blowback.supportingcast.fm Open in urlscan Pro
151.101.194.217 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://blowback.supportingcast.fm/
Effective URL:
https://blowback.supportingcast.fm/
Submission: On December 23 via api (December 23rd 2023, 7:28:17 pm UTC) from US — Scanned from DE

Summary HTTP 132 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 11 domains to perform 132 HTTP transactions. The main IP is 151.101.194.217, located in United States and belongs to FASTLY, US. The main domain is blowback.supportingcast.fm.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q3 on August 1st 2023. Valid for: a year.

This is the only time blowback.supportingcast.fm was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	151.101.66.217 151.101.66.217	54113 (FASTLY) (FASTLY)
18	151.101.194.217 151.101.194.217	54113 (FASTLY) (FASTLY)
6	2a04:4e42:8d:... 2a04:4e42:8d::720	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::282	54113 (FASTLY) (FASTLY)
2	44.230.11.202 44.230.11.202	16509 (AMAZON-02) (AMAZON-02)
30	99.86.4.9 99.86.4.9	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
41	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400c:c02::5c	15169 (GOOGLE) (GOOGLE)
1	198.202.176.201 198.202.176.201	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:262... 2600:9000:262a:3400:b:1d09:f200:93a1	16509 (AMAZON-02) (AMAZON-02)
6	104.19.219.90 104.19.219.90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:205... 2600:9000:2057:2400:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	54.201.135.255 54.201.135.255	16509 (AMAZON-02) (AMAZON-02)
132	15

1 151.101.66.217 (United States) 1 redirects

ASN54113 (FASTLY, US)

blowback.supportingcast.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 151.101.194.217 (United States)

ASN54113 (FASTLY, US)

blowback.supportingcast.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.supportingcast.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a04:4e42:8d::720 (United States)

ASN54113 (FASTLY, US)

megaphone.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.230.11.202 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-230-11-202.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 99.86.4.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-9.fra6.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c02::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.202.176.201 (United States)

ASN16509 (AMAZON-02, US)

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:262a:3400:b:1d09:f200:93a1 (United States)

ASN16509 (AMAZON-02, US)

b.stripecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.19.219.90 (None, )

ASN13335 (CLOUDFLARENET, US)

hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:2400:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.201.135.255 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-201-135-255.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
75	stripe.com js.stripe.com — Cisco Umbrella Rank: 1282 q.stripe.com — Cisco Umbrella Rank: 7730 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 5257 r.stripe.com — Cisco Umbrella Rank: 3529 m.stripe.com — Cisco Umbrella Rank: 1245	1 MB
19	supportingcast.fm 1 redirects blowback.supportingcast.fm media.supportingcast.fm	2 MB
9	gstatic.com www.gstatic.com	757 KB
9	google.com www.google.com — Cisco Umbrella Rank: 2 pay.google.com — Cisco Umbrella Rank: 2109	459 KB
6	hcaptcha.com hcaptcha.com — Cisco Umbrella Rank: 7101 newassets.hcaptcha.com — Cisco Umbrella Rank: 9853 api.hcaptcha.com — Cisco Umbrella Rank: 9601	405 KB
6	imgix.net megaphone.imgix.net — Cisco Umbrella Rank: 25370	2 MB
3	stripecdn.com b.stripecdn.com — Cisco Umbrella Rank: 35663	43 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1361	16 KB
2	amplitude.com api.amplitude.com — Cisco Umbrella Rank: 1839	226 B
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1345	623 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	59 KB
132	11

	Domain	Requested by
30	js.stripe.com	media.supportingcast.fm js.stripe.com
25	r.stripe.com	js.stripe.com
16	q.stripe.com	blowback.supportingcast.fm js.stripe.com
13	blowback.supportingcast.fm	1 redirects blowback.supportingcast.fm media.supportingcast.fm
9	www.gstatic.com	www.google.com pay.google.com www.gstatic.com
6	megaphone.imgix.net	blowback.supportingcast.fm
6	media.supportingcast.fm	blowback.supportingcast.fm
5	www.google.com	media.supportingcast.fm www.gstatic.com www.google.com
4	pay.google.com	js.stripe.com pay.google.com blowback.supportingcast.fm www.gstatic.com
3	m.stripe.com	m.stripe.network
3	newassets.hcaptcha.com	hcaptcha.com newassets.hcaptcha.com
3	b.stripecdn.com	js.stripe.com b.stripecdn.com
2	api.hcaptcha.com	newassets.hcaptcha.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	api.amplitude.com	media.supportingcast.fm
1	hcaptcha.com	b.stripecdn.com
1	merchant-ui-api.stripe.com	js.stripe.com
1	polyfill.io	media.supportingcast.fm
1	www.googletagmanager.com	blowback.supportingcast.fm
132	19

This site contains links to these domains. Also see Links.

Domain
www.blowback.show
shopblowback.com
www.supportingcast.fm

Subject Issuer	Validity	Valid
*.supportingcast.fm GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-01` - `2024-09-01`	a year	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-12-07` - `2025-01-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
polyfill.io Certainly Intermediate R1	`2023-12-22` - `2024-01-21`	a month	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2023-01-23` - `2024-02-14`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-10-30` - `2024-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-12-20` - `2024-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-15` - `2024-04-14`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-05` - `2024-01-18`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://blowback.supportingcast.fm/
Frame ID: 2B163AD7BCA4B6926AE0FF24FF95D57D
Requests: 31 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
Frame ID: 101DDF6D2CABBB740AAFECBCE75CDC7B
Requests: 30 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
Frame ID: 4F1DC53D874769F3847735CA7D9902D4
Requests: 13 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html
Frame ID: F5CA6CAFD679962E7CD0CB87E965D6C4
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-434e8078d5c09b7f511e68744cf1c8cd.html
Frame ID: 028D507B313BD4109CC26959BE064CBB
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldae0IaAAAAAIpsQoSzGlMrY_m5AQCxH83PX25I&co=aHR0cHM6Ly9ibG93YmFjay5zdXBwb3J0aW5nY2FzdC5mbTo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&theme=light&size=normal&cb=nax9g727gjh8
Frame ID: 7B6797890260AC48FC932C7E6DC91B18
Requests: 5 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: EBD8A78CB44E8712CAFDCCC78F242A4A
Requests: 7 HTTP requests in this frame

Frame: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
Frame ID: 703D31E74B2EB8F892969BD0E00151C4
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-link-button-for-card-a06d4d40d90d009417ba1db36e0f9c11.html
Frame ID: 0980750A571184B19C5CF23F99F991B3
Requests: 6 HTTP requests in this frame

Frame: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=de79914f-a035-44b7-8750-29b286491c1b&origin=https%3A%2F%2Fjs.stripe.com
Frame ID: B195F30F42141602261D92F184B39EF1
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6Ldae0IaAAAAAIpsQoSzGlMrY_m5AQCxH83PX25I
Frame ID: 696E3C742EB9ADDCB45C3DA62DFAD281
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 8A40CA6C26FA920743B102DB0FAFBF9A
Requests: 4 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=4cj45gl09kf
Frame ID: 2C33B12C67271A7951C49B1795C290B9
Requests: 5 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 0568A8B1B50AA3BCBFE492DA4800D0D3
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Blowback | Membershiplock icon

Page URL History Show full URLs

http://blowback.supportingcast.fm/ HTTP 301
https://blowback.supportingcast.fm/ Page URL

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Livewire (Web frameworks) Expand

Overall confidence: 100%
Detected patterns

livewire(?:\.min)?\.js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

hCaptcha (Security) Expand

Overall confidence: 100%
Detected patterns

https://hcaptcha.com/([\d]+?)/api.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

132
Requests

100 %
HTTPS

50 %
IPv6

11
Domains

19
Subdomains

15
IPs

4
Countries

7176 kB
Transfer

14092 kB
Size

9
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.blowback.show/
Title: Blowback

Search URL Search Domain Scan URL

URL: https://shopblowback.com/?utm_source=sc&utm_medium=signup_page&utm_campaign=merch
Title: here

Search URL Search Domain Scan URL

URL: https://www.supportingcast.fm/
Title: Supporting Cast

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://blowback.supportingcast.fm/ HTTP 301
https://blowback.supportingcast.fm/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

132 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
blowback.supportingcast.fm/
Redirect Chain

http://blowback.supportingcast.fm/
https://blowback.supportingcast.fm/

40 KB
13 KB

384ms
295ms

Document
text/html

151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://blowback.supportingcast.fm/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a6eb179583a6ced43c3ba9cb937a09858956010b1a2605e7407fba6711f25ac9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' api.npr.org .amplitude.com cdn.jsdelivr.net .stripe.com www.google.com www.google-analytics.com .googleapis.com .gstatic.com cdnjs.cloudflare.com .googletagmanager.com .facebook.net .facebook.com maxcdn.bootstrapcdn.com .mouseflow.com polyfill.io .supportingcast.fm supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com sc-uploads-prod.s3-accelerate.amazonaws.com data:;form-action .supportingcast.fm docs.google.com connect.stripe.com .supportingcast.fm;img-src data:;media-src * data:;connect-src 'self' api.npr.org .amplitude.com cdn.jsdelivr.net .stripe.com www.google.com www.google-analytics.com .googleapis.com .gstatic.com cdnjs.cloudflare.com .googletagmanager.com .facebook.net .facebook.com maxcdn.bootstrapcdn.com .mouseflow.com polyfill.io .supportingcast.fm supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com sc-uploads-prod.s3-accelerate.amazonaws.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' api.npr.org .amplitude.com cdn.jsdelivr.net .stripe.com www.google.com www.google-analytics.com .googleapis.com .gstatic.com cdnjs.cloudflare.com .googletagmanager.com .facebook.net .facebook.com maxcdn.bootstrapcdn.com .mouseflow.com polyfill.io .supportingcast.fm supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com sc-uploads-prod.s3-accelerate.amazonaws.com;style-src 'unsafe-inline' 'self' api.npr.org .amplitude.com cdn.jsdelivr.net .stripe.com www.google.com www.google-analytics.com .googleapis.com .gstatic.com cdnjs.cloudflare.com .googletagmanager.com .facebook.net .facebook.com maxcdn.bootstrapcdn.com .mouseflow.com polyfill.io .supportingcast.fm supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com sc-uploads-prod.s3-accelerate.amazonaws.com;frame-src docs.google.com .stripe.com www.google.com;frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache, private
content-encoding: gzip
content-security-policy: default-src 'self' api.npr.org *.amplitude.com cdn.jsdelivr.net *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com maxcdn.bootstrapcdn.com *.mouseflow.com polyfill.io *.supportingcast.fm supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com sc-uploads-prod.s3-accelerate.amazonaws.com data:;form-action *.supportingcast.fm docs.google.com connect.stripe.com *.supportingcast.fm;img-src * data:;media-src * data:;connect-src 'self' api.npr.org *.amplitude.com cdn.jsdelivr.net *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com maxcdn.bootstrapcdn.com *.mouseflow.com polyfill.io *.supportingcast.fm supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com sc-uploads-prod.s3-accelerate.amazonaws.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' api.npr.org *.amplitude.com cdn.jsdelivr.net *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com maxcdn.bootstrapcdn.com *.mouseflow.com polyfill.io *.supportingcast.fm supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com sc-uploads-prod.s3-accelerate.amazonaws.com;style-src 'unsafe-inline' 'self' api.npr.org *.amplitude.com cdn.jsdelivr.net *.stripe.com www.google.com www.google-analytics.com *.googleapis.com *.gstatic.com cdnjs.cloudflare.com *.googletagmanager.com *.facebook.net *.facebook.com maxcdn.bootstrapcdn.com *.mouseflow.com polyfill.io *.supportingcast.fm supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com sc-uploads-prod.s3-accelerate.amazonaws.com;frame-src docs.google.com *.stripe.com www.google.com;frame-ancestors 'none';
content-type: text/html; charset=UTF-8
cr-x-cache: MISS
date: Sat, 23 Dec 2023 19:28:11 GMT
feature-policy: geolocation 'self' https://js.stripe.com https://www.googletagmanager.com https://amplitude.com https://profile-api.amplitude.com; payment 'self' https://js.stripe.com
permissions-policy: camera=(), display-capture=(self), fullscreen=(self), geolocation=(), microphone=(), web-share=()
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-iad-kcgs7200051-IAD, cache-fra-etou8220043-FRA
x-timer: S1703359691.784350,VS0,VE255
x-xss-protection: 1; mode=block

Redirect headers

Accept-Ranges: bytes
CR-X-Cache: HIT
Connection: close
Content-Length: 0
Date: Sat, 23 Dec 2023 19:28:10 GMT
Location: https://blowback.supportingcast.fm/
Retry-After: 0
Via: 1.1 varnish
X-Cache: HIT
X-Cache-Hits: 0
X-Served-By: cache-fra-etou8220040-FRA
X-Timer: S1703359691.651832,VS0,VE0

GET
H2 200 app.css
media.supportingcast.fm/css/ 180 KB
180 KB 64ms
44ms Stylesheet
text/css 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://media.supportingcast.fm/css/app.css?d=1703111113
Requested by: Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7f9d333d343eb185240b9c970755b0ee61d14c10363bf33cf7f8574c075b1082

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blowback.supportingcast.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by: cache-fra-etou8220043-FRA
date: Sat, 23 Dec 2023 19:28:11 GMT
via: 1.1 varnish
cr-x-cache: HIT
last-modified: Wed, 20 Dec 2023 22:15:03 GMT
age: 1235
x-timer: S1703359691.113968,VS0,VE3
etag: "6893ea9a4ff21b3973432838b2623ab1"
x-amz-server-side-encryption: AES256
x-cache: HIT
content-type: text/css
accept-ranges: bytes
content-length: 184340
x-cache-hits: 1

GET
H2 200 all.css
blowback.supportingcast.fm/css/fontawesome/ 137 KB
138 KB 217ms
215ms Stylesheet
text/css 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://blowback.supportingcast.fm/css/fontawesome/all.css

Requested by

Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b11c01424cba6c9b882cb71f7e8b9598fc6bbd03519f53f717e70b53f67af723

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' .supportingcast.cc .supportingcast.dev .supportingcast.co .supportingcast.fm; style-src 'self' 'unsafe-inline' .supportingcast.biz .supportingcast.cc .supportingcast.co .supportingcast.fm; font-src 'self' .supportingcast.biz .supportingcast.cc .supportingcast.co .supportingcast.fm; frame-src .supportingcast.cc .supportingcast.co .supportingcast.dev .supportingcast.fm; object-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blowback.supportingcast.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.cc *.supportingcast.dev *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.cc *.supportingcast.co *.supportingcast.dev *.supportingcast.fm; object-src 'none'
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 19:28:11 GMT
age: 0
x-cache: HIT, MISS
content-length: 140798
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000071-IAD, cache-fra-etou8220043-FRA
cr-x-cache: HIT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 20 Dec 2023 22:14:12 GMT
accept-ch: Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA
x-timer: S1703359691.097064,VS0,VE94
etag: "65836734-225fe"
x-frame-options: DENY
content-type: text/css
accept-ranges: bytes
x-cache-hits: 2, 0

GET
H2 200 supportingcast_sdk.js Show response
media.supportingcast.fm/js/ 98 KB
98 KB 62ms
43ms Script
text/javascript 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://media.supportingcast.fm/js/supportingcast_sdk.js?d=1703111113
Requested by: Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 74e0937c4f5d5cd16859e9911b1449b4d77ca86c5feef7f8bdf66b891b4fb15f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blowback.supportingcast.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by: cache-fra-etou8220043-FRA
date: Sat, 23 Dec 2023 19:28:11 GMT
via: 1.1 varnish
cr-x-cache: HIT
last-modified: Wed, 20 Dec 2023 22:15:06 GMT
age: 1235
x-timer: S1703359691.113906,VS0,VE3
etag: "93febf0a6ae3cd2498c3796d20de760d"
x-amz-server-side-encryption: AES256
x-cache: HIT
content-type: text/javascript
accept-ranges: bytes
content-length: 100121
x-cache-hits: 1

GET
H2 200 147de4da-212f-433a-82f3-c1fd46b89ea5.jpeg
media.supportingcast.fm/content/3549/ 18 KB
18 KB 150ms
131ms Image
image/jpeg 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.supportingcast.fm/content/3549/147de4da-212f-433a-82f3-c1fd46b89ea5.jpeg
Requested by: Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f29854653fbfb8520fca29f0e9437f43db13b00a75669f6ccc6ef8e88d884d37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blowback.supportingcast.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by: cache-fra-etou8220043-FRA
date: Sat, 23 Dec 2023 19:28:11 GMT
via: 1.1 varnish
cr-x-cache: HIT
last-modified: Mon, 24 Jul 2023 18:05:29 GMT
age: 115693
x-timer: S1703359691.113902,VS0,VE7
etag: "a3a82ca57235f473d0c4ee39498965f3"
x-amz-server-side-encryption: AES256
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 18075
x-cache-hits: 1

GET
H2 200 12fd4adb-6cc9-48bc-a600-7614c4773e25.jpeg
media.supportingcast.fm/content/3547/ 152 KB
152 KB 150ms
132ms Image
image/jpeg 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.supportingcast.fm/content/3547/12fd4adb-6cc9-48bc-a600-7614c4773e25.jpeg
Requested by: Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6e2eddacc96604ada00d5dca74d14f3cd482e5b5d6ec3c044d6529e59fead5bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blowback.supportingcast.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by: cache-fra-etou8220043-FRA
date: Sat, 23 Dec 2023 19:28:11 GMT
via: 1.1 varnish
cr-x-cache: HIT
last-modified: Mon, 24 Jul 2023 18:00:31 GMT
age: 438875
x-timer: S1703359691.114179,VS0,VE13
etag: "28a2dd09516b043842cef03bf2a59085"
x-amz-server-side-encryption: AES256
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 155701
x-cache-hits: 1

GET
H2 200 apple_podcasts.png
blowback.supportingcast.fm/images/logos/ 5 KB
5 KB 57ms
57ms Image
image/png 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blowback.supportingcast.fm/images/logos/apple_podcasts.png

Requested by

Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bbef37ff761dac2a1fa9959b29ce5f890c8822e487a18c65dbcdc1a6a7414ff4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' .supportingcast.cc .supportingcast.dev .supportingcast.co .supportingcast.fm; style-src 'self' 'unsafe-inline' .supportingcast.biz .supportingcast.cc .supportingcast.co .supportingcast.fm; font-src 'self' .supportingcast.biz .supportingcast.cc .supportingcast.co .supportingcast.fm; frame-src .supportingcast.cc .supportingcast.co .supportingcast.dev .supportingcast.fm; object-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blowback.supportingcast.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.cc *.supportingcast.dev *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.cc *.supportingcast.co *.supportingcast.dev *.supportingcast.fm; object-src 'none'
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 19:28:11 GMT
age: 721735
x-cache: HIT, HIT
content-length: 4768
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000049-IAD, cache-fra-etou8220043-FRA
cr-x-cache: HIT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Dec 2023 14:11:40 GMT
accept-ch: Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA
x-timer: S1703359691.257573,VS0,VE5
etag: "6579bb9c-12a0"
x-frame-options: DENY
content-type: image/png
accept-ranges: bytes
x-cache-hits: 23, 1

GET
H2 200 spotify.png
blowback.supportingcast.fm/images/logos/ 62 KB
62 KB 42ms
41ms Image
image/png 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blowback.supportingcast.fm/images/logos/spotify.png

Requested by

Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d7417fb9ac2bcfe34cef46801b9531caee261d3b9ffc799e110a86a36cd89adf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' .supportingcast.biz .supportingcast.cc .supportingcast.co .supportingcast.fm; style-src 'self' 'unsafe-inline' .supportingcast.biz .supportingcast.cc .supportingcast.co .supportingcast.fm; font-src 'self' .supportingcast.biz .supportingcast.cc .supportingcast.co .supportingcast.fm; frame-src .supportingcast.biz .supportingcast.cc .supportingcast.co .supportingcast.fm; object-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blowback.supportingcast.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 19:28:11 GMT
age: 152559
x-cache: HIT, HIT
content-length: 63167
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000069-IAD, cache-fra-etou8220043-FRA
cr-x-cache: HIT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 06 Dec 2023 23:34:04 GMT
accept-ch: Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA
x-timer: S1703359691.318024,VS0,VE1
etag: "657104ec-f6bf"
x-frame-options: DENY
content-type: image/png
accept-ranges: bytes
x-cache-hits: 158, 1

GET
H2 200 google_podcasts.jpg
blowback.supportingcast.fm/images/logos/ 2 KB
2 KB 49ms
49ms Image
image/jpeg 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blowback.supportingcast.fm/images/logos/google_podcasts.jpg

Requested by

Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

76ec799209058566b88410e0a6ee331f4a1dabbcad92c9092b516015607ea1ca

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' .supportingcast.biz .supportingcast.cc .supportingcast.co .supportingcast.fm; style-src 'self' 'unsafe-inline' .supportingcast.biz .supportingcast.cc .supportingcast.co .supportingcast.fm; font-src 'self' .supportingcast.biz .supportingcast.cc .supportingcast.co .supportingcast.fm; frame-src .supportingcast.biz .supportingcast.cc .supportingcast.co .supportingcast.fm; object-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blowback.supportingcast.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 19:28:11 GMT
age: 21934
x-cache: HIT, HIT
content-length: 2236
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100080-IAD, cache-fra-etou8220043-FRA
cr-x-cache: HIT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 28 Nov 2023 16:55:34 GMT
accept-ch: Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA
x-timer: S1703359691.318602,VS0,VE1
etag: "65661b86-8bc"
x-frame-options: DENY
content-type: image/jpeg
accept-ranges: bytes
x-cache-hits: 259, 1

GET
H2 200 overcast.png
blowback.supportingcast.fm/images/logos/ 4 KB
4 KB 104ms
98ms Image
image/png 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blowback.supportingcast.fm/images/logos/overcast.png

Requested by

Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b3b5519e7a63f6d8ce7c5abed5b3d753c3e58c4e349ce0ff58b1ed67f3776b7e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' .supportingcast.biz .supportingcast.cc .supportingcast.co .supportingcast.fm; style-src 'self' 'unsafe-inline' .supportingcast.biz .supportingcast.cc .supportingcast.co .supportingcast.fm; font-src 'self' .supportingcast.biz .supportingcast.cc .supportingcast.co .supportingcast.fm; frame-src .supportingcast.biz .supportingcast.cc .supportingcast.co .supportingcast.fm; object-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blowback.supportingcast.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 19:28:11 GMT
age: 1377900
x-cache: HIT, HIT
content-length: 3923
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100025-IAD, cache-fra-etou8220043-FRA
cr-x-cache: HIT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 04 Dec 2023 18:05:20 GMT
accept-ch: Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA
x-timer: S1703359692.515845,VS0,VE2
etag: "656e14e0-f53"
x-frame-options: DENY
content-type: image/png
accept-ranges: bytes
x-cache-hits: 43, 1

GET
H2 200 pocket_casts.png
blowback.supportingcast.fm/images/logos/ 3 KB
4 KB 103ms
97ms Image
image/png 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blowback.supportingcast.fm/images/logos/pocket_casts.png

Requested by

Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

21dc690c0425157582fa108407ff628954398305ee35acbb6f17b35aceb4ae94

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' .supportingcast.cc .supportingcast.dev .supportingcast.co .supportingcast.fm; style-src 'self' 'unsafe-inline' .supportingcast.biz .supportingcast.cc .supportingcast.co .supportingcast.fm; font-src 'self' .supportingcast.biz .supportingcast.cc .supportingcast.co .supportingcast.fm; frame-src .supportingcast.cc .supportingcast.co .supportingcast.dev .supportingcast.fm; object-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blowback.supportingcast.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.cc *.supportingcast.dev *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.cc *.supportingcast.co *.supportingcast.dev *.supportingcast.fm; object-src 'none'
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 19:28:11 GMT
age: 547816
x-cache: HIT, HIT
content-length: 3467
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000045-IAD, cache-fra-etou8220043-FRA
cr-x-cache: HIT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 08 Dec 2023 21:33:14 GMT
accept-ch: Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA
x-timer: S1703359692.515832,VS0,VE1
etag: "65738b9a-d8b"
x-frame-options: DENY
content-type: image/png
accept-ranges: bytes
x-cache-hits: 89, 1

GET
H2 200 itunes.png
blowback.supportingcast.fm/images/logos/ 4 KB
4 KB 103ms
98ms Image
image/png 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blowback.supportingcast.fm/images/logos/itunes.png

Requested by

Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5924ae8d6b1620b7e637f43c64f546da193cae58fe2b6d932169ee80cd754842

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' .supportingcast.biz .supportingcast.cc .supportingcast.co .supportingcast.fm; style-src 'self' 'unsafe-inline' .supportingcast.biz .supportingcast.cc .supportingcast.co .supportingcast.fm; font-src 'self' .supportingcast.biz .supportingcast.cc .supportingcast.co .supportingcast.fm; frame-src .supportingcast.biz .supportingcast.cc .supportingcast.co .supportingcast.fm; object-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blowback.supportingcast.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; object-src 'none'
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 19:28:11 GMT
age: 2461128
x-cache: HIT, HIT
content-length: 3587
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200036-IAD, cache-fra-etou8220043-FRA
cr-x-cache: HIT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 27 Oct 2023 16:18:14 GMT
accept-ch: Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA
x-timer: S1703359692.516295,VS0,VE1
etag: "653be2c6-e03"
x-frame-options: DENY
content-type: image/png
accept-ranges: bytes
x-cache-hits: 566, 1

GET
H2 200 podcast_addict.png
blowback.supportingcast.fm/images/logos/ 4 KB
5 KB 104ms
99ms Image
image/png 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blowback.supportingcast.fm/images/logos/podcast_addict.png

Requested by

Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

26acc7255f577a53c63eb69f2efe25c47ce6b3c53a8b87835dc0aa013799254b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' .supportingcast.cc .supportingcast.dev .supportingcast.co .supportingcast.fm; style-src 'self' 'unsafe-inline' .supportingcast.biz .supportingcast.cc .supportingcast.co .supportingcast.fm; font-src 'self' .supportingcast.biz .supportingcast.cc .supportingcast.co .supportingcast.fm; frame-src .supportingcast.cc .supportingcast.co .supportingcast.dev .supportingcast.fm; object-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blowback.supportingcast.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.cc *.supportingcast.dev *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.cc *.supportingcast.co *.supportingcast.dev *.supportingcast.fm; object-src 'none'
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 19:28:11 GMT
age: 287918
x-cache: HIT, HIT
content-length: 4498
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200113-IAD, cache-fra-etou8220043-FRA
cr-x-cache: HIT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 13 Dec 2023 14:11:40 GMT
accept-ch: Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA
x-timer: S1703359692.516095,VS0,VE3
etag: "6579bb9c-1192"
x-frame-options: DENY
content-type: image/png
accept-ranges: bytes
x-cache-hits: 48, 1

GET
H2 200 WhatsApp_Image_2023-07-24_at_3.04.12_PM.jpeg
megaphone.imgix.net/podcasts/69767236-b9d9-11ec-b7e8-43d5b5760f0d/image/ 570 KB
571 KB 207ms
88ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://megaphone.imgix.net/podcasts/69767236-b9d9-11ec-b7e8-43d5b5760f0d/image/WhatsApp_Image_2023-07-24_at_3.04.12_PM.jpeg?ixlib=rails-4.3.1&max-w=3000&max-h=3000&fit=crop&auto=format,compress

Requested by

Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

53b1f3f90fab2fa9092e38a0146ad56961a576d2d0850a173d16819bcc694dc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blowback.supportingcast.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 19:28:11 GMT
x-content-type-options: nosniff
age: 806279
x-cache: HIT, HIT
x-imgix-id: a137cf7960869bc76efcdad0b214cdc55e1ef698
cross-origin-resource-policy: cross-origin
content-length: 583935
x-served-by: cache-sjc1000103-SJC, cache-fra-eddf8230119-FRA
x-imgix-render-farm: 01.140328
last-modified: Thu, 14 Dec 2023 11:30:12 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Blowback_CoverArt_1600x1600.jpg
megaphone.imgix.net/podcasts/69c48fa6-0917-11ed-8c47-c3ed877d985d/image/ 506 KB
506 KB 257ms
139ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://megaphone.imgix.net/podcasts/69c48fa6-0917-11ed-8c47-c3ed877d985d/image/Blowback_CoverArt_1600x1600.jpg?ixlib=rails-4.3.1&max-w=3000&max-h=3000&fit=crop&auto=format,compress

Requested by

Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

0eae50315b738a2dffa19f705222a650efbcb2f1a4c9557aa4a55b4295542738

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blowback.supportingcast.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 19:28:11 GMT
x-content-type-options: nosniff
age: 1653421
x-cache: HIT, HIT
x-imgix-id: d3bb16dc49af5588f184f38cd42a7821a3d70a83
cross-origin-resource-policy: cross-origin
content-length: 517737
x-served-by: cache-sjc1000141-SJC, cache-fra-eddf8230119-FRA
x-imgix-render-farm: 01.140328
last-modified: Mon, 04 Dec 2023 16:11:08 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 image.jpg
megaphone.imgix.net/podcasts/5fd0e08a-0917-11ed-9f79-57a14a02fc11/image/ 378 KB
378 KB 205ms
88ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://megaphone.imgix.net/podcasts/5fd0e08a-0917-11ed-9f79-57a14a02fc11/image/image.jpg?ixlib=rails-4.3.1&max-w=3000&max-h=3000&fit=crop&auto=format,compress

Requested by

Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

7d84929efc28e30a1badc31c814ea25801c81f9719edf2f771f24625b722cd21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blowback.supportingcast.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 19:28:11 GMT
x-content-type-options: nosniff
age: 128073
x-cache: HIT, HIT
x-imgix-id: 2b025ec5e5bed3871b7a57ebe21e926317175aca
cross-origin-resource-policy: cross-origin
content-length: 386586
x-served-by: cache-sjc10035-SJC, cache-fra-eddf8230119-FRA
x-imgix-render-farm: 01.140328
last-modified: Fri, 22 Dec 2023 07:53:38 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1b08115f-757f-4d87-afd9-ecbfff4f4506_blowback_season03_tile_altfont_1600x1600.jpg
megaphone.imgix.net/podcasts/e1a89912-42e2-11ee-b0fb-83c6fa38eb79/image/ 115 KB
115 KB 164ms
48ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://megaphone.imgix.net/podcasts/e1a89912-42e2-11ee-b0fb-83c6fa38eb79/image/1b08115f-757f-4d87-afd9-ecbfff4f4506_blowback_season03_tile_altfont_1600x1600.jpg?ixlib=rails-4.3.1&max-w=3000&max-h=3000&fit=crop&auto=format,compress

Requested by

Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

4b2e369edc50f9767b8cc13f374388bf15ce69f3d7ddb2f35d50096629d48a1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blowback.supportingcast.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 19:28:11 GMT
x-content-type-options: nosniff
age: 4402121
x-cache: HIT, HIT
x-imgix-id: c523b19b16ae0321b07151d8b333b3b328df0d86
cross-origin-resource-policy: cross-origin
content-length: 117667
x-served-by: cache-sjc1000145-SJC, cache-fra-eddf8230119-FRA
x-imgix-render-farm: 01.140328
last-modified: Thu, 02 Nov 2023 20:39:30 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 unnamed.jpeg
megaphone.imgix.net/podcasts/4dacf330-f634-11ec-9701-5b28e5af6808/image/ 479 KB
480 KB 163ms
47ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://megaphone.imgix.net/podcasts/4dacf330-f634-11ec-9701-5b28e5af6808/image/unnamed.jpeg?ixlib=rails-4.3.1&max-w=3000&max-h=3000&fit=crop&auto=format,compress

Requested by

Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

ca2b2f01f1dae5ee2bfe335564b4b9528fb146e6467527e0fc5b425813b7bc71

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blowback.supportingcast.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 19:28:11 GMT
x-content-type-options: nosniff
age: 4574588
x-cache: HIT, HIT
x-imgix-id: 1dcee5c27eab713dffb5cd17f55584b356ca5736
cross-origin-resource-policy: cross-origin
content-length: 490895
x-served-by: cache-sjc1000121-SJC, cache-fra-eddf8230119-FRA
x-imgix-render-farm: 01.140328
last-modified: Tue, 31 Oct 2023 20:45:04 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Ravager.jpg
megaphone.imgix.net/podcasts/21a582f0-5bb6-11ee-9777-9b8c2fdb0af8/image/ 132 KB
132 KB 204ms
89ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://megaphone.imgix.net/podcasts/21a582f0-5bb6-11ee-9777-9b8c2fdb0af8/image/Ravager.jpg?ixlib=rails-4.3.1&max-w=3000&max-h=3000&fit=crop&auto=format,compress

Requested by

Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

9c3e557b7d8c7982478dc0f575de1d309798b4416600d8c0f99011fa40916cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blowback.supportingcast.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 19:28:11 GMT
x-content-type-options: nosniff
age: 838048
x-cache: HIT, HIT
x-imgix-id: affc21242275c7bd4ed7278d1e29d711d7226965
cross-origin-resource-policy: cross-origin
content-length: 135427
x-served-by: cache-sjc10065-SJC, cache-fra-eddf8230119-FRA
x-imgix-render-farm: 01.140328
last-modified: Thu, 14 Dec 2023 02:40:42 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 spin.js Show response
media.supportingcast.fm/js/ 3 KB
3 KB 41ms
40ms Script
text/javascript 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://media.supportingcast.fm/js/spin.js?d=1703111113
Requested by: Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fe5f5e7e72312bcccc4cb3e07f0a4f71d2b5785d28dda708ea469549f25b3853

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blowback.supportingcast.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by: cache-fra-etou8220043-FRA
date: Sat, 23 Dec 2023 19:28:11 GMT
via: 1.1 varnish
cr-x-cache: HIT
last-modified: Wed, 20 Dec 2023 22:15:06 GMT
age: 1235
x-timer: S1703359691.367928,VS0,VE1
etag: "9943f9004db8e4924549aea726b06bf9"
x-amz-server-side-encryption: AES256
x-cache: HIT
content-type: text/javascript
accept-ranges: bytes
content-length: 3007
x-cache-hits: 1

GET
H2 200 app.js Show response
media.supportingcast.fm/js/ 975 KB
976 KB 43ms
42ms Script
text/javascript 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://media.supportingcast.fm/js/app.js?d=1703111113
Requested by: Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 17b8e7b6f234338812a8ea1d9dbc683ed7956e4d1e9f38a8fcf34447c7fc9827

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blowback.supportingcast.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by: cache-fra-etou8220043-FRA
date: Sat, 23 Dec 2023 19:28:11 GMT
via: 1.1 varnish
cr-x-cache: HIT
last-modified: Wed, 20 Dec 2023 22:15:06 GMT
age: 1235
x-timer: S1703359691.368694,VS0,VE2
etag: "57c8bafeb5a25f23b3eb15778ebb0a2f"
x-amz-server-side-encryption: AES256
x-cache: HIT
content-type: text/javascript
accept-ranges: bytes
content-length: 998431
x-cache-hits: 1

GET
H2 200 livewire.js Show response
blowback.supportingcast.fm/livewire/ 254 KB
255 KB 103ms
103ms Script
application/javascript 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://blowback.supportingcast.fm/livewire/livewire.js?id=8a199ab2

Requested by

Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ceb2e0d062a1f3dc5c416a7278fc331a9a33e5c971d34c045ca673bd60b914a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blowback.supportingcast.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits: 32, 1
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
date: Sat, 23 Dec 2023 19:28:11 GMT
age: 682000
x-cache: HIT, HIT
content-length: 260543
x-served-by: cache-iad-kjyo7100158-IAD, cache-fra-etou8220043-FRA
cr-x-cache: HIT
last-modified: Wed, 18 Oct 2023 11:18:12 GMT
x-timer: S1703359691.409409,VS0,VE12
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
permissions-policy: camera=(), display-capture=(self), fullscreen=(self), geolocation=(), microphone=(), web-share=()
accept-ranges: bytes
expires: Sun, 15 Dec 2024 22:01:31 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 156 KB
59 KB 144ms
55ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WJMC3SR6&l=gtmDataLayer

Requested by

Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

30de8e940b105b33272c6a7ad8874a0eebf4df6d925d2295962b1277a6b48ee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blowback.supportingcast.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 19:28:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60506
x-xss-protection: 0
last-modified: Sat, 23 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 23 Dec 2023 19:28:11 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 104 B
623 B 183ms
64ms Script
text/javascript 2a04:4e42:400::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=Object.assign%2CString.prototype.startsWith%2Cdocument.querySelector%2CURLSearchParams%2CReflect.apply%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CNumber.parseFloat%2CXMLHttpRequest%2ClocalStorage%2Chtml5shiv%2Cconsole.log%2Cconsole.error%2CSymbol.iterator%2CNodeList.prototype.%40%40iterator%2CArray.prototype.%40%40iterator%2Cfetch%2CPromise

Requested by

Host: media.supportingcast.fm
URL: https://media.supportingcast.fm/js/supportingcast_sdk.js?d=1703111113

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blowback.supportingcast.fm/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 19:28:11 GMT
age: 22533
detected-user-agent: Chrome Mobile/120.0.0
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=4
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 121
referrer-policy: origin-when-cross-origin
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/120.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 fa-solid-900.woff2
blowback.supportingcast.fm/css/webfonts/ 153 KB
154 KB 140ms
139ms Font
font/woff2 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://blowback.supportingcast.fm/css/webfonts/fa-solid-900.woff2

Requested by

Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/css/fontawesome/all.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' .supportingcast.cc .supportingcast.dev .supportingcast.co .supportingcast.fm; style-src 'self' 'unsafe-inline' .supportingcast.biz .supportingcast.cc .supportingcast.co .supportingcast.fm; font-src 'self' .supportingcast.biz .supportingcast.cc .supportingcast.co .supportingcast.fm; frame-src .supportingcast.cc .supportingcast.co .supportingcast.dev .supportingcast.fm; object-src 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blowback.supportingcast.fm/css/fontawesome/all.css
Origin: https://blowback.supportingcast.fm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; img-src 'self' *.supportingcast.cc *.supportingcast.dev *.supportingcast.co *.supportingcast.fm; style-src 'self' 'unsafe-inline' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; font-src 'self' *.supportingcast.biz *.supportingcast.cc *.supportingcast.co *.supportingcast.fm; frame-src *.supportingcast.cc *.supportingcast.co *.supportingcast.dev *.supportingcast.fm; object-src 'none'
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 19:28:11 GMT
age: 0
x-cache: HIT, MISS
content-length: 156496
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100063-IAD, cache-fra-etou8220043-FRA
cr-x-cache: HIT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 20 Dec 2023 22:14:12 GMT
accept-ch: Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA
x-timer: S1703359692.554729,VS0,VE90
etag: "65836734-26350"
x-frame-options: DENY
content-type: font/woff2
accept-ranges: bytes
x-cache-hits: 1, 0

POST
H2 200 / Show response
api.amplitude.com/ 7 B
226 B 214ms
213ms XHR
text/html 44.230.11.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: media.supportingcast.fm
URL: https://media.supportingcast.fm/js/app.js?d=1703111113

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.230.11.202 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-11-202.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://blowback.supportingcast.fm/
Cross-Origin-Resource-Policy: cross-origin
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 23 Dec 2023 19:28:12 GMT
strict-transport-security: max-age=15768000
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8
access-control-allow-origin: *
trace-id: Root=1-658734cc-01169cde6a57ecb2234e2392
content-length: 7

OPTIONS
H2 200 /
api.amplitude.com/ Frame 0
0 676ms
207ms Preflight 44.230.11.202
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.230.11.202 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-11-202.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: cross-origin-resource-policy
Access-Control-Request-Method: POST
Origin: https://blowback.supportingcast.fm
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: cross-origin-resource-policy
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
date: Sat, 23 Dec 2023 19:28:12 GMT
strict-transport-security: max-age=15768000

GET
H2 200 JOIN Show response
blowback.supportingcast.fm/ajax/v1/captcha/ 35 B
1 KB 161ms
161ms XHR
application/json 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://blowback.supportingcast.fm/ajax/v1/captcha/JOIN?

Requested by

Host: media.supportingcast.fm
URL: https://media.supportingcast.fm/js/supportingcast_sdk.js?d=1703111113

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

787a41dab1143d5e5aab4f3866baf83e86f15a9ae083d805f2795d510721aaff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://blowback.supportingcast.fm/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000054-IAD, cache-fra-etou8220043-FRA
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
cr-x-cache: MISS
date: Sat, 23 Dec 2023 19:28:11 GMT
x-timer: S1703359692.829988,VS0,VE122
x-ratelimit-remaining: 59
x-cache: MISS, MISS
content-type: application/json
cache-control: no-cache, private
permissions-policy: camera=(), display-capture=(self), fullscreen=(self), geolocation=(), microphone=(), web-share=()
x-ratelimit-limit: 60
accept-ranges: bytes
content-length: 35
x-cache-hits: 0, 0

GET
H2 200 / Show response
js.stripe.com/v3/ 579 KB
143 KB 159ms
49ms Script
text/javascript 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: media.supportingcast.fm
URL: https://media.supportingcast.fm/js/supportingcast_sdk.js?d=1703111113

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a1571d86b8170f5143bc5696c881e5314244228cc2451696f383bb1080af84b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blowback.supportingcast.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 19:27:27 GMT
content-encoding: br
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 46
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 22 Dec 2023 21:47:18 GMT
server: Cloudfront
etag: W/"4ec63ff996d5aa25b29f0a90d2021ae0"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: _ZpPQPB6Vp97vxOxtwIRG3dOwuN7Poceu2VZHjN6FgGpeJ2bMwO5Kw==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 138ms
50ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: media.supportingcast.fm
URL: https://media.supportingcast.fm/js/supportingcast_sdk.js?d=1703111113

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

25b0db3d3b80dc803b5354bc6d22e96b849b83d53671517ae3f70119ec155bc7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blowback.supportingcast.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 19:28:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 23 Dec 2023 19:28:11 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ 505 KB
203 KB 200ms
40ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://blowback.supportingcast.fm/
Origin: https://blowback.supportingcast.fm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 20:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207437
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Dec 2024 20:45:44 GMT

GET
H2 200 controller-a8db3be7204dff5e963b6f0fd5121b28.html Show response
js.stripe.com/v3/ Frame 101D 325 B
1 KB 91ms
91ms Document
text/html 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

6304ca07d33fa966939847acddaf96bb7f3b5d0a926e2122882bfc30a902c266

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blowback.supportingcast.fm/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 55
cache-control: max-age=60
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 23 Dec 2023 19:27:19 GMT
etag: "a8db3be7204dff5e963b6f0fd5121b28"
last-modified: Fri, 22 Dec 2023 21:08:02 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-id: XtGdZy0E1v-_m8GMA4PZvPP2FJO5jbS5AgZClIoirQyA4-FJdjtQXw==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html Show response
js.stripe.com/v3/ Frame 4F1D 798 B
2 KB 85ms
85ms Document
text/html 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

9e8417dbf5f2215e91aed66fd3f0e619149f1f2dc3519977f4c663061a9759eb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blowback.supportingcast.fm/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 232
cache-control: max-age=31536000
content-length: 798
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 23 Dec 2023 19:24:22 GMT
etag: "74c94b12a3c991276d75d7e7135461e8"
last-modified: Fri, 22 Dec 2023 21:08:03 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-id: zXNaXDjT-QLU8RwbZOisj-kfb4TYzVTPWMMJ8RfBIWVzsubPpr9p2A==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html Show response
js.stripe.com/v3/ Frame F5CA 408 B
1 KB 84ms
84ms Document
text/html 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

759813d8a110733c43a0ffa3f09f267f94df572b482fd7bc050c66edabedc8e9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blowback.supportingcast.fm/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3583
cache-control: max-age=31536000
content-length: 408
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 23 Dec 2023 18:28:30 GMT
etag: "195e55d1b52949b175298b3e54db37fd"
last-modified: Fri, 22 Dec 2023 21:08:17 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-id: fv8aDGCryK1jJl3KnMTGDXdM_pGC5zbUrnKEU3h7ZpuKrR7O4X0uyg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-browser-434e8078d5c09b7f511e68744cf1c8cd.html Show response
js.stripe.com/v3/ Frame 028D 344 B
2 KB 79ms
79ms Document
text/html 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-434e8078d5c09b7f511e68744cf1c8cd.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ed239f990af2e4be1964ed4f17fe93eb53315dd9590386a241d2325b376f196d

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blowback.supportingcast.fm/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 21
cache-control: max-age=60
content-length: 344
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 23 Dec 2023 19:27:53 GMT
etag: "434e8078d5c09b7f511e68744cf1c8cd"
last-modified: Fri, 22 Dec 2023 21:08:17 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-id: f-ukNKmkGgtIYb-zOe4L2jEUuV-PxK_1NB8QC2kWwqrrUj8d2PQtXw==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 shared-07463ca4fad8fb90811dcddd012256e9.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 101D 531 KB
117 KB 47ms
45ms Script
text/javascript 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 19:09:31 GMT
content-encoding: br
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1121
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 22 Dec 2023 21:08:16 GMT
server: Cloudfront
etag: W/"cc4990a44decc4d7380c63eabf6828f6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: EibWoRDH_5QTpDYIUFqA6FzD7_dzT6o35raYgFSd88b-Un3dZ43Irw==

GET
H2 200 controller-a6adb4ef0ca375ec8cc3d7f6e679344e.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 101D 688 KB
159 KB 71ms
69ms Script
text/javascript 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-a6adb4ef0ca375ec8cc3d7f6e679344e.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

bb2798b8ec3b2526abc17688ce317cf0666ff92bddeb2c50c804e095963e126c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 19:09:31 GMT
content-encoding: br
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1121
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 22 Dec 2023 21:08:14 GMT
server: Cloudfront
etag: W/"5ce54273e9cefa73649bdfcbf46e58d4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: GEUdEpLCYLeMnWSLcuoQuQXUUBII6LOoZ385cYUo21yk2l56_RajdQ==

POST
H2 200 csp-report
q.stripe.com/ Frame 101D 0
717 B 877ms
418ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 19:28:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703359692997577
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703359692996220
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-07463ca4fad8fb90811dcddd012256e9.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4F1D 531 KB
117 KB 93ms
92ms Script
text/javascript 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 19:09:31 GMT
content-encoding: br
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1121
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 22 Dec 2023 21:08:16 GMT
server: Cloudfront
etag: W/"cc4990a44decc4d7380c63eabf6828f6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Gzr971V8_is1t3orJR737LGmc_BTGQRC-c46MKNrL7XeLKgXwiFmwQ==

GET
H2 200 ui-shared-897f16408e805d064314826d31faa4db.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4F1D 404 KB
103 KB 113ms
111ms Script
text/javascript 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-897f16408e805d064314826d31faa4db.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

b82b66c127a4530741e03f6fa8e24274194078e8168f6d9840069b9a5c2ac361

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 19:10:36 GMT
content-encoding: br
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1063
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 22 Dec 2023 21:08:17 GMT
server: Cloudfront
etag: W/"6ebbdf76ea3cb97b8ef1d372be5bd37c"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: xRCa_b8A9_nK06OhcJYlynITnh_8cXPYibIYBRcN-BCJ4W513QMsEw==

GET
H2 200 elements-inner-card-314583ee5aba122b99ed2a8ac5b7406f.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4F1D 52 KB
13 KB 149ms
149ms Script
text/javascript 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-314583ee5aba122b99ed2a8ac5b7406f.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

413e38836dfb0157ba879c8ee095223bc38d8f9f6013c7180f6b7e2f1ac67dcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 19:19:26 GMT
content-encoding: br
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 608
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Thu, 21 Dec 2023 18:13:40 GMT
server: Cloudfront
etag: W/"b5688a01127f6b7ade6e2a5679b5b032"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: DMxOtTtUAK3V7cJOwcW3-oVH1yp8HAJAA8RQqNPWGA0AcNl2m2SyrA==

GET
H2 200 ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 4F1D 20 KB
3 KB 89ms
88ms Stylesheet
text/css 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 18:47:35 GMT
content-encoding: br
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2437
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Wed, 13 Dec 2023 01:22:02 GMT
server: Cloudfront
etag: W/"b361d7109e9925ca18e32c9da528520f"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: qkstFpJej0-lsccGlT_7tfzhqkin02xsWY_lDrMaKzKVwOhcPi5MJw==

GET
H2 200 elements-inner-card-efe1765a974efe6433f55f443e85c0d4.css
js.stripe.com/v3/fingerprinted/css/ Frame 4F1D 14 KB
2 KB 91ms
90ms Stylesheet
text/css 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-efe1765a974efe6433f55f443e85c0d4.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

33111c5d00b2e2e4e89f17402709ba30a1563e8c4d2fa93cf5756b44c7d1ee97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 18:39:46 GMT
content-encoding: br
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2907
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Mon, 18 Dec 2023 21:16:55 GMT
server: Cloudfront
etag: W/"8385166c06e8d209fc459b542697c4fb"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: w_tA3UhXq3ZFzCRlTp_igp9_w6ey3UBGQBx5hHTfA93J-gT2w5xh8g==

GET
H2 200 shared-07463ca4fad8fb90811dcddd012256e9.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 028D 531 KB
117 KB 153ms
150ms Script
text/javascript 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-434e8078d5c09b7f511e68744cf1c8cd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-434e8078d5c09b7f511e68744cf1c8cd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 19:09:31 GMT
content-encoding: br
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1121
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 22 Dec 2023 21:08:16 GMT
server: Cloudfront
etag: W/"cc4990a44decc4d7380c63eabf6828f6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 5k4VQ40EtsVtuQJh0LfWq4vpu9i4iYYuG-TCGASPhJPMPd8CFoYI-A==

GET
H2 200 payment-request-inner-browser-cfd09fde482546e2c8879bce0010f91c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 028D 13 KB
6 KB 155ms
153ms Script
text/javascript 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-cfd09fde482546e2c8879bce0010f91c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-434e8078d5c09b7f511e68744cf1c8cd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1df19255b4b07c13647377049a5d3d4b23519c012b91e923ee22cf18c4e8d2b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-434e8078d5c09b7f511e68744cf1c8cd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 19:19:05 GMT
content-encoding: br
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 613
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Thu, 21 Dec 2023 18:13:42 GMT
server: Cloudfront
etag: W/"9d64070358354c97251ee8d4e282ba7b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: li3Ridlh7zo1DBlmWffoUrbZLABlqkHlbqpH0fxtnbAFQgi-ap8eog==

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame F5CA 120 KB
37 KB 244ms
100ms Script
application/javascript 2a00:1450:400c:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f29af0f45d2483d7b111bf75d2962e7d0a14ef3214068e7d334c09c4620379d3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-4Xrt1Bp7ElrsfldchTDbbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 19:28:12 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-4Xrt1Bp7ElrsfldchTDbbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sat, 23 Dec 2023 19:28:12 GMT

GET
H2 200 shared-07463ca4fad8fb90811dcddd012256e9.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F5CA 531 KB
117 KB 156ms
154ms Script
text/javascript 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 19:09:31 GMT
content-encoding: br
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1121
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 22 Dec 2023 21:08:16 GMT
server: Cloudfront
etag: W/"cc4990a44decc4d7380c63eabf6828f6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: brjonDrsU4cQMQFmE0ve3TanrOLl-8V-mKe4oSWgzW9xxxmV4o7efw==

GET
H2 200 payment-request-inner-google-pay-1c2b8933acfb718f7ad8ea902a01c962.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F5CA 12 KB
5 KB 45ms
44ms Script
text/javascript 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-1c2b8933acfb718f7ad8ea902a01c962.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

473efdf61f08fc2ad04df7be0d974c921dea47ac2ea5c6b848a75f6b5db1da73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-195e55d1b52949b175298b3e54db37fd.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 19:09:56 GMT
content-encoding: br
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1097
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Thu, 21 Dec 2023 21:05:35 GMT
server: Cloudfront
etag: W/"c1a7d86250f7fde747d6585463beef22"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Q0wnF4MgNfcQ923w-xLEUXyKcdYiiUvFdluRuwp3sNEahwq6wQoclw==

POST
H2 200 csp-report
q.stripe.com/ Frame 4F1D 0
717 B 855ms
420ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 19:28:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703359692996612
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703359692996128
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 4F1D 0
718 B 646ms
212ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 19:28:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703359692792002
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703359692791360
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 028D 0
717 B 855ms
425ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 19:28:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703359693000169
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703359692999717
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 028D 0
717 B 860ms
429ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 19:28:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703359693001181
x-envoy-upstream-service-time: 4
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703359692999810
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame F5CA 0
717 B 856ms
429ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 19:28:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703359693000997
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703359693000094
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame F5CA 0
717 B 848ms
430ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 19:28:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703359693001698
x-envoy-upstream-service-time: 4
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703359693000063
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 101D 474 B
864 B 137ms
47ms Fetch
application/json 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-9.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 23 Dec 2023 19:27:23 GMT
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
last-modified: Fri, 22 Dec 2023 21:47:19 GMT
server: Cloudfront
age: 50
x-amz-cf-pop: FRA6-C1
etag: "bfcbcb1c52cb90f9deaffee5559683d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: cgeviDVJ387KSxw0Xd2WSjokfOmWTWjUrR6OHuelx-XS7bevxGVM0g==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 101D 474 B
863 B 119ms
47ms Fetch
application/json 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-9.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-a8db3be7204dff5e963b6f0fd5121b28.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 23 Dec 2023 19:27:23 GMT
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
last-modified: Fri, 22 Dec 2023 21:47:19 GMT
server: Cloudfront
age: 50
x-amz-cf-pop: FRA6-C1
etag: "bfcbcb1c52cb90f9deaffee5559683d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: -zKG95i38-yLJm-vYUtoQRaBRgGQf2R_XGUKpSz_dZeStoZX7ccYkQ==

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 7B67 43 KB
27 KB 64ms
63ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldae0IaAAAAAIpsQoSzGlMrY_m5AQCxH83PX25I&co=aHR0cHM6Ly9ibG93YmFjay5zdXBwb3J0aW5nY2FzdC5mbTo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&theme=light&size=normal&cb=nax9g727gjh8

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7005ef7f6e1e74d04f4140f92848d6951a01a27b54691fe2959a041d49e6f757

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lOidCY_E5DoUc5fkTYYzvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blowback.supportingcast.fm/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-lOidCY_E5DoUc5fkTYYzvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 19:28:12 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame 101D 2 KB
3 KB 429ms
316ms Fetch
application/json 198.202.176.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.202.176.201 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6f7476e50d44b55bca80bf8090de96c19c604054abc16fec4b8f8e1ea15c7ce2

Security Headers

Name	Value
Content-Security-Policy	report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 23 Dec 2023 19:28:12 GMT
content-security-policy: report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 2469
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
cross-origin-opener-policy-report-only: same-origin; report-to=https://q.stripe.com/coop-report
expires: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 4F1D 474 B
863 B 43ms
42ms Fetch
application/json 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-9.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 23 Dec 2023 19:27:23 GMT
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
last-modified: Fri, 22 Dec 2023 21:47:19 GMT
server: Cloudfront
age: 50
x-amz-cf-pop: FRA6-C1
etag: "bfcbcb1c52cb90f9deaffee5559683d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: zWqE_xuFLPi0runu5wTEyqMF9df5qlJBRibieTuQ1Zt591I1MuYWjg==

GET
H2 200 countryRanges-9ffc15b92962ca316164b9a5ff4c1917.json Show response
js.stripe.com/v3/fingerprinted/data/ Frame 4F1D 145 KB
37 KB 53ms
52ms Fetch
application/json 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/data/countryRanges-9ffc15b92962ca316164b9a5ff4c1917.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

007b4be1404b0f21a158fa83a2ae9375393b2d932a17e9745aa392fcadc7cf2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 23 Dec 2023 18:41:32 GMT
content-encoding: br
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 2801
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Thu, 14 Dec 2023 21:10:40 GMT
server: Cloudfront
etag: W/"9ffc15b92962ca316164b9a5ff4c1917"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: IlVbuvmP2HrtEv6Z-lfulIPbYwqVdelidcaOiocVfNGPpL7Kr_Yssw==

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 7B67 55 KB
24 KB 120ms
40ms Stylesheet
text/css 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldae0IaAAAAAIpsQoSzGlMrY_m5AQCxH83PX25I&co=aHR0cHM6Ly9ibG93YmFjay5zdXBwb3J0aW5nY2FzdC5mbTo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&theme=light&size=normal&cb=nax9g727gjh8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 18:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 22 Dec 2024 18:30:08 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 7B67 505 KB
203 KB 139ms
59ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 20:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168148
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207437
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Dec 2024 20:45:44 GMT

POST
H2 200 b Show response
r.stripe.com/ Frame 101D 0
273 B 590ms
564ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 19:28:13 GMT
x-stripe-server-envoy-start-time-us: 1703359693207287
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1703359693206664
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 101D 0
273 B 414ms
389ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 19:28:13 GMT
x-stripe-server-envoy-start-time-us: 1703359693001397
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1703359693000737
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 101D 0
273 B 397ms
373ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 19:28:13 GMT
x-stripe-server-envoy-start-time-us: 1703359693001568
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1703359693000987
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 101D 0
273 B 412ms
389ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 19:28:13 GMT
x-stripe-server-envoy-start-time-us: 1703359693001681
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1703359693000991
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 101D 0
272 B 394ms
373ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 19:28:13 GMT
x-stripe-server-envoy-start-time-us: 1703359693001660
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1703359693001202
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 101D 0
273 B 394ms
374ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 19:28:13 GMT
x-stripe-server-envoy-start-time-us: 1703359693001893
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1703359693001269
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 101D 0
273 B 409ms
390ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 19:28:13 GMT
x-stripe-server-envoy-start-time-us: 1703359693001435
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1703359693000931
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 101D 0
273 B 393ms
374ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 19:28:13 GMT
x-stripe-server-envoy-start-time-us: 1703359693001471
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1703359693000830
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 101D 0
273 B 390ms
375ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 19:28:13 GMT
x-stripe-server-envoy-start-time-us: 1703359693001459
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1703359693000998
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 101D 0
273 B 401ms
390ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 19:28:13 GMT
x-stripe-server-envoy-start-time-us: 1703359693001265
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1703359693000892
access-control-allow-credentials: true
content-length: 0

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame EBD8 19 KB
8 KB 113ms
112ms Document
text/html 2a00:1450:400c:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8e68bfd1394084396319972d5c237647a3a44aec86444681ad009d56953e1577

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-DOR7aPZk5ry-JeYn_yq9YQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-DOR7aPZk5ry-JeYn_yq9YQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Sat, 23 Dec 2023 19:28:12 GMT
expires: Sat, 23 Dec 2023 19:28:12 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 4F1D 474 B
863 B 51ms
51ms Fetch
application/json 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-9.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-74c94b12a3c991276d75d7e7135461e8.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 23 Dec 2023 19:27:23 GMT
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
last-modified: Fri, 22 Dec 2023 21:47:19 GMT
server: Cloudfront
age: 50
x-amz-cf-pop: FRA6-C1
etag: "bfcbcb1c52cb90f9deaffee5559683d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: HG3iNotRvRvv6kMDRtu_r1aRzFRXpitZqY4TwiSYr_UP3JfrNlouCA==

POST
H2 200 b Show response
r.stripe.com/ Frame 101D 0
273 B 550ms
549ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 19:28:13 GMT
x-stripe-server-envoy-start-time-us: 1703359693207472
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1703359693206833
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 101D 0
273 B 545ms
545ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 19:28:13 GMT
x-stripe-server-envoy-start-time-us: 1703359693207024
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1703359693206770
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 101D 0
273 B 525ms
525ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 19:28:13 GMT
x-stripe-server-envoy-start-time-us: 1703359693211555
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1703359693210870
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 4F1D 0
273 B 507ms
507ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 19:28:13 GMT
x-stripe-server-envoy-start-time-us: 1703359693211274
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1703359693210977
access-control-allow-credentials: true
content-length: 0

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame EBD8 2 KB
2 KB 147ms
147ms Other
text/html 2a00:1450:400c:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 19:28:12 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame EBD8 159 KB
56 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

732b65d05835e912a6f475e5ed7a1f964b3a1bbf780291aac50685c5e0933e18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:20:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 353250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57423
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 13:07:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 17:20:42 GMT

POST
H2 200 b Show response
r.stripe.com/ Frame 101D 0
273 B 400ms
400ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 19:28:13 GMT
x-stripe-server-envoy-start-time-us: 1703359693215605
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1703359693215178
access-control-allow-credentials: true
content-length: 0

GET
H2 200 hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html Show response
js.stripe.com/v3/ Frame 703D 70 KB
24 KB 46ms
45ms Document
text/html 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

06a1918709ba854bcfe97ef585a6cd91c56671b6d23c7ee5ed5177ad97e67243

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; script-src 'self' 'sha256-CBu0w5uiOaPgb2R6Zgf7E0+STJHF4lcPIdhZzQXE6yk='; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 38
cache-control: max-age=60
content-encoding: br
content-security-policy: base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; script-src 'self' 'sha256-CBu0w5uiOaPgb2R6Zgf7E0+STJHF4lcPIdhZzQXE6yk='; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; script-src 'self'; style-src 'self'; worker-src https://newassets.hcaptcha.com; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 23 Dec 2023 19:27:46 GMT
etag: W/"078b5f9fb44d244a9ec072f93a216630"
last-modified: Fri, 22 Dec 2023 21:08:17 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-id: Udp_nB6f0cAGnD_DlRSwu7ZwIAtKkd5xQMjl67UQSPoeyCbTCPZjzg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 b Show response
r.stripe.com/ Frame 101D 0
273 B 382ms
382ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 19:28:13 GMT
x-stripe-server-envoy-start-time-us: 1703359693215507
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1703359693215231
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 101D 0
273 B 386ms
385ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 19:28:13 GMT
x-stripe-server-envoy-start-time-us: 1703359693215888
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1703359693215266
access-control-allow-credentials: true
content-length: 0

GET
H2 200 phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js Show response
js.stripe.com/v3/fingerprinted/js/ 148 KB
35 KB 47ms
47ms Script
text/javascript 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

621661fe1c7a59420c624f7a421c566ebfb38cfbc7edd98ee0462c44d15971f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blowback.supportingcast.fm/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 19:18:10 GMT
content-encoding: br
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 610
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Thu, 21 Dec 2023 18:13:42 GMT
server: Cloudfront
etag: W/"f7a3e754fa2fa9117506f69f618b5778"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: SGHf-qjmofen97OFmQe-NcWgKjgrNuKCQYJBEmEGd2zrxvh4LSs1YA==

GET
H2 200 elements-inner-link-button-for-card-a06d4d40d90d009417ba1db36e0f9c11.html Show response
js.stripe.com/v3/ Frame 0980 73 KB
16 KB 50ms
50ms Document
text/html 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-link-button-for-card-a06d4d40d90d009417ba1db36e0f9c11.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

baced10a1e2fcdbd05f7de1237a14c3bda821982f597403140606c21ebdc8055

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blowback.supportingcast.fm/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 1049
cache-control: max-age=31536000
content-encoding: br
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 23 Dec 2023 19:10:44 GMT
etag: W/"a06d4d40d90d009417ba1db36e0f9c11"
last-modified: Fri, 22 Dec 2023 21:08:03 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-id: N_mwT8OA-9mx7M1ZAeqhYUT2Xl0SwtWVdBp2NMu0sxUNTIHbpJgxEA==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 b Show response
r.stripe.com/ Frame 101D 0
273 B 369ms
369ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 19:28:13 GMT
x-stripe-server-envoy-start-time-us: 1703359693215949
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1703359693215394
access-control-allow-credentials: true
content-length: 0

GET
H3 200 SHUkEiphQuZqXyLzDNA1LcOjIY5P93oSbI0OKMKltYY.js Show response
www.google.com/js/bg/ Frame 7B67 17 KB
7 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/SHUkEiphQuZqXyLzDNA1LcOjIY5P93oSbI0OKMKltYY.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

487524122a6142e66a5f22f30cd0352dc3a3218e4ff77a126c8d0e28c2a5b586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldae0IaAAAAAIpsQoSzGlMrY_m5AQCxH83PX25I&co=aHR0cHM6Ly9ibG93YmFjay5zdXBwb3J0aW5nY2FzdC5mbTo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&theme=light&size=normal&cb=nax9g727gjh8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 02:49:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59924
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6849
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 22 Dec 2024 02:49:29 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 703D 0
717 B 285ms
284ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 19:28:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703359693216138
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703359693215600
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 703D 0
717 B 298ms
298ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 19:28:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703359693216138
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703359693215593
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 7B67 102 B
135 B 49ms
49ms Other
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3a80700d48e107eb08205a346562ae28a95f3fe0da0d7382847a2c0a52a02c0a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldae0IaAAAAAIpsQoSzGlMrY_m5AQCxH83PX25I&co=aHR0cHM6Ly9ibG93YmFjay5zdXBwb3J0aW5nY2FzdC5mbTo0NDM.&hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&theme=light&size=normal&cb=nax9g727gjh8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 19:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sat, 23 Dec 2023 19:28:13 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 0980 0
717 B 272ms
271ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 19:28:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703359693216030
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703359693215605
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 0980 0
717 B 288ms
288ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 19:28:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703359693216329
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703359693215648
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-07463ca4fad8fb90811dcddd012256e9.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0980 531 KB
117 KB 45ms
44ms Script
text/javascript 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-link-button-for-card-a06d4d40d90d009417ba1db36e0f9c11.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-link-button-for-card-a06d4d40d90d009417ba1db36e0f9c11.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 19:09:31 GMT
content-encoding: br
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1122
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Fri, 22 Dec 2023 21:08:16 GMT
server: Cloudfront
etag: W/"cc4990a44decc4d7380c63eabf6828f6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: uZUNXWjaDvhb3ZtwYXbbz35_KbBLNiVbGaMwiAR6GI-g5ENAn11viQ==

GET
H2 200 elements-inner-link-button-for-card-48102b5e91ecfa8d33b04887579b84b2.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0980 24 KB
9 KB 50ms
49ms Script
text/javascript 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-link-button-for-card-48102b5e91ecfa8d33b04887579b84b2.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-link-button-for-card-a06d4d40d90d009417ba1db36e0f9c11.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

5ca17cf5ee16c74721842f419ce5fc8066de6d6e202a80bf3be6125ebb804119

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-link-button-for-card-a06d4d40d90d009417ba1db36e0f9c11.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 19:18:34 GMT
content-encoding: br
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 586
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Thu, 21 Dec 2023 18:13:40 GMT
server: Cloudfront
etag: W/"fc0cf4881a463ad55517e228b0a6d055"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: zj0OiAdB2DCFqRU-CHW0UE1S9AMdKyoMW3isyjzAUS1wFGGzYf2SQw==

GET
H2 200 elements-inner-link-button-for-card-42a4ee70245e79dcd6b946f237887fcd.css
js.stripe.com/v3/fingerprinted/css/ Frame 0980 25 KB
4 KB 49ms
48ms Stylesheet
text/css 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-link-button-for-card-42a4ee70245e79dcd6b946f237887fcd.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-link-button-for-card-a06d4d40d90d009417ba1db36e0f9c11.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

88c3d4d5beaaf259f1a4d85ec5c6b14e74ea9d0a6ce99751fa218f57757785c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-link-button-for-card-a06d4d40d90d009417ba1db36e0f9c11.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 19:15:40 GMT
content-encoding: br
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 755
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
last-modified: Sat, 16 Dec 2023 02:01:22 GMT
server: Cloudfront
etag: W/"08aa13fc3d627e7cc58096e8a319c2c8"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: JdORa5MDQXmlK4zNotMn4Ym7nQ1qRlEvREHplYt8QhwPucyq2745_A==

GET
H3 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5... Frame EBD8 73 KB
27 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj1k37VkSEkNVO72kvRsKqZIl4kDg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/am=gEEY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhdT3ipIyw5n9bAoLSt16buz1Vx5w/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4df36e15df2960947ccc39a9e1e22e3656b0855b5c48af6b773a4d86dfd4dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 20:47:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27264
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 05:55:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 20:47:02 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 703D 0
717 B 280ms
280ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 19:28:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703359693216609
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703359693215618
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 703D 474 B
863 B 43ms
43ms Fetch
application/json 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-9.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 23 Dec 2023 19:27:23 GMT
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
last-modified: Fri, 22 Dec 2023 21:47:19 GMT
server: Cloudfront
age: 51
x-amz-cf-pop: FRA6-C1
etag: "bfcbcb1c52cb90f9deaffee5559683d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: AopQHDibPduPSCTjjKu39eMCN0iruWef4qMwXPpNVFqH2yQnUgLhPg==

GET
H2 200 HCaptchaInvisible.html Show response
b.stripecdn.com/stripethirdparty-srv/assets/v20.0/ Frame B195 419 B
1 KB 195ms
51ms Document
text/html 2600:9000:262a:3400:b:1d09:f200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=de79914f-a035-44b7-8750-29b286491c1b&origin=https%3A%2F%2Fjs.stripe.com

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:262a:3400:b:1d09:f200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

368dd7da190a6dab28436caf13245f59879fdb08fb07f4bf0b9e5f6b6e4fe7d2

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; connect-src 'self' https://hcaptcha.com https://.hcaptcha.com https://errors.stripe.com; default-src 'self'; form-action 'none'; frame-src https://hcaptcha.com https://.hcaptcha.com; img-src 'self'; script-src 'self' https://hcaptcha.com https://.hcaptcha.com; style-src 'self' https://hcaptcha.com https://.hcaptcha.com; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 44
cache-control: max-age=60
content-length: 419
content-security-policy: base-uri 'self'; connect-src 'self' https://hcaptcha.com https://*.hcaptcha.com https://errors.stripe.com; default-src 'self'; form-action 'none'; frame-src https://hcaptcha.com https://*.hcaptcha.com; img-src 'self'; script-src 'self' https://hcaptcha.com https://*.hcaptcha.com; style-src 'self' https://hcaptcha.com https://*.hcaptcha.com; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 23 Dec 2023 19:27:37 GMT
etag: "f2595495e2e037e4030e4508b2132de6"
last-modified: Wed, 20 Dec 2023 10:13:46 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding,Origin
via: 1.1 e3a22956d967223c0e78cf3ccbf67b6c.cloudfront.net (CloudFront)
x-amz-cf-id: igW3lGYWRMF2-nn8blx_viKtRVgXr39rWGZcoCRP04uK4aKjYJ6xTw==
x-amz-cf-pop: CDG52-P6
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5... Frame EBD8 9 KB
4 KB 45ms
40ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj1k37VkSEkNVO72kvRsKqZIl4kDg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3d47ae3412cfab8873f856540401242f2da0e37077c0839b5e33925d36183e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 20:56:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 340302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3732
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 05:55:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 20:56:31 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5... Frame EBD8 37 KB
14 KB 43ms
40ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.0LGLfpcyHa0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.BIAwI5M4WSM.L.B1.O/am=gEEY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8,ws9Tlc/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrj1k37VkSEkNVO72kvRsKqZIl4kDg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02d8f5e03704768aa366ab03f03808f1e9ea6a7b18e2006febe0fb5b7e036a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 20:56:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 340302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14260
x-xss-protection: 0
last-modified: Tue, 12 Dec 2023 05:55:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 20:56:31 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame EBD8 1 MB
376 KB 105ms
105ms XHR
text/html 2a00:1450:400c:c02::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c02::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d084ef834a0a113c2379b80ceba3b22eadb5cf2dc9bfe9561db30941de70d00a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5x6PZJ3iwDA2FLyCqEIAEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 19:28:13 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-5x6PZJ3iwDA2FLyCqEIAEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sat, 23 Dec 2023 19:28:13 GMT

GET
H2 200 api.js Show response
hcaptcha.com/1/ Frame B195 326 KB
92 KB 132ms
45ms Script
application/javascript 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/1/api.js?onload=captchaLoad&render=explicit

Requested by

Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=de79914f-a035-44b7-8750-29b286491c1b&origin=https%3A%2F%2Fjs.stripe.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

319e5a4819a9b54b551ca09ee13f2e9f7f34cc7c3b53369c9fe5e5493dbb32e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b.stripecdn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 19:28:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 351bb5fb1bd6097be2e9d8a05c34165c.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: hseit97.H306pA6BIbqxKZ.3ehwcD0gP
age: 0
x-amz-cf-pop: TXL50-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 20 Dec 2023 14:33:57 GMT
server: cloudflare
etag: W/"e80b1a7098d3b9624a08a3ac7a13046f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
cf-ray: 83a301a39fabaca9-TXL
x-amz-cf-id: wkX5LBtoM94UidMPB5VmWboaTku2WC1ADWL-VI-HlHUmkg1tBGkFLw==

GET
H2 200 vendors~AddressAutocomplete~AffirmInContext~AmazonPayButton~AuthMap~DemoPayButton~DynamicMap~GoogleA~1c9fb8cc.4ccf3f5b466328f5ff42.bundle.js Show response
b.stripecdn.com/stripethirdparty-srv/assets/v20.0/ Frame B195 114 KB
35 KB 63ms
62ms Script
text/javascript 2600:9000:262a:3400:b:1d09:f200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/vendors~AddressAutocomplete~AffirmInContext~AmazonPayButton~AuthMap~DemoPayButton~DynamicMap~GoogleA~1c9fb8cc.4ccf3f5b466328f5ff42.bundle.js

Requested by

Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=de79914f-a035-44b7-8750-29b286491c1b&origin=https%3A%2F%2Fjs.stripe.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:262a:3400:b:1d09:f200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

301850f8ca8b8c106497210d9d78aa7b4e1339f42f01aebff119f7f633984966

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=de79914f-a035-44b7-8750-29b286491c1b&origin=https%3A%2F%2Fjs.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 19:03:41 GMT
via: 1.1 e3a22956d967223c0e78cf3ccbf67b6c.cloudfront.net (CloudFront)
age: 1483
x-amz-cf-pop: CDG52-P6
x-cache: Hit from cloudfront
last-modified: Wed, 20 Dec 2023 10:13:46 GMT
server: Cloudfront
etag: W/"bee965892c4aac937bcf9539ea1cdb95"
vary: Accept-Encoding,Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=31536000, public
timing-allow-origin: *
x-amz-cf-id: eQkQahiQXSqHxBAG3uLESFDq3OBrvVe9AfTyXA-TbUeGCk5py5r-gw==

GET
H2 200 HCaptchaInvisible.ae63b51d892d21e8f568.bundle.js Show response
b.stripecdn.com/stripethirdparty-srv/assets/v20.0/ Frame B195 17 KB
7 KB 54ms
52ms Script
text/javascript 2600:9000:262a:3400:b:1d09:f200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.ae63b51d892d21e8f568.bundle.js

Requested by

Host: b.stripecdn.com
URL: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=de79914f-a035-44b7-8750-29b286491c1b&origin=https%3A%2F%2Fjs.stripe.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:262a:3400:b:1d09:f200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

5ab11304d671d352bac6554d49fffd0f81d7ed1bced6bdf9c021e6e0fa538494

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://b.stripecdn.com/stripethirdparty-srv/assets/v20.0/HCaptchaInvisible.html?id=de79914f-a035-44b7-8750-29b286491c1b&origin=https%3A%2F%2Fjs.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 23 Dec 2023 19:04:07 GMT
via: 1.1 e3a22956d967223c0e78cf3ccbf67b6c.cloudfront.net (CloudFront)
age: 1482
x-amz-cf-pop: CDG52-P6
x-cache: Hit from cloudfront
last-modified: Wed, 20 Dec 2023 10:13:46 GMT
server: Cloudfront
etag: W/"b8e83aaf649bb3940fb65537c506c37a"
vary: Accept-Encoding,Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=31536000, public
timing-allow-origin: *
x-amz-cf-id: Ug0KogNox3j1hhIE3aK0prj-NZzBeGW5wQexzaxVf3HT_Rzy-qCG1Q==

POST
H2 200 csp-report
q.stripe.com/ Frame B195 0
491 B 218ms
214ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://b.stripecdn.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 19:28:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703359693427095
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1703359693426595
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 696E 7 KB
1 KB 55ms
55ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6Ldae0IaAAAAAIpsQoSzGlMrY_m5AQCxH83PX25I

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

69b296317cdaeeef4d55d416bddac32b92dd2aeb6ccb99bb76ed7da88559da35

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TQ9ad3JLCwmM1v7cJNsWWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blowback.supportingcast.fm/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-TQ9ad3JLCwmM1v7cJNsWWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 19:28:13 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 b Show response
r.stripe.com/ Frame 101D 0
273 B 215ms
214ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 19:28:13 GMT
x-stripe-server-envoy-start-time-us: 1703359693464389
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1703359693464086
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 101D 0
273 B 215ms
214ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 19:28:13 GMT
x-stripe-server-envoy-start-time-us: 1703359693465366
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1703359693464842
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 101D 0
273 B 215ms
214ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 19:28:13 GMT
x-stripe-server-envoy-start-time-us: 1703359693487120
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1703359693486132
access-control-allow-credentials: true
content-length: 0

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 696E 55 KB
24 KB 40ms
39ms Stylesheet
text/css 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6Ldae0IaAAAAAIpsQoSzGlMrY_m5AQCxH83PX25I

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 18:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 22 Dec 2024 18:30:08 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame 696E 505 KB
203 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=u-xcq3POCWFlCr3x8_IPxgPu&k=6Ldae0IaAAAAAIpsQoSzGlMrY_m5AQCxH83PX25I

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 20:45:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 168149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 207437
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 05:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Dec 2024 20:45:44 GMT

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame 8A40 200 B
1 KB 46ms
45ms Document
text/html 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blowback.supportingcast.fm/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 639
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 23 Dec 2023 19:19:25 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-amz-cf-id: jnE5nodKu3Ld5uFL0qLoFatd4V4upHHAIHEa-q0PFqmBWRTjL4dvbg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 b Show response
r.stripe.com/ Frame 101D 0
273 B 217ms
216ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 19:28:13 GMT
x-stripe-server-envoy-start-time-us: 1703359693632396
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1703359693631476
access-control-allow-credentials: true
content-length: 0

GET
H2 200 hcaptcha.html Show response
newassets.hcaptcha.com/captcha/v1/3b797c3/static/ Frame 2C33 2 KB
1 KB 298ms
277ms Document
text/html 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=4cj45gl09kf

Requested by

Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?onload=captchaLoad&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4459e722a34e26e3fdcb6e2f39380dfd859bb269cc6b213ea7653ca4f46b62d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://b.stripecdn.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 98141
alt-svc: h3=":443"; ma=86400
cache-control: max-age=1209600
cf-cache-status: HIT
cf-ray: 83a301a63d96aca9-TXL
content-encoding: br
content-type: text/html
cross-origin-embedder-policy: credentialless
cross-origin-resource-policy: cross-origin
date: Sat, 23 Dec 2023 19:28:13 GMT
last-modified: Wed, 20 Dec 2023 14:33:57 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 d0eca2095801c087da79efef3ee8a5a8.cloudfront.net (CloudFront)
x-amz-cf-id: wzLpezsxCfv2-zi_x6Qh1OQ8Sb-OiSZkO-PITPfiRjXW82RnxeAFUg==
x-amz-cf-pop: TXL50-P3
x-amz-server-side-encryption: AES256
x-amz-version-id: zqmRvj.5H3xz3glqyfc6p0MpeMIvCHe2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8A40 526 B
1 KB 42ms
42ms Script
text/javascript 99.86.4.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-9.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 19:17:35 GMT
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 638
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
content-length: 526
last-modified: Fri, 11 Nov 2022 20:25:36 GMT
server: Cloudfront
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: _Cvkdsj9cotvNGzG0CA4Co5AqiyAIz0ON1oEMX8uAPdSFV8emFUuiQ==

POST
H2 200 csp-report
q.stripe.com/ Frame 8A40 0
717 B 214ms
213ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 19:28:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703359693676459
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703359693675957
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 8A40 0
717 B 213ms
213ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 19:28:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703359693676461
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1703359693676029
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 0568 930 B
2 KB 171ms
49ms Document
text/html 2600:9000:2057:2400:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:2400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 151
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sat, 23 Dec 2023 19:25:43 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
x-amz-cf-id: jIR73c2_71zIIdyBdMI935513gkkEdwuNwBhGXXmpomp6pSvDzPZkQ==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 0568 0
491 B 218ms
217ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: blowback.supportingcast.fm
URL: https://blowback.supportingcast.fm/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 23 Dec 2023 19:28:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703359693903993
x-envoy-upstream-service-time: 6
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1703359693902294
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 0568 87 KB
14 KB 84ms
83ms Script
text/javascript 2600:9000:2057:2400:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:2400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 19:28:13 GMT
content-encoding: br
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 1
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: F_OTGFywY92yvnfzu5LJf04bSmHkwWhyzr-JQM_aT2XJejQRAylp4A==

POST
H2 200 b Show response
r.stripe.com/ Frame 4F1D 0
273 B 216ms
215ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 19:28:13 GMT
x-stripe-server-envoy-start-time-us: 1703359693923592
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1703359693923005
access-control-allow-credentials: true
content-length: 0

GET
H2 200 hcaptcha.js Show response
newassets.hcaptcha.com/captcha/v1/3b797c3/ Frame 2C33 326 KB
92 KB 43ms
42ms Script
application/javascript 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=4cj45gl09kf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

319e5a4819a9b54b551ca09ee13f2e9f7f34cc7c3b53369c9fe5e5493dbb32e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=4cj45gl09kf
Origin: https://newassets.hcaptcha.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 19:28:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 351bb5fb1bd6097be2e9d8a05c34165c.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: hseit97.H306pA6BIbqxKZ.3ehwcD0gP
age: 63490
x-amz-cf-pop: TXL50-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 20 Dec 2023 14:33:57 GMT
server: cloudflare
etag: W/"e80b1a7098d3b9624a08a3ac7a13046f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 83a301a68e36aca9-TXL
x-amz-cf-id: wkX5LBtoM94UidMPB5VmWboaTku2WC1ADWL-VI-HlHUmkg1tBGkFLw==

POST
H2 200 b Show response
r.stripe.com/ Frame 101D 0
273 B 215ms
215ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 19:28:13 GMT
x-stripe-server-envoy-start-time-us: 1703359693965038
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1703359693964428
access-control-allow-credentials: true
content-length: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame 0568 156 B
669 B 732ms
210ms XHR
application/json 54.201.135.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.201.135.255 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-201-135-255.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

215ed18c34dd2a23a0961b3f017c4a33236691e6bff756ebb5f25ecf86bab1ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Sat, 23 Dec 2023 19:28:14 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703359694556501
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1703359694556223
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 checksiteconfig Show response
api.hcaptcha.com/ Frame 2C33 719 B
912 B 77ms
63ms XHR
application/json 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hcaptcha.com/checksiteconfig?v=3b797c3&host=b.stripecdn.com&sitekey=463b917e-e264-403f-ad34-34af0ee10294&sc=1&swa=1&spst=1

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e400b8bc41a6b7e242849fe105ef640c1174ad3eda8c78dd10ad6c0cd70964b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://newassets.hcaptcha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 23 Dec 2023 19:28:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
access-control-allow-credentials: true
cf-ray: 83a301a78848aca9-TXL
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
alt-svc: h3=":443"; ma=86400

GET
H3 200 hsw.js Show response
newassets.hcaptcha.com/c/2458d9b/ Frame 2C33 499 KB
217 KB 49ms
48ms Script
application/javascript 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/c/2458d9b/hsw.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0c067d3512326ee1d73cce9dccbb1bb59c24b279df3ea650ddf80578182bda6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=4cj45gl09kf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 19:28:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: 1JhSB37kavMYpA6c5WxU_Q.zUc_dI7mQ
age: 289643
x-amz-cf-pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 14 Dec 2023 16:59:11 GMT
server: cloudflare
etag: W/"9d671418ff661c7370b4e3530ac92335"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 83a301a7e9975902-TXL
x-amz-cf-id: 8BMWbWtU_ihN8fw3_S51Sb2E4Tp6B1C3GmFOahNOgfnMjB_eHHdbIQ==

POST
H3 200 463b917e-e264-403f-ad34-34af0ee10294 Show response
api.hcaptcha.com/getcaptcha/ Frame 2C33 3 KB
3 KB 291ms
290ms XHR
application/json 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hcaptcha.com/getcaptcha/463b917e-e264-403f-ad34-34af0ee10294

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

076f50c15206bfa4bb82dd8a6211aba052213d3e959375133e4dd81dd066c5a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://newassets.hcaptcha.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 23 Dec 2023 19:28:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
access-control-allow-credentials: true
cf-ray: 83a301ab18c05902-TXL
alt-svc: h3=":443"; ma=86400

POST
H2 200 6 Show response
m.stripe.com/ Frame 0568 156 B
668 B 213ms
209ms XHR
application/json 54.201.135.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.201.135.255 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-201-135-255.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

215ed18c34dd2a23a0961b3f017c4a33236691e6bff756ebb5f25ecf86bab1ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Sat, 23 Dec 2023 19:28:14 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703359694797747
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1703359694797354
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame 0568 156 B
668 B 260ms
257ms XHR
application/json 54.201.135.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.201.135.255 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-201-135-255.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

215ed18c34dd2a23a0961b3f017c4a33236691e6bff756ebb5f25ecf86bab1ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Sat, 23 Dec 2023 19:28:14 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1703359694846619
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1703359694846335
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 b Show response
r.stripe.com/ Frame 101D 0
273 B 216ms
214ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-07463ca4fad8fb90811dcddd012256e9.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sat, 23 Dec 2023 19:28:14 GMT
x-stripe-server-envoy-start-time-us: 1703359694967713
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1703359694967099
access-control-allow-credentials: true
content-length: 0

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.supportingcast.fm/	1970-01-21 01:54:55	Name: amp_6045bd Value: ZGmy3GpCUGUWVxxTI7z3vv...1hic2cevn.1hic2cevp.1.0.1
.supportingcast.fm/	1970-01-20 19:18:55	Name: _gcl_au Value: 1.1.1278570961.1703359692
blowback.supportingcast.fm/	1970-01-20 17:52:31	Name: XSRF-TOKEN Value: eyJpdiI6IlRjZ3VpeXRyVFdYa0pmcHhEN0NTc0E9PSIsInZhbHVlIjoidEdsMUNRWW5wRUpFN0xRNC82MHBuZ3lMVEtTWUNjWHkwWXlvU3dHSkRGNEdjNTBVYnNXamwyVTQ5QjhoWVB3QXdJTHVhZEprMUNyUC9uaTRhUFo1TnFRSWxPRWRGclVORmdUUkZHQ0xaeFBQODVSZG5yb0x2SmJOWVJpQ2hETzYiLCJtYWMiOiIwMzU0MjZlZmEzZTRiYTY0OWJkNmIyODk4MjkwZjM1ZGRhYzM3OGU4MjU0OWNmYmEzMzMxNWQ0ZGQyMDZjMWZiIiwidGFnIjoiIn0%3D
blowback.supportingcast.fm/	1970-01-20 17:52:31	Name: laravel_session Value: eyJpdiI6InpwS2dpZVA3a1lMS0l6UTZIRENwM1E9PSIsInZhbHVlIjoieEl4azJJa0FYWGx0SVU1bk03NGt4L3NXS1NsNnhoQlV5K0IzeTIrTmdmUjN1MlFkT3UvcGxBQ1lTUVNLWjVYeVJsak1LdnhrSS9PQU5FakNpMTMraXNFQ1VxMHhtd05hU3FCNlpNOGJyWHZRTXQ0Mmc4dU9nZG1teXltYVR6WmwiLCJtYWMiOiI3ZjFhYWViMGNmZWM0YWU0YTQ1ZTM3Zjc3MzMyOTZkZDIxOTU1MTBkOGUxNDkyMzIwMGEzY2ZkYjJkYWU3MTdkIiwidGFnIjoiIn0%3D
.google.com/	1970-01-20 21:32:50	Name: NID Value: 511=CedFLVAd4t2AEnSKI0I4kOomA8x6Q4e-NieazUP20YrN_hIeFg79iJE5ocSzlmhPCbEa_d62JMDl_PaOzw4YMfmcsYnTwtygvTWyKy0jyHdbERexFp0E1qMIT0wa0PlNX2ozmu02E6a2mr5NW6Xh2vcCnJsCudVVsaCuDpoJUlI
m.stripe.com/	1970-01-21 02:45:19	Name: m Value: f954454c-3160-4a28-a46e-66005ae717be305f95
.blowback.supportingcast.fm/	1970-01-21 01:54:55	Name: __stripe_mid Value: c5e8f101-7996-45a6-b53b-d722d488da9804391b
.blowback.supportingcast.fm/	1970-01-20 17:09:21	Name: __stripe_sid Value: c84dc19f-f1d0-4e60-942a-7a4adf871911e4d958
api.hcaptcha.com/	1970-01-20 17:52:31	Name: hmt_id Value: 55faff73-78a7-4228-8a85-885e670ecf04

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: geolocation. Values defined in Permissions-Policy header will be used.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
javascript	warning	URL: https://media.supportingcast.fm/js/supportingcast_sdk.js?d=1703111113(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://polyfill.io/v3/polyfill.min.js?features=Object.assign%2CString.prototype.startsWith%2Cdocument.querySelector%2CURLSearchParams%2CReflect.apply%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CNumber.parseFloat%2CXMLHttpRequest%2ClocalStorage%2Chtml5shiv%2Cconsole.log%2Cconsole.error%2CSymbol.iterator%2CNodeList.prototype.%40%40iterator%2CArray.prototype.%40%40iterator%2Cfetch%2CPromise, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://media.supportingcast.fm/js/supportingcast_sdk.js?d=1703111113(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://polyfill.io/v3/polyfill.min.js?features=Object.assign%2CString.prototype.startsWith%2Cdocument.querySelector%2CURLSearchParams%2CReflect.apply%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CNumber.parseFloat%2CXMLHttpRequest%2ClocalStorage%2Chtml5shiv%2Cconsole.log%2Cconsole.error%2CSymbol.iterator%2CNodeList.prototype.%40%40iterator%2CArray.prototype.%40%40iterator%2Cfetch%2CPromise, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://js.stripe.com/v3/hcaptcha-invisible-078b5f9fb44d244a9ec072f93a216630.html#debugMode=false&parentOrigin=https%3A%2F%2Fblowback.supportingcast.fm(Line 2) Message: [Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self'". Either the 'unsafe-inline' keyword, a hash ('sha256-CBu0w5uiOaPgb2R6Zgf7E0+STJHF4lcPIdhZzQXE6yk='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' api.npr.org .amplitude.com cdn.jsdelivr.net .stripe.com www.google.com www.google-analytics.com .googleapis.com .gstatic.com cdnjs.cloudflare.com .googletagmanager.com .facebook.net .facebook.com maxcdn.bootstrapcdn.com .mouseflow.com polyfill.io .supportingcast.fm supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com sc-uploads-prod.s3-accelerate.amazonaws.com data:;form-action .supportingcast.fm docs.google.com connect.stripe.com .supportingcast.fm;img-src data:;media-src * data:;connect-src 'self' api.npr.org .amplitude.com cdn.jsdelivr.net .stripe.com www.google.com www.google-analytics.com .googleapis.com .gstatic.com cdnjs.cloudflare.com .googletagmanager.com .facebook.net .facebook.com maxcdn.bootstrapcdn.com .mouseflow.com polyfill.io .supportingcast.fm supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com sc-uploads-prod.s3-accelerate.amazonaws.com;script-src 'unsafe-inline' 'unsafe-eval' 'self' api.npr.org .amplitude.com cdn.jsdelivr.net .stripe.com www.google.com www.google-analytics.com .googleapis.com .gstatic.com cdnjs.cloudflare.com .googletagmanager.com .facebook.net .facebook.com maxcdn.bootstrapcdn.com .mouseflow.com polyfill.io .supportingcast.fm supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com sc-uploads-prod.s3-accelerate.amazonaws.com;style-src 'unsafe-inline' 'self' api.npr.org .amplitude.com cdn.jsdelivr.net .stripe.com www.google.com www.google-analytics.com .googleapis.com .gstatic.com cdnjs.cloudflare.com .googletagmanager.com .facebook.net .facebook.com maxcdn.bootstrapcdn.com .mouseflow.com polyfill.io .supportingcast.fm supportingcast.s3.amazonaws.com sc-uploads-prod.s3.amazonaws.com sc-uploads-prod.s3-accelerate.amazonaws.com;frame-src docs.google.com .stripe.com www.google.com;frame-ancestors 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.amplitude.com
api.hcaptcha.com
b.stripecdn.com
blowback.supportingcast.fm
hcaptcha.com
js.stripe.com
m.stripe.com
m.stripe.network
media.supportingcast.fm
megaphone.imgix.net
merchant-ui-api.stripe.com
newassets.hcaptcha.com
pay.google.com
polyfill.io
q.stripe.com
r.stripe.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.19.219.90
151.101.194.217
151.101.66.217
198.202.176.201
2600:9000:2057:2400:19:7d10:bd80:93a1
2600:9000:262a:3400:b:1d09:f200:93a1
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2008
2a00:1450:4001:81c::2003
2a00:1450:400c:c02::5c
2a04:4e42:400::282
2a04:4e42:8d::720
44.230.11.202
54.187.119.242
54.201.135.255
99.86.4.9
007b4be1404b0f21a158fa83a2ae9375393b2d932a17e9745aa392fcadc7cf2f
02d8f5e03704768aa366ab03f03808f1e9ea6a7b18e2006febe0fb5b7e036a87
06a1918709ba854bcfe97ef585a6cd91c56671b6d23c7ee5ed5177ad97e67243
076f50c15206bfa4bb82dd8a6211aba052213d3e959375133e4dd81dd066c5a5
0eae50315b738a2dffa19f705222a650efbcb2f1a4c9557aa4a55b4295542738
122bd7b997b91e56e9efd54743ffbeccefca5b8bb59c566d6ec63adf14be896e
17b8e7b6f234338812a8ea1d9dbc683ed7956e4d1e9f38a8fcf34447c7fc9827
1df19255b4b07c13647377049a5d3d4b23519c012b91e923ee22cf18c4e8d2b2
215ed18c34dd2a23a0961b3f017c4a33236691e6bff756ebb5f25ecf86bab1ff
21dc690c0425157582fa108407ff628954398305ee35acbb6f17b35aceb4ae94
25b0db3d3b80dc803b5354bc6d22e96b849b83d53671517ae3f70119ec155bc7
26acc7255f577a53c63eb69f2efe25c47ce6b3c53a8b87835dc0aa013799254b
301850f8ca8b8c106497210d9d78aa7b4e1339f42f01aebff119f7f633984966
30de8e940b105b33272c6a7ad8874a0eebf4df6d925d2295962b1277a6b48ee9
319e5a4819a9b54b551ca09ee13f2e9f7f34cc7c3b53369c9fe5e5493dbb32e7
33111c5d00b2e2e4e89f17402709ba30a1563e8c4d2fa93cf5756b44c7d1ee97
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
368dd7da190a6dab28436caf13245f59879fdb08fb07f4bf0b9e5f6b6e4fe7d2
3857860afa61b765834cbf7ce7736312a02e6a5733b1b1e42deb7c6766d6f6ed
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
3a80700d48e107eb08205a346562ae28a95f3fe0da0d7382847a2c0a52a02c0a
413e38836dfb0157ba879c8ee095223bc38d8f9f6013c7180f6b7e2f1ac67dcd
473efdf61f08fc2ad04df7be0d974c921dea47ac2ea5c6b848a75f6b5db1da73
487524122a6142e66a5f22f30cd0352dc3a3218e4ff77a126c8d0e28c2a5b586
4b2e369edc50f9767b8cc13f374388bf15ce69f3d7ddb2f35d50096629d48a1e
53b1f3f90fab2fa9092e38a0146ad56961a576d2d0850a173d16819bcc694dc1
5924ae8d6b1620b7e637f43c64f546da193cae58fe2b6d932169ee80cd754842
5ab11304d671d352bac6554d49fffd0f81d7ed1bced6bdf9c021e6e0fa538494
5ca17cf5ee16c74721842f419ce5fc8066de6d6e202a80bf3be6125ebb804119
621661fe1c7a59420c624f7a421c566ebfb38cfbc7edd98ee0462c44d15971f9
6304ca07d33fa966939847acddaf96bb7f3b5d0a926e2122882bfc30a902c266
69b296317cdaeeef4d55d416bddac32b92dd2aeb6ccb99bb76ed7da88559da35
6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2
6e2eddacc96604ada00d5dca74d14f3cd482e5b5d6ec3c044d6529e59fead5bd
6f7476e50d44b55bca80bf8090de96c19c604054abc16fec4b8f8e1ea15c7ce2
7005ef7f6e1e74d04f4140f92848d6951a01a27b54691fe2959a041d49e6f757
732b65d05835e912a6f475e5ed7a1f964b3a1bbf780291aac50685c5e0933e18
74e0937c4f5d5cd16859e9911b1449b4d77ca86c5feef7f8bdf66b891b4fb15f
759813d8a110733c43a0ffa3f09f267f94df572b482fd7bc050c66edabedc8e9
76ec799209058566b88410e0a6ee331f4a1dabbcad92c9092b516015607ea1ca
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
787a41dab1143d5e5aab4f3866baf83e86f15a9ae083d805f2795d510721aaff
7d84929efc28e30a1badc31c814ea25801c81f9719edf2f771f24625b722cd21
7f9d333d343eb185240b9c970755b0ee61d14c10363bf33cf7f8574c075b1082
88c3d4d5beaaf259f1a4d85ec5c6b14e74ea9d0a6ce99751fa218f57757785c3
8e68bfd1394084396319972d5c237647a3a44aec86444681ad009d56953e1577
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9c3e557b7d8c7982478dc0f575de1d309798b4416600d8c0f99011fa40916cf6
9e8417dbf5f2215e91aed66fd3f0e619149f1f2dc3519977f4c663061a9759eb
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
a1571d86b8170f5143bc5696c881e5314244228cc2451696f383bb1080af84b2
a6eb179583a6ced43c3ba9cb937a09858956010b1a2605e7407fba6711f25ac9
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b11c01424cba6c9b882cb71f7e8b9598fc6bbd03519f53f717e70b53f67af723
b3b5519e7a63f6d8ce7c5abed5b3d753c3e58c4e349ce0ff58b1ed67f3776b7e
b3d47ae3412cfab8873f856540401242f2da0e37077c0839b5e33925d36183e1
b82b66c127a4530741e03f6fa8e24274194078e8168f6d9840069b9a5c2ac361
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
baced10a1e2fcdbd05f7de1237a14c3bda821982f597403140606c21ebdc8055
bb2798b8ec3b2526abc17688ce317cf0666ff92bddeb2c50c804e095963e126c
bbef37ff761dac2a1fa9959b29ce5f890c8822e487a18c65dbcdc1a6a7414ff4
beda41a00774838755e11006c2280450fa602411b25e6adf44f84c34a2f61ae8
c0c067d3512326ee1d73cce9dccbb1bb59c24b279df3ea650ddf80578182bda6
c4459e722a34e26e3fdcb6e2f39380dfd859bb269cc6b213ea7653ca4f46b62d
ca2b2f01f1dae5ee2bfe335564b4b9528fb146e6467527e0fc5b425813b7bc71
ceb2e0d062a1f3dc5c416a7278fc331a9a33e5c971d34c045ca673bd60b914a1
d084ef834a0a113c2379b80ceba3b22eadb5cf2dc9bfe9561db30941de70d00a
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d7417fb9ac2bcfe34cef46801b9531caee261d3b9ffc799e110a86a36cd89adf
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e400b8bc41a6b7e242849fe105ef640c1174ad3eda8c78dd10ad6c0cd70964b0
ed239f990af2e4be1964ed4f17fe93eb53315dd9590386a241d2325b376f196d
f29854653fbfb8520fca29f0e9437f43db13b00a75669f6ccc6ef8e88d884d37
f29af0f45d2483d7b111bf75d2962e7d0a14ef3214068e7d334c09c4620379d3
f4df36e15df2960947ccc39a9e1e22e3656b0855b5c48af6b773a4d86dfd4dcf
fe5f5e7e72312bcccc4cb3e07f0a4f71d2b5785d28dda708ea469549f25b3853

blowback.supportingcast.fm Open in urlscan Pro 151.101.194.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

132 Requests

100 %HTTPS

50 %IPv6

11 Domains

19 Subdomains

15 IPs

4 Countries

7176 kBTransfer

14092 kBSize

9 Cookies

3 Outgoing links

Page URL History

Redirected requests

132 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

blowback.supportingcast.fm Open in urlscan Pro
151.101.194.217 Public Scan

Screenshot
Live screenshot

Full Image

132
Requests

100 %
HTTPS

50 %
IPv6

11
Domains

19
Subdomains

15
IPs

4
Countries

7176 kB
Transfer

14092 kB
Size

9
Cookies

132 HTTP transactions
0 data transactions