user-area-front.psp.envs.lookiero.tech Open in urlscan Pro
34.252.193.137 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://user-area-front.psp.envs.lookiero.tech/
Submission: On February 29 via automatic, source certstream-suspicious (February 29th 2024, 12:28:18 pm UTC) — Scanned from CH

Summary HTTP 40 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 10 domains to perform 40 HTTP transactions. The main IP is 34.252.193.137, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is user-area-front.psp.envs.lookiero.tech.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 29th 2024. Valid for: a year.

This is the only time user-area-front.psp.envs.lookiero.tech was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	34.252.193.137 34.252.193.137	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:a1e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:211... 2600:9000:211e:1e00:19:f1c7:c3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	95.217.77.225 95.217.77.225	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700::68... 2606:4700::6810:1338	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400c:c0b::5c	15169 (GOOGLE) (GOOGLE)
5	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	34.213.123.46 34.213.123.46	16509 (AMAZON-02) (AMAZON-02)
40	12

4 34.252.193.137 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-193-137.eu-west-1.compute.amazonaws.com

user-area-front.psp.envs.lookiero.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:a1e (United States)

ASN13335 (CLOUDFLARENET, US)

aplm4v3ckn.kameleoon.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:1e00:19:f1c7:c3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.dev.envs.lookiero.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.217.77.225 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: data-api-new05.kameleoon.net

data.kameleoon.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:1338 (United States)

ASN13335 (CLOUDFLARENET, US)

js.appboycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0b::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.213.123.46 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-123-46.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	google.com pay.google.com — Cisco Umbrella Rank: 2911 play.google.com — Cisco Umbrella Rank: 37	422 KB
6	lookiero.tech user-area-front.psp.envs.lookiero.tech cdn.dev.envs.lookiero.tech	4 MB
4	gstatic.com www.gstatic.com	102 KB
4	stripe.com js.stripe.com — Cisco Umbrella Rank: 1204 m.stripe.com — Cisco Umbrella Rank: 1173	169 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 176	146 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1277	16 KB
2	kameleoon.io data.kameleoon.io — Cisco Umbrella Rank: 17931	673 B
2	kameleoon.eu aplm4v3ckn.kameleoon.eu	48 KB
1	appboycdn.com js.appboycdn.com — Cisco Umbrella Rank: 4005
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	105 KB
40	10

	Domain	Requested by
12	play.google.com	www.gstatic.com
4	www.gstatic.com	pay.google.com www.gstatic.com
4	user-area-front.psp.envs.lookiero.tech	user-area-front.psp.envs.lookiero.tech
3	js.stripe.com	user-area-front.psp.envs.lookiero.tech js.stripe.com
3	pay.google.com	user-area-front.psp.envs.lookiero.tech pay.google.com www.gstatic.com
3	connect.facebook.net	user-area-front.psp.envs.lookiero.tech connect.facebook.net
2	m.stripe.network	js.stripe.com m.stripe.network
2	data.kameleoon.io	aplm4v3ckn.kameleoon.eu user-area-front.psp.envs.lookiero.tech
2	cdn.dev.envs.lookiero.tech	user-area-front.psp.envs.lookiero.tech
2	aplm4v3ckn.kameleoon.eu	user-area-front.psp.envs.lookiero.tech aplm4v3ckn.kameleoon.eu
1	m.stripe.com	m.stripe.network
1	js.appboycdn.com	www.googletagmanager.com
1	www.googletagmanager.com	user-area-front.psp.envs.lookiero.tech
40	13

This site contains no links.

Subject Issuer	Validity	Valid
user-area-front.psp.envs.lookiero.tech Amazon RSA 2048 M02	`2024-02-29` - `2025-03-29`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-01` - `2024-04-30`	a year	crt.sh
cdn.dev.envs.lookiero.tech Amazon RSA 2048 M01	`2023-04-30` - `2024-05-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-08` - `2024-03-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
data.kameleoon.io R3	`2024-01-21` - `2024-04-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-02-07` - `2024-05-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-26` - `2024-05-23`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://user-area-front.psp.envs.lookiero.tech/
Frame ID: 3138EBB740891EC913A198B6E46DAFB5
Requests: 17 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fuser-area-front.psp.envs.lookiero.tech&mid=
Frame ID: EBE732FE0FC08D83E52542C22232318E
Requests: 12 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 79D6A89303CDF498B1F7EFAF2456B985
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: F74CEA7481A5BC34C5ADF7D75324CFF5
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Lookiero

Detected technologies

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Braze (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

js\.appboycdn\.com/web-sdk/([\d.]+)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Page Statistics

40
Requests

100 %
HTTPS

67 %
IPv6

10
Domains

13
Subdomains

12
IPs

5
Countries

5081 kB
Transfer

7531 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
user-area-front.psp.envs.lookiero.tech/ 8 KB
8 KB 199ms
53ms Document
text/html 34.252.193.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://user-area-front.psp.envs.lookiero.tech/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.193.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-193-137.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 0b38c3243214ba8a97c2f950b6629a6bc071d5ac9e3d7b42cba08330916dc301

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, must-revalidate
content-length: 8419
content-type: text/html; charset=utf-8
date: Thu, 29 Feb 2024 12:28:14 GMT
etag: false
expires: -1
pragma: no-cache
x-powered-by: Express

GET
H2 200 kameleoon.js Show response
aplm4v3ckn.kameleoon.eu/ 189 KB
47 KB 210ms
143ms Script
application/javascript 2606:4700:20::681a:a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aplm4v3ckn.kameleoon.eu/kameleoon.js

Requested by

Host: user-area-front.psp.envs.lookiero.tech
URL: https://user-area-front.psp.envs.lookiero.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71f657c4f406629fad8f07cc2b7154b9e2dbf57db7d4619df00f8c80554cfcdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-area-front.psp.envs.lookiero.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 12:28:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 05 Feb 2024 10:09:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65c0b3c5-2f2b7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BItodfaTeppUh0rlWhw1yCczK5mjI%2Ba26Vth695UELKmI7egMve7i8eG5wIWBn4%2FdnMfkM%2FS3QtyWqlLaJd%2BBJuZEi3jblikhs1Wq%2BfcSD22kMD%2FvKjzs7RjlpCb7JwlgEZ9d6vSpg%2BIh1aJVj7rvM8S5sRx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=5400
cf-ray: 85d0e7eded4f37ec-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 29 Feb 2024 13:58:14 GMT

GET
H2 200 fonts.MTcwNzQ4NzY0MTcxOA.css
cdn.dev.envs.lookiero.tech/commons/fonts/ 858 B
1 KB 146ms
42ms Stylesheet
text/css 2600:9000:211e:1e00:19:f1c7:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dev.envs.lookiero.tech/commons/fonts/fonts.MTcwNzQ4NzY0MTcxOA.css
Requested by: Host: user-area-front.psp.envs.lookiero.tech
URL: https://user-area-front.psp.envs.lookiero.tech/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:1e00:19:f1c7:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d43ed046d4344e023aec830e66f9b13b53e5f316be270f68ad5dc3b8dbcb67ed

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-area-front.psp.envs.lookiero.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 12:28:14 GMT
via: 1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified: Tue, 27 Feb 2024 14:42:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 1001
x-amz-server-side-encryption: AES256
etag: "717b2ffa45b7c00410a751009d1fd13c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 858
x-amz-cf-id: oG8mqX7IyoULcv3bHAyLrlLx08CxMelL_YEXTlg7jv0TZG_pIX5oTQ==

GET
H2 200 auroraicons.css
cdn.dev.envs.lookiero.tech/commons/fonts/aurora-iconfont/3.0.0/ 11 KB
2 KB 264ms
160ms Stylesheet
text/css 2600:9000:211e:1e00:19:f1c7:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dev.envs.lookiero.tech/commons/fonts/aurora-iconfont/3.0.0/auroraicons.css
Requested by: Host: user-area-front.psp.envs.lookiero.tech
URL: https://user-area-front.psp.envs.lookiero.tech/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:1e00:19:f1c7:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 315e2d4e80525eea14f5974b04828478aa976f6fefc708036f16a5f666b69f75

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-area-front.psp.envs.lookiero.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 12:28:15 GMT
content-encoding: br
via: 1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified: Tue, 27 Feb 2024 14:42:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
etag: W/"47c373ffc9e63680e3315ce4f5a031e7"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
x-amz-cf-id: ouH15eApjJcQFg2Yf9VV-60cX_SzrP34gFP2pqd2uUid88lOFaIkrw==

GET
H2 200 sdk.js Show response
connect.facebook.net/es_LA/ 3 KB
3 KB 68ms
23ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/es_LA/sdk.js

Requested by

Host: user-area-front.psp.envs.lookiero.tech
URL: https://user-area-front.psp.envs.lookiero.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

859a8c174f42154dc57ffc9266226852d1694bd11d6d1c2578c2219faca398cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://user-area-front.psp.envs.lookiero.tech/
Origin: https://user-area-front.psp.envs.lookiero.tech
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Feb 2024 12:28:14 GMT
content-md5: EcMRpHUfgN/th3K/Oy3Rdw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug: dVUpYKUkqzPQSICRTSdGhyYEKdaJZg1ZJ3c3RvJJJLu2FXGXuG2CNk0mRCZJbTTpJjR0GY8Hsw9a57+fZROtsw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 4305625e0bc941677b6d9ff90dceea71
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "6da65a0ae6412297dbaa5f7cfe3a6c58"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Thu, 29 Feb 2024 12:45:37 GMT

GET
H2 200 runtime~app.58f93a4d.js Show response
user-area-front.psp.envs.lookiero.tech/user/static/js/ 3 KB
3 KB 82ms
81ms Script
application/javascript 34.252.193.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://user-area-front.psp.envs.lookiero.tech/user/static/js/runtime~app.58f93a4d.js
Requested by: Host: user-area-front.psp.envs.lookiero.tech
URL: https://user-area-front.psp.envs.lookiero.tech/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.193.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-193-137.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: e35df54e57158cbae1a4d77d3cd5884b85f908c0ac03bc1ea60bbed11da7b53b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-area-front.psp.envs.lookiero.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 12:28:14 GMT
last-modified: Thu, 29 Feb 2024 09:13:22 GMT
x-powered-by: Express
etag: W/"ab9-18df423c750"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 2745

GET
H2 200 10.61337481.chunk.js Show response
user-area-front.psp.envs.lookiero.tech/user/static/js/ 4 MB
4 MB 143ms
143ms Script
application/javascript 34.252.193.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://user-area-front.psp.envs.lookiero.tech/user/static/js/10.61337481.chunk.js
Requested by: Host: user-area-front.psp.envs.lookiero.tech
URL: https://user-area-front.psp.envs.lookiero.tech/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.193.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-193-137.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: d9477d32c35e2d5b06796398ee48b2ce04015f9752bf7a25ac7fbd1fe187acd5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-area-front.psp.envs.lookiero.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 12:28:14 GMT
last-modified: Thu, 29 Feb 2024 09:13:22 GMT
x-powered-by: Express
etag: W/"3c0478-18df423c750"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 3933304

GET
H2 200 app.7583d3a5.chunk.js Show response
user-area-front.psp.envs.lookiero.tech/user/static/js/ 211 KB
211 KB 92ms
92ms Script
application/javascript 34.252.193.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://user-area-front.psp.envs.lookiero.tech/user/static/js/app.7583d3a5.chunk.js
Requested by: Host: user-area-front.psp.envs.lookiero.tech
URL: https://user-area-front.psp.envs.lookiero.tech/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.193.137 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-193-137.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: edfed2e1ac348fb97b33e53a8042b85bd37867cef8064fe7138f2f57c9c0a468

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-area-front.psp.envs.lookiero.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 12:28:14 GMT
last-modified: Thu, 29 Feb 2024 09:13:22 GMT
x-powered-by: Express
etag: W/"34bae-18df423c750"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 215982

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 389 KB
105 KB 164ms
106ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TCZ662G

Requested by

Host: user-area-front.psp.envs.lookiero.tech
URL: https://user-area-front.psp.envs.lookiero.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7758f3a78b0e17decfd463cfdc7dca27824d3487f121676e0c1ff8cc6f9e9fe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-area-front.psp.envs.lookiero.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 12:28:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106680
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Feb 2024 12:28:14 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/es_LA/ 303 KB
87 KB 23ms
23ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/es_LA/sdk.js?hash=ba7c1371b92642826a70e402bd2e6e57

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/es_LA/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

340acc1224e748af4abbbf50107fc6a54c8f8b83b8eec29acfa918c72724be31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://user-area-front.psp.envs.lookiero.tech/
Origin: https://user-area-front.psp.envs.lookiero.tech
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Feb 2024 12:28:14 GMT
content-md5: wS2eQI56/A9FesVrB2DinQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88710
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug: qGo3dl8rj93xb2qOa16q+/XarOOy5VEtzJ8zTofGZILG+qnMognibFANrAEJ2vR7lPkaD8JaHBjmjVbTwToDNA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 2d51c814d04fafc1dabce9837c8b5f9e
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "f3bf9734c79478bb9872a042d7863c9e"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 28 Feb 2025 10:25:25 GMT

POST
H2 204 events Show response
data.kameleoon.io/visit/ 0
337 B 170ms
50ms XHR
text/plain 95.217.77.225
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://data.kameleoon.io/visit/events?siteCode=aplm4v3ckn&visitorCode=trwdpb2fqe615v2z&itp=false

Requested by

Host: aplm4v3ckn.kameleoon.eu
URL: https://aplm4v3ckn.kameleoon.eu/kameleoon.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.217.77.225 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

data-api-new05.kameleoon.net

Software

nginx/1.24.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self' 'nonce-superNonce';base-uri 'self';form-action 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://user-area-front.psp.envs.lookiero.tech/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 29 Feb 2024 12:28:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self' 'nonce-superNonce';base-uri 'self';form-action 'self'
server: nginx/1.24.0
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
access-control-allow-headers: user-agent,kameleoon-client

GET
H3 200 segments.js Show response
aplm4v3ckn.kameleoon.eu/audiences/ 534 B
933 B 203ms
118ms XHR
application/javascript 2606:4700:20::681a:a1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://aplm4v3ckn.kameleoon.eu/audiences/segments.js

Requested by

Host: aplm4v3ckn.kameleoon.eu
URL: https://aplm4v3ckn.kameleoon.eu/kameleoon.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:a1e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7664ca65c94b67823c9e9de305b2f4c5e2a3e6beb94b2200f71dcfbd6fe29ab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-area-front.psp.envs.lookiero.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 12:28:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 05 Feb 2024 10:09:09 GMT
server: cloudflare
etag: W/"65c0b3c5-216"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KzHU%2FkE1CFlquw%2FQErpyjtLghogyxeTxeO%2BN4piIP1dO%2F2mmhfklYhA%2FBkbWxnA5d81OVRZ4hblxrDbovPkma3DnCkHiDIDZuhTye2S1267knT70jMattkmuKyhx4HWhmcp1cSgcW4MUOsRR15%2FWV2k8iZSN"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=5400
access-control-allow-credentials: true
cf-ray: 85d0e7ef7d772bd3-FRA
expires: Thu, 29 Feb 2024 13:58:14 GMT

GET
H2 403 braze.no-amd.min.js
js.appboycdn.com/web-sdk/4/ 0
0 323ms
257ms Script
application/xml 2606:4700::6810:1338
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.appboycdn.com/web-sdk/4/braze.no-amd.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TCZ662G
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:1338 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-area-front.psp.envs.lookiero.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 214 KB
56 KB 53ms
26ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: user-area-front.psp.envs.lookiero.tech
URL: https://user-area-front.psp.envs.lookiero.tech/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-area-front.psp.envs.lookiero.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 29 Feb 2024 12:28:14 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57257
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: mvGKO7ikfW8MQeBj0aoqnWiZ+DsNVNm6Ou1tiRyei7SsMs3skDEXX6W9DXtjzgjopkEUNLsEQOazFRzUG8Tyvw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ 117 KB
36 KB 177ms
83ms Script
application/javascript 2a00:1450:400c:c0b::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: user-area-front.psp.envs.lookiero.tech
URL: https://user-area-front.psp.envs.lookiero.tech/user/static/js/10.61337481.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d14d3528790f5f18fa352072175d550eb7a21c2dd1f5fadb1d33ca25ab8cbff5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-r3AUzoMGi-TtjBA6aybqXw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-area-front.psp.envs.lookiero.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 12:28:14 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-r3AUzoMGi-TtjBA6aybqXw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjKtDikmLw15BiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3ZeXTDxfXzJJALEGEO_w8WAR85nOyrduOqsKEOuun84aCsRO6TNYg4DYp34GawwQC_Fw3PvQuJ5N4MaJE7eYAQ5_MiE"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Thu, 29 Feb 2024 12:28:14 GMT

GET
H2 200 v3 Show response
js.stripe.com/ 602 KB
167 KB 77ms
19ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: user-area-front.psp.envs.lookiero.tech
URL: https://user-area-front.psp.envs.lookiero.tech/user/static/js/10.61337481.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ae9019e4783314f5f0542f3c591c735d4d1fe118e2fc8ec0959343dc29ab7c1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://user-area-front.psp.envs.lookiero.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 29 Feb 2024 12:28:14 GMT
via: 1.1 varnish
age: 18
x-cache: HIT
content-length: 170604
x-request-id: 7844688d-af6f-493a-8ddf-b723c15b4295
x-served-by: cache-mxp6942-MXP
last-modified: Wed, 28 Feb 2024 23:48:24 GMT
server: Fastly
etag: "19625bc79094165cca3aef1f9f41d22c"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

POST
H2 204 events Show response
data.kameleoon.io/visit/ 0
336 B 46ms
46ms XHR
text/plain 95.217.77.225
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://data.kameleoon.io/visit/events?siteCode=aplm4v3ckn&visitorCode=trwdpb2fqe615v2z&itp=false

Requested by

Host: user-area-front.psp.envs.lookiero.tech
URL: https://user-area-front.psp.envs.lookiero.tech/user/static/js/10.61337481.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.217.77.225 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

data-api-new05.kameleoon.net

Software

nginx/1.24.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self' 'nonce-superNonce';base-uri 'self';form-action 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://user-area-front.psp.envs.lookiero.tech/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 29 Feb 2024 12:28:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'none'; script-src 'self'; connect-src 'self'; img-src 'self'; style-src 'self' 'nonce-superNonce';base-uri 'self';form-action 'self'
server: nginx/1.24.0
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
access-control-allow-headers: user-agent,kameleoon-client

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame EBE7 19 KB
8 KB 233ms
233ms Document
text/html 2a00:1450:400c:c0b::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fuser-area-front.psp.envs.lookiero.tech&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

33d086ad877c7d275ac78f331c62f791167be3055165495c86cf3af70d01b848

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-Gvfv4_cp9QU-Uv6jDhWoLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://user-area-front.psp.envs.lookiero.tech/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-Gvfv4_cp9QU-Uv6jDhWoLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Thu, 29 Feb 2024 12:28:15 GMT
expires: Thu, 29 Feb 2024 12:28:15 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzjKtDikmLw15BiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3ZeXTDxfXzJJALEGEO_w8WAR85nOyrduOqsKEOuun84aCsRO6TNYg4DYp34GawwQC_Fw3P_QuJ5N4Mbzpe2MAA31Mck"
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de_CH.1YidtsVjD58.es5.O/am=gEEa/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMi... Frame EBE7 159 KB
57 KB 87ms
27ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de_CH.1YidtsVjD58.es5.O/am=gEEa/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgD-E8WyYe7JwZoqe2Nj5VuFsJo-A/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fuser-area-front.psp.envs.lookiero.tech&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0880e8aeb94cf03fa02b44fe4b33aa2746087ae36079e16122e1607f3302d866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 21:00:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57576
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 05:04:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Feb 2025 21:00:33 GMT

GET
H2 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de_CH.1YidtsVjD58.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Eb2... Frame EBE7 75 KB
27 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de_CH.1YidtsVjD58.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Eb28QtijFV0.L.B1.O/am=gEEa/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrg8a6Gm-KVlQXsDpcpF8gZpyGHVXQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de_CH.1YidtsVjD58.es5.O/am=gEEa/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgD-E8WyYe7JwZoqe2Nj5VuFsJo-A/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c29827ccc7709fbece43b05d76014c3b7d8b7e558fae4bd29cbe5fc8dfc01d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 21:00:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27708
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 03:45:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Feb 2025 21:00:33 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame EBE7 1 MB
377 KB 87ms
86ms XHR
text/html 2a00:1450:400c:c0b::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b14f31ebfcd4bb5590c21907811296e2a7d52c56bd41adc7b09cccc515dd2e21

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6e91vtDy9HyBtAlP6M25dQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 12:28:15 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-6e91vtDy9HyBtAlP6M25dQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayUi/web-reports?context=eJzjKtDikmLw15BiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3ZeXTDxfXzJJALEGEO_w8WAR85nOyrduOqsKEOuun84aCsRO6TNYg4DYp34GawwQC_Fw3P_QuJ5N4MOatilMAA0_MZU"
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Thu, 29 Feb 2024 12:28:15 GMT

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame 79D6 200 B
840 B 20ms
19ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://user-area-front.psp.envs.lookiero.tech/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 6659732
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 29 Feb 2024 12:28:15 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 120629
x-content-type-options: nosniff
x-request-id: 3c53ad0f-e1af-46be-9317-bb35d54b25c6
x-served-by: cache-mxp6942-MXP

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de_CH.1YidtsVjD58.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Eb2... Frame EBE7 10 KB
4 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de_CH.1YidtsVjD58.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Eb28QtijFV0.L.B1.O/am=gEEa/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrg8a6Gm-KVlQXsDpcpF8gZpyGHVXQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

666b73338be930a5eff9d902a6b59cb9de51a5c4f0a20190d8a916d108524fd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 21:00:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4169
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 03:45:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Feb 2025 21:00:34 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de_CH.1YidtsVjD58.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Eb2... Frame EBE7 37 KB
14 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de_CH.1YidtsVjD58.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.Eb28QtijFV0.L.B1.O/am=gEEa/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrg8a6Gm-KVlQXsDpcpF8gZpyGHVXQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd68701fc1642d63cd4fe1e4e68af1d84081a27e39a7b84f24d7f86e8eeab802

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 21:00:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14343
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 03:45:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Feb 2025 21:00:34 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 183ms
58ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 29 Feb 2024 12:28:15 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame EBE7 131 B
155 B 168ms
114ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 29 Feb 2024 12:28:15 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 29 Feb 2024 12:28:15 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 181ms
58ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 29 Feb 2024 12:28:15 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame EBE7 131 B
155 B 169ms
115ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 29 Feb 2024 12:28:15 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 29 Feb 2024 12:28:15 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 212ms
89ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 29 Feb 2024 12:28:15 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame EBE7 131 B
155 B 121ms
98ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 29 Feb 2024 12:28:15 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 29 Feb 2024 12:28:15 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 213ms
90ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 29 Feb 2024 12:28:15 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame EBE7 131 B
155 B 142ms
122ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 29 Feb 2024 12:28:15 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 29 Feb 2024 12:28:15 GMT

POST
H3 200 log Show response
play.google.com/ Frame EBE7 131 B
155 B 138ms
117ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 29 Feb 2024 12:28:15 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 29 Feb 2024 12:28:15 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 212ms
90ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 29 Feb 2024 12:28:15 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 212ms
91ms Preflight
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 29 Feb 2024 12:28:15 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame EBE7 131 B
155 B 136ms
116ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 29 Feb 2024 12:28:15 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 29 Feb 2024 12:28:15 GMT

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 79D6 526 B
444 B 20ms
20ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 29 Feb 2024 12:28:15 GMT
via: 1.1 varnish
age: 6659732
x-cache: HIT
content-length: 315
x-request-id: f17535a0-f114-474e-a675-4c0d8c83f8f5
x-served-by: cache-mxp6942-MXP
last-modified: Fri, 11 Nov 2022 20:25:36 GMT
server: Fastly
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 115697

GET
H2 200 inner.html Show response
m.stripe.network/ Frame F74C 930 B
1 KB 52ms
19ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 192
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 29 Feb 2024 12:28:15 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 101
x-content-type-options: nosniff
x-request-id: c9fcd3c3-a671-440e-9b15-a36b2796317e
x-served-by: cache-mxp6942-MXP
x-timer: S1709209696.705532,VS0,VE0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame F74C 87 KB
15 KB 24ms
24ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Thu, 29 Feb 2024 12:28:15 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 228
x-cache: HIT
content-length: 15509
x-request-id: 835d01ed-0aa3-4915-a31f-0b29ed784194
x-served-by: cache-mxp6942-MXP
server: Fastly
x-timer: S1709209696.734758,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 112

POST
H2 200 6 Show response
m.stripe.com/ Frame F74C 156 B
668 B 607ms
192ms XHR
application/json 34.213.123.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.213.123.46 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-213-123-46.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

3ee4e730cdacf74663fb8dbfa3e738a69376b7d38478abddb6d6718d9566d9d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 29 Feb 2024 12:28:16 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1709209696297918
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1709209696297483
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lookiero.tech/	1970-01-21 03:32:25	Name: kameleoonVisitorCode Value: trwdpb2fqe615v2z
.lookiero.tech/	1970-01-21 03:32:25	Name: pathfinder Value: [{%22ref%22:%22%22%2C%22tld%22:%22%22%2C%22ua%22:%22desktop%22%2C%22ts%22:%222024-02-29%2012:28:14%22%2C%22s%22:%22%22%2C%22ad%22:false}]
.google.com/	1970-01-20 23:10:20	Name: NID Value: 512=YAES1WtK6ekp56t-tODnKPdgGDsp-1EOsJIY5sg1w_87utJuDDU_NsvX94dJgtPVIFa3wRb1pHlOZwqJpNPqBu_OjmJLcfScjXEKJ7aUgmoM8HJZUU8rCxksG9x066UrmfR_Z_Gg6IDHKd4qKdnBTYY-7D0x06i85R1WBJeTX_M
m.stripe.com/	1970-01-21 04:22:49	Name: m Value: 11c2e477-bc9d-4d87-977d-7a8a5228a2eb01bacf
.user-area-front.psp.envs.lookiero.tech/	1970-01-21 03:32:25	Name: __stripe_mid Value: d71e3a37-d1a3-46d5-a879-b8c4db828f1fd3cf9e
.user-area-front.psp.envs.lookiero.tech/	1970-01-20 18:46:51	Name: __stripe_sid Value: 3f14c631-48e3-47f2-bb6c-b6f66d594103fbe82e

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://js.appboycdn.com/web-sdk/4/braze.no-amd.min.js Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://user-area-front.psp.envs.lookiero.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-area-front.psp.envs.lookiero.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-area-front.psp.envs.lookiero.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-area-front.psp.envs.lookiero.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-area-front.psp.envs.lookiero.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-area-front.psp.envs.lookiero.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-area-front.psp.envs.lookiero.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-area-front.psp.envs.lookiero.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-area-front.psp.envs.lookiero.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-area-front.psp.envs.lookiero.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-area-front.psp.envs.lookiero.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-area-front.psp.envs.lookiero.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-area-front.psp.envs.lookiero.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-area-front.psp.envs.lookiero.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-area-front.psp.envs.lookiero.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://user-area-front.psp.envs.lookiero.tech/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aplm4v3ckn.kameleoon.eu
cdn.dev.envs.lookiero.tech
connect.facebook.net
data.kameleoon.io
js.appboycdn.com
js.stripe.com
m.stripe.com
m.stripe.network
pay.google.com
play.google.com
user-area-front.psp.envs.lookiero.tech
www.googletagmanager.com
www.gstatic.com
151.101.128.176
2600:9000:211e:1e00:19:f1c7:c3c0:93a1
2606:4700:20::681a:a1e
2606:4700::6810:1338
2a00:1450:4001:800::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2008
2a00:1450:400c:c0b::5c
2a03:2880:f083:100:face:b00c:0:3
34.213.123.46
34.252.193.137
95.217.77.225
0880e8aeb94cf03fa02b44fe4b33aa2746087ae36079e16122e1607f3302d866
0b38c3243214ba8a97c2f950b6629a6bc071d5ac9e3d7b42cba08330916dc301
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
315e2d4e80525eea14f5974b04828478aa976f6fefc708036f16a5f666b69f75
33d086ad877c7d275ac78f331c62f791167be3055165495c86cf3af70d01b848
340acc1224e748af4abbbf50107fc6a54c8f8b83b8eec29acfa918c72724be31
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
3ee4e730cdacf74663fb8dbfa3e738a69376b7d38478abddb6d6718d9566d9d1
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
666b73338be930a5eff9d902a6b59cb9de51a5c4f0a20190d8a916d108524fd8
71f657c4f406629fad8f07cc2b7154b9e2dbf57db7d4619df00f8c80554cfcdd
7664ca65c94b67823c9e9de305b2f4c5e2a3e6beb94b2200f71dcfbd6fe29ab0
7758f3a78b0e17decfd463cfdc7dca27824d3487f121676e0c1ff8cc6f9e9fe2
859a8c174f42154dc57ffc9266226852d1694bd11d6d1c2578c2219faca398cd
8c29827ccc7709fbece43b05d76014c3b7d8b7e558fae4bd29cbe5fc8dfc01d2
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
ae9019e4783314f5f0542f3c591c735d4d1fe118e2fc8ec0959343dc29ab7c1d
b14f31ebfcd4bb5590c21907811296e2a7d52c56bd41adc7b09cccc515dd2e21
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
d14d3528790f5f18fa352072175d550eb7a21c2dd1f5fadb1d33ca25ab8cbff5
d43ed046d4344e023aec830e66f9b13b53e5f316be270f68ad5dc3b8dbcb67ed
d9477d32c35e2d5b06796398ee48b2ce04015f9752bf7a25ac7fbd1fe187acd5
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e35df54e57158cbae1a4d77d3cd5884b85f908c0ac03bc1ea60bbed11da7b53b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edfed2e1ac348fb97b33e53a8042b85bd37867cef8064fe7138f2f57c9c0a468
fd68701fc1642d63cd4fe1e4e68af1d84081a27e39a7b84f24d7f86e8eeab802

user-area-front.psp.envs.lookiero.tech Open in urlscan Pro 34.252.193.137 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

40 Requests

100 %HTTPS

67 %IPv6

10 Domains

13 Subdomains

12 IPs

5 Countries

5081 kBTransfer

7531 kBSize

6 Cookies

0 Outgoing links

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

user-area-front.psp.envs.lookiero.tech Open in urlscan Pro
34.252.193.137 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

100 %
HTTPS

67 %
IPv6

10
Domains

13
Subdomains

12
IPs

5
Countries

5081 kB
Transfer

7531 kB
Size

6
Cookies

40 HTTP transactions
0 data transactions