urlscan.io logo urlscan.io
SecurityTrails logo

buy.sgame.app Open in urlscan Pro
99.83.231.61  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://buy.sgame.app/
Effective URL: https://buy.sgame.app/
Submission: On November 18 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 8 domains to perform 32 HTTP transactions. The main IP is 99.83.231.61, located in United States and belongs to AMAZON-02, US. The main domain is buy.sgame.app.
TLS certificate: Issued by R3 on November 17th 2023. Valid for: 3 months.
This is the only time buy.sgame.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    99.83.231.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: acd89244c803f7181.awsglobalaccelerator.com
buy.sgame.app
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    151.101.128.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
3    2606:50c0:8002::153 (United States)

ASN54113 (FASTLY, US)
hatscripts.github.io
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
q.stripe.com
2    2600:9000:25a2:c200:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
5    54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com
r.stripe.com
1    52.10.73.64 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-73-64.us-west-2.compute.amazonaws.com
m.stripe.com
Apex Domain
Subdomains		 Transfer
18 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1287
q.stripe.com — Cisco Umbrella Rank: 7148
r.stripe.com — Cisco Umbrella Rank: 3546
m.stripe.com — Cisco Umbrella Rank: 1249
463 KB
4 sgame.app
buy.sgame.app
401 KB
3 github.io
hatscripts.github.io — Cisco Umbrella Rank: 147256
2 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1354
16 KB
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3040
298 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6862
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
253 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
93 KB
32 8
Domain Requested by
8 js.stripe.com buy.sgame.app
js.stripe.com
5 r.stripe.com js.stripe.com
4 q.stripe.com buy.sgame.app
4 buy.sgame.app buy.sgame.app
3 hatscripts.github.io buy.sgame.app
2 m.stripe.network js.stripe.com
m.stripe.network
2 region1.analytics.google.com www.googletagmanager.com
1 m.stripe.com m.stripe.network
1 www.google.de buy.sgame.app
1 stats.g.doubleclick.net www.googletagmanager.com
1 www.googletagmanager.com buy.sgame.app
32 11

This site contains links to these domains. Also see Links.

Domain
sgame.app
discord.gg
www.trustpilot.com
Subject Issuer Validity Valid
buy.sgame.app
R3		 2023-11-17 -
2024-02-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-30 -
2024-01-25		 3 months crt.sh
*.github.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-21 -
2024-03-20		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-10-09 -
2024-01-18		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-05 -
2024-01-18		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://buy.sgame.app/
Frame ID: F2D374B83242C09FB8EE2576CCD41C75
Requests: 13 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-3132e16734973ccb58066950185c0af5.html
Frame ID: D0BA5D1CC84A1D4634C22948C3A5057B
Requests: 11 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: B585EA14ADAE5CF019577119BDD8A9AB
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 59F26C0AD43DF8100882C6CB11EC04D7
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

S.Game Kiosk

Page URL History Show full URLs

  1. http://buy.sgame.app/ HTTP 307
    https://buy.sgame.app/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

32
Requests

100 %
HTTPS

55 %
IPv6

8
Domains

11
Subdomains

11
IPs

3
Countries

977 kB
Transfer

3922 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://buy.sgame.app/ HTTP 307
    https://buy.sgame.app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
buy.sgame.app/
Redirect Chain
  • http://buy.sgame.app/
  • https://buy.sgame.app/
518 B
710 B 		Document
General
Check archive.org
Download Go to
Full URL
https://buy.sgame.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.83.231.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
acd89244c803f7181.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
c93809ffdb4367d4b7baa0d495e0e4784d4f8dfa32a85150a7d554e4dff7b34f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
public,max-age=0,must-revalidate
content-length
518
content-type
text/html; charset=UTF-8
date
Sat, 18 Nov 2023 15:21:33 GMT
etag
"141a21081f531703d472446f05184000-ssl"
server
Netlify
strict-transport-security
max-age=31536000
x-nf-request-id
01HFHGBP926M9BKAA5SF7EQ0V5

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://buy.sgame.app/
Non-Authoritative-Reason
HSTS
site.css
buy.sgame.app/ 		207 B
310 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.sgame.app/site.css
Requested by
Host: buy.sgame.app
URL: https://buy.sgame.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.83.231.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
acd89244c803f7181.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
a3c6d86a7deff090ec4fd33059add84124074fef8a392fea5d32740a1daf5d72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.sgame.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-nf-request-id
01HFHGBPCW7B2RN0VFPMXBC5PQ
date
Sat, 18 Nov 2023 15:21:33 GMT
strict-transport-security
max-age=31536000
server
Netlify
age
0
etag
"25b5ac7c28d46f03858d68b310d470a4-ssl"
content-type
text/css; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
207
main.22e06511.js
buy.sgame.app/static/js/ 		1 MB
360 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy.sgame.app/static/js/main.22e06511.js
Requested by
Host: buy.sgame.app
URL: https://buy.sgame.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.83.231.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
acd89244c803f7181.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
39bfa3e5aa3054bf946b16258f602bf2680fbec83e888523f3076af4c3ec05f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.sgame.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-nf-request-id
01HFHGBPCWD0XBZJAMTR3Y7VHK
date
Sat, 18 Nov 2023 15:21:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000
server
Netlify
age
0
etag
"b9d0d598603ecfaf691a4f1ad24ea968-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
main.a07ea213.css
buy.sgame.app/static/css/ 		412 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy.sgame.app/static/css/main.a07ea213.css
Requested by
Host: buy.sgame.app
URL: https://buy.sgame.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.83.231.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
acd89244c803f7181.awsglobalaccelerator.com
Software
Netlify /
Resource Hash
35db62ccb8dc4371acc26fa5b8ad47830873b4a01c5bebcb44397f7ed0d926a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.sgame.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-nf-request-id
01HFHGBPCW2SA9RMCV9GE8JHQR
date
Sat, 18 Nov 2023 15:21:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000
server
Netlify
age
0
etag
"a757e7d6e08dd447bc6d9de0f0a1c331-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
js
www.googletagmanager.com/gtag/ 		284 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TWYPB7Q995
Requested by
Host: buy.sgame.app
URL: https://buy.sgame.app/static/js/main.22e06511.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6fc34acbe1c7595fc44113209346204d049546a4d583185bdf6fe41a04751cec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.sgame.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:21:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95288
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 18 Nov 2023 15:21:33 GMT
v3
js.stripe.com/ 		556 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: buy.sgame.app
URL: https://buy.sgame.app/static/js/main.22e06511.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
90deaa6ce62764135079beba976e8df57220a817e759914adf09626153f38c16
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.sgame.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 18 Nov 2023 15:21:34 GMT
via
1.1 varnish
age
44
x-cache
HIT
content-length
157344
x-request-id
851237b6-d2c9-45f4-90c8-9c5de265f222
x-served-by
cache-fra-eddf8230090-FRA
last-modified
Fri, 17 Nov 2023 21:35:53 GMT
server
Fastly
etag
"b2cc65458b2c4ec73e91a4fb930e6217"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
8
us.svg
hatscripts.github.io/circle-flags/flags/ 		723 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hatscripts.github.io/circle-flags/flags/us.svg
Requested by
Host: buy.sgame.app
URL: https://buy.sgame.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
7f3012f520e4aefcff6acbb8cc7198fee604f3f806fd228f59c94077437bda82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.sgame.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-fastly-request-id
90ce3902076cbe1dfc97100d480c26bf9a42b12a
date
Sat, 18 Nov 2023 15:21:34 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
1
age
121
x-cache
HIT
x-proxy-cache
HIT
content-length
326
x-served-by
cache-fra-eddf8230110-FRA
last-modified
Thu, 05 Oct 2023 10:32:49 GMT
server
GitHub.com
x-github-request-id
52E8:5F09:2871522:290B3E1:65540C72
x-timer
S1700320894.035673,VS0,VE1
etag
W/"651e90d1-2d3"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-origin-cache
HIT
expires
Wed, 15 Nov 2023 00:18:29 GMT
jp.svg
hatscripts.github.io/circle-flags/flags/ 		273 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hatscripts.github.io/circle-flags/flags/jp.svg
Requested by
Host: buy.sgame.app
URL: https://buy.sgame.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
17cea0bab5029d578ee10727a9d9b93ab89720e394241ff6d59b5744d44f3d9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.sgame.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-fastly-request-id
de12338108dd6e132a90bd8c736e4d23cb091f62
date
Sat, 18 Nov 2023 15:21:34 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
1
age
280
x-cache
HIT
x-proxy-cache
HIT
content-length
198
x-served-by
cache-fra-eddf8230110-FRA
last-modified
Thu, 05 Oct 2023 10:32:49 GMT
server
GitHub.com
x-github-request-id
757A:64DE:4C1CC6E:4D79F73:6549C066
x-timer
S1700320894.035717,VS0,VE1
etag
W/"651e90d1-111"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-origin-cache
HIT
expires
Tue, 07 Nov 2023 04:53:16 GMT
cn.svg
hatscripts.github.io/circle-flags/flags/ 		705 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hatscripts.github.io/circle-flags/flags/cn.svg
Requested by
Host: buy.sgame.app
URL: https://buy.sgame.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
73d72f59389845361b0d59623fc60b0e47ebd6c9623df706e8d8b079baa3af64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.sgame.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-fastly-request-id
60a14f591d3a44e0b91f6e7d4ab7044a128a2013
date
Sat, 18 Nov 2023 15:21:34 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
1
age
156
x-cache
HIT
x-proxy-cache
MISS
content-length
416
x-served-by
cache-fra-eddf8230110-FRA
last-modified
Thu, 05 Oct 2023 10:32:49 GMT
server
GitHub.com
x-github-request-id
9998:D39E:FB884C:1002779:6540B82B
x-timer
S1700320894.035405,VS0,VE20
etag
W/"651e90d1-2c1"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-origin-cache
HIT
expires
Tue, 31 Oct 2023 08:27:48 GMT
collect
region1.analytics.google.com/g/ 		0
244 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-TWYPB7Q995&gtm=45je3b81v9104004954&_p=1700320893938&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=d8983304-7c06-4d32-e0cf-0f572ee75e6e&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=Ag&_s=1&uid=d8983304-7c06-4d32-e0cf-0f572ee75e6e&sid=1700320894&sct=1&seg=0&dl=https%3A%2F%2Fbuy.sgame.app%2F&dt=S.Game%20Kiosk&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1011
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TWYPB7Q995
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.sgame.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 15:21:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://buy.sgame.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TWYPB7Q995&cid=d8983304-7c06-4d32-e0cf-0f572ee75e6e&gtm=45je3b81v9104004954&aip=1&uid=d8983304-7c06-4d32-e0cf-0f572ee75e6e&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TWYPB7Q995
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.sgame.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 15:21:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://buy.sgame.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-TWYPB7Q995&gtm=45je3b81v9104004954&_p=1700320893938&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=d8983304-7c06-4d32-e0cf-0f572ee75e6e&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAg&_s=2&uid=d8983304-7c06-4d32-e0cf-0f572ee75e6e&sid=1700320894&sct=1&seg=0&dl=https%3A%2F%2Fbuy.sgame.app%2F&dt=S.Game%20Kiosk&cu=USD&en=cashier&_c=1&epn.value=0&_et=4&tfd=1016
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TWYPB7Q995
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.sgame.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 15:21:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://buy.sgame.app
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TWYPB7Q995&cid=d8983304-7c06-4d32-e0cf-0f572ee75e6e&gtm=45je3b81v9104004954&aip=1&uid=d8983304-7c06-4d32-e0cf-0f572ee75e6e&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=2115499408
Requested by
Host: buy.sgame.app
URL: https://buy.sgame.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy.sgame.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 15:21:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
controller-3132e16734973ccb58066950185c0af5.html
js.stripe.com/v3/ Frame D0BA 		325 B
712 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-3132e16734973ccb58066950185c0af5.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
43930e37bce5cf2bdc0406301b3170eb11dd357514ceae95a703a0fe034aaae1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://buy.sgame.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
23
cache-control
max-age=60
content-encoding
br
content-length
189
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 18 Nov 2023 15:21:34 GMT
etag
"3132e16734973ccb58066950185c0af5"
last-modified
Fri, 17 Nov 2023 21:03:03 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
15
x-content-type-options
nosniff
x-request-id
07b8b3fe-33ff-4690-b07f-aa23c34f5153
x-served-by
cache-fra-eddf8230090-FRA
shared-7cc701e41de11d39c80345b2a8d3fc73.js
js.stripe.com/v3/fingerprinted/js/ Frame D0BA 		534 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-7cc701e41de11d39c80345b2a8d3fc73.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-3132e16734973ccb58066950185c0af5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
21e0577bdef99274f85366c05b4ed596183789bb3fff63766b84ecae349de050
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-3132e16734973ccb58066950185c0af5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 18 Nov 2023 15:21:34 GMT
via
1.1 varnish
age
65707
x-cache
HIT
content-length
132140
x-request-id
fdfbaafe-95c3-4c50-b08b-6066e2e85300
x-served-by
cache-fra-eddf8230090-FRA
last-modified
Fri, 17 Nov 2023 21:03:17 GMT
server
Fastly
etag
"53769739a53ea437a208dabadb1a17b1"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
4
controller-d2b86c303c66a70842cb3c54e2f4456f.js
js.stripe.com/v3/fingerprinted/js/ Frame D0BA 		663 KB
172 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-d2b86c303c66a70842cb3c54e2f4456f.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-3132e16734973ccb58066950185c0af5.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
0e2b6ca8941a2593894d63df4a7d687339e3be2dcd891b3f21f22441df2b23d4
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-3132e16734973ccb58066950185c0af5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 18 Nov 2023 15:21:34 GMT
via
1.1 varnish
age
65707
x-cache
HIT
content-length
176348
x-request-id
6f22bdf6-5c97-4a0d-84e7-c8f717eb1c1e
x-served-by
cache-fra-eddf8230090-FRA
last-modified
Fri, 17 Nov 2023 21:03:14 GMT
server
Fastly
etag
"5d94d4fa99a156ddc3ebe1357bee1d9a"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
3
csp-report
q.stripe.com/ Frame D0BA 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: buy.sgame.app
URL: https://buy.sgame.app/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 18 Nov 2023 15:21:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1700320894586583
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1700320894585891
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
.deploy_status_henson.json
js.stripe.com/v3/ Frame D0BA 		474 B
615 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7cc701e41de11d39c80345b2a8d3fc73.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
879e5a20d16b6c5edeb74bd6ed1123fa8b57d8ae884e4e91b9bf968c6f7bcdfd
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-3132e16734973ccb58066950185c0af5.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 18 Nov 2023 15:21:34 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
43
x-cache
HIT
content-length
298
x-request-id
4afe8741-bba1-404f-bf3d-5d334865a789
x-served-by
cache-fra-eddf8230090-FRA
last-modified
Fri, 17 Nov 2023 21:38:14 GMT
server
Fastly
etag
"fff34dce28f81b9d8afc4b96ff54fb36"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
17
.deploy_status_henson.json
js.stripe.com/v3/ Frame D0BA 		474 B
370 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/.deploy_status_henson.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7cc701e41de11d39c80345b2a8d3fc73.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
879e5a20d16b6c5edeb74bd6ed1123fa8b57d8ae884e4e91b9bf968c6f7bcdfd
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/controller-3132e16734973ccb58066950185c0af5.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 18 Nov 2023 15:21:34 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
43
x-cache
HIT
content-length
298
x-request-id
b7b83152-7d35-492c-b531-8b334d453bdd
x-served-by
cache-fra-eddf8230090-FRA
last-modified
Fri, 17 Nov 2023 21:38:14 GMT
server
Fastly
etag
"fff34dce28f81b9d8afc4b96ff54fb36"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
17
m-outer-27c67c0d52761104439bb051c7856ab1.html
js.stripe.com/v3/ Frame B585 		200 B
957 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://buy.sgame.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
909847
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 18 Nov 2023 15:21:34 GMT
etag
"27c67c0d52761104439bb051c7856ab1"
last-modified
Fri, 08 Sep 2023 21:23:50 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
144610
x-content-type-options
nosniff
x-request-id
56817f5e-2112-49bc-b908-ef083f648f75
x-served-by
cache-fra-eddf8230090-FRA
m-outer-6576085ca35ee42f2f484cda6763e4aa.js
js.stripe.com/v3/fingerprinted/js/ Frame B585 		631 B
556 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sat, 18 Nov 2023 15:21:34 GMT
via
1.1 varnish
age
1587790
x-cache
HIT
content-length
399
x-request-id
a25a3e8d-36ff-4d23-affc-4894de377b5d
x-served-by
cache-fra-eddf8230090-FRA
last-modified
Fri, 08 Sep 2023 21:23:49 GMT
server
Fastly
etag
"70cacf09ae81711ac6dcbc5ee59750c4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
137156
csp-report
q.stripe.com/ Frame B585 		0
718 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: buy.sgame.app
URL: https://buy.sgame.app/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 18 Nov 2023 15:21:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1700320894586325
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1700320894585963
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame B585 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: buy.sgame.app
URL: https://buy.sgame.app/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 18 Nov 2023 15:21:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1700320894586555
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1700320894586081
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
inner.html
m.stripe.network/ Frame 59F2 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:c200:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
283
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 18 Nov 2023 15:16:53 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 ca6974974a9175b71fb6a84145111ed2.cloudfront.net (CloudFront)
x-amz-cf-id
BiIw5fd7PYcBkqvn53VAqXol9kYX92HQQh7_hNkDabcEwR62RkHnEQ==
x-amz-cf-pop
ZRH55-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame 59F2 		0
491 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: buy.sgame.app
URL: https://buy.sgame.app/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 18 Nov 2023 15:21:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1700320894586571
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
1
x-stripe-client-envoy-start-time-us
1700320894585946
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame 59F2 		87 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:c200:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 15:18:54 GMT
content-encoding
br
via
1.1 ca6974974a9175b71fb6a84145111ed2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
age
161
x-content-type-options
nosniff
etag
W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop
ZRH55-P1
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
VQSakIa-KfwVK9eC3bNSKL20YfWrL38KGNBj6n11zNAAgSAVtHB27w==
0
r.stripe.com/ Frame D0BA 		0
274 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7cc701e41de11d39c80345b2a8d3fc73.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 18 Nov 2023 15:21:34 GMT
x-stripe-server-envoy-start-time-us
1700320894776227
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1700320894775625
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame D0BA 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7cc701e41de11d39c80345b2a8d3fc73.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 18 Nov 2023 15:21:34 GMT
x-stripe-server-envoy-start-time-us
1700320894775900
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1700320894775724
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame D0BA 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7cc701e41de11d39c80345b2a8d3fc73.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 18 Nov 2023 15:21:34 GMT
x-stripe-server-envoy-start-time-us
1700320894775806
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
5
x-stripe-client-envoy-start-time-us
1700320894775668
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame D0BA 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7cc701e41de11d39c80345b2a8d3fc73.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 18 Nov 2023 15:21:34 GMT
x-stripe-server-envoy-start-time-us
1700320894947758
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
3
x-stripe-client-envoy-start-time-us
1700320894947619
access-control-allow-credentials
true
content-length
0
0
r.stripe.com/ Frame D0BA 		0
273 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7cc701e41de11d39c80345b2a8d3fc73.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color
blue
date
Sat, 18 Nov 2023 15:21:34 GMT
x-stripe-server-envoy-start-time-us
1700320894947738
server
nginx
content-type
text/plain
access-control-allow-origin
https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms
2
x-stripe-client-envoy-start-time-us
1700320894947459
access-control-allow-credentials
true
content-length
0
6
m.stripe.com/ Frame 59F2 		156 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.73.64 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-73-64.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
d8e9b3cab097113aa546cb7be3b5693a9bb893ab6d45e320da3ba901b19e5d6d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Sat, 18 Nov 2023 15:21:34 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1700320894822281
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1700320894821970
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture object| dataLayer function| gtag object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| webpackChunkStripeJSouter function| noop function| Stripe

5 Cookies

Domain/Path Name / Value
.sgame.app/ Name: _ga
Value: GA1.1.d8983304-7c06-4d32-e0cf-0f572ee75e6e
.sgame.app/ Name: _ga_TWYPB7Q995
Value: GS1.1.1700320894.1.0.1700320894.60.0.0
m.stripe.com/ Name: m
Value: 182b1ebb-df4f-4776-a619-ab40a88bd7c67dd7e0
.buy.sgame.app/ Name: __stripe_mid
Value: 13aa220f-45f2-4e8b-89db-3c95e6784bf5955851
.buy.sgame.app/ Name: __stripe_sid
Value: 293a2f00-93ef-4333-a31b-718ccdaa1c6b0862c9

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buy.sgame.app
hatscripts.github.io
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
r.stripe.com
region1.analytics.google.com
stats.g.doubleclick.net
www.google.de
www.googletagmanager.com
151.101.128.176
2001:4860:4802:32::36
2600:9000:25a2:c200:19:7d10:bd80:93a1
2606:50c0:8002::153
2a00:1450:4001:80f::2003
2a00:1450:4001:827::2008
2a00:1450:400c:c09::9c
52.10.73.64
54.186.23.98
54.187.119.242
99.83.231.61
0e2b6ca8941a2593894d63df4a7d687339e3be2dcd891b3f21f22441df2b23d4
17cea0bab5029d578ee10727a9d9b93ab89720e394241ff6d59b5744d44f3d9c
21e0577bdef99274f85366c05b4ed596183789bb3fff63766b84ecae349de050
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
35db62ccb8dc4371acc26fa5b8ad47830873b4a01c5bebcb44397f7ed0d926a7
39bfa3e5aa3054bf946b16258f602bf2680fbec83e888523f3076af4c3ec05f2
43930e37bce5cf2bdc0406301b3170eb11dd357514ceae95a703a0fe034aaae1
6fc34acbe1c7595fc44113209346204d049546a4d583185bdf6fe41a04751cec
73d72f59389845361b0d59623fc60b0e47ebd6c9623df706e8d8b079baa3af64
7f3012f520e4aefcff6acbb8cc7198fee604f3f806fd228f59c94077437bda82
879e5a20d16b6c5edeb74bd6ed1123fa8b57d8ae884e4e91b9bf968c6f7bcdfd
90deaa6ce62764135079beba976e8df57220a817e759914adf09626153f38c16
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
a3c6d86a7deff090ec4fd33059add84124074fef8a392fea5d32740a1daf5d72
c93809ffdb4367d4b7baa0d495e0e4784d4f8dfa32a85150a7d554e4dff7b34f
d8e9b3cab097113aa546cb7be3b5693a9bb893ab6d45e320da3ba901b19e5d6d
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947