title: Safari

Search URL Search Domain Scan URL

URL: https://www.facebook.com/underluckystars/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://instagram.com/underluckystars
Title: Instagram

Search URL Search Domain Scan URL

URL: https://blog.underluckystars.com/
Title: Blog

Search URL Search Domain Scan URL

URL: https://www.underluckystars.es/
Title: Under Lucky Stars en Español

Search URL Search Domain Scan URL

URL: https://www.underluckystars.de/
Title: Under Lucky Stars auf Deutsch

Search URL Search Domain Scan URL

URL: https://www.underluckystars.fr/
Title: Under Lucky Stars en Français

Search URL Search Domain Scan URL

URL: https://www.underluckystars.it/
Title: Under Lucky Stars in Italiano

Search URL Search Domain Scan URL

URL: https://www.underluckystars.pt/
Title: Under Lucky Stars em Português

Search URL Search Domain Scan URL

URL: https://www.underluckystars.ja/
Title: Under Lucky Stars 日本語

Search URL Search Domain Scan URL

URL: http://support.underluckystars.com/
Title: Support Center

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://assets.zendesk.com/embeddable_framework/main.js HTTP 301
https://static.zdassets.com/ekr/asset_composer.js

Request Chain 74

https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=2030477508&t=pageview&_s=1&dl=https%3A%2F%2Fwww.underluckystars.com%2Fpay%2F16da749f-5335-4b63-9b79-ace7e1b77833%3Fnomenu%3D1&dp=payment-form&ul=en-us&de=UTF-8&dt=Personalized%20Star%20Maps%20-%20Under%20Lucky%20Stars&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&exp=GUunKJ2XSJq_QXn0xkZcKQ.1&_u=aGBAAEADQ~&jid=315378487&gjid=1619852863&cid=422998202.1585166709&tid=UA-87234905-1&_gid=40685145.1585166709&_r=1&z=1306625107 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-87234905-1&cid=422998202.1585166709&jid=315378487&_gid=40685145.1585166709&gjid=1619852863&_v=j81&z=1306625107 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-87234905-1&cid=422998202.1585166709&jid=315378487&_v=j81&z=1306625107 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-87234905-1&cid=422998202.1585166709&jid=315378487&_v=j81&z=1306625107&slf_rd=1&random=2194529080

Request Chain 86

https://www.facebook.com/tr/?id=782857011853426&ev=PageView&dl=https%3A%2F%2Fwww.underluckystars.com%2Fpay%2F16da749f-5335-4b63-9b79-ace7e1b77833%3Fnomenu%3D1&rl=&if=false&ts=1585166709197&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1585166709196.2032243572&it=1585166708593&coo=false&rqm=GET HTTP 302
https://cx.atdmt.com/?c=10170003300956652809&f=AYxcUaC5WdWFwviXoTdaAcNv-v-bWp1PkUt65QppNzQBw54Irj8EaLU-lqusaHKESffA-DyClxe4_2dSAoz3u2Oc&id=782857011853426&l=3&v=0

130 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set 16da749f-5335-4b63-9b79-ace7e1b77833 Show response
www.underluckystars.com/pay/ 55 KB
13 KB 1221ms
765ms Document
text/html 52.3.53.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.53.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-53-111.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 559fecf5a8f378ee957b89d069bd4ca94c1e380e327524644ecd8e55bc8c66cd

Request headers

Host: www.underluckystars.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

Connection: keep-alive
Date: Wed, 25 Mar 2020 20:05:08 GMT
Server: Apache
Cache-Control: max-age=0, must-revalidate, private max-age=0
Set-Cookie: PHPSESSID=m1t671lb215rdpecvtd96foajou5omvk; path=/; secure; HttpOnly ab=%7B%22GUunKJ2XSJq_QXn0xkZcKQ%22%3A1%7D; expires=Sun, 24-May-2020 20:05:08 GMT; Max-Age=5184000; path=/; httponly
Expires: Wed, 25 Mar 2020 20:05:07 GMT
Vary: Accept-Encoding,Origin
Content-Encoding: gzip
Content-Length: 13063
Content-Type: text/html; charset=UTF-8
Via: 1.1 vegur

GET
H2 200 3397717-8a3bdca.css
d3j4c7e2o820k1.cloudfront.net/css/ 8 KB
2 KB 48ms
12ms Stylesheet
text/css 2600:9000:20c3:fc00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3j4c7e2o820k1.cloudfront.net/css/3397717-8a3bdca.css
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20c3:fc00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: b2632d1a1a45cee8992c0b42121015ee7d676864eeb3b964481853ee31e068f2

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 25 Mar 2020 18:29:11 GMT
content-encoding: gzip
age: 5757
x-cache: Hit from cloudfront
status: 200
content-length: 1741
last-modified: Wed, 25 Mar 2020 18:24:21 GMT
server: Apache
vary: Accept-Encoding,Origin
content-type: text/css
via: 1.1 vegur, 1.1 6f5ba49c3df973a476d63dbb743d9b23.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: MUC50-C1
accept-ranges: bytes
x-amz-cf-id: 3HoEAFdPdcqKLPttISzdNaSNKFNZASSoPr0k9SlMyeNDMxYoAz0nQQ==
expires: Thu, 25 Mar 2021 18:29:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
839 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3838febe02ee1538a1336ac01f452a6fe7682106cd21b46cda9c40092c8e3aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 25 Mar 2020 20:05:08 GMT
server: ESF
date: Wed, 25 Mar 2020 20:05:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 25 Mar 2020 20:05:08 GMT

GET
H2 200 454a62b-739a863.css
d3j4c7e2o820k1.cloudfront.net/css/ 33 KB
7 KB 50ms
14ms Stylesheet
text/css 2600:9000:20c3:fc00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3j4c7e2o820k1.cloudfront.net/css/454a62b-739a863.css
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20c3:fc00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 0824d7c756dd3f680d306333432d9e5b5f9b0d18851036cad695e39891636f40

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Wed, 25 Mar 2020 18:29:11 GMT
content-encoding: gzip
age: 5757
x-cache: Hit from cloudfront
status: 200
content-length: 6698
last-modified: Wed, 25 Mar 2020 18:24:21 GMT
server: Apache
vary: Accept-Encoding,Origin
content-type: text/css
via: 1.1 vegur, 1.1 6f5ba49c3df973a476d63dbb743d9b23.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: MUC50-C1
accept-ranges: bytes
x-amz-cf-id: xauEUTzH0nXiw2OHcdtntCk1IhKJqrRKsmCIRLBwUe4K4Uvh4L9ZfA==
expires: Thu, 25 Mar 2021 18:29:11 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 74 KB
28 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-867529107

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

93af63ba26f8486b147005c4bd74afe66d0a2c271d77a68ea79d43a12c806f35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 25 Mar 2020 20:05:08 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Cache-Control
content-length: 28423
x-xss-protection: 0
expires: Wed, 25 Mar 2020 20:05:08 GMT

GET
H2 200 logo.png
d3j4c7e2o820k1.cloudfront.net/assets/img/ 1 KB
2 KB 51ms
15ms Image
image/png 2600:9000:20c3:fc00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/logo.png
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20c3:fc00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: f3217874cfe2a179bfd7c0d8768585c2c78fd5520dd4692a0f90ba9a58e6bfff

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 17 Mar 2020 06:31:31 GMT
via: 1.1 vegur, 1.1 6f5ba49c3df973a476d63dbb743d9b23.cloudfront.net (CloudFront)
last-modified: Sat, 14 Mar 2020 17:38:31 GMT
server: Apache
age: 740017
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=2592000
x-amz-cf-pop: MUC50-C1
accept-ranges: bytes
content-length: 1480
x-amz-cf-id: TRHcYfEIQl7TRRq0Y0REdk3RhaPAKC7tmtZwx324gdF10ykEj4rXOw==
expires: Thu, 16 Apr 2020 06:31:31 GMT

GET
H2 200 trustpilot.png
d3j4c7e2o820k1.cloudfront.net/assets/img/ 10 KB
10 KB 45ms
37ms Image
image/png 2600:9000:20c3:fc00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/trustpilot.png
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20c3:fc00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 1695c0ea4fa277b6f8c622ec435639895990ec3d9517b8916cc74330ca71d1c6

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 23 Mar 2020 14:13:05 GMT
via: 1.1 vegur, 1.1 6f5ba49c3df973a476d63dbb743d9b23.cloudfront.net (CloudFront)
last-modified: Mon, 23 Mar 2020 13:22:39 GMT
server: Apache
age: 193923
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=2592000
x-amz-cf-pop: MUC50-C1
accept-ranges: bytes
content-length: 9932
x-amz-cf-id: 1zeIRrUxKNMXTV4_nYZtM0CusRR1q3-eIVN5IcybVsd8t7sDlddQBA==
expires: Wed, 22 Apr 2020 14:13:05 GMT

GET
H2 200 visa.png
d3j4c7e2o820k1.cloudfront.net/assets/img/card-issuers/ 5 KB
5 KB 32ms
24ms Image
image/png 2600:9000:20c3:fc00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/card-issuers/visa.png
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20c3:fc00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: b8c0f4596d7df31c353812fe085c2ce3c382de9308ac9cc19b829d325b771438

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 01:51:08 GMT
via: 1.1 vegur, 1.1 6f5ba49c3df973a476d63dbb743d9b23.cloudfront.net (CloudFront)
last-modified: Wed, 18 Mar 2020 23:24:20 GMT
server: Apache
age: 584040
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=2592000
x-amz-cf-pop: MUC50-C1
accept-ranges: bytes
content-length: 5167
x-amz-cf-id: 74jdpInQ_X72KXyypPToZawiCGbO67sjzHyB0tg3Tj6ruI7IAHLLOQ==
expires: Sat, 18 Apr 2020 01:51:08 GMT

GET
H2 200 mastercard.png
d3j4c7e2o820k1.cloudfront.net/assets/img/card-issuers/ 6 KB
6 KB 35ms
27ms Image
image/png 2600:9000:20c3:fc00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/card-issuers/mastercard.png
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20c3:fc00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: fcafd6c7d915605ce4321ae53fd667d07b3c82f8fd3a0f5072f056cd2d143725

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 01:51:08 GMT
via: 1.1 vegur, 1.1 6f5ba49c3df973a476d63dbb743d9b23.cloudfront.net (CloudFront)
last-modified: Wed, 18 Mar 2020 23:24:20 GMT
server: Apache
age: 584040
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=2592000
x-amz-cf-pop: MUC50-C1
accept-ranges: bytes
content-length: 6281
x-amz-cf-id: LrTi4dyjIzymBPJE7ad1_iVdNel8a87c1aQkKdL8B4ZIu4sJeigZSA==
expires: Sat, 18 Apr 2020 01:51:08 GMT

GET
H2 200 maestro.png
d3j4c7e2o820k1.cloudfront.net/assets/img/card-issuers/ 7 KB
7 KB 36ms
29ms Image
image/png 2600:9000:20c3:fc00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/card-issuers/maestro.png
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20c3:fc00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 3e88d35a3f38898064c176ff351e3ee4c7d22ab4ca2f52d44a9ef615c4364d5c

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 07:43:03 GMT
via: 1.1 vegur, 1.1 6f5ba49c3df973a476d63dbb743d9b23.cloudfront.net (CloudFront)
last-modified: Wed, 18 Mar 2020 23:24:20 GMT
server: Apache
age: 562925
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=2592000
x-amz-cf-pop: MUC50-C1
accept-ranges: bytes
content-length: 6675
x-amz-cf-id: 57lCRCDxmsodlDPkAMdrHIOefEewSRqCgb_J9Yjn83va-3zmHHAcFQ==
expires: Sat, 18 Apr 2020 07:43:03 GMT

GET
H2 200 discover.png
d3j4c7e2o820k1.cloudfront.net/assets/img/card-issuers/ 6 KB
6 KB 37ms
30ms Image
image/png 2600:9000:20c3:fc00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/card-issuers/discover.png
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20c3:fc00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 2f688cf86928876c5a0bfdb1803055d354c507d6801be11bc161c8fc37335c08

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 01:51:08 GMT
via: 1.1 vegur, 1.1 6f5ba49c3df973a476d63dbb743d9b23.cloudfront.net (CloudFront)
last-modified: Wed, 18 Mar 2020 23:24:20 GMT
server: Apache
age: 584040
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=2592000
x-amz-cf-pop: MUC50-C1
accept-ranges: bytes
content-length: 5742
x-amz-cf-id: YgmQphjyLrPgLmQJgAgROqS-kQNC7Ue5DDToTVseKYeipyQ92TYQjQ==
expires: Sat, 18 Apr 2020 01:51:08 GMT

GET
H2 200 paypal.png
d3j4c7e2o820k1.cloudfront.net/assets/img/card-issuers/ 5 KB
5 KB 37ms
30ms Image
image/png 2600:9000:20c3:fc00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/card-issuers/paypal.png
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20c3:fc00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 9e100c09698f359a32a2f2ff853de2ecfe1cbffdf0fa6bf666a17f5d8537e25d

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 16 Mar 2020 02:31:08 GMT
via: 1.1 vegur, 1.1 6f5ba49c3df973a476d63dbb743d9b23.cloudfront.net (CloudFront)
last-modified: Sat, 14 Mar 2020 17:38:31 GMT
server: Apache
age: 840840
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=2592000
x-amz-cf-pop: MUC50-C1
accept-ranges: bytes
content-length: 5170
x-amz-cf-id: coQFFOrLdA2odVNUI135TTh1UFA8Wgk6EqHr8ZIlS2TRC3kDytk6YA==
expires: Wed, 15 Apr 2020 02:31:08 GMT

GET
H2 200 leaf.png
d3j4c7e2o820k1.cloudfront.net/assets/img/ 811 B
1 KB 38ms
32ms Image
image/png 2600:9000:20c3:fc00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/leaf.png
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20c3:fc00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 03cc400198270084c3467816d74dfd6a71d858275fc20229d75b1dc852d45c9d

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 17 Mar 2020 05:04:20 GMT
via: 1.1 vegur, 1.1 6f5ba49c3df973a476d63dbb743d9b23.cloudfront.net (CloudFront)
last-modified: Sat, 14 Mar 2020 17:38:31 GMT
server: Apache
age: 745248
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=2592000
x-amz-cf-pop: MUC50-C1
accept-ranges: bytes
content-length: 811
x-amz-cf-id: hJ5mXm70xVX4HGeQ3FbJ4R9_Mlpv6OjoUUg3aQjgVZWMJt4u8P7iqg==
expires: Thu, 16 Apr 2020 05:04:20 GMT

GET
H2 200 cc0f13fdb1fbe968f06f3660e1636195.jpg
d1tcpqtzfohdid.cloudfront.net/reviewphotos/ 2 KB
2 KB 84ms
16ms Image
application/octet-stream 2600:9000:2134:1200:1d:3b60:a940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tcpqtzfohdid.cloudfront.net/reviewphotos/cc0f13fdb1fbe968f06f3660e1636195.jpg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2134:1200:1d:3b60:a940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 436df59f2655f83cab0c619bb35d7dc90d05a5f7cd468bc3e1e9c6d732319e55

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 04:12:53 GMT
via: 1.1 13234883000891123bda3fd8d846da9d.cloudfront.net (CloudFront)
last-modified: Mon, 16 Mar 2020 16:02:04 GMT
server: AmazonS3
age: 57136
etag: "2136a372b32728ca50ac68b94184cb09"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-cf-pop: MXP64-C2
accept-ranges: bytes
content-length: 1670
x-amz-cf-id: 0HY4HKVHLb5NAbR_Lqvp17oLbSSr2WgwVYuH1C_NbiJ6OevELkhjew==

GET
H2 200 d4a95a0d6142534bcc69df8e25b94ab7.jpg
d1tcpqtzfohdid.cloudfront.net/reviewphotos/ 2 KB
2 KB 93ms
26ms Image
application/octet-stream 2600:9000:2134:1200:1d:3b60:a940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tcpqtzfohdid.cloudfront.net/reviewphotos/d4a95a0d6142534bcc69df8e25b94ab7.jpg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2134:1200:1d:3b60:a940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ca05d351a099aa650d487b2da6a4d7342274d12c0413a2d51da3fb013846461

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 05:48:14 GMT
via: 1.1 13234883000891123bda3fd8d846da9d.cloudfront.net (CloudFront)
last-modified: Fri, 13 Mar 2020 02:02:31 GMT
server: AmazonS3
age: 51415
etag: "4d3aea1f72be25ab34de76e0ee095e53"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-cf-pop: MXP64-C2
accept-ranges: bytes
content-length: 1799
x-amz-cf-id: wVNyQrJ8IKSdcrv9hF77bw3eGnCjFpnf0zBrb-LgDHDhRjm1Gw54ug==

GET
H2 200 0a05345348e056d4cf386691e33d1ba7.jpg
d1tcpqtzfohdid.cloudfront.net/reviewphotos/ 2 KB
2 KB 85ms
17ms Image
application/octet-stream 2600:9000:2134:1200:1d:3b60:a940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tcpqtzfohdid.cloudfront.net/reviewphotos/0a05345348e056d4cf386691e33d1ba7.jpg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2134:1200:1d:3b60:a940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 79785fdf325efbdeac7d572d68fe622d2769deb9c5fd012007c2b4e3e2ef4967

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 04:12:52 GMT
via: 1.1 13234883000891123bda3fd8d846da9d.cloudfront.net (CloudFront)
last-modified: Tue, 10 Mar 2020 01:01:46 GMT
server: AmazonS3
age: 57137
etag: "f4a19acf56a8e12b7f6d53040a0f77a5"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-cf-pop: MXP64-C2
accept-ranges: bytes
content-length: 1882
x-amz-cf-id: dzsF88xzRsBSDNm9R18dl6OBB5363NJmTTo_D0vr3e-J6K7MHJ8YZw==

GET
H2 200 2f27c290ba5ce64035baf8996e683fef.jpg
d1tcpqtzfohdid.cloudfront.net/reviewphotos/ 2 KB
2 KB 91ms
24ms Image
application/octet-stream 2600:9000:2134:1200:1d:3b60:a940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tcpqtzfohdid.cloudfront.net/reviewphotos/2f27c290ba5ce64035baf8996e683fef.jpg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2134:1200:1d:3b60:a940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1fa11f869af955c47ac4d49e4f35ab17e0b27a2318ec9e481f967fa62cec719

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 24 Mar 2020 20:46:18 GMT
via: 1.1 13234883000891123bda3fd8d846da9d.cloudfront.net (CloudFront)
last-modified: Sun, 08 Mar 2020 05:01:59 GMT
server: AmazonS3
age: 83931
etag: "4c1744b5dff223926d37a7ad3fadcb03"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-cf-pop: MXP64-C2
accept-ranges: bytes
content-length: 1621
x-amz-cf-id: XUdL1wrQkWCAI2kFMuFV-YFHOKALITpgTFq-mbUADGXS7vQvTbIHNg==

GET
H2 200 a7db5d19b3b94a7e3db206a8e80ac021.jpg
d1tcpqtzfohdid.cloudfront.net/reviewphotos/ 2 KB
2 KB 94ms
26ms Image
application/octet-stream 2600:9000:2134:1200:1d:3b60:a940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tcpqtzfohdid.cloudfront.net/reviewphotos/a7db5d19b3b94a7e3db206a8e80ac021.jpg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2134:1200:1d:3b60:a940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 88b81c48b44b8034b23bcf7cc76e583269853245d80733476708e7fc592fdd9a

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 04:12:53 GMT
via: 1.1 13234883000891123bda3fd8d846da9d.cloudfront.net (CloudFront)
last-modified: Thu, 05 Mar 2020 20:03:05 GMT
server: AmazonS3
age: 57136
etag: "6490bd6fc4fbb644fba75535ae59b0db"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-cf-pop: MXP64-C2
accept-ranges: bytes
content-length: 1623
x-amz-cf-id: qcdv89_OgpgDvlM02--mDZPk5r_d7Q1Bux0oZ6doXWT4S6EhWM9Sjg==

GET
H2 200 712e98c4eac700a47b40a57fd7b1dcf0.jpg
d1tcpqtzfohdid.cloudfront.net/reviewphotos/ 2 KB
2 KB 96ms
29ms Image
application/octet-stream 2600:9000:2134:1200:1d:3b60:a940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tcpqtzfohdid.cloudfront.net/reviewphotos/712e98c4eac700a47b40a57fd7b1dcf0.jpg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2134:1200:1d:3b60:a940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d220c40325c8dae68e24df902f7fd6f9963603b2ca19b48a6a2812a2f8239ba3

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 05:33:27 GMT
via: 1.1 13234883000891123bda3fd8d846da9d.cloudfront.net (CloudFront)
last-modified: Wed, 04 Mar 2020 02:00:49 GMT
server: AmazonS3
age: 52302
etag: "26cc86f54c95ab68aedd36e84c61c3d3"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-cf-pop: MXP64-C2
accept-ranges: bytes
content-length: 1677
x-amz-cf-id: YdQ-m09iIhrB2g3ex2c0Cd2s87wJNgzuYrz32gXl2SCdDQb475S2cA==

GET
H2 200 1de2279c4e7bbeb7ca6872034bc3bbc5.jpg
d1tcpqtzfohdid.cloudfront.net/reviewphotos/ 1 KB
2 KB 48ms
40ms Image
application/octet-stream 2600:9000:2134:1200:1d:3b60:a940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tcpqtzfohdid.cloudfront.net/reviewphotos/1de2279c4e7bbeb7ca6872034bc3bbc5.jpg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2134:1200:1d:3b60:a940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f7c12552829951f94c84bd558be68db95027b62a62a8f7cab824bc889d2b13b9

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 04:12:53 GMT
via: 1.1 13234883000891123bda3fd8d846da9d.cloudfront.net (CloudFront)
last-modified: Fri, 21 Feb 2020 17:01:55 GMT
server: AmazonS3
age: 57136
etag: "3672a1f1be8024345ea428d2a2004f77"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-cf-pop: MXP64-C2
accept-ranges: bytes
content-length: 1399
x-amz-cf-id: nNX0YvgLV9tMGo3xHU_oTSbCnPM6rlyxc1PGO8FAckWf9tHn5Qd7Vw==

GET
H2 200 ae18fde3958b849f249f6a9ae51e3966.jpg
d1tcpqtzfohdid.cloudfront.net/reviewphotos/ 2 KB
2 KB 32ms
23ms Image
application/octet-stream 2600:9000:2134:1200:1d:3b60:a940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tcpqtzfohdid.cloudfront.net/reviewphotos/ae18fde3958b849f249f6a9ae51e3966.jpg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2134:1200:1d:3b60:a940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 30ca2c9ff251ba82935e611204d8ff885e559a43e99275d30eb9106721cd812e

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 12:24:04 GMT
via: 1.1 13234883000891123bda3fd8d846da9d.cloudfront.net (CloudFront)
last-modified: Sun, 16 Feb 2020 17:01:33 GMT
server: AmazonS3
age: 27665
etag: "69de42dbe07f9882e4f4212bf5d8bdaf"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-cf-pop: MXP64-C2
accept-ranges: bytes
content-length: 1655
x-amz-cf-id: BtYTT42DniOWCdlL1HBYNZErcHa1RcOBz4rFQzM0qFgacGxB5FDx5w==

GET
H2 200 4aef1a0ef430f94ff9333261d175feb7.jpg
d1tcpqtzfohdid.cloudfront.net/reviewphotos/ 2 KB
2 KB 42ms
34ms Image
application/octet-stream 2600:9000:2134:1200:1d:3b60:a940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tcpqtzfohdid.cloudfront.net/reviewphotos/4aef1a0ef430f94ff9333261d175feb7.jpg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2134:1200:1d:3b60:a940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1bede3f127ef3c769c219da1038db2efc83ea598dac27dd5e0447695f3d928b1

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 12:24:04 GMT
via: 1.1 13234883000891123bda3fd8d846da9d.cloudfront.net (CloudFront)
last-modified: Sun, 16 Feb 2020 03:03:58 GMT
server: AmazonS3
age: 27665
etag: "8dda4f0344d322b400fef318aa27b938"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-cf-pop: MXP64-C2
accept-ranges: bytes
content-length: 1615
x-amz-cf-id: HHkd9HYlOlAQJJnsu-9FOs7CyAn72FyQcdqWxZSd_wDe9PhvlkGIYw==

GET
H2 200 d66c2681cd1c1348903a3f1d214cfa45.jpg
d1tcpqtzfohdid.cloudfront.net/reviewphotos/ 2 KB
2 KB 42ms
34ms Image
application/octet-stream 2600:9000:2134:1200:1d:3b60:a940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tcpqtzfohdid.cloudfront.net/reviewphotos/d66c2681cd1c1348903a3f1d214cfa45.jpg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2134:1200:1d:3b60:a940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f0545151b07a8e3c987e8f82bed0a8febef811fc64bf344c992d7ff4100edd73

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 04:12:53 GMT
via: 1.1 13234883000891123bda3fd8d846da9d.cloudfront.net (CloudFront)
last-modified: Sat, 15 Feb 2020 23:00:36 GMT
server: AmazonS3
age: 57136
etag: "1de806d52af014140016a524a56a0b7d"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-cf-pop: MXP64-C2
accept-ranges: bytes
content-length: 1825
x-amz-cf-id: bVpeA2OpqcY30HCBPwdCR2-bizMwj9v4mMwm3zCHfLxBGx2a36lBWw==

GET
H2 200 b22af311bfb7443e1df40e1b9dd2dfbe.jpg
d1tcpqtzfohdid.cloudfront.net/reviewphotos/ 2 KB
2 KB 46ms
38ms Image
application/octet-stream 2600:9000:2134:1200:1d:3b60:a940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tcpqtzfohdid.cloudfront.net/reviewphotos/b22af311bfb7443e1df40e1b9dd2dfbe.jpg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2134:1200:1d:3b60:a940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c2772a67d31607130cc2cb1dbd4bd19a4f0104ce7b289463a3d8be847089ac39

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 24 Mar 2020 20:46:18 GMT
via: 1.1 13234883000891123bda3fd8d846da9d.cloudfront.net (CloudFront)
last-modified: Sat, 15 Feb 2020 19:01:47 GMT
server: AmazonS3
age: 83931
etag: "aead8a23741f5209f3c9da2eef1eb8ef"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-cf-pop: MXP64-C2
accept-ranges: bytes
content-length: 1705
x-amz-cf-id: T3rhtczDmKnSG06UKEflsaGQ5k_oCnrqAm3jLLKlhHdNJjzyhjRoTg==

GET
H2 200 bde3910282b1a2cf841a01d2efb296c0.jpg
d1tcpqtzfohdid.cloudfront.net/reviewphotos/ 2 KB
2 KB 47ms
39ms Image
application/octet-stream 2600:9000:2134:1200:1d:3b60:a940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tcpqtzfohdid.cloudfront.net/reviewphotos/bde3910282b1a2cf841a01d2efb296c0.jpg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2134:1200:1d:3b60:a940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1fe7629bd5374237343a18002521cf2e4cb6bb9ffa7097295080d5c42ed39fdb

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 05:33:27 GMT
via: 1.1 13234883000891123bda3fd8d846da9d.cloudfront.net (CloudFront)
last-modified: Sat, 15 Feb 2020 18:02:30 GMT
server: AmazonS3
age: 52302
etag: "e06dafbf597c9c1998ddee5f1212fe1b"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-cf-pop: MXP64-C2
accept-ranges: bytes
content-length: 1867
x-amz-cf-id: -2rQWPMlhVLekeLeU9icEA374Azh4I2JbQmIVlG6ZvgzGt_IqqYUrg==

GET
H2 200 2a4927260c1cda3cc54c49537a2b246d.jpg
d1tcpqtzfohdid.cloudfront.net/reviewphotos/ 2 KB
2 KB 46ms
38ms Image
application/octet-stream 2600:9000:2134:1200:1d:3b60:a940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tcpqtzfohdid.cloudfront.net/reviewphotos/2a4927260c1cda3cc54c49537a2b246d.jpg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2134:1200:1d:3b60:a940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 118ba2d0108f5a49db80fddbc8e7d9294b8f50091ff610a074a12e2d24af904b

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 04:12:53 GMT
via: 1.1 13234883000891123bda3fd8d846da9d.cloudfront.net (CloudFront)
last-modified: Sat, 15 Feb 2020 18:02:31 GMT
server: AmazonS3
age: 57136
etag: "1b5bc927adb57776b2a2a32b32c8ee23"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-cf-pop: MXP64-C2
accept-ranges: bytes
content-length: 1658
x-amz-cf-id: wB9LL8L4iIfSTifjHg_lEihqK5-QMYR6Q613cZMkLXuz6nMAQx4UAw==

GET
H2 200 31c69bcf61626fa371a8a428aa2fc99b.jpg
d1tcpqtzfohdid.cloudfront.net/reviewphotos/ 2 KB
2 KB 46ms
39ms Image
application/octet-stream 2600:9000:2134:1200:1d:3b60:a940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tcpqtzfohdid.cloudfront.net/reviewphotos/31c69bcf61626fa371a8a428aa2fc99b.jpg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2134:1200:1d:3b60:a940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 59ad41cba077b304c9964f5fa21ac5e98e79d7c4eb5ac59fd5105d7efe474984

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 04:12:53 GMT
via: 1.1 13234883000891123bda3fd8d846da9d.cloudfront.net (CloudFront)
last-modified: Sat, 15 Feb 2020 16:02:33 GMT
server: AmazonS3
age: 57136
etag: "8e991c702e8e3a7457c26a2cdab130d4"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-cf-pop: MXP64-C2
accept-ranges: bytes
content-length: 1733
x-amz-cf-id: U84kJw2yny5FfjZ1uERPD2NqZ4ba4AbXXUy23tvLAOBDxejvmoXyTA==

GET
H2 200 9f72677fb2eaf6b87b8c2901b15643a2.jpg
d1tcpqtzfohdid.cloudfront.net/reviewphotos/ 2 KB
2 KB 48ms
41ms Image
application/octet-stream 2600:9000:2134:1200:1d:3b60:a940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tcpqtzfohdid.cloudfront.net/reviewphotos/9f72677fb2eaf6b87b8c2901b15643a2.jpg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2134:1200:1d:3b60:a940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 334cc5b070c8915ed39fd6e9c734a3bf0d4a3f98be82e8113948dffba6e225b8

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 05:33:27 GMT
via: 1.1 13234883000891123bda3fd8d846da9d.cloudfront.net (CloudFront)
last-modified: Wed, 12 Feb 2020 03:01:34 GMT
server: AmazonS3
age: 52302
etag: "77259e310225115621dce4c2339b79bb"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-cf-pop: MXP64-C2
accept-ranges: bytes
content-length: 1557
x-amz-cf-id: vkRrWR3jPuWGqiGNbeQJaXrqburnptdIsPKE2Wa7YLoV5JhL1QM6aw==

GET
H2 200 b0e35c78d5fdba7f7e296f46e346ebcd.jpg
d1tcpqtzfohdid.cloudfront.net/reviewphotos/ 2 KB
2 KB 49ms
41ms Image
application/octet-stream 2600:9000:2134:1200:1d:3b60:a940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tcpqtzfohdid.cloudfront.net/reviewphotos/b0e35c78d5fdba7f7e296f46e346ebcd.jpg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2134:1200:1d:3b60:a940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39d9d5ea1c3bb9e0686e641f089efe20f0edc10bc7104f02dbfec65626f22634

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 05:48:14 GMT
via: 1.1 13234883000891123bda3fd8d846da9d.cloudfront.net (CloudFront)
last-modified: Mon, 10 Feb 2020 19:02:59 GMT
server: AmazonS3
age: 51415
etag: "c99399438bcd67cbb5b7f2d4b0b147d1"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-cf-pop: MXP64-C2
accept-ranges: bytes
content-length: 1840
x-amz-cf-id: 6fiFsY4gWGgo3M4Kh3nSFPvRWfzggzH0DxSkkpbfCSpdnaG7ggZRkg==

GET
H2 200 55741951e080e47759e0aabe45eb10c9.jpg
d1tcpqtzfohdid.cloudfront.net/reviewphotos/ 2 KB
2 KB 53ms
45ms Image
application/octet-stream 2600:9000:2134:1200:1d:3b60:a940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tcpqtzfohdid.cloudfront.net/reviewphotos/55741951e080e47759e0aabe45eb10c9.jpg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2134:1200:1d:3b60:a940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad7fae2ac56c5ee0b9dc01c68734047d85adf58fe2043fc6992ed0fe725bce74

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 04:12:53 GMT
via: 1.1 13234883000891123bda3fd8d846da9d.cloudfront.net (CloudFront)
last-modified: Sun, 09 Feb 2020 00:03:18 GMT
server: AmazonS3
age: 57136
etag: "6db1c973853b449c4d4081eb2f4bb91e"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-cf-pop: MXP64-C2
accept-ranges: bytes
content-length: 1816
x-amz-cf-id: it7earKN2BnLNJktZUaJyQgZQJQHS7aD09JS_pJEHJmocwavd1DCzw==

GET
H2 200 2b3f1a2ad056a50048da5c56fff7bf00.jpg
d1tcpqtzfohdid.cloudfront.net/reviewphotos/ 2 KB
2 KB 49ms
41ms Image
application/octet-stream 2600:9000:2134:1200:1d:3b60:a940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tcpqtzfohdid.cloudfront.net/reviewphotos/2b3f1a2ad056a50048da5c56fff7bf00.jpg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2134:1200:1d:3b60:a940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 74e1f16aaa49e297bab823a6086767c7cdbfb4bb5db7cf66ffeb9620e9f930a5

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 05:33:27 GMT
via: 1.1 13234883000891123bda3fd8d846da9d.cloudfront.net (CloudFront)
last-modified: Mon, 03 Feb 2020 17:03:14 GMT
server: AmazonS3
age: 52302
etag: "5b97391c74bedaa5363d21a4d1385ac8"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-cf-pop: MXP64-C2
accept-ranges: bytes
content-length: 1954
x-amz-cf-id: UIakIPGPsGER34td601UoW79eaTx8yJnNbKdzNFdDalwGhs5G3WbPQ==

GET
H2 200 39580d90dd658e8bb3b7bf8cb8865f02.jpg
d1tcpqtzfohdid.cloudfront.net/reviewphotos/ 2 KB
2 KB 49ms
42ms Image
application/octet-stream 2600:9000:2134:1200:1d:3b60:a940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tcpqtzfohdid.cloudfront.net/reviewphotos/39580d90dd658e8bb3b7bf8cb8865f02.jpg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2134:1200:1d:3b60:a940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc5a46ef6db6318b598cb9c6fe40175862fd16c8dac97bc7df6d99a26c1907c6

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 05:33:27 GMT
via: 1.1 13234883000891123bda3fd8d846da9d.cloudfront.net (CloudFront)
last-modified: Sun, 26 Jan 2020 05:02:32 GMT
server: AmazonS3
age: 52302
etag: "49027d8258e9950821e8b01ef8b59dd6"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-cf-pop: MXP64-C2
accept-ranges: bytes
content-length: 2055
x-amz-cf-id: 3Hb-GjSG6Hr95jD_rCMZX8lE1NhtntZqMH_ZxwMjkNU5n4mzl5amTA==

GET
H2 200 9a7ec82c6046080cfa0caa8f69770dcb.jpg
d1tcpqtzfohdid.cloudfront.net/reviewphotos/ 2 KB
2 KB 50ms
42ms Image
application/octet-stream 2600:9000:2134:1200:1d:3b60:a940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tcpqtzfohdid.cloudfront.net/reviewphotos/9a7ec82c6046080cfa0caa8f69770dcb.jpg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2134:1200:1d:3b60:a940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef1e627a6f1a1d47512ce92c9846ac0c63348a2569a2ea87ceb77ee09209a0d5

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 07:42:31 GMT
via: 1.1 13234883000891123bda3fd8d846da9d.cloudfront.net (CloudFront)
last-modified: Mon, 20 Jan 2020 18:01:03 GMT
server: AmazonS3
age: 44558
etag: "7bc6a5f5aea46c4f2d4b567214673a0a"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-cf-pop: MXP64-C2
accept-ranges: bytes
content-length: 1691
x-amz-cf-id: iGOrdKZ3LrgW4WaoxdYBPy6eR-gw9fYfa6UJXszP6fwOVzH346QYMw==

GET
H2 200 852deefaeede56b11a94d2145d232710.jpg
d1tcpqtzfohdid.cloudfront.net/reviewphotos/ 2 KB
2 KB 50ms
43ms Image
application/octet-stream 2600:9000:2134:1200:1d:3b60:a940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tcpqtzfohdid.cloudfront.net/reviewphotos/852deefaeede56b11a94d2145d232710.jpg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2134:1200:1d:3b60:a940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6606b2d7afb2ce5f63f607c46773e321601ec6434dd82d030fc7e80e7ee6b23b

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 00:50:45 GMT
via: 1.1 13234883000891123bda3fd8d846da9d.cloudfront.net (CloudFront)
last-modified: Sat, 18 Jan 2020 17:01:00 GMT
server: AmazonS3
age: 69264
etag: "70dd90be8d0b279764e2ff85dfa5f1f5"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-cf-pop: MXP64-C2
accept-ranges: bytes
content-length: 1868
x-amz-cf-id: XEevv_cLD0LkB0xTe1OiI9vkQBVLe664Ty-lPA-FiD28XIpYRK1jEA==

GET
H2 200 8aa2c471fd473a2e9c6ac00ea6140759.jpg
d1tcpqtzfohdid.cloudfront.net/reviewphotos/ 2 KB
2 KB 51ms
44ms Image
application/octet-stream 2600:9000:2134:1200:1d:3b60:a940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tcpqtzfohdid.cloudfront.net/reviewphotos/8aa2c471fd473a2e9c6ac00ea6140759.jpg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2134:1200:1d:3b60:a940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1c18b0b74ca43a4ae91b864fe26630554915b6c878f9b9a87a5a950dc0e1048f

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 07:40:10 GMT
via: 1.1 13234883000891123bda3fd8d846da9d.cloudfront.net (CloudFront)
last-modified: Sat, 18 Jan 2020 02:02:30 GMT
server: AmazonS3
age: 44699
etag: "4897c15b461836f1d6bd53f8f4b313e1"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-cf-pop: MXP64-C2
accept-ranges: bytes
content-length: 1564
x-amz-cf-id: LxOeqDeYksD0HUQ-qEamLLm2PV2LKL1WLCnqAjKgGliFjEauFiluYA==

GET
H2 200 ad3650f05a2ae7ce8c726578ac937ec1.jpg
d1tcpqtzfohdid.cloudfront.net/reviewphotos/ 2 KB
2 KB 52ms
44ms Image
application/octet-stream 2600:9000:2134:1200:1d:3b60:a940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tcpqtzfohdid.cloudfront.net/reviewphotos/ad3650f05a2ae7ce8c726578ac937ec1.jpg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2134:1200:1d:3b60:a940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 425f0412c818e059705362d1ae083908054dad58785d5cc962eafda2d8ed61ea

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 24 Mar 2020 23:56:39 GMT
via: 1.1 13234883000891123bda3fd8d846da9d.cloudfront.net (CloudFront)
last-modified: Fri, 17 Jan 2020 16:03:03 GMT
server: AmazonS3
age: 72510
etag: "52af4645ee173447ba1f232ded8a9eb4"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-cf-pop: MXP64-C2
accept-ranges: bytes
content-length: 1639
x-amz-cf-id: fjr2ihjQkwnq4tFaPJvaMtdFWPo-JVNBnJb8NfYyy4H0uKdbs5ngpg==

GET
H2 200 8fb4ae6b5a9e1abf6390fcb62f820a30.jpg
d1tcpqtzfohdid.cloudfront.net/reviewphotos/ 2 KB
2 KB 51ms
44ms Image
application/octet-stream 2600:9000:2134:1200:1d:3b60:a940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tcpqtzfohdid.cloudfront.net/reviewphotos/8fb4ae6b5a9e1abf6390fcb62f820a30.jpg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2134:1200:1d:3b60:a940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24fe2d489a4a226c19916faea28c84c9615a22b99128c50d1ae6e76c07898a87

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 08:56:39 GMT
via: 1.1 13234883000891123bda3fd8d846da9d.cloudfront.net (CloudFront)
last-modified: Fri, 17 Jan 2020 14:02:39 GMT
server: AmazonS3
age: 40110
etag: "d37f940be5d3997fefe43f831534c331"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-cf-pop: MXP64-C2
accept-ranges: bytes
content-length: 1701
x-amz-cf-id: 16yS817k-lg8qZiAmceej46Q1zRUhtytXU-i7fIgxNRwBRDEvHzqBw==

GET
H2 200 41170e22de873c1595c003775fb2785c.jpg
d1tcpqtzfohdid.cloudfront.net/reviewphotos/ 2 KB
2 KB 55ms
48ms Image
application/octet-stream 2600:9000:2134:1200:1d:3b60:a940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tcpqtzfohdid.cloudfront.net/reviewphotos/41170e22de873c1595c003775fb2785c.jpg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2134:1200:1d:3b60:a940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 59ec0e11014accb3a24c9a06624e9cb17edd08226e97ae456a8d45715902b9da

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 00:50:45 GMT
via: 1.1 13234883000891123bda3fd8d846da9d.cloudfront.net (CloudFront)
last-modified: Fri, 17 Jan 2020 10:02:45 GMT
server: AmazonS3
age: 69264
etag: "f118e7d5ba132111bc4f5392eae1016d"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-cf-pop: MXP64-C2
accept-ranges: bytes
content-length: 1832
x-amz-cf-id: TXNpoertFCkxoBEVZCsQ6US_VKDPqLwSRzL3LvmnAyAjMbkSjJaXhQ==

GET
H2 200 ede2045fe2d4e928836266ad3c98750f.jpg
d1tcpqtzfohdid.cloudfront.net/reviewphotos/ 2 KB
2 KB 54ms
47ms Image
application/octet-stream 2600:9000:2134:1200:1d:3b60:a940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tcpqtzfohdid.cloudfront.net/reviewphotos/ede2045fe2d4e928836266ad3c98750f.jpg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2134:1200:1d:3b60:a940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f005e5d69340342309b21bbd3574cb9367aaa0569e4edf1484d6b5791478bfc6

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 24 Mar 2020 23:56:39 GMT
via: 1.1 13234883000891123bda3fd8d846da9d.cloudfront.net (CloudFront)
last-modified: Fri, 17 Jan 2020 06:01:29 GMT
server: AmazonS3
age: 72510
etag: "7bcd843b41cad9ef8d3079844d3d9214"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-cf-pop: MXP64-C2
accept-ranges: bytes
content-length: 1601
x-amz-cf-id: mS7F3sPlctTOuAyxSnFsDfX31qOVtXXnpygHg0Orz-ZoEuFc3dFR5Q==

GET
H2 200 9284e7899d6cb27fd96bbab17285774b.jpg
d1tcpqtzfohdid.cloudfront.net/reviewphotos/ 2 KB
2 KB 56ms
49ms Image
application/octet-stream 2600:9000:2134:1200:1d:3b60:a940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tcpqtzfohdid.cloudfront.net/reviewphotos/9284e7899d6cb27fd96bbab17285774b.jpg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2134:1200:1d:3b60:a940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 998456ce6936595330065f059708e893b1c5b56f9f7b4956d8b77542f991d9bc

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 07:02:38 GMT
via: 1.1 13234883000891123bda3fd8d846da9d.cloudfront.net (CloudFront)
last-modified: Fri, 17 Jan 2020 04:02:30 GMT
server: AmazonS3
age: 46951
etag: "cda8817ddd58c8173eead52a50c2f3e7"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-cf-pop: MXP64-C2
accept-ranges: bytes
content-length: 1988
x-amz-cf-id: ICkwnJneL0zxVQwuE7S1uuTmTiqYK7dODbrENosYCIYfzwWlqjfd1Q==

GET
H2 200 aec9da313c07c13a2f4fd53a4244a82b.jpg
d1tcpqtzfohdid.cloudfront.net/reviewphotos/ 2 KB
2 KB 58ms
51ms Image
application/octet-stream 2600:9000:2134:1200:1d:3b60:a940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tcpqtzfohdid.cloudfront.net/reviewphotos/aec9da313c07c13a2f4fd53a4244a82b.jpg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2134:1200:1d:3b60:a940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ed5dfdb287dc37f0e15691fd9e2a07fe561e95d71e1ed6b01e26fb4da272553f

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 07:42:31 GMT
via: 1.1 13234883000891123bda3fd8d846da9d.cloudfront.net (CloudFront)
last-modified: Thu, 16 Jan 2020 23:01:26 GMT
server: AmazonS3
age: 44558
etag: "f4bd82a4c89ac3039078193c7cb0580f"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-cf-pop: MXP64-C2
accept-ranges: bytes
content-length: 1848
x-amz-cf-id: 4lSfJTu5T54n4vnuMMyd1k94pLUvVPpRrASoZdzfPrvH5wpVYgrusQ==

GET
H2 200 c1bccda46f931d981f81d69e40cd6def.jpg
d1tcpqtzfohdid.cloudfront.net/reviewphotos/ 2 KB
2 KB 60ms
53ms Image
application/octet-stream 2600:9000:2134:1200:1d:3b60:a940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tcpqtzfohdid.cloudfront.net/reviewphotos/c1bccda46f931d981f81d69e40cd6def.jpg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2134:1200:1d:3b60:a940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eab5535690ae29f895dca1932ee16324a7172840c0dd4e1b5f5412938792ee15

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 00:50:45 GMT
via: 1.1 13234883000891123bda3fd8d846da9d.cloudfront.net (CloudFront)
last-modified: Thu, 16 Jan 2020 23:01:26 GMT
server: AmazonS3
age: 69264
etag: "bbd772d06a217d0ef7c459cb1db34b6f"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-cf-pop: MXP64-C2
accept-ranges: bytes
content-length: 1839
x-amz-cf-id: i-yZZRhkF5-jnxlb1874pLtb1e9ewG0OVt_Lzo3351-kXBL13K4W8g==

GET
H2 200 e0ff097ac0fc0ea17558a7f119fb8690.jpg
d1tcpqtzfohdid.cloudfront.net/reviewphotos/ 2 KB
2 KB 59ms
52ms Image
application/octet-stream 2600:9000:2134:1200:1d:3b60:a940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1tcpqtzfohdid.cloudfront.net/reviewphotos/e0ff097ac0fc0ea17558a7f119fb8690.jpg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2134:1200:1d:3b60:a940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c7fa7f944faa26dc1b5744bdc34c88008c968e0c3e82ea32c66921a1480276a

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 00:50:45 GMT
via: 1.1 13234883000891123bda3fd8d846da9d.cloudfront.net (CloudFront)
last-modified: Thu, 16 Jan 2020 19:02:46 GMT
server: AmazonS3
age: 69264
etag: "0e7371f5692d26e707cb0f05a4d4c66d"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-cf-pop: MXP64-C2
accept-ranges: bytes
content-length: 2057
x-amz-cf-id: sG1e9E-lQtQRua0bar8Rgc6gUyyE3e5X5WYnw8Rdd28aAFq1pit3wg==

GET
H2 200 map-placeholder.svg
d3j4c7e2o820k1.cloudfront.net/assets/img/ 3 KB
1 KB 35ms
31ms Image
image/svg+xml 2600:9000:20c3:fc00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/map-placeholder.svg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20c3:fc00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 223ebff1459ded262b1e57e003cee79bb09877d144d41837884e01ce1d33a430

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 17 Mar 2020 02:41:45 GMT
content-encoding: gzip
age: 753803
x-cache: Hit from cloudfront
status: 200
content-length: 1081
last-modified: Sat, 14 Mar 2020 17:38:31 GMT
server: Apache
vary: Accept-Encoding,Origin
content-type: image/svg+xml
via: 1.1 vegur, 1.1 6f5ba49c3df973a476d63dbb743d9b23.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: MUC50-C1
accept-ranges: bytes
x-amz-cf-id: gEZIdaZ3Dis8Y1l9AVFlvW6sUwWLgUXDEmdUHLekHhtUZdCsSlREHg==
expires: Thu, 16 Apr 2020 02:41:45 GMT

GET
H2 200 155db98-2d3dabf.js Show response
d3j4c7e2o820k1.cloudfront.net/js/ 62 KB
13 KB 41ms
16ms Script
application/javascript 2600:9000:20c3:fc00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3j4c7e2o820k1.cloudfront.net/js/155db98-2d3dabf.js
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20c3:fc00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 11e87049909fbc3e2e3629b524b476c3b6f3a33c6a323d9ecaad620f7cdcd278

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Origin: https://www.underluckystars.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Mar 2020 18:29:11 GMT
content-encoding: gzip
age: 5757
x-cache: Hit from cloudfront
status: 200
content-length: 12354
via: 1.1 vegur, 1.1 4699c08b44211e17f977ca0133ec5e8f.cloudfront.net (CloudFront)
last-modified: Wed, 25 Mar 2020 18:24:21 GMT
server: Apache
vary: Accept-Encoding,Origin
content-type: application/javascript
access-control-allow-origin: https://www.underluckystars.com
cache-control: max-age=31536000
x-amz-cf-pop: MUC50-C1
accept-ranges: bytes
x-amz-cf-id: 0ocOF4Fkj1_3I9gzEYK21QV6ioUHfZLEMIDbWCE3uGafp2wungd84w==
expires: Thu, 25 Mar 2021 18:29:11 GMT

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/5.7.1/ 50 KB
16 KB 32ms
8ms Script
application/javascript 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/5.7.1/bundle.min.js

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

24e4877ca33576796f28eb3d787740cf52079aa02d95506db9bb60c5a4339545

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Origin: https://www.underluckystars.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Mar 2020 20:05:08 GMT
content-encoding: gzip
last-modified: Tue, 15 Oct 2019 10:21:31 GMT
server: Fastly
age: 10836258
etag: "6fa70d51e7fefe0bbbc21c95dd967761"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15874
expires: Fri, 20 Nov 2020 10:00:48 GMT

GET
H/1.1 200
OK dropin.min.js Show response
js.braintreegateway.com/web/dropin/1.9.1/js/ 232 KB
60 KB 70ms
16ms Script
application/javascript 23.45.110.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://js.braintreegateway.com/web/dropin/1.9.1/js/dropin.min.js
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.45.110.210 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-45-110-210.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ac11651c3d985438dc8d7916fd535049b9036642b7303207f49dbb2931435081

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 25 Mar 2020 20:05:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Mar 2020 19:53:41 GMT
Server: nginx
ETag: "5e751f45-3a110"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=21600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 61542
Expires: Thu, 26 Mar 2020 02:05:08 GMT

GET
H2 200 d500aac-3be4bf7.js Show response
d3j4c7e2o820k1.cloudfront.net/js/ 107 KB
36 KB 23ms
16ms Script
application/javascript 2600:9000:20c3:fc00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3j4c7e2o820k1.cloudfront.net/js/d500aac-3be4bf7.js
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20c3:fc00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: aca414d04a40a32f0a3db8f75d62f2b08f0c62daa3a28d356d862be744c16138

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 25 Mar 2020 18:29:11 GMT
content-encoding: gzip
age: 5757
x-cache: Hit from cloudfront
status: 200
content-length: 36743
last-modified: Wed, 25 Mar 2020 18:24:21 GMT
server: Apache
vary: Accept-Encoding,Origin
content-type: application/javascript
via: 1.1 vegur, 1.1 6f5ba49c3df973a476d63dbb743d9b23.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: MUC50-C1
accept-ranges: bytes
x-amz-cf-id: Tc2Xl3dDFL4uhO4fmVMxPcsFHWMffNvv3ZvpDd5DREPK8-sEpB9p5w==
expires: Thu, 25 Mar 2021 18:29:11 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 14ms
10ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 5193
date: Wed, 25 Mar 2020 18:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Wed, 25 Mar 2020 20:38:35 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 13ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: VOmPTbkDPKE110dtcxlYsF4Joqg11PiHzosv9VelbB0WGO/z+XYGjrgvvNKVj0a+h/agnMgZJwaDe0dsgJrSPA==
x-fb-trip-id: 1850256238
date: Wed, 25 Mar 2020 20:05:08 GMT, Wed, 25 Mar 2020 20:05:08 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 16 KB
6 KB 329ms
25ms Script
application/javascript 199.232.53.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.53.140 Manchester, United Kingdom, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: fbd6757a6ad188aea701fe6ca71161a93aa2a0e2022158d5b8e5ec8736765635

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 25 Mar 2020 20:05:08 GMT
content-encoding: gzip
age: 21
x-cache: HIT, HIT
status: 200
content-length: 5348
x-served-by: cache-dca17727-DCA, cache-man4129-MAN
last-modified: Mon, 13 Jan 2020 17:07:50 GMT
server: snooserv
x-timer: S1585166709.628721,VS0,VE0
etag: "210cfe12a67ebccebe2e8f9b9fddf790"
vary: Accept-Encoding,Origin
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=60
accept-ranges: bytes
x-cache-hits: 1, 33

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 11ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e8dbf47dd1d82884ed5c2377ce078133e21e812e269bc129733ec48cc5bc6967

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: bMUlK1imC/Uvmss7NZbuLg==
status: 200
date: Wed, 25 Mar 2020 20:05:08 GMT, Wed, 25 Mar 2020 20:05:08 GMT
expires: Wed, 25 Mar 2020 20:24:31 GMT
alt-svc: h3-27=":443"; ma=3600
content-length: 1781
x-fb-debug: OaiOiRqFGNFI7GuP/Cst3/KVGBF7NPw2bD16jKGX22TfMDNNWyE2Qfc1KteJ61Nm+KuEWJbPnw1OKjvxd8FThQ==
x-fb-trip-id: 1850256238
x-fb-content-md5: 1e558f9a1b37405503796efd3f021229
etag: "14c0342dc4a0e5e81e58439d9521a42b"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 scevent.min.js Show response
sc-static.net/ 13 KB
6 KB 3085ms
19ms Script
application/javascript 13.227.156.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.227.156.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-156-118.muc51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e93047ab88ddf3a33047a506b4a7594914e84fcf5ebac4b2723739e728e284b5

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 24 Mar 2020 21:13:51 GMT
content-encoding: gzip
last-modified: Tue, 25 Feb 2020 22:48:01 GMT
server: AmazonS3
age: 82280
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, s-maxage=86400, max-age=600
x-amz-cf-pop: MUC51-C1
x-amz-cf-id: xlZTBO6jXTiCKZtS77gRhVRhOPVN9ZQlwksrTNV_XxEslqDWpvwnkg==
via: 1.1 68bd6f488cd5f9867287f467b777d12a.cloudfront.net (CloudFront)

GET
H/1.1 200
OK sdk.js Show response
static.bytedance.com/pixel/ 13 KB
5 KB 3166ms
107ms Script
application/javascript 95.101.27.35
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bytedance.com/pixel/sdk.js?sdkid=BP6F8ODEUOQ9QM0D5SS0
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.27.35 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a95-101-27-35.deploy.static.akamaitechnologies.com
Software: nginx/1.14.2 /
Resource Hash: 75c57f1941ff8b22a5ecf13b33e167fd6c1c855719dfd2fc867bd8e010370fe9

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Wed, 25 Mar 2020 20:05:11 GMT
Content-Encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
Server: nginx/1.14.2
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
X-Parent-Response-Time: 98,92.123.107.35
X-Origin-Response-Time: 3,23.221.73.196
server-timing: cdn-cache; desc=MISS, edge; dur=96, origin; dur=3
Connection: keep-alive
Content-Length: 4744

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
730 B 195ms
133ms Script
application/javascript 2a02:26f0:6c00:18c::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:18c::1931 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: a8a5c752f8ae0c033572453cbb3240ca9047eae565ea1f3df7cb1ea67e9984d9

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "fdf03ac619d384023432225dbd221b25"
vary: Accept-Encoding, Origin
content-type: application/javascript
status: 200
cache-control: max-age=7200
x-fallback: 8bfaed09-2.16.187.47
accept-ranges: bytes
content-length: 563

GET
H2 200 hotjar-1742758.js Show response
static.hotjar.com/c/ 3 KB
2 KB 392ms
95ms Script
application/javascript 147.75.100.245
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1742758.js?sv=6

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.100.245 Central, Hong Kong, ASN54825 (PACKET, US),

Reverse DNS

pkt-ams-k2-shared-ingress15

Software

Resource Hash

66354f71ab0ce276bae725307b1005ab8a119f1ddbc7382c2c93c5c0654a9b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 25 Mar 2020 20:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
section-io-tag: hotjar
age: 0
status: 200
access-control-max-age: 600
section-io-origin-status: 304
section-io-cache: Miss
x-cache-hit: 1
x-frame-options: SAMEORIGIN
etag: W/b3983135dad9a374b0bccbbdb28bf69d
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.073
accept-ranges: bytes
section-io-id: 3894665e78106cf363565c1d915f8842
section-origin-responded: true

GET
H2 200 header-background.png
d3j4c7e2o820k1.cloudfront.net/assets/img/ 101 B
467 B 21ms
20ms Image
image/png 2600:9000:20c3:fc00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/header-background.png
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20c3:fc00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: bcfd25dd4e8aa4c4f264d115071e7f09a474684186f8b97fea39df46ca31f349

Request headers

Referer: https://d3j4c7e2o820k1.cloudfront.net/css/454a62b-739a863.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 04:17:40 GMT
via: 1.1 vegur, 1.1 6f5ba49c3df973a476d63dbb743d9b23.cloudfront.net (CloudFront)
last-modified: Wed, 18 Mar 2020 23:24:20 GMT
server: Apache
age: 575248
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=2592000
x-amz-cf-pop: MUC50-C1
accept-ranges: bytes
content-length: 101
x-amz-cf-id: BT9oOonwAIuaa_c2339hf1EYt4bBjMpeK2zqk81Q6zztqlarSe0JCw==
expires: Sat, 18 Apr 2020 04:17:40 GMT

GET
H2 200 close-icon.svg
d3j4c7e2o820k1.cloudfront.net/assets/img/ 1019 B
860 B 21ms
21ms Image
image/svg+xml 2600:9000:20c3:fc00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/close-icon.svg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20c3:fc00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 4093e24113dcc170051435db8382c56963f43b509e67230091722743ec481ed3

Request headers

Referer: https://d3j4c7e2o820k1.cloudfront.net/css/3397717-8a3bdca.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 19 Mar 2020 06:32:34 GMT
content-encoding: gzip
age: 567154
x-cache: Hit from cloudfront
status: 200
content-length: 460
last-modified: Wed, 18 Mar 2020 23:24:20 GMT
server: Apache
vary: Accept-Encoding,Origin
content-type: image/svg+xml
via: 1.1 vegur, 1.1 6f5ba49c3df973a476d63dbb743d9b23.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: MUC50-C1
accept-ranges: bytes
x-amz-cf-id: UzmoFaEf9ZLPf0YigBP3IrYhqEFNozb7Ldyy77W9zH5vwe_4fdnD9Q==
expires: Sat, 18 Apr 2020 06:32:34 GMT

GET
H2 200 zoom-icon-plus.svg
d3j4c7e2o820k1.cloudfront.net/assets/img/ 1 KB
1 KB 22ms
22ms Image
image/svg+xml 2600:9000:20c3:fc00:1a:5a9d:d440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3j4c7e2o820k1.cloudfront.net/assets/img/zoom-icon-plus.svg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20c3:fc00:1a:5a9d:d440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 6593b70c478ed8c75fed7931799bb371cd7b47fcd37574057c28213ce6e871a1

Request headers

Referer: https://d3j4c7e2o820k1.cloudfront.net/css/3397717-8a3bdca.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 17 Mar 2020 01:20:10 GMT
content-encoding: gzip
age: 758698
x-cache: Hit from cloudfront
status: 200
content-length: 633
last-modified: Sat, 14 Mar 2020 17:38:31 GMT
server: Apache
vary: Accept-Encoding,Origin
content-type: image/svg+xml
via: 1.1 vegur, 1.1 6f5ba49c3df973a476d63dbb743d9b23.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: MUC50-C1
accept-ranges: bytes
x-amz-cf-id: 1wn5JAFSMdKjxalFXnQgSQfLV4fDfjutJhGf3X3u4RWdNISerDTY_w==
expires: Thu, 16 Apr 2020 01:20:10 GMT

GET
DATA 200
OK truncated
/ 49 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9784df5d9fc8a2092d96c3fe651e8aa359acaefa6a84607e0fd0f5d09a3bf305

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500
Origin: https://www.underluckystars.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Mar 2020 03:21:18 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 1788230
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11180
x-xss-protection: 0
expires: Fri, 05 Mar 2021 03:21:18 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 29ms
6ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500
Origin: https://www.underluckystars.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 27 Feb 2020 08:47:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 2373482
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Fri, 26 Feb 2021 08:47:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 29ms
8ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto:300,400,500
Origin: https://www.underluckystars.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Mar 2020 03:12:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 1788749
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11056
x-xss-protection: 0
expires: Fri, 05 Mar 2021 03:12:39 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 26 KB
10 KB 24ms
23ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-867529107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

ea399158ef2d93ca8c14598e1ee6bfddf924d4b877c8972928d30ff23bcf1a30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 25 Mar 2020 20:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 9947
x-xss-protection: 0
server: cafe
etag: 2742097851886756974
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 25 Mar 2020 20:05:08 GMT

GET
H/1.1 200
OK f18d87ff-e261-4b25-bec7-a87bdbf96756-d8986883-d410-4a7f-94ea-f18365a67aad.frame.jpg
underluckystars.s3-eu-west-1.amazonaws.com/renders/ 211 KB
211 KB 3451ms
61ms Image
image/png 52.218.41.136
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://underluckystars.s3-eu-west-1.amazonaws.com/renders/f18d87ff-e261-4b25-bec7-a87bdbf96756-d8986883-d410-4a7f-94ea-f18365a67aad.frame.jpg
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.41.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: f17281048bbf8513206ac05d1d79b520bef02c66c022c5ac200a8850fdb84c2b

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 25 Mar 2020 20:05:12 GMT
Last-Modified: Wed, 25 Mar 2020 19:52:31 GMT
Server: AmazonS3
x-amz-request-id: 05874F5BA6AE71A4
ETag: "52bb1284e36ec43dceba35847b56b2af"
Content-Type: image/png
x-amz-storage-class: INTELLIGENT_TIERING
Accept-Ranges: bytes
Content-Length: 215789
x-amz-id-2: SINloUblsvQWszPZ40+dKRRiw728dgNAtk1iHfpeqgQhlaa6oFWckcpghiWW7Sw2M40EySUU7AQ=

OPTIONS
H/1.1 200
OK configuration Show response
api.braintreegateway.com/merchants/5tthsxbd6vpxxjrp/client_api/v1/ 0
453 B 1748ms
122ms XHR
text/plain 204.109.13.121
BRAINTREEPAYMENTS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.braintreegateway.com/merchants/5tthsxbd6vpxxjrp/client_api/v1/configuration?authorizationFingerprint=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6IkF1dGh5In0.eyJleHAiOjE1ODUyNTMxMDcsImp0aSI6IjQwNGViMmFkLWU5Y2MtNDAxMy05NmFlLTQ1OThlN2M0ZDk2ZSIsInN1YiI6IjV0dGhzeGJkNnZweHhqcnAiLCJpc3MiOiJBdXRoeSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6IjV0dGhzeGJkNnZweHhqcnAiLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0IjpmYWxzZX0sInJpZ2h0cyI6WyJtYW5hZ2VfdmF1bHQiXSwib3B0aW9ucyI6e319.nuo7fvUQGfCJm4ZRtQ0VMoCpDsUF-3aqCjQWPrOZ7dDqreQkMN_LgSUXCMRRZZdxs0b3w5R8_XRgPgvXsHwobg&_meta%5BmerchantAppId%5D=www.underluckystars.com&_meta%5Bplatform%5D=web&_meta%5BsdkVersion%5D=3.26.0&_meta%5Bsource%5D=client&_meta%5Bintegration%5D=custom&_meta%5BintegrationType%5D=custom&_meta%5BsessionId%5D=23c893f6-5d55-45e1-8f99-0168f5b30fa9&braintreeLibraryVersion=braintree%2Fweb%2F3.26.0&configVersion=3

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.7.1/bundle.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.109.13.121 , United States, ASN22510 (BRAINTREEPAYMENTSOLUTIONS, US),

Reverse DNS

api.braintreegateway.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Access-Control-Request-Method: GET
Origin: https://www.underluckystars.com
Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

date: Wed, 25 Mar 2020 20:05:10 GMT
server: nginx
access-control-max-age: 3000
access-control-allow-methods: GET, POST, OPTIONS
Content-Type: text/plain
access-control-allow-origin: https://www.underluckystars.com
access-control-expose-headers
transfer-encoding: chunked
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-credentials: true
access-control-allow-headers: content-type

GET
H2

200

asset_composer.js Show response
static.zdassets.com/ekr/ Frame 1B47
Redirect Chain

https://assets.zendesk.com/embeddable_framework/main.js
https://static.zdassets.com/ekr/asset_composer.js

24 KB
7 KB

37ms
37ms

Script
application/javascript

104.18.73.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/asset_composer.js

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.73.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Mar 2020 20:05:08 GMT
content-encoding: br
cf-cache-status: HIT
age: 27
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
x-amz-request-id: E3B9A5A2B1CA458E
x-amz-id-2: D3ADCQv3InxT8nIiFplIN8RwYzeeXBrH3MOOtNsXvv6MQ704quX9qIr+zSdq8w5M5SqLd1QV+ds=
last-modified: Mon, 02 Mar 2020 02:50:56 GMT
server: cloudflare
etag: W/"f47f1934dec578b3ec2daacb7e61d9c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: NgIQP8T55iryXzC4llLk1TRzHDzGhXFS
cf-ray: 579b3ebade129716-FRA

Redirect headers

date: Wed, 25 Mar 2020 20:05:08 GMT
server: cloudflare
location: https://static.zdassets.com/ekr/asset_composer.js
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
status: 301
cache-control: max-age=3600
strict-transport-security: max-age=0
cf-ray: 579b3eba5d65dffb-FRA
expires: Wed, 25 Mar 2020 21:05:08 GMT

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 42 KB
10 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.15

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2d1ebc88e56ceb0aa1d93c5e7f46539110c25d1d07a1bab71a8dc3afa5d07cb8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 10620
x-xss-protection: 0
pragma: public
x-fb-debug: 7zJbl/YHEpxLmXV1p7ou1S2qiMypBOiuPZz2/sBa4T1iTrLpCtxi2o+FSPszxnBTLgfZZX9xsodE+cAwHG5zvQ==
x-fb-trip-id: 1850256238
date: Wed, 25 Mar 2020 20:05:08 GMT, Wed, 25 Mar 2020 20:05:08 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 782857011853426 Show response
connect.facebook.net/signals/config/ 447 KB
113 KB 238ms
233ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/782857011853426?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

57b9d8fd52d4524fb0d8f16ecf840be6895e803132b0536a54b97bf85078447d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: xTqoSqazkQI35xmD/cBwmoLxdUfx9b0r7Tfmz0WZAwKvWuzwca1S98a1FidicnrqMVB2ppTEOGqLRwmeRWSCRQ==
x-fb-trip-id: 1850256238
date: Wed, 25 Mar 2020 20:05:08 GMT, Wed, 25 Mar 2020 20:05:08 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 392 KB
113 KB 10ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=d3677e5272613d0214f8841c8ecb226f&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c22ecfe911f2837001d32e9ca5034a9d0288f71a98b217bb89d0f1060cf09b4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Origin: https://www.underluckystars.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 6URQauqhr8u2HrzkK8RPLQ==
status: 200
date: Wed, 25 Mar 2020 20:05:08 GMT, Wed, 25 Mar 2020 20:05:08 GMT
expires: Thu, 25 Mar 2021 20:04:34 GMT
alt-svc: h3-27=":443"; ma=3600
content-length: 115894
x-fb-debug: /wezNEYSUSiEIMdQpZ1OvcgT64pifCtFcFiTUYzf5qA2rrWkn1SnZ/pJ5P5olTJmjQj2dt7Fkm4THEjmHqUykw==
x-fb-trip-id: 1850256238
x-fb-content-md5: c458f5f14df9e1ca2dc67f7850eb1428
etag: "7225392030b629be210a168bf23f9dc1"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 78 KB
27 KB 36ms
32ms Script
application/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-WD5DG8M&cid=422998202.1585166709&aip=true

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

73ab5b4542452ac341fa1aa7ab78d101193d9839f925272a9144b71cc7fb3bcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 25 Mar 2020 20:05:08 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Cache-Control
content-length: 27184
x-xss-protection: 0
expires: Wed, 25 Mar 2020 20:05:08 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/867529107/ 2 KB
1 KB 28ms
18ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/867529107/?random=1585166708775&cv=9&fst=1585166708775&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3i0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.underluckystars.com%2Fpay%2F16da749f-5335-4b63-9b79-ace7e1b77833%3Fnomenu%3D1&tiba=Personalized%20Star%20Maps%20-%20Under%20Lucky%20Stars&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3eba46d0ab9bce713fb6e9afa3bcbee1f03c8541cc03d6c44088fe6a563cc8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Wed, 25 Mar 2020 20:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1084
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.a37a8bbc.js Show response
s.pinimg.com/ct/lib/ 45 KB
16 KB 168ms
167ms Script
application/javascript 2a02:26f0:6c00:18c::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.a37a8bbc.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:18c::1931 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 5e8923354dc828bba8fd3a84f1fed88a4b7095207803798b521710119bf347da

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "dca924303eac8ed14b9cb0fa8819af3d"
vary: Accept-Encoding, Origin
content-type: application/javascript
status: 200
cache-control: max-age=1209600
x-fallback: 8bfaf0b7-2.16.187.47
accept-ranges: bytes
content-length: 16477

GET
H/1.1 200
OK rp.gif
alb.reddit.com/ 35 B
339 B 7516ms
104ms Image
image/gif 3.223.182.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1585166708827&id=t2_1ico7y9c&event=PageVisit&uuid=d74666c2-e834-4224-947a-38720e6f7b8f&s=FEnRtibBa1XvOtJNCAsSmRADiPp28j64OqRUvR8ZGvI%3D
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.182.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-182-220.compute-1.amazonaws.com
Software: /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 25 Mar 2020 20:05:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H/1.1 200
OK rp.gif
alb.reddit.com/ 35 B
339 B 7638ms
122ms Image
image/gif 3.223.182.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1585166708828&id=t2_1ico7y9c&event=AddToWishlist&uuid=d74666c2-e834-4224-947a-38720e6f7b8f&s=dceEfJZJ3hRb07bmL5FbHonp%2B%2FF8rtB%2BQqRuuUf1xbo%3D
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.223.182.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-223-182-220.compute-1.amazonaws.com
Software: /
Resource Hash: 6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Wed, 25 Mar 2020 20:05:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=2030477508&t=pageview&_s=1&dl=https%3A%2F%2Fwww.underluckystars.com%2Fpay%2F16da749f-5335-4b63-9b79-ace7e1b77833%3Fnomenu%3D1&dp=paymen...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-87234905-1&cid=422998202.1585166709&jid=315378487&_gid=40685145.1585166709&gjid=1619852863&_v=j81&z=1306625107
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-87234905-1&cid=422998202.1585166709&jid=315378487&_v=j81&z=1306625107
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-87234905-1&cid=422998202.1585166709&jid=315378487&_v=j81&z=1306625107&slf_rd=1&random=2194529080

42 B
109 B

42ms
41ms

Image
image/gif

2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-87234905-1&cid=422998202.1585166709&jid=315378487&_v=j81&z=1306625107&slf_rd=1&random=2194529080

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Mar 2020 20:05:09 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Mar 2020 20:05:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-87234905-1&cid=422998202.1585166709&jid=315378487&_v=j81&z=1306625107&slf_rd=1&random=2194529080
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
246 B 11ms
10ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=757281341110833&ev=fb_page_view&dl=https%3A%2F%2Fwww.underluckystars.com%2Fpay%2F16da749f-5335-4b63-9b79-ace7e1b77833%3Fnomenu%3D1&rl=&if=false&ts=1585166708943&sw=1600&sh=1200

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 20:05:08 GMT, Wed, 25 Mar 2020 20:05:08 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 25 Mar 2020 20:05:08 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/867529107/ 42 B
113 B 44ms
31ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/867529107/?random=1585166708775&cv=9&fst=1585166400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3i0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.underluckystars.com%2Fpay%2F16da749f-5335-4b63-9b79-ace7e1b77833%3Fnomenu%3D1&tiba=Personalized%20Star%20Maps%20-%20Under%20Lucky%20Stars&async=1&fmt=3&is_vtc=1&random=3067153834&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 25 Mar 2020 20:05:08 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/867529107/ 42 B
110 B 52ms
39ms Image
image/gif 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/867529107/?random=1585166708775&cv=9&fst=1585166400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa3i0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.underluckystars.com%2Fpay%2F16da749f-5335-4b63-9b79-ace7e1b77833%3Fnomenu%3D1&tiba=Personalized%20Star%20Maps%20-%20Under%20Lucky%20Stars&async=1&fmt=3&is_vtc=1&random=3067153834&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 25 Mar 2020 20:05:08 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.cf522d0ae101e277829e.js Show response
script.hotjar.com/ 366 KB
69 KB 104ms
24ms Script
application/javascript 147.75.102.231
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.cf522d0ae101e277829e.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1742758.js?sv=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.231 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress10
Software: /
Resource Hash: c67bd443002cf5e2f2522a5476024cdd979997908b0f237f6db588d17000d9bb

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 25 Mar 2020 20:05:08 GMT
content-encoding: br
content-type: application/javascript
age: 35201
status: 200
section-io-cache: Hit
content-length: 70686
last-modified: Wed, 25 Mar 2020 10:15:25 GMT
etag: "38a9c26943ec67dac744e32a004b1262"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.022
accept-ranges: bytes
section-io-id: 1996e193cb5eb1374378ab5f086b37b2
section-origin-responded: true

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame BA74 0
0 85ms
22ms Document
text/html 147.75.102.13
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1742758.js?sv=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.13 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress1
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1

Response headers

status: 200
date: Wed, 25 Mar 2020 20:05:09 GMT
content-type: text/html
content-length: 851
last-modified: Wed, 29 Jan 2020 12:33:12 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.031
section-origin-responded: true
age: 4865330
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: 4695f082eeadc03e8d48fca379fee435

GET
H2 200 985877981805439 Show response
connect.facebook.net/signals/config/ 447 KB
113 KB 90ms
86ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/985877981805439?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

057d6a3064c6f239dcdbf4bbab39faac1d634fc32c93407ea2f3ce32379dc2ae

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 5wKWmcS2yrR3p8e+/dwU8IPZpVlrakCRPtok85zfXhlwEv4P/ndHKOr+pum06VmaA8Y2f59UQNK5+Y+1sr1gYA==
x-fb-trip-id: 1850256238
date: Wed, 25 Mar 2020 20:05:09 GMT, Wed, 25 Mar 2020 20:05:09 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 underluckystars.zendesk.com Show response
ekr.zdassets.com/compose/web_widget/ Frame 1B47 724 B
760 B 3102ms
28ms XHR
application/json 104.18.74.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/web_widget/underluckystars.zendesk.com

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.74.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

feaacb3c1b84ccf91e15ce74c26343af5a6108095771714b868f8784bd7fe7d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Origin: https://www.underluckystars.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Mar 2020 20:05:12 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 20
status: 200, 200 OK
strict-transport-security: max-age=0
x-request-id: 11e17bbe-0570-43d1-bc69-aa4374b70011
x-runtime: 0.009900
server: cloudflare
etag: W/"feaacb3c1b84ccf91e15ce74c26343af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=600, s-maxage=60
cf-ray: 579b3ecee80b64a9-FRA

GET
H2 200 / Show response
ct.pinterest.com/user/ 35 B
358 B 3910ms
123ms XHR
image/gif 23.210.248.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2612474376513&pd=%7B%22em%22%3A%22%22%7D&cb=1585166709071

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.7.1/bundle.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.189 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-189.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Origin: https://www.underluckystars.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Mar 2020 20:05:12 GMT
x-cdn: akamai
status: 200
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: https://www.underluckystars.com
access-control-expose-headers: Epik
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
content-length: 35
x-pinterest-rid: 1171419881180185
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
282 B 4003ms
218ms Image
image/gif 23.210.248.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2612474376513&pd=%7B%22em%22%3A%22%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.underluckystars.com%2Fpay%2F16da749f-5335-4b63-9b79-ace7e1b77833%3Fnomenu%3D1%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%7D&cb=1585166709073

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.189 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-189.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 25 Mar 2020 20:05:13 GMT
x-cdn: akamai
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
status: 200
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
x-pinterest-rid: 4022851388276429
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
282 B 4007ms
222ms Image
image/gif 23.210.248.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=pagevisit&tid=2612474376513&pd=%7B%22em%22%3A%22%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.underluckystars.com%2Fpay%2F16da749f-5335-4b63-9b79-ace7e1b77833%3Fnomenu%3D1%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%7D&cb=1585166709073

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.189 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-189.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 25 Mar 2020 20:05:13 GMT
x-cdn: akamai
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
status: 200
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
x-pinterest-rid: 9589944094247578
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
282 B 3902ms
137ms Image
image/gif 23.210.248.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=addtocart&ed=%7B%22order_id%22%3A%2216da749f-5335-4b63-9b79-ace7e1b77833%22%2C%22value%22%3A69%2C%22currency%22%3A%22EUR%22%7D&tid=2612474376513&pd=%7B%22em%22%3A%22%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.underluckystars.com%2Fpay%2F16da749f-5335-4b63-9b79-ace7e1b77833%3Fnomenu%3D1%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%7D&cb=1585166709073

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.189 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-189.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 25 Mar 2020 20:05:12 GMT
x-cdn: akamai
access-control-allow-origin: *
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
status: 200
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 4
x-pinterest-rid: 5269263676563676
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=782857011853426&ev=PageView&dl=https%3A%2F%2Fwww.underluckystars.com%2Fpay%2F16da749f-5335-4b63-9b79-ace7e1b77833%3Fnomenu%3D1&rl=&if=false&ts=1585166709197&sw=1600&...
https://cx.atdmt.com/?c=10170003300956652809&f=AYxcUaC5WdWFwviXoTdaAcNv-v-bWp1PkUt65QppNzQBw54Irj8EaLU-lqusaHKESffA-DyClxe4_2dSAoz3u2Oc&id=782857011853426&l=3&v=0

42 B
432 B

122ms
108ms

Image
image/gif

2a03:2880:f02d:5:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cx.atdmt.com/?c=10170003300956652809&f=AYxcUaC5WdWFwviXoTdaAcNv-v-bWp1PkUt65QppNzQBw54Irj8EaLU-lqusaHKESffA-DyClxe4_2dSAoz3u2Oc&id=782857011853426&l=3&v=0
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:5:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Wed, 25 Mar 2020 20:05:09 GMT, Wed, 25 Mar 2020 20:05:09 GMT, Wed, 25 Mar 2020 20:05:09 GMT
p3p: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
alt-svc: h3-27=":443"; ma=3600
content-length: 42
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 25 Mar 2020 20:05:09 GMT, Wed, 25 Mar 2020 20:05:09 GMT
server: proxygen-bolt
location: https://cx.atdmt.com/?c=10170003300956652809&f=AYxcUaC5WdWFwviXoTdaAcNv-v-bWp1PkUt65QppNzQBw54Irj8EaLU-lqusaHKESffA-DyClxe4_2dSAoz3u2Oc&id=782857011853426&l=3&v=0
content-type: text/plain
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=3600
content-length: 0
expires: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
124 B 8ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=985877981805439&ev=PageView&dl=https%3A%2F%2Fwww.underluckystars.com%2Fpay%2F16da749f-5335-4b63-9b79-ace7e1b77833%3Fnomenu%3D1&rl=&if=false&ts=1585166709201&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1585166709196.2032243572&it=1585166708593&coo=false&rqm=GET

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 20:05:09 GMT, Wed, 25 Mar 2020 20:05:09 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 25 Mar 2020 20:05:09 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 10ms
9ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=782857011853426&ev=InitiateCheckout&dl=https%3A%2F%2Fwww.underluckystars.com%2Fpay%2F16da749f-5335-4b63-9b79-ace7e1b77833%3Fnomenu%3D1&rl=&if=false&ts=1585166709203&cd[value]=69&cd[currency]=EUR&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1585166709196.2032243572&it=1585166708593&coo=false&rqm=GET

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 20:05:09 GMT, Wed, 25 Mar 2020 20:05:09 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 25 Mar 2020 20:05:09 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=985877981805439&ev=InitiateCheckout&dl=https%3A%2F%2Fwww.underluckystars.com%2Fpay%2F16da749f-5335-4b63-9b79-ace7e1b77833%3Fnomenu%3D1&rl=&if=false&ts=1585166709204&cd[value]=69&cd[currency]=EUR&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1585166709196.2032243572&it=1585166708593&coo=false&rqm=GET

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 20:05:09 GMT, Wed, 25 Mar 2020 20:05:09 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 25 Mar 2020 20:05:09 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 10ms
10ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=782857011853426&ev=Microdata&dl=https%3A%2F%2Fwww.underluckystars.com%2Fpay%2F16da749f-5335-4b63-9b79-ace7e1b77833%3Fnomenu%3D1&rl=&if=false&ts=1585166709707&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Personalized%20Star%20Maps%20-%20Under%20Lucky%20Stars%22%2C%22meta%3Adescription%22%3A%22We%20make%20beautiful%20star%20maps%20showing%20the%20alignment%20of%20the%20stars%20in%20a%20place%20and%20time%20chosen%20by%20you.%20Birthday%2C%20engagement%2C%20first%20date.%20The%20original.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Under%20Lucky%20Stars%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.underluckystars.com%2F%3Fnomenu%3D1%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fd3j4c7e2o820k1.cloudfront.net%2Fassets%2Fimg%2Fexamples%2F1%402x.png%22%2C%22og%3Adescription%22%3A%22We%20make%20beautiful%20star%20maps%20showing%20the%20alignment%20of%20the%20stars%20in%20a%20place%20and%20time%20chosen%20by%20you.%20Birthday%2C%20engagement%2C%20first%20date.%22%2C%22og%3Asite_name%22%3A%22Under%20Lucky%20Stars%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=2&o=30&fbp=fb.1.1585166709196.2032243572&it=1585166708593&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 20:05:09 GMT, Wed, 25 Mar 2020 20:05:09 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 25 Mar 2020 20:05:09 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 9ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=985877981805439&ev=Microdata&dl=https%3A%2F%2Fwww.underluckystars.com%2Fpay%2F16da749f-5335-4b63-9b79-ace7e1b77833%3Fnomenu%3D1&rl=&if=false&ts=1585166709709&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Personalized%20Star%20Maps%20-%20Under%20Lucky%20Stars%22%2C%22meta%3Adescription%22%3A%22We%20make%20beautiful%20star%20maps%20showing%20the%20alignment%20of%20the%20stars%20in%20a%20place%20and%20time%20chosen%20by%20you.%20Birthday%2C%20engagement%2C%20first%20date.%20The%20original.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Under%20Lucky%20Stars%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.underluckystars.com%2F%3Fnomenu%3D1%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fd3j4c7e2o820k1.cloudfront.net%2Fassets%2Fimg%2Fexamples%2F1%402x.png%22%2C%22og%3Adescription%22%3A%22We%20make%20beautiful%20star%20maps%20showing%20the%20alignment%20of%20the%20stars%20in%20a%20place%20and%20time%20chosen%20by%20you.%20Birthday%2C%20engagement%2C%20first%20date.%22%2C%22og%3Asite_name%22%3A%22Under%20Lucky%20Stars%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=2&o=30&fbp=fb.1.1585166709196.2032243572&it=1585166708593&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 25 Mar 2020 20:05:09 GMT, Wed, 25 Mar 2020 20:05:09 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 25 Mar 2020 20:05:09 GMT

GET
H/1.1 200
OK configuration Show response
api.braintreegateway.com/merchants/5tthsxbd6vpxxjrp/client_api/v1/ 3 KB
2 KB 598ms
598ms XHR
application/json 204.109.13.121
BRAINTREEPAYMENTS...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

204.109.13.121 , United States, ASN22510 (BRAINTREEPAYMENTSOLUTIONS, US),

Reverse DNS

api.braintreegateway.com

Software

nginx /

Resource Hash

5d107b89eda40ee197b5ee37ee9942a7088a49cadefce032c5d17127e9dda8e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Origin: https://www.underluckystars.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 25 Mar 2020 20:05:10 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
x-cache-status: MISS
transfer-encoding: chunked
strict-transport-security: max-age=31536000; includeSubDomains
x-authentication: authorization_fingerprint
X-Request-Id: 353d0a19-00b9-4a16-ba04-659aafb6cf0c
X-Runtime: 0.471504
server: nginx
etag: W/"6770179ae69a139b7df484eb410c2035"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, OPTIONS
Content-Type: application/json; charset=utf-8
access-control-allow-origin: https://www.underluckystars.com
access-control-expose-headers
Cache-Control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
braintree-service-origin: clientauth

OPTIONS
H/1.1 200
OK 5tthsxbd6vpxxjrp Show response
client-analytics.braintreegateway.com/ 0
341 B 719ms
117ms XHR
text/plain 3.137.39.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/5tthsxbd6vpxxjrp
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.7.1/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.137.39.162 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-137-39-162.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.underluckystars.com
Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Wed, 25 Mar 2020 20:05:11 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.underluckystars.com
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Content-Length: 0

GET
H/1.1 200
OK dropin.min.css
assets.braintreegateway.com/web/dropin/1.9.1/css/ 23 KB
4 KB 2258ms
13ms Stylesheet
text/css 23.45.110.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/dropin/1.9.1/css/dropin.min.css

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.9.1/js/dropin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.45.110.210 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-45-110-210.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

2f3ae83832a47b3339568fe47a446e247c2ec07f0d6672f02e9b3bc2932f8ad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Fri, 20 Mar 2020 19:53:39 GMT
Server: nginx
ETag: "5e751f43-5c2d"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=21600
Date: Wed, 25 Mar 2020 20:05:13 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3765
Expires: Thu, 26 Mar 2020 02:05:13 GMT

GET
H2 200 checkout.4.0.166.min.js Show response
www.paypalobjects.com/api/ 872 KB
126 KB 1027ms
8ms Script
application/x-javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/api/checkout.4.0.166.min.js

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.9.1/js/dropin.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Apache /

Resource Hash

35c0c6a796f6d3c0a23a71a8379c52238d8b214b49f4da4c025522ee7e60a578

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 25 Mar 2020 20:05:11 GMT
x-pad: avoid browser bug
x-content-type-options: nosniff
age: 431423
x-cache: HIT, HIT
status: 200
surrorage-key: /api/checkout.4.0.166.min.js /api/checkout.4.0.166.min.js /api/checkout.4.0.166.min.js /api/checkout.4.0.166.min.js /api/checkout.4.0.166.min.js /api/checkout.4.0.166.min.js /api/checkout.4.0.166.min.js /api/checkout.4.0.166.min.js /api
strict-transport-security: max-age=31557600
content-encoding: gzip
content-length: 128596
x-served-by: cache-lax8643-LAX, cache-fra19182-FRA
last-modified: Tue, 28 Aug 2018 17:03:20 GMT
server: Apache
x-timer: S1585166712.942608,VS0,VE1
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 3, 1

GET
H2 200 i
tr.snapchat.com/cm/ Frame C0AD 0
0 45ms
22ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=eda2b568-c489-4298-9afc-850b0d216edd

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: tr.snapchat.com
:scheme: https
:path: /cm/i?pid=eda2b568-c489-4298-9afc-850b0d216edd
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1

Response headers

status: 200
server: nginx/1.17.3
date: Wed, 25 Mar 2020 20:05:11 GMT
content-type: text/html
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

POST
H2 200 p
tr.snapchat.com/ Frame 2492 0
0 41ms
31ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: tr.snapchat.com
:scheme: https
:path: /p
content-length: 279
pragma: no-cache
cache-control: no-cache
origin: https://www.underluckystars.com
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
accept-encoding: gzip, deflate, br
accept-language: en-US
Origin: https://www.underluckystars.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1

Response headers

status: 200
server: nginx/1.17.3
date: Wed, 25 Mar 2020 20:05:11 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBiQkAMAgEsIkEz/qOYylO4fBNmqdVrShTH6kfoarTJMM36jlibBeWBvcAlj8sFh+rMgAAAA==;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 track-log.js Show response
s0.ipstatp.com/ad/business/ 23 KB
9 KB 1074ms
18ms Script
application/x-javascript 99.86.162.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.ipstatp.com/ad/business/track-log.js
Requested by: Host: static.bytedance.com
URL: https://static.bytedance.com/pixel/sdk.js?sdkid=BP6F8ODEUOQ9QM0D5SS0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.162.48 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-162-48.mxp64.r.cloudfront.net
Software: nginx/1.14.2 /
Resource Hash: 7f03bab6e283c48afcefed6772588194098ed2d811ad24efc05ac5c3c1138204

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 25 Mar 2020 19:43:10 GMT
content-encoding: gzip
x-tt-trace-tag: id=00;cdn-cache=miss
age: 122
x-cache: Hit from cloudfront
status: 200
server-timing: inner;dur=0.004, inner; dur=4
via: 1.1 36be2c773789c1382b13900c0a0f5725.cloudfront.net (CloudFront)
last-modified: Thu, 05 Mar 2020 08:23:26 GMT
server: nginx/1.14.2
etag: W/"5e60b6fe-5b25"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=1200
x-tt-trace-host: 0173cd9990d2af9165309ca6c9132590820e83a95456366c970d936bb9e5ed4db139bead5bd3d51f0f91b8d0d25713dbdf43d06585882498ef975943adb67f67862d83ab79b7e0903b28f5c3a2e124afad
x-amz-cf-pop: MXP64-C2
timing-allow-origin: *
x-amz-cf-id: bnv6WfKxISk8vjvjFhTEUjSFRrmLgwQLI1_PilecSkhScWf47eCwhw==
expires: Wed, 25 Mar 2020 20:03:10 GMT

POST
H/1.1 200
OK 5tthsxbd6vpxxjrp Show response
client-analytics.braintreegateway.com/ 0
329 B 118ms
118ms XHR
text/plain 3.137.39.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/5tthsxbd6vpxxjrp
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.137.39.162 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-137-39-162.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Origin: https://www.underluckystars.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 25 Mar 2020 20:05:11 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.underluckystars.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
5 KB 87ms
62ms Script
application/x-javascript 72.246.168.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=www.underluckystars.com&t=xo

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.4.0.166.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.246.168.118 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-246-168-118.deploy.static.akamaitechnologies.com

Software

Resource Hash

7d42fd2cf7adef6e2ca9b9b706eef67e44e0f120c1435ea233807b8eda62fc55

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-w1fjinmxlmD4ZZIZUpPBwjq3PvF8vdbMmabaEdeByC4nTvS8' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline'; form-action 'self' https://.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-w1fjinmxlmD4ZZIZUpPBwjq3PvF8vdbMmabaEdeByC4nTvS8' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
etag: W/"310f-FGviSVLWgsmjFEfYfieMcNrYi0M"
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Wed, 25 Mar 2020 20:05:12 GMT
paypal-debug-id: dbc6a539a65cd
strict-transport-security: max-age=63072000
dc: phx-origin-www-2.paypal.com
vary: Accept-Encoding
content-length: 4456
x-xss-protection: 1; mode=block

OPTIONS
H/1.1 200
OK 5tthsxbd6vpxxjrp Show response
client-analytics.braintreegateway.com/ 0
341 B 117ms
116ms XHR
text/plain 3.137.39.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/5tthsxbd6vpxxjrp
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.7.1/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.137.39.162 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-137-39-162.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.underluckystars.com
Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Wed, 25 Mar 2020 20:05:12 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.underluckystars.com
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Content-Length: 0

OPTIONS
H/1.1 200
OK 5tthsxbd6vpxxjrp Show response
client-analytics.braintreegateway.com/ 0
341 B 218ms
116ms XHR
text/plain 3.137.39.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/5tthsxbd6vpxxjrp
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.7.1/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.137.39.162 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-137-39-162.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.underluckystars.com
Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Wed, 25 Mar 2020 20:05:12 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.underluckystars.com
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Content-Length: 0

GET
H2 200 button
www.paypal.com/webapps/hermes/ Frame AD54 0
0 281ms
281ms Document
text/html 72.246.168.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/webapps/hermes/button?version=4.0.166&env=production&style.color=blue&style.shape=rect&style.size=medium&locale.x=en_US&sessionID=6e88e51bd3_giydumbvhiyte&buttonSessionID=dd99a36546_giydumbvhiyte&funding.disallowed=venmo&logLevel=warn&uid=58fd817d1d&xcomponent=1

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.4.0.166.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.246.168.118 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-246-168-118.deploy.static.akamaitechnologies.com

Software

/ Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://connect.facebook.net https://www.facebook.com https://m.facebook.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.cardinalcommerce.com https://staticxx.facebook.com https://www.facebook.com https://m.facebook.com https://.baidu.com https://.baifubao.com; script-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src https: data:; base-uri 'self' https://.paypal.com; object-src 'none'; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.paypal.com
:scheme: https
:path: /webapps/hermes/button?version=4.0.166&env=production&style.color=blue&style.shape=rect&style.size=medium&locale.x=en_US&sessionID=6e88e51bd3_giydumbvhiyte&buttonSessionID=dd99a36546_giydumbvhiyte&funding.disallowed=venmo&logLevel=warn&uid=58fd817d1d&xcomponent=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1

Response headers

status: 200
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://connect.facebook.net https://www.facebook.com https://m.facebook.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.cardinalcommerce.com https://staticxx.facebook.com https://www.facebook.com https://m.facebook.com https://*.baidu.com https://*.baifubao.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src https: data:; base-uri 'self' https://*.paypal.com; object-src 'none'; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
paypal-debug-id: cb861fa8aa274
x-content-type-options: nosniff
x-cookies: {"tD08unW5xWPYcc3Vtbf3fJ3V3AQpBSPfm6WSV5oz4qyqFW9g":"tdk2NBTxT_Wl_-cVNSc6aF0IRgjNbxweHX7wowujcvk9vSWVFSvOvydYU8Fg_JjieVTaXGR3mMdQiwI9","iQCnhIy5-64PvineZIGVfUafYGUgmm9iludbMKXVIUhFSMEA":"WG6rKY4vcwME7n30JUdHf3qJqf9RBEEDjANrORYjQsc6sskoH8jxFhMvSKP6pcQPSJ98nTvA8BqSTDto","ag57olvZ7MWSTJXCB7PUbg1HbJ7ibAsoAYd73FZ9IOdz_8eW4AApCl4lKlO":"RP62QCypzM7GLX8WIW9x4g_mwKMFTdnfJX11klFZYGgOcQlg0Ne8SLs63b11zC54lMyn1eiYcU9QgZv4PNVye77R4r0AVGNfOla_0gjhKsev1fER_uStQfGehryjXZN_KteMOUYh4LuhjbJO6TEj8avtiW4hhs9UXpkKkTw72XpGWxgru7eGWYCQYloOAiaK87u5RooNlPx_y0rYD4I5wNsV8n47Rs41esNmFS361I0Z-bCQSNf4feNbeXoTIM0tmhIpjI8KRXlR-9CzBQ9l0vQu6eCV78ezc-Tiw_mXQNL43cGzaBNFwSLEyyeWjbTJmfZ7RWRSwnnUe3Nl36Ge7lNZmk2Kytz9qAPpZXF5uXSNEB7rFcGvMUjJPlk3iZ8HdTuIiHSqdH2BSxrCqstG4OhK-c9ayrHi5kLJj9UOOvliPzlc7L9zsl1FRq5rC9PJQml8KLge2N-CennjMGtebL3Lf9_a2-PLkV8CuTTMOvJHfTVC3_AM5gEZ90tbMddsed-Aozxazl4ewHhFTsscjQtGxQO3WOvEmgySJ0odvXTKR0t0NMky3VGom1jFvdewhuNHoX7txqDXCmdS","kg2qV_XhZLeHBcIhqJRalQcoTeI628APAgUHhMKICIrHc2Pz":"MrI-4CyIsZvzYf3Ftqtxcu7M1_WAF9XZqyvCcsvHQl8yyF71Xg0rbFvGSg2Hgn3di1AC0w4UR6VuxNA61SgPUpWh0mGlCwEZ7HjMyxiwM2xLZqnDP5GkNSLwoajLR7012of2ZqXL0Jz0zxZJ0nxjWuR5OFoqzLpcADlM8pq93eJEYpPBGJewXCmZbHRpwUmpInFZx-ijYLU6pYBibu_ZBQMIuGOjMFk1x514EG","1lqGsXW4eqX_7BylYaffZSBrM_FVp-T5d4SAddgQWEt6_lR1":"q723b-kDRWDcn6eLPZfXZFMDyE_4he6bXMewd4aVmvPNHKB5ciKd_WlR_XFwyG5TZ8xU2xvGBOOjQbKHbX1TNQiWt7W0JbVYyllFPIS-Cyz3UrIe5TvtgFH_0kvyps0UnxP2ip49AItq9z6imCMdkyvRHZaE_2OxdI7a_DVxkHqIyqXq"}
x-cookies-hash: 27861d01c9492a1c6b32ff0cf83f69726dcb230dbe5f125aff3dc59c223dbd49
x-csrf-jwt: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbiI6IlVtcWdHM2h5OUJHUlR3VkdCeFl4Nk1EZExHdU00SHUzUVF4LU5fZ0xRdGJXU1pvS2dHa1I0SWhiZFloN3Zta2lLNTVhT0VTMGJSOUNKWkFwcVFNZ2ozSEhEcEpfT3EzYmVOMmJoVl9oM3VFR2oyX1FCWGNaYzhGX1BuZ0tobU5ia3d3TnNTeTJiZnFZMGt1R1ZJa29NeGRCVGpQVHNwNXprRGEwbVV4SklkLXozLW5nZlRMSGxvTmxubGEiLCJpYXQiOjE1ODUxNjY3MTIsImV4cCI6MTU4NTE3MDMxMn0.2GrcHth7m1zn8stYOxfV7ckEaCvWaIVWXAnUgzHgCMo
x-csrf-jwt-hash: b3041b61e456d80515e7b8a06997c1e22551e11dcc9332590b1d23a1ddd6121d
x-powered-by: Express
x-xss-protection: 1; mode=block
dc: slc-b-origin-www-2.paypal.com
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 25 Mar 2020 20:05:12 GMT
set-cookie: LANG=en_US%3BUS; Path=/; Domain=paypal.com; Expires=Thu, 26 Mar 2020 04:51:08 GMT; Max-Age=31556; HttpOnly; Secure LANG=en_US%3BUS; Path=/; Domain=paypal.com; Expires=Thu, 26 Mar 2020 04:51:08 GMT; Max-Age=31556; HttpOnly; Secure; SameSite=None tsrce=hermesnodeweb; Path=/; Domain=paypal.com; Expires=Sat, 28 Mar 2020 20:05:12 GMT; HttpOnly; Secure; SameSite=None x-csrf-jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbiI6IlpDemlTdGFkSV9TNjN3c0p1di1CT2xoQzBxZ3l5MENULUJSR2ZETW10T040emU3Y3pRY2JjdzBKeWlOVUhjT29MdXNHUjVWbFBnVFNEYWNrTllLSmRCbGZEQ2lTdlR0T09QWTBCRFZIQTFpa2xvaHZUWnc0OEZSVVJGX2pTRDlxWmozd1AwQTB2aDl1V0hjZzVXcVhaZTd1bnFyMVRtZ0YwYlNyR0NaWG4zX1JYU0JjMVBJX1lON3Q5UnkiLCJpYXQiOjE1ODUxNjY3MTIsImV4cCI6MTU4NTE3MDMxMn0.khGPesRwFbuq2y4AXcItjeq6RQemXkd_BxFh3Dpf8PY; Path=/; Domain=paypal.com; Expires=Wed, 01 Apr 2020 20:05:12 GMT; HttpOnly; Secure; SameSite=None tsrce=hermesnodeweb; Path=/; Domain=paypal.com; Expires=Sat, 28 Mar 2020 20:05:12 GMT; HttpOnly; Secure; SameSite=None ts=vr%3D134c7d861710a899fb43cdd7fffffc4e%26vreXpYrS%3D1679837489%26vteXpYrS%3D1585168512%26vt%3D134c7d8f1710a899fb43cdd7fffffc4d; Path=/; Domain=paypal.com; Expires=Sun, 26 Mar 2023 13:31:29 GMT; HttpOnly; Secure; SameSite=None nsid=s%3Aa4H8JymCNyhg26ef-ah8qOF3cjNePZhY.xNC0dVuq0b8A64%2FCgQ7Ynt2zd6tav8sNuy3PQG%2FVFwY; Path=/; HttpOnly; Secure X-PP-SILOVER=name%3DLIVE6.WEB.1%26silo_version%3D880%26app%3Dhermesnodeweb%26TIME%3D1585166712%26HTTP_X_PP_AZ_LOCATOR%3Ddcg14.slc; Path=/; Domain=paypal.com; Expires=Wed, 25 Mar 2020 20:35:12 GMT; HttpOnly; Secure; SameSite=None X-PP-L7=1; Path=/; Domain=paypal.com; Secure; SameSite=None akavpau_ppsd=1585167312~id=c32ea98061367a2b1ce24780741050ae; Domain=www.paypal.com; Path=/; Secure; SameSite=None
strict-transport-security: max-age=63072000

GET
DATA 200
OK truncated
/ Frame 330E 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3551a75936077de738fa814761a357e4616685f20b8b4c7b80ca565eb6c7b3a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 330E 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b589ed091bdb8f53b786b946bc09af146cd3aec61ac302770052a6f689752718

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H2 200 logger Show response
www.paypal.com/webapps/hermes/api/ 2 B
3 KB 1993ms
215ms XHR
application/json 72.246.168.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/webapps/hermes/api/logger

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.7.1/bundle.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.246.168.118 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-246-168-118.deploy.static.akamaitechnologies.com

Software

/ Express

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://connect.facebook.net https://www.facebook.com https://m.facebook.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.cardinalcommerce.com https://staticxx.facebook.com https://www.facebook.com https://m.facebook.com https://.baidu.com https://.baifubao.com; script-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src https: data:; base-uri 'self' https://.paypal.com; object-src 'none'; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Access-Control-Request-Method: POST
Origin: https://www.underluckystars.com
Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type,x-requested-with

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://connect.facebook.net https://www.facebook.com https://m.facebook.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.cardinalcommerce.com https://staticxx.facebook.com https://www.facebook.com https://m.facebook.com https://*.baidu.com https://*.baifubao.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src https: data:; base-uri 'self' https://*.paypal.com; object-src 'none'; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
x-content-type-options: nosniff
x-powered-by: Express
status: 200
x-cookies-hash: 6fef931f2e5b0aab5e0eedcf932863b9dde8464002cd01cfa179c61025c0873d
paypal-debug-id: e15da738f6d56
dc: slc-b-origin-www-2.paypal.com
x-cookies: {"tD08unW5xWPYcc3Vtbf3fJ3V3AQpBSPfm6WSV5oz4qyqFW9g":"jekiov_SEtVAesObEk7hseJDI01CpOq7-11Tj65Z_slLNzpAqcCdaFu23mZplId2I6Bh5AIiXQ46CSoA","t8lU2Wr3fEoUltSkauz8Ie23ST8GcwRoGkA_X2s-CryBcJQgLz4pzwM1OfW":"VpuitkM0z4IIRlPMP6bwHqOTO40Q3fbAyIMiiJLYTuuYpzRi","vQZwlRa3LMuFB-WVI7Fw2H5S2B6wr0pnFl8EsTILysjF-dbZ":"4fGxkY-srd4EyPQmC8wC62R4WygYNhhN7A6WVfL5urRmcI95TQhXmTWbTL0QIvLPGA4C9NUrOQUDUIxFOUsN5n5YmXNHv-u11-WeDiDraUuKZ4VnFSMoqFP7m4Hmmy0ayQl3KG","iQCnhIy5-64PvineZIGVfUafYGUgmm9iludbMKXVIUhFSMEA":"ry8UHN_iMDApqq5PwV10qspG51A45ZZMO478s6Lr5B1dQCqttGyOs1QLxdHroUCbewyTiCKUGTSreXdt","kg2qV_XhZLeHBcIhqJRalQcoTeI628APAgUHhMKICIrHc2Pz":"tBO67vZvteQZ_aqdVTHMFOoc4jPtD1PqFVgGuCn3vaRrbmbC-HcR-6-IIBjbhGKshy-gBnxpZJWnjJDMCew2R-ZPRvS1KiANgbmAPTkdV5c8sAoc7ykjaCK7q9Aat232WvVpHeDY_bLrsv-TuzR2IAoDDXTfshgmVXru-dQMyWqU5Kk7uVBZMORlDiGSr7oKab3tFRQ30fK7znO2sMNSKomjQkGQupx51LWi_W","1lqGsXW4eqX_7BylYaffZSBrM_FVp-T5d4SAddgQWEt6_lR1":"CoQAG7k5njHnVoFqoxrMjD0O-qHWUHAfe66rlxygPjxNNr9P1wFhk5-oPx_5kYMYU647tLSSlCuB2q2TduhADLCM8Owm5pLFHrlNa9jA7dAxllIUa2j7iR6MyLM-hDtcKhqdaBqHjtubhasg9OQYvC-hJY5VpNhn6dlkj7nx-F2-FxS7"}
x-xss-protection: 1; mode=block
date: Wed, 25 Mar 2020 20:05:14 GMT
strict-transport-security: max-age=63072000
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.underluckystars.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
content-length: 2
access-control-allow-headers: content-type,x-requested-with

GET
H/1.1 200
OK hosted-fields-frame.min.html
assets.braintreegateway.com/web/3.26.0/html/ Frame D92C 0
0 1069ms
16ms Document
text/html 23.45.110.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/3.26.0/html/hosted-fields-frame.min.html

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.9.1/js/dropin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.45.110.210 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-45-110-210.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: assets.braintreegateway.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1

Response headers

Server: nginx
Content-Type: text/html
Last-Modified: Fri, 20 Mar 2020 19:53:37 GMT
ETag: "5e751f41-13c1f"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 22729
Cache-Control: max-age=21600
Expires: Thu, 26 Mar 2020 02:05:13 GMT
Date: Wed, 25 Mar 2020 20:05:13 GMT
Connection: keep-alive

GET
H/1.1 200
OK hosted-fields-frame.min.html
assets.braintreegateway.com/web/3.26.0/html/ Frame 70A3 0
0 1078ms
12ms Document
text/html 23.45.110.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/3.26.0/html/hosted-fields-frame.min.html

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.9.1/js/dropin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.45.110.210 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-45-110-210.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: assets.braintreegateway.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1

Response headers

Server: nginx
Content-Type: text/html
Last-Modified: Fri, 20 Mar 2020 19:53:37 GMT
ETag: "5e751f41-13c1f"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 22729
Cache-Control: max-age=21600
Expires: Thu, 26 Mar 2020 02:05:13 GMT
Date: Wed, 25 Mar 2020 20:05:13 GMT
Connection: keep-alive

GET
H/1.1 200
OK hosted-fields-frame.min.html
assets.braintreegateway.com/web/3.26.0/html/ Frame D83C 0
0 1093ms
17ms Document
text/html 23.45.110.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/3.26.0/html/hosted-fields-frame.min.html

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.9.1/js/dropin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.45.110.210 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-45-110-210.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: assets.braintreegateway.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1

Response headers

Server: nginx
Content-Type: text/html
Last-Modified: Fri, 20 Mar 2020 19:53:37 GMT
ETag: "5e751f41-13c1f"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 22729
Cache-Control: max-age=21600
Expires: Thu, 26 Mar 2020 02:05:13 GMT
Date: Wed, 25 Mar 2020 20:05:13 GMT
Connection: keep-alive

GET
H/1.1 200
OK hosted-fields-frame.min.html
assets.braintreegateway.com/web/3.26.0/html/ Frame BDDD 0
0 1108ms
16ms Document
text/html 23.45.110.210
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/3.26.0/html/hosted-fields-frame.min.html

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.9.1/js/dropin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.45.110.210 , Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-45-110-210.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: assets.braintreegateway.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1

Response headers

Server: nginx
Content-Type: text/html
Last-Modified: Fri, 20 Mar 2020 19:53:37 GMT
ETag: "5e751f41-13c1f"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 22729
Cache-Control: max-age=21600
Expires: Thu, 26 Mar 2020 02:05:13 GMT
Date: Wed, 25 Mar 2020 20:05:13 GMT
Connection: keep-alive

GET
H/1.1 200
OK ts
t.paypal.com/ 42 B
814 B 1967ms
177ms Image
image/gif 23.45.98.207
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Personalized%20Star%20Maps%20-%20Under%20Lucky%20Stars&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1585166712143&g=-60&completeurl=https%3A%2F%2Fwww.underluckystars.com%2Fpay%2F16da749f-5335-4b63-9b79-ace7e1b77833%3Fnomenu%3D1&ru=https%3A%2F%2Fwww.underluckystars.com%2Fpay%2F16da749f-5335-4b63-9b79-ace7e1b77833&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.98.207 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-45-98-207.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.11 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Wed, 25 Mar 2020 20:05:14 GMT
Server: akka-http/10.1.11
P3P: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Wed, 25 Mar 2020 20:05:14 GMT

POST
H/1.1 200
OK 5tthsxbd6vpxxjrp Show response
client-analytics.braintreegateway.com/ 0
329 B 234ms
117ms XHR
text/plain 3.137.39.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/5tthsxbd6vpxxjrp
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.137.39.162 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-137-39-162.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Origin: https://www.underluckystars.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 25 Mar 2020 20:05:12 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.underluckystars.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

GET
H2 200 preload.70869d246782da5b3daf.js Show response
static.zdassets.com/web_widget/latest/ Frame B5BD 43 KB
13 KB 29ms
22ms Script
application/javascript 104.18.73.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/preload.70869d246782da5b3daf.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.73.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e1a8359238f48f60e8279017c43c3f6037197976c6b00fec589c8eb7c4bc462

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 25 Mar 2020 20:05:12 GMT
content-encoding: br
cf-cache-status: HIT
age: 591575
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
x-amz-request-id: EBDFA53972ED828A
x-amz-id-2: jxiC0zOvKIexYgpTmz5sWynE8pU/6QPpud+i5m2aWwpy2fp4SHPhvUx0MDOC2CyR9nvmEIUsrXg=
last-modified: Wed, 18 Mar 2020 06:39:24 GMT
server: cloudflare
etag: W/"8bd7c863e13b37168fc7a186ff2ca99e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: fAX2fNGDTu_rc8FibTdFflZECp_ZF62W
cf-ray: 579b3ecf2d739716-FRA
expires: Thu, 18 Mar 2021 06:39:22 GMT

GET
H2 200 vendors~web_widget.028ee560228d23b0bfc0.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame B5BD 1 MB
264 KB 41ms
35ms Script
application/javascript 104.18.73.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/vendors~web_widget.028ee560228d23b0bfc0.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.73.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ead514beb34b427bf11ceff106aaff58755d59e4cca3a2b92cf6b4abbc8f5cfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 25 Mar 2020 20:05:12 GMT
content-encoding: br
cf-cache-status: HIT
age: 305952
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
x-amz-request-id: F355C8C18FF7DB29
x-amz-id-2: tTpjAcWvVXYcZsUmGITx/s95qG4lclVHkfn+fNguPaxHqOcgFq2YojKDMdBf73/QcG3bWayOIfw=
last-modified: Mon, 16 Mar 2020 03:16:43 GMT
server: cloudflare
etag: W/"266bd78855fc157b12f907eef7939400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 9t5PNXi3smSdXWy0cE3GMGHFJDR5K8d5
cf-ray: 579b3ecf2d769716-FRA
expires: Mon, 15 Mar 2021 23:16:06 GMT

GET
H2 200 web_widget.86fe62130d37b2b1140e.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame B5BD 996 KB
185 KB 62ms
56ms Script
application/javascript 104.18.73.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web_widget.86fe62130d37b2b1140e.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.73.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0473299e6bab3f0c8d587e7d51ade3f351e273114d6178cae44d4f30b67ee988

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 25 Mar 2020 20:05:12 GMT
content-encoding: br
cf-cache-status: HIT
age: 118
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
x-amz-request-id: B2301ED5CA9090F4
x-amz-id-2: R8ajtw4e5JY/L+dciT9AibsuALkPX7wgPxxUChUyAuiY7JyKF/oDgRiLUEIrRilX/1hKua3cTx0=
last-modified: Wed, 18 Mar 2020 06:39:25 GMT
server: cloudflare
etag: W/"828937247ea6d185645fe352d238397f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: X6TWP2q5N_sn7GmvpTh59oSpEqusoAXG
cf-ray: 579b3ecf2d779716-FRA
expires: Thu, 18 Mar 2021 06:39:24 GMT

GET
H2 200 chat-sdk.9cf8a0461def477b625d.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame B5BD 255 KB
49 KB 43ms
42ms Script
application/javascript 104.18.73.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/chat-sdk.9cf8a0461def477b625d.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.73.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c56518f3a27e6073889a322bf2278b37efe56d27542c42847345bedaa51e51d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 25 Mar 2020 20:05:12 GMT
content-encoding: br
cf-cache-status: HIT
age: 2048736
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
x-amz-request-id: E6FE77A5C136EDF2
x-amz-id-2: /NWDWuSzZmZe5hRzc6lRPzkOoaqTK09MbBaZPjPA0lfXI/ecRX94WWfvcMa/miKtyUU85vghQUw=
last-modified: Mon, 02 Mar 2020 00:58:34 GMT
server: cloudflare
etag: W/"92d7d83a02e3ed649237384a3aea22c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: .CRoQYkaPIKESYwnIz.xUem_2OgGGMOH
cf-ray: 579b3ecf5d989716-FRA
expires: Tue, 02 Mar 2021 00:58:33 GMT

GET
H2 200 config Show response
underluckystars.zendesk.com/embeddable/ Frame 1B47 848 B
1 KB 107ms
58ms XHR
application/json 104.16.52.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://underluckystars.zendesk.com/embeddable/config

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/asset_composer.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.52.111 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0884bcce8a73425a46b538a9e6d7328ddbf0c8eb238f9528cbf177495a3ea0e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Origin: https://www.underluckystars.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Mar 2020 20:05:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
status: 200
vary: Origin, Accept-Encoding
x-request-id: 579b3ecfbec01776-DUS
x-runtime: 0.001896
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
x-zendesk-origin-server: embeddable-app-server-79998cc964-jj8tg
cf-ray: 579b3ecfbec01776-FRA

POST
H/1.1 200
OK 5tthsxbd6vpxxjrp Show response
client-analytics.braintreegateway.com/ 0
329 B 210ms
110ms XHR
text/plain 3.137.39.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/5tthsxbd6vpxxjrp
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.137.39.162 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-137-39-162.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Origin: https://www.underluckystars.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 25 Mar 2020 20:05:12 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.underluckystars.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

GET
H2 200 en-us.74b6a79a653250b1c940.js Show response
static.zdassets.com/web_widget/latest/locales/ Frame B5BD 24 KB
5 KB 30ms
29ms Script
application/javascript 104.18.73.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/locales/en-us.74b6a79a653250b1c940.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.028ee560228d23b0bfc0.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.73.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c71e2cf7d600fe8cb7829e6146d4097f49b2abb0f006f65840238bbf265d942

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Wed, 25 Mar 2020 20:05:12 GMT
content-encoding: br
cf-cache-status: HIT
age: 1195474
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
x-amz-request-id: 0755B1E88FA9549E
x-amz-id-2: D8NdU+BqtAmhzh080H3eOGneialak7BN4o3nTb6GCkBmHL+Js8/KTnz1ejdKkQaAbBW75nW+70o=
last-modified: Wed, 11 Mar 2020 22:41:53 GMT
server: cloudflare
etag: W/"74b6a79a653250b1c940324f960a6033"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: .aXFCFWGYgokGOM1FRUPhvmxyg.yh.Um
cf-ray: 579b3ed198489716-FRA
expires: Thu, 11 Mar 2021 22:41:52 GMT

GET
H2 200 embeddable_blip Show response
underluckystars.zendesk.com/ Frame B5BD 0
224 B 57ms
56ms XHR
text/html 104.16.52.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://underluckystars.zendesk.com/embeddable_blip?type=userAction&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInVzZXJBY3Rpb24iOnsiY2F0ZWdvcnkiOiJhcGkiLCJhY3Rpb24iOiJ3ZWJXaWRnZXQ6b24uY2hhdDpzdGF0dXMiLCJsYWJlbCI6bnVsbCwidmFsdWUiOnsiYXJncyI6IjxjYWxsYmFjayBmdW5jdGlvbj4ifX0sImJ1aWQiOiJjNjc2NWY3ZDE2MGZkMThlMGQ2ZjdkOGJmNTU2ZWRlZiIsInN1aWQiOiJlODIwM2ZhYjQzYTE3M2VlZjYzZDlmZmQ0ZDBkMDhmZSIsInZlcnNpb24iOiJhODQwZjM3NWEiLCJ0aW1lc3RhbXAiOiIyMDIwLTAzLTI1VDIwOjA1OjEyLjU3NloiLCJ1cmwiOiJodHRwczovL3d3dy51bmRlcmx1Y2t5c3RhcnMuY29tL3BheS8xNmRhNzQ5Zi01MzM1LTRiNjMtOWI3OS1hY2U3ZTFiNzc4MzM%2Fbm9tZW51PTEifQ%3D%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.028ee560228d23b0bfc0.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.52.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin: https://www.underluckystars.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

date: Wed, 25 Mar 2020 20:05:12 GMT
cf-cache-status: MISS
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.underluckystars.com
accept-ranges: bytes
cf-ray: 579b3ed19bcd1776-FRA
content-length: 0

GET
H2 200 embeddable_blip Show response
underluckystars.zendesk.com/ Frame B5BD 0
39 B 80ms
80ms XHR
text/html 104.16.52.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://underluckystars.zendesk.com/embeddable_blip?type=userAction&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInVzZXJBY3Rpb24iOnsiY2F0ZWdvcnkiOiJhcGkiLCJhY3Rpb24iOiJ6RS5zZXRMb2NhbGUiLCJsYWJlbCI6bnVsbCwidmFsdWUiOnsiYXJncyI6ImVuLVVTIn19LCJidWlkIjoiZmUwNWRmZDMwYWVkMWY2NDY5ZDI5ZDVlODQ5NTY0Y2EiLCJzdWlkIjoiNTFmMmU4ZDVjYjI4ZTAzYWFlYWQ1MGM0ZjNlNDZhZmMiLCJ2ZXJzaW9uIjoiYTg0MGYzNzVhIiwidGltZXN0YW1wIjoiMjAyMC0wMy0yNVQyMDowNToxMi41NzlaIiwidXJsIjoiaHR0cHM6Ly93d3cudW5kZXJsdWNreXN0YXJzLmNvbS9wYXkvMTZkYTc0OWYtNTMzNS00YjYzLTliNzktYWNlN2UxYjc3ODMzP25vbWVudT0xIn0%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.028ee560228d23b0bfc0.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.52.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin: https://www.underluckystars.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

date: Wed, 25 Mar 2020 20:05:12 GMT
cf-cache-status: MISS
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.underluckystars.com
accept-ranges: bytes
cf-ray: 579b3ed19bd01776-FRA
content-length: 0

GET
H2 200 ToutiaoJSBridge.min_180413a.js Show response
s0.ipstatp.com/js/lib/ 2 KB
1 KB 24ms
15ms Script
application/x-javascript 99.86.162.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.ipstatp.com/js/lib/ToutiaoJSBridge.min_180413a.js
Requested by: Host: s0.ipstatp.com
URL: https://s0.ipstatp.com/ad/business/track-log.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.162.48 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-162-48.mxp64.r.cloudfront.net
Software: nginx /
Resource Hash: 3d0d224b8e63e7818a74209c7def0b0244f101056a870b8601a6f1e4567fda5b

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sun, 16 Feb 2020 15:24:39 GMT
content-encoding: gzip
age: 3300033
x-cache: Hit from cloudfront
status: 200
server-timing: inner; dur=4
via: 1.1 36be2c773789c1382b13900c0a0f5725.cloudfront.net (CloudFront)
last-modified: Fri, 13 Apr 2018 07:54:18 GMT
server: nginx
etag: W/"5ad0622a-62e"
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=7776000
x-amz-cf-pop: MXP64-C2
x-amz-cf-id: 1_bMwN5gBXLtSEIhzb3RdPLbkOffh1RZ2XCog96VAe22MNgGsG1BMg==
expires: Sat, 16 May 2020 15:24:39 GMT

GET
H2 200 embeddable_blip Show response
underluckystars.zendesk.com/ Frame B5BD 0
39 B 102ms
101ms XHR
text/html 104.16.52.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://underluckystars.zendesk.com/embeddable_blip?type=pageView&data=eyJwYWdlVmlldyI6eyJyZWZlcnJlciI6Imh0dHBzOi8vd3d3LnVuZGVybHVja3lzdGFycy5jb20vcGF5LzE2ZGE3NDlmLTUzMzUtNGI2My05Yjc5LWFjZTdlMWI3NzgzMz9ub21lbnU9MSIsInRpbWUiOjE2NywibG9hZFRpbWUiOm51bGwsIm5hdmlnYXRvckxhbmd1YWdlIjoiZW4tVVMiLCJwYWdlVGl0bGUiOiJQZXJzb25hbGl6ZWQgU3RhciBNYXBzIC0gVW5kZXIgTHVja3kgU3RhcnMiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvNzQuMC4zNzI5LjE2OSBTYWZhcmkvNTM3LjM2IiwiaXNNb2JpbGUiOmZhbHNlLCJpc1Jlc3BvbnNpdmUiOnRydWUsInZpZXdwb3J0TWV0YSI6IndpZHRoPWRldmljZS13aWR0aCwgaW5pdGlhbC1zY2FsZT0xLjAsIG1heGltdW0tc2NhbGU9MS4wLCB1c2VyLXNjYWxhYmxlPW5vIiwiaGVscENlbnRlckRlZHVwIjpmYWxzZX0sImJ1aWQiOiJhMzJjMzBlNTcyNjFlYzdkZGM5NjA0MTY3N2MzZjNhZiIsInN1aWQiOiIxZWFjNzJlOWNjNTFlZmM3YzUxZjRkMzNjM2M4OWE2YiIsInZlcnNpb24iOiJhODQwZjM3NWEiLCJ0aW1lc3RhbXAiOiIyMDIwLTAzLTI1VDIwOjA1OjEyLjc0MFoiLCJ1cmwiOiJodHRwczovL3d3dy51bmRlcmx1Y2t5c3RhcnMuY29tL3BheS8xNmRhNzQ5Zi01MzM1LTRiNjMtOWI3OS1hY2U3ZTFiNzc4MzM%2Fbm9tZW51PTEifQ%3D%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.028ee560228d23b0bfc0.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.52.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin: https://www.underluckystars.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

date: Wed, 25 Mar 2020 20:05:12 GMT
cf-cache-status: MISS
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.underluckystars.com
accept-ranges: bytes
cf-ray: 579b3ed2aec21776-FRA
content-length: 0

GET
H/1.1 200
OK /
business.topbuzz.com/2/wap/landing_tetris_log/ 0
0 323ms
114ms Image
application/json 130.44.212.166
BYTEDANCE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://business.topbuzz.com/2/wap/landing_tetris_log/?device_id=&user_id=&uid=&ut=&client_version=&version_code=&req_id=&cid=&site_id=&ad_id=&track_data=%5B%7B%22convert_id%22%3A%221660369465119750%22%2C%22event_type%22%3A%22view%22%2C%22event_pixel_id%22%3A%2233018%22%2C%22advertiser_id%22%3A%226795022380864372742%22%2C%22options%22%3A%7B%7D%2C%22log_extra%22%3A%22%7B%7D%22%2C%22os%22%3A%22%22%2C%22page_url%22%3A%22https%3A%2F%2Fwww.underluckystars.com%2Fpay%2F16da749f-5335-4b63-9b79-ace7e1b77833%3Fnomenu%3D1%22%2C%22page_type%22%3A0%7D%5D&tt_bridge=1111&tt_env=1110&app_id=&convert_id=1660369465119750&source=webunion&sdk_version=s0.0.0.18&t=Wed%20Mar%2025%202020%2021:05:12%20GMT+0100%20(Central%20European%20Standard%20Time)
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 130.44.212.166 , United States, ASN396986 (BYTEDANCE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: *

GET
H2 200 embeddable_blip Show response
underluckystars.zendesk.com/ Frame B5BD 0
163 B 56ms
44ms XHR
text/html 104.16.52.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://underluckystars.zendesk.com/embeddable_blip?type=userAction&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInVzZXJBY3Rpb24iOnsiY2F0ZWdvcnkiOiJhcGkiLCJhY3Rpb24iOiJ3ZWJXaWRnZXQudXBkYXRlU2V0dGluZ3MiLCJsYWJlbCI6bnVsbCwidmFsdWUiOnsiYXJncyI6eyJ3ZWJXaWRnZXQiOnsiaGVscENlbnRlciI6eyJzdXBwcmVzcyI6ZmFsc2V9LCJjb250YWN0Rm9ybSI6eyJzdXBwcmVzcyI6ZmFsc2V9fX19fSwiYnVpZCI6IjMwNDRjODZkYTU4YTFmYjNiZDQ1ODBiMGI1MjJjNjhlIiwic3VpZCI6ImU1MmM5ODBiNzQwZTM1NmU3OWMzMzUwNjA4OWY2MmVmIiwidmVyc2lvbiI6ImE4NDBmMzc1YSIsInRpbWVzdGFtcCI6IjIwMjAtMDMtMjVUMjA6MDU6MTIuOTUzWiIsInVybCI6Imh0dHBzOi8vd3d3LnVuZGVybHVja3lzdGFycy5jb20vcGF5LzE2ZGE3NDlmLTUzMzUtNGI2My05Yjc5LWFjZTdlMWI3NzgzMz9ub21lbnU9MSJ9
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.028ee560228d23b0bfc0.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.52.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin: https://www.underluckystars.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

date: Wed, 25 Mar 2020 20:05:13 GMT
cf-cache-status: MISS
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.underluckystars.com
accept-ranges: bytes
cf-ray: 579b3ed41adf1776-FRA
content-length: 0

GET
H2 200 embeddable_blip Show response
underluckystars.zendesk.com/ Frame B5BD 0
39 B 26ms
25ms XHR
text/html 104.16.52.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://underluckystars.zendesk.com/embeddable_blip?type=userAction&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInVzZXJBY3Rpb24iOnsiY2F0ZWdvcnkiOiJhcGkiLCJhY3Rpb24iOiJ3ZWJXaWRnZXQuaGVscENlbnRlcjpzZXRTdWdnZXN0aW9ucyIsImxhYmVsIjpudWxsLCJ2YWx1ZSI6eyJhcmdzIjp7ImxhYmVscyI6WyJjaGVja291dCJdfX19LCJidWlkIjoiZGY3YjRlZTAxNWViYjljZWUyYTRkNmZhYWE4NGFkZTciLCJzdWlkIjoiMmQ5MjY2YzM1ODJiODYzNWYwYzQzMTUxODU4NTI5OTciLCJ2ZXJzaW9uIjoiYTg0MGYzNzVhIiwidGltZXN0YW1wIjoiMjAyMC0wMy0yNVQyMDowNToxMi45ODhaIiwidXJsIjoiaHR0cHM6Ly93d3cudW5kZXJsdWNreXN0YXJzLmNvbS9wYXkvMTZkYTc0OWYtNTMzNS00YjYzLTliNzktYWNlN2UxYjc3ODMzP25vbWVudT0xIn0%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.028ee560228d23b0bfc0.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.52.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Origin: https://www.underluckystars.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

date: Wed, 25 Mar 2020 20:05:13 GMT
cf-cache-status: MISS
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.underluckystars.com
accept-ranges: bytes
cf-ray: 579b3ed43b271776-FRA
content-length: 0

GET
H2 206 chat-incoming-message-notification.mp3
static.zdassets.com/web_widget/static/ Frame B5BD 19 KB
20 KB 68ms
68ms Media
audio/mpeg 104.18.73.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/static/chat-incoming-message-notification.mp3

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.73.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Sec-Fetch-Dest: audio
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 25 Mar 2020 20:05:13 GMT
cf-cache-status: DYNAMIC
x-amz-request-id: 8C94507E404B5AA3
x-amz-server-side-encryption: AES256
cf-ray: 579b3ed4fc8f9716-FRA
status: 206
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: ThS1QKwCkQK1jsAQth3+nK7zRWeS8O1VakcVlziMjynIkXC75qLuVJbEiN6oxdsFqF05bX2duVc=
Content-Range: bytes 0-19697/19698
last-modified: Tue, 12 Feb 2019 01:07:53 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
x-amz-version-id: 7QfN44DQ.h7tzqx9G_4CeAsccdu5t2pF
cache-control: public, max-age=31536000
content-type: audio/mpeg; charset=utf-8
expires: Wed, 12 Feb 2020 01:07:52 GMT

OPTIONS
H/1.1 200
OK 5tthsxbd6vpxxjrp Show response
client-analytics.braintreegateway.com/ 0
341 B 111ms
111ms XHR
text/plain 3.137.39.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/5tthsxbd6vpxxjrp
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.7.1/bundle.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.137.39.162 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-137-39-162.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.underluckystars.com
Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Wed, 25 Mar 2020 20:05:13 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.underluckystars.com
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Content-Length: 0

POST
H/1.1 200
OK 5tthsxbd6vpxxjrp Show response
client-analytics.braintreegateway.com/ 0
329 B 119ms
118ms XHR
text/plain 3.137.39.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/5tthsxbd6vpxxjrp
Requested by: Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.137.39.162 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-137-39-162.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Origin: https://www.underluckystars.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 25 Mar 2020 20:05:13 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.underluckystars.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H2 200 logger Show response
www.paypal.com/webapps/hermes/api/ 2 B
2 KB 269ms
269ms XHR
application/json 72.246.168.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/webapps/hermes/api/logger

Requested by

Host: www.underluckystars.com
URL: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.246.168.118 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-246-168-118.deploy.static.akamaitechnologies.com

Software

/ Express

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://connect.facebook.net https://www.facebook.com https://m.facebook.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.cardinalcommerce.com https://staticxx.facebook.com https://www.facebook.com https://m.facebook.com https://.baidu.com https://.baifubao.com; script-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src https: data:; base-uri 'self' https://.paypal.com; object-src 'none'; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
Origin: https://www.underluckystars.com
X-Requested-With: XMLHttpRequest
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://connect.facebook.net https://www.facebook.com https://m.facebook.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.cardinalcommerce.com https://staticxx.facebook.com https://www.facebook.com https://m.facebook.com https://*.baidu.com https://*.baifubao.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src https: data:; base-uri 'self' https://*.paypal.com; object-src 'none'; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
x-content-type-options: nosniff
status: 200
x-powered-by: Express
strict-transport-security: max-age=63072000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.underluckystars.com
x-xss-protection: 1; mode=block
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Wed, 25 Mar 2020 20:05:14 GMT
paypal-debug-id: 2a17263fd6ebe
dc: slc-b-origin-www-2.paypal.com
content-length: 2
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"

GET
H2 204 a
www.googletagmanager.com/ 0
67 B 14ms
13ms Image
image/gif 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-WD5DG8M&cv=89&t=ol&s=h1&h=586&g=261&p=ga&o=4000&l=587&q=434&f=41&e=169&i=68&d=298&c=-126&hc=0&sr=0.050000&ps=0.001747700283445397&cb=1492161152

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.underluckystars.com/pay/16da749f-5335-4b63-9b79-ace7e1b77833?nomenu=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Wed, 25 Mar 2020 20:05:16 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
status: 204
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.paypal.com/	1970-01-20 10:36:14	Name: ts_c Value: vr%3D134c84a91710a1d24e33f981ffffffff%26vt%3D134c84a91710a1d24e33f981fffffffe
			.paypal.com/	1970-01-20 10:36:14	Name: ts Value: vreXpYrS%3D1679774714%26vteXpYrS%3D1585168514%26vr%3D134c84a91710a1d24e33f981ffffffff%26vt%3D134c84a91710a1d24e33f981fffffffe

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://browser.sentry-cdn.com/5.7.1/bundle.min.js(Line 2) Message: [Facebook Pixel] - Call to "fbq('init', '782857011853426', []);" with parameter "user_data" has an invalid value of "[]"
console-api	log	URL: https://browser.sentry-cdn.com/5.7.1/bundle.min.js(Line 2) Message: [cycle2] --c2 init--
console-api	log	URL: https://browser.sentry-cdn.com/5.7.1/bundle.min.js(Line 2) Message: [cycle2] slides: li (string)
console-api	log	URL: https://browser.sentry-cdn.com/5.7.1/bundle.min.js(Line 2) Message: [cycle2] carouselVisible: 1 (number)
console-api	log	URL: https://browser.sentry-cdn.com/5.7.1/bundle.min.js(Line 2) Message: [cycle2] speed: 1000 (number)
console-api	warning	URL: https://browser.sentry-cdn.com/5.7.1/bundle.min.js(Line 2) Message: [Facebook Pixel] - Call to "fbq('init', '985877981805439', []);" with parameter "user_data" has an invalid value of "[]"

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
api.braintreegateway.com
assets.braintreegateway.com
assets.zendesk.com
browser.sentry-cdn.com
business.topbuzz.com
client-analytics.braintreegateway.com
connect.facebook.net
ct.pinterest.com
cx.atdmt.com
d1tcpqtzfohdid.cloudfront.net
d3j4c7e2o820k1.cloudfront.net
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.braintreegateway.com
s.pinimg.com
s0.ipstatp.com
sc-static.net
script.hotjar.com
static.bytedance.com
static.hotjar.com
static.zdassets.com
stats.g.doubleclick.net
t.paypal.com
tr.snapchat.com
underluckystars.s3-eu-west-1.amazonaws.com
underluckystars.zendesk.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.paypal.com
www.paypalobjects.com
www.redditstatic.com
www.underluckystars.com
104.16.52.111
104.18.73.113
104.18.74.113
13.227.156.118
130.44.212.166
147.75.100.245
147.75.102.13
147.75.102.231
151.101.14.133
172.217.18.162
199.232.53.140
204.109.13.121
23.210.248.189
23.45.110.210
23.45.98.207
2600:9000:20c3:fc00:1a:5a9d:d440:21
2600:9000:2134:1200:1d:3b60:a940:21
2a00:1450:4001:800::2008
2a00:1450:4001:806::2004
2a00:1450:4001:816::200a
2a00:1450:4001:817::200e
2a00:1450:4001:81a::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:825::2003
2a00:1450:400c:c07::9c
2a02:26f0:6c00:18c::1931
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:5:face:b00c:0:8c
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:600::729
3.137.39.162
3.223.182.220
35.186.226.184
52.218.41.136
52.3.53.111
72.246.168.118
95.101.27.35
99.86.162.48
03cc400198270084c3467816d74dfd6a71d858275fc20229d75b1dc852d45c9d
0473299e6bab3f0c8d587e7d51ade3f351e273114d6178cae44d4f30b67ee988
057d6a3064c6f239dcdbf4bbab39faac1d634fc32c93407ea2f3ce32379dc2ae
0824d7c756dd3f680d306333432d9e5b5f9b0d18851036cad695e39891636f40
0884bcce8a73425a46b538a9e6d7328ddbf0c8eb238f9528cbf177495a3ea0e5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
118ba2d0108f5a49db80fddbc8e7d9294b8f50091ff610a074a12e2d24af904b
11e87049909fbc3e2e3629b524b476c3b6f3a33c6a323d9ecaad620f7cdcd278
1695c0ea4fa277b6f8c622ec435639895990ec3d9517b8916cc74330ca71d1c6
1bede3f127ef3c769c219da1038db2efc83ea598dac27dd5e0447695f3d928b1
1c18b0b74ca43a4ae91b864fe26630554915b6c878f9b9a87a5a950dc0e1048f
1fe7629bd5374237343a18002521cf2e4cb6bb9ffa7097295080d5c42ed39fdb
223ebff1459ded262b1e57e003cee79bb09877d144d41837884e01ce1d33a430
24e4877ca33576796f28eb3d787740cf52079aa02d95506db9bb60c5a4339545
24fe2d489a4a226c19916faea28c84c9615a22b99128c50d1ae6e76c07898a87
2d1ebc88e56ceb0aa1d93c5e7f46539110c25d1d07a1bab71a8dc3afa5d07cb8
2f3ae83832a47b3339568fe47a446e247c2ec07f0d6672f02e9b3bc2932f8ad3
2f688cf86928876c5a0bfdb1803055d354c507d6801be11bc161c8fc37335c08
30ca2c9ff251ba82935e611204d8ff885e559a43e99275d30eb9106721cd812e
334cc5b070c8915ed39fd6e9c734a3bf0d4a3f98be82e8113948dffba6e225b8
35c0c6a796f6d3c0a23a71a8379c52238d8b214b49f4da4c025522ee7e60a578
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
39d9d5ea1c3bb9e0686e641f089efe20f0edc10bc7104f02dbfec65626f22634
3d0d224b8e63e7818a74209c7def0b0244f101056a870b8601a6f1e4567fda5b
3e1a8359238f48f60e8279017c43c3f6037197976c6b00fec589c8eb7c4bc462
3e88d35a3f38898064c176ff351e3ee4c7d22ab4ca2f52d44a9ef615c4364d5c
3eba46d0ab9bce713fb6e9afa3bcbee1f03c8541cc03d6c44088fe6a563cc8de
4093e24113dcc170051435db8382c56963f43b509e67230091722743ec481ed3
425f0412c818e059705362d1ae083908054dad58785d5cc962eafda2d8ed61ea
436df59f2655f83cab0c619bb35d7dc90d05a5f7cd468bc3e1e9c6d732319e55
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
559fecf5a8f378ee957b89d069bd4ca94c1e380e327524644ecd8e55bc8c66cd
57b9d8fd52d4524fb0d8f16ecf840be6895e803132b0536a54b97bf85078447d
59ad41cba077b304c9964f5fa21ac5e98e79d7c4eb5ac59fd5105d7efe474984
59ec0e11014accb3a24c9a06624e9cb17edd08226e97ae456a8d45715902b9da
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5c56518f3a27e6073889a322bf2278b37efe56d27542c42847345bedaa51e51d
5c7fa7f944faa26dc1b5744bdc34c88008c968e0c3e82ea32c66921a1480276a
5d107b89eda40ee197b5ee37ee9942a7088a49cadefce032c5d17127e9dda8e3
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e8923354dc828bba8fd3a84f1fed88a4b7095207803798b521710119bf347da
6593b70c478ed8c75fed7931799bb371cd7b47fcd37574057c28213ce6e871a1
6606b2d7afb2ce5f63f607c46773e321601ec6434dd82d030fc7e80e7ee6b23b
66354f71ab0ce276bae725307b1005ab8a119f1ddbc7382c2c93c5c0654a9b57
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
73ab5b4542452ac341fa1aa7ab78d101193d9839f925272a9144b71cc7fb3bcf
74e1f16aaa49e297bab823a6086767c7cdbfb4bb5db7cf66ffeb9620e9f930a5
75c57f1941ff8b22a5ecf13b33e167fd6c1c855719dfd2fc867bd8e010370fe9
79785fdf325efbdeac7d572d68fe622d2769deb9c5fd012007c2b4e3e2ef4967
7d42fd2cf7adef6e2ca9b9b706eef67e44e0f120c1435ea233807b8eda62fc55
7f03bab6e283c48afcefed6772588194098ed2d811ad24efc05ac5c3c1138204
88b81c48b44b8034b23bcf7cc76e583269853245d80733476708e7fc592fdd9a
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
93af63ba26f8486b147005c4bd74afe66d0a2c271d77a68ea79d43a12c806f35
9784df5d9fc8a2092d96c3fe651e8aa359acaefa6a84607e0fd0f5d09a3bf305
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
998456ce6936595330065f059708e893b1c5b56f9f7b4956d8b77542f991d9bc
9c71e2cf7d600fe8cb7829e6146d4097f49b2abb0f006f65840238bbf265d942
9ca05d351a099aa650d487b2da6a4d7342274d12c0413a2d51da3fb013846461
9e100c09698f359a32a2f2ff853de2ecfe1cbffdf0fa6bf666a17f5d8537e25d
a8a5c752f8ae0c033572453cbb3240ca9047eae565ea1f3df7cb1ea67e9984d9
ac11651c3d985438dc8d7916fd535049b9036642b7303207f49dbb2931435081
aca414d04a40a32f0a3db8f75d62f2b08f0c62daa3a28d356d862be744c16138
ad7fae2ac56c5ee0b9dc01c68734047d85adf58fe2043fc6992ed0fe725bce74
b2632d1a1a45cee8992c0b42121015ee7d676864eeb3b964481853ee31e068f2
b589ed091bdb8f53b786b946bc09af146cd3aec61ac302770052a6f689752718
b8c0f4596d7df31c353812fe085c2ce3c382de9308ac9cc19b829d325b771438
bcfd25dd4e8aa4c4f264d115071e7f09a474684186f8b97fea39df46ca31f349
c1fa11f869af955c47ac4d49e4f35ab17e0b27a2318ec9e481f967fa62cec719
c22ecfe911f2837001d32e9ca5034a9d0288f71a98b217bb89d0f1060cf09b4a
c2772a67d31607130cc2cb1dbd4bd19a4f0104ce7b289463a3d8be847089ac39
c3551a75936077de738fa814761a357e4616685f20b8b4c7b80ca565eb6c7b3a
c67bd443002cf5e2f2522a5476024cdd979997908b0f237f6db588d17000d9bb
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d220c40325c8dae68e24df902f7fd6f9963603b2ca19b48a6a2812a2f8239ba3
d3838febe02ee1538a1336ac01f452a6fe7682106cd21b46cda9c40092c8e3aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8dbf47dd1d82884ed5c2377ce078133e21e812e269bc129733ec48cc5bc6967
e93047ab88ddf3a33047a506b4a7594914e84fcf5ebac4b2723739e728e284b5
ea399158ef2d93ca8c14598e1ee6bfddf924d4b877c8972928d30ff23bcf1a30
eab5535690ae29f895dca1932ee16324a7172840c0dd4e1b5f5412938792ee15
ead514beb34b427bf11ceff106aaff58755d59e4cca3a2b92cf6b4abbc8f5cfe
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7
ed5dfdb287dc37f0e15691fd9e2a07fe561e95d71e1ed6b01e26fb4da272553f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1e627a6f1a1d47512ce92c9846ac0c63348a2569a2ea87ceb77ee09209a0d5
f005e5d69340342309b21bbd3574cb9367aaa0569e4edf1484d6b5791478bfc6
f0545151b07a8e3c987e8f82bed0a8febef811fc64bf344c992d7ff4100edd73
f17281048bbf8513206ac05d1d79b520bef02c66c022c5ac200a8850fdb84c2b
f3217874cfe2a179bfd7c0d8768585c2c78fd5520dd4692a0f90ba9a58e6bfff
f7c12552829951f94c84bd558be68db95027b62a62a8f7cab824bc889d2b13b9
fbd6757a6ad188aea701fe6ca71161a93aa2a0e2022158d5b8e5ec8736765635
fc5a46ef6db6318b598cb9c6fe40175862fd16c8dac97bc7df6d99a26c1907c6
fcafd6c7d915605ce4321ae53fd667d07b3c82f8fd3a0f5072f056cd2d143725
feaacb3c1b84ccf91e15ce74c26343af5a6108095771714b868f8784bd7fe7d5

www.underluckystars.com Open in urlscan Pro 52.3.53.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

130 Requests

100 %HTTPS

39 %IPv6

30 Domains

40 Subdomains

38 IPs

8 Countries

1775 kBTransfer

6375 kBSize

2 Cookies

13 Outgoing links

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.underluckystars.com Open in urlscan Pro
52.3.53.111 Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

100 %
HTTPS

39 %
IPv6

30
Domains

40
Subdomains

38
IPs

8
Countries

1775 kB
Transfer

6375 kB
Size

2
Cookies

130 HTTP transactions
3 data transactions