cdu.jozeitler.de Open in urlscan Pro
85.13.138.125  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response cdu.jozeitler.de/	1 KB 769 B	633ms 163ms	Document text/html	85.13.138.125 02742 Friedersdor...
General Check archive.org Show headers Download Go to Full URL https://cdu.jozeitler.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 85.13.138.125 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE), Reverse DNS dd17834.kasserver.com Software Apache / Resource Hash 97e71e3981e8143a4b5c85585a4407e7bef93f8cdd8e4dbe40911bb5d681c448 Security Headers Name Value Strict-Transport-Security max-age=600000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes content-encoding br content-length 614 content-type text/html date Sun, 14 Jan 2024 07:56:09 GMT etag "5f5-60ed55b0a400e-br" last-modified Sat, 13 Jan 2024 15:22:58 GMT server Apache strict-transport-security max-age=600000 vary Accept-Encoding,User-Agent
GET H2	200	css fonts.googleapis.com/	2 KB 994 B	223ms 77ms	Stylesheet text/css	2607:f8b0:4006:81e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto&display=swap Requested by Host: cdu.jozeitler.de URL: https://cdu.jozeitler.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81e::200a Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://cdu.jozeitler.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 14 Jan 2024 07:56:09 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 14 Jan 2024 07:30:20 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 14 Jan 2024 07:56:09 GMT
GET H2	200	embed.js Show response assets.tidycal.com/js/	28 KB 11 KB	234ms 66ms	Script application/javascript	2a02:6ea0:c454::1 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://assets.tidycal.com/js/embed.js Requested by Host: cdu.jozeitler.de URL: https://cdu.jozeitler.de/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software BunnyCDN-NY1-885 / Resource Hash 5c36110b7ed1eb112ab6cd2afd8966e412bbb379045460c121f61db7212bcde3 Request headers accept-language en-US,en;q=0.9 Referer https://cdu.jozeitler.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 07:56:09 GMT content-encoding br cdn-edgestorageid 885 cdn-cachedat 01/09/2024 20:40:47 cdn-pullzone 440171 last-modified Tue, 09 Jan 2024 18:38:50 GMT server BunnyCDN-NY1-885 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"7095-60e87a01ea280" vary Accept-Encoding, Accept-Encoding content-type application/javascript cdn-cache HIT cdn-uid a61f2e95-f685-45ef-9e80-35f4adfb29cb cache-control public, max-age=2592000 cdn-requestid b8ab6638f4141a22693bb3d6c07b2d84 cdn-requestcountrycode US cdn-status 200 cdn-requestpullsuccess True
GET H2	200	logo.png cdu.jozeitler.de/	17 KB 17 KB	320ms 320ms	Image image/png	85.13.138.125 02742 Friedersdor...
General Check archive.org Show headers Download Go to Show image Full URL https://cdu.jozeitler.de/logo.png Requested by Host: cdu.jozeitler.de URL: https://cdu.jozeitler.de/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 85.13.138.125 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE), Reverse DNS dd17834.kasserver.com Software Apache / Resource Hash e484f334fc0b401af75da518734f0187371290753ba5cd03a9acdf5ad3f23c0b Security Headers Name Value Strict-Transport-Security max-age=600000 Request headers accept-language en-US,en;q=0.9 Referer https://cdu.jozeitler.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers strict-transport-security max-age=600000 date Sun, 14 Jan 2024 07:56:09 GMT last-modified Sat, 13 Jan 2024 15:21:10 GMT server Apache etag "435f-60ed5549f5860" content-type image/png accept-ranges bytes content-length 17247
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	198ms 62ms	Font font/woff2	2607:f8b0:4006:81d::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2003 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://cdu.jozeitler.de accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 10 Jan 2024 08:15:11 GMT x-content-type-options nosniff age 344459 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 09 Jan 2025 08:15:11 GMT
GET H2	200	cdu-kandidatenshooting Show response tidycal.com/jozeitler/ Frame 3E0B	17 KB 6 KB	411ms 162ms	Document text/html	54.149.131.178 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tidycal.com/jozeitler/cdu-kandidatenshooting?embed&showAvatar=true Requested by Host: assets.tidycal.com URL: https://assets.tidycal.com/js/embed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.149.131.178 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-149-131-178.us-west-2.compute.amazonaws.com Software Apache/2.4.38 (Debian) / Resource Hash 0ff3235df9d6d5a413bba7f1dffcc9b847f6428a5353b52c86f2b68503b5396f Request headers Referer https://cdu.jozeitler.de/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control max-age=0, must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private content-encoding gzip content-type text/html; charset=UTF-8 date Sun, 14 Jan 2024 07:56:10 GMT pragma no-cache server Apache/2.4.38 (Debian) vary Accept-Encoding
GET H2	200	js Show response www.googletagmanager.com/gtag/ Frame 3E0B	260 KB 88 KB	221ms 86ms	Script application/javascript	2607:f8b0:4006:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-MDNVPSWCJ1 Requested by Host: tidycal.com URL: https://tidycal.com/jozeitler/cdu-kandidatenshooting?embed&showAvatar=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2008 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ebf03abf4f90ec7e5948aca0e1bdb7ed46257ee6a6d9782210dba22e0aa31858 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://tidycal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 07:56:10 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 89856 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 14 Jan 2024 07:56:10 GMT
GET H2	200	app.css assets.tidycal.com/css/ Frame 3E0B	256 KB 46 KB	165ms 165ms	Stylesheet text/css	2a02:6ea0:c454::1 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://assets.tidycal.com/css/app.css?id=2ff4a234870a721154b6f03062d6288e Requested by Host: tidycal.com URL: https://tidycal.com/jozeitler/cdu-kandidatenshooting?embed&showAvatar=true Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software BunnyCDN-NY1-885 / Resource Hash 11f2d9aec4e259de3e1317b7b76e53aec52228afc18ea17e73bd48f719a014c9 Request headers accept-language en-US,en;q=0.9 Referer https://tidycal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 07:56:10 GMT content-encoding br cdn-edgestorageid 885 cdn-cachedat 01/03/2024 19:19:12 cdn-pullzone 440171 last-modified Wed, 03 Jan 2024 19:08:59 GMT server BunnyCDN-NY1-885 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"40165-60e0f58e588c0" vary Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid a61f2e95-f685-45ef-9e80-35f4adfb29cb access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid 144801328ce031fd9810305bb55ae0d4 cdn-requestcountrycode US access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	booking-page.js Show response assets.tidycal.com/js/ Frame 3E0B	2 MB 474 KB	68ms 68ms	Script application/javascript	2a02:6ea0:c454::1 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://assets.tidycal.com/js/booking-page.js?id=155677029e7770084996298d9a01d434 Requested by Host: tidycal.com URL: https://tidycal.com/jozeitler/cdu-kandidatenshooting?embed&showAvatar=true Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software BunnyCDN-NY1-885 / Resource Hash 56700c9877680130901ece5df3e2f19ea14f185d980612f856988425c63fa758 Request headers accept-language en-US,en;q=0.9 Referer https://tidycal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 07:56:10 GMT content-encoding br cdn-edgestorageid 885 cdn-cachedat 01/04/2024 01:22:35 cdn-pullzone 440171 last-modified Thu, 04 Jan 2024 01:13:19 GMT server BunnyCDN-NY1-885 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"235e5e-60e146fdaa9c0" vary Accept-Encoding, Accept-Encoding content-type application/javascript cdn-cache HIT cdn-uid a61f2e95-f685-45ef-9e80-35f4adfb29cb cache-control public, max-age=2592000 cdn-requestid eb12e8356399b2c6ee8a9ffc9a857fc4 cdn-requestcountrycode US cdn-status 200 cdn-requestpullsuccess True
GET H2	200	Roboto-Regular.ttf assets.tidycal.com/fonts/ Frame 3E0B	167 KB 92 KB	202ms 66ms	Font font/ttf	2a02:6ea0:c454::1 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://assets.tidycal.com/fonts/Roboto-Regular.ttf Requested by Host: assets.tidycal.com URL: https://assets.tidycal.com/css/app.css?id=2ff4a234870a721154b6f03062d6288e Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software BunnyCDN-NY1-885 / Resource Hash 017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed Request headers Referer https://assets.tidycal.com/css/app.css?id=2ff4a234870a721154b6f03062d6288e Origin https://tidycal.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 07:56:10 GMT content-encoding br cdn-edgestorageid 885 cdn-cachedat 01/09/2024 20:26:33 cdn-pullzone 440171 last-modified Tue, 09 Jan 2024 18:32:04 GMT server BunnyCDN-NY1-885 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"29d08-60e8787eb9100" vary Accept-Encoding content-type font/ttf access-control-allow-origin * cdn-cache HIT cdn-uid a61f2e95-f685-45ef-9e80-35f4adfb29cb access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid 2e77fe5209aa4f44b0d99b28c0f4973d cdn-requestcountrycode US access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	cdu-kandidatenshooting Show response tidycal.com/jozeitler/ Frame 3E0B	21 KB 7 KB	163ms 163ms	XHR application/json	54.149.131.178 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tidycal.com/jozeitler/cdu-kandidatenshooting?json Requested by Host: assets.tidycal.com URL: https://assets.tidycal.com/js/booking-page.js?id=155677029e7770084996298d9a01d434 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.149.131.178 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-149-131-178.us-west-2.compute.amazonaws.com Software Apache/2.4.38 (Debian) / Resource Hash b81211cca8c2f59138b6913b6f7fb33a6f5011db4a3bf58f443f096069dc3816 Request headers Accept application/json, text/plain, */* Referer https://tidycal.com/jozeitler/cdu-kandidatenshooting?embed&showAvatar=true X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Sun, 14 Jan 2024 07:56:11 GMT cache-control max-age=0, must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private content-encoding gzip server Apache/2.4.38 (Debian) vary Accept-Encoding content-type application/json
GET H2	200	v3 Show response js.stripe.com/ Frame 3E0B	585 KB 144 KB	229ms 71ms	Script text/javascript	13.35.93.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3 Requested by Host: assets.tidycal.com URL: https://assets.tidycal.com/js/booking-page.js?id=155677029e7770084996298d9a01d434 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.93.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-93-9.jfk50.r.cloudfront.net Software Cloudfront / Resource Hash d9cf8395ee0a7d904dbbbc5a13c251caf17b06a52199c10015d34556a8cf5a11 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://tidycal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 07:55:43 GMT content-encoding br via 1.1 4bb97c894b41a52a86ef7d6744e0e642.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 29 x-amz-cf-pop JFK50-P8 x-cache Hit from cloudfront last-modified Fri, 12 Jan 2024 21:47:31 GMT server Cloudfront etag W/"683b9f5de81fe1d181bceec0c32cc9fe" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=60 timing-allow-origin * x-amz-cf-id M4HKd4N7rhGUoZy5lOCGyMnbjWVysKlrxx-FYUP7O3dl2179nOy2uQ==
GET H2	200	chevron-dark-sm.svg assets.tidycal.com/img/ Frame 3E0B	568 B 843 B	69ms 67ms	Image image/svg+xml	2a02:6ea0:c454::1 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://assets.tidycal.com/img/chevron-dark-sm.svg Requested by Host: assets.tidycal.com URL: https://assets.tidycal.com/css/app.css?id=2ff4a234870a721154b6f03062d6288e Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software BunnyCDN-NY1-885 / Resource Hash d5737d1011d04a01cb5ae47102d6b46fee406d783fb71606c68e8a948d09eea6 Request headers accept-language en-US,en;q=0.9 Referer https://assets.tidycal.com/css/app.css?id=2ff4a234870a721154b6f03062d6288e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 07:56:11 GMT content-encoding br cdn-edgestorageid 885 cdn-cachedat 01/09/2024 20:36:34 cdn-pullzone 440171 last-modified Tue, 09 Jan 2024 18:32:04 GMT server BunnyCDN-NY1-885 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"238-60e8787eb9100" vary Accept-Encoding content-type image/svg+xml cdn-cache HIT cdn-uid a61f2e95-f685-45ef-9e80-35f4adfb29cb cache-control public, max-age=2592000 cdn-requestid 2be2fbd24bb8aa2acbbaea9d76335868 cdn-requestcountrycode US cdn-status 200 cdn-requestpullsuccess True
GET H2	200	icon-globe.svg assets.tidycal.com/img/ Frame 3E0B	1 KB 852 B	68ms 66ms	Image image/svg+xml	2a02:6ea0:c454::1 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://assets.tidycal.com/img/icon-globe.svg Requested by Host: assets.tidycal.com URL: https://assets.tidycal.com/css/app.css?id=2ff4a234870a721154b6f03062d6288e Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software BunnyCDN-NY1-885 / Resource Hash fe8836eed0fd707429a9a101f1fe4125759088fcaf6dcb039f95f23b8488682b Request headers accept-language en-US,en;q=0.9 Referer https://assets.tidycal.com/css/app.css?id=2ff4a234870a721154b6f03062d6288e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 07:56:11 GMT content-encoding br cdn-edgestorageid 885 cdn-cachedat 01/09/2024 20:30:41 cdn-pullzone 440171 last-modified Tue, 09 Jan 2024 18:32:04 GMT server BunnyCDN-NY1-885 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"450-60e8787eb9100" vary Accept-Encoding content-type image/svg+xml cdn-cache HIT cdn-uid a61f2e95-f685-45ef-9e80-35f4adfb29cb cache-control public, max-age=2592000 cdn-requestid 9f43f8f0d2be0d574a2289ec38cb9e37 cdn-requestcountrycode US cdn-status 200 cdn-requestpullsuccess True
GET H2	200	Roboto-Light.ttf assets.tidycal.com/fonts/ Frame 3E0B	166 KB 92 KB	66ms 65ms	Font font/ttf	2a02:6ea0:c454::1 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://assets.tidycal.com/fonts/Roboto-Light.ttf Requested by Host: assets.tidycal.com URL: https://assets.tidycal.com/css/app.css?id=2ff4a234870a721154b6f03062d6288e Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software BunnyCDN-NY1-885 / Resource Hash db02096a91c20ab62d459001a1059bc8d78caa35d637dc91494c4440815a6ac1 Request headers Referer https://assets.tidycal.com/css/app.css?id=2ff4a234870a721154b6f03062d6288e Origin https://tidycal.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 07:56:11 GMT content-encoding br cdn-edgestorageid 885 cdn-cachedat 01/09/2024 20:30:41 cdn-pullzone 440171 last-modified Tue, 09 Jan 2024 18:32:04 GMT server BunnyCDN-NY1-885 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"2981c-60e8787eb9100" vary Accept-Encoding content-type font/ttf access-control-allow-origin * cdn-cache HIT cdn-uid a61f2e95-f685-45ef-9e80-35f4adfb29cb access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid 4a5e313771d5975e118282516c0cdeb6 cdn-requestcountrycode US access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	Roboto-Bold.ttf assets.tidycal.com/fonts/ Frame 3E0B	166 KB 93 KB	104ms 103ms	Font font/ttf	2a02:6ea0:c454::1 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://assets.tidycal.com/fonts/Roboto-Bold.ttf Requested by Host: assets.tidycal.com URL: https://assets.tidycal.com/css/app.css?id=2ff4a234870a721154b6f03062d6288e Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software BunnyCDN-NY1-885 / Resource Hash c9cc991deb5d27f267830a19f2301eb164d9e61ec08669c1a1a291c5620ff40a Request headers Referer https://assets.tidycal.com/css/app.css?id=2ff4a234870a721154b6f03062d6288e Origin https://tidycal.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 07:56:11 GMT content-encoding br cdn-edgestorageid 885 cdn-cachedat 01/09/2024 20:26:33 cdn-pullzone 440171 last-modified Tue, 09 Jan 2024 18:32:04 GMT server BunnyCDN-NY1-885 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"2996c-60e8787eb9100" vary Accept-Encoding content-type font/ttf access-control-allow-origin * cdn-cache HIT cdn-uid a61f2e95-f685-45ef-9e80-35f4adfb29cb access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid b8b9fa4188ec5033509bbb5f1345c71a cdn-requestcountrycode US access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H/1.1	200 OK	m1SiV1n553XU8d41p4nFjYwMoQc9kWGnZCLGPBVZ.jpg public-tidycal.s3.us-west-2.amazonaws.com/profile_pictures/ Frame 3E0B	37 KB 37 KB	691ms 153ms	Image image/jpeg	52.218.224.33 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://public-tidycal.s3.us-west-2.amazonaws.com/profile_pictures/m1SiV1n553XU8d41p4nFjYwMoQc9kWGnZCLGPBVZ.jpg Requested by Host: tidycal.com URL: https://tidycal.com/jozeitler/cdu-kandidatenshooting?embed&showAvatar=true Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.218.224.33 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-west-2-r-w.amazonaws.com Software AmazonS3 / Resource Hash b092de02eba2c5e1bb6ebda98f99dbdad627e0a26959854efa14a0af98acebba Request headers accept-language en-US,en;q=0.9 Referer https://tidycal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Sun, 14 Jan 2024 07:56:12 GMT Last-Modified Sat, 13 Jan 2024 15:43:02 GMT Server AmazonS3 x-amz-request-id TA82VHF4XVN44EG1 ETag "83aca71ff8786650fd441b3641fd7e4f" x-amz-server-side-encryption AES256 Content-Type image/jpeg Accept-Ranges bytes Content-Length 37541 x-amz-id-2 Toupl3EtejMY0w+5pPHfsfchIB268aouSuIfL9iaLhgI12AcO+sVl3rlFsJ0O4Zuh7xlwPxUzh4=
GET H2	200	icon-clock.svg assets.tidycal.com/img/ Frame 3E0B	613 B 771 B	68ms 68ms	Image image/svg+xml	2a02:6ea0:c454::1 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://assets.tidycal.com/img/icon-clock.svg Requested by Host: tidycal.com URL: https://tidycal.com/jozeitler/cdu-kandidatenshooting?embed&showAvatar=true Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software BunnyCDN-NY1-885 / Resource Hash 8771345dd9e81cc78e8d95528e91f63f371925319a78b2ae0fbf79fcf5ef8c10 Request headers accept-language en-US,en;q=0.9 Referer https://tidycal.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 07:56:11 GMT content-encoding br cdn-edgestorageid 885 cdn-cachedat 01/09/2024 20:34:55 cdn-pullzone 440171 last-modified Tue, 09 Jan 2024 18:32:04 GMT server BunnyCDN-NY1-885 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"265-60e8787eb9100" vary Accept-Encoding content-type image/svg+xml cdn-cache HIT cdn-uid a61f2e95-f685-45ef-9e80-35f4adfb29cb cache-control public, max-age=2592000 cdn-requestid a60c6eeb82bcb89ae2ebdb4b0dc559bd cdn-requestcountrycode US cdn-status 200 cdn-requestpullsuccess True
GET H2	200	available-bookings Show response tidycal.com/booking-types/mp5zjxl/ Frame 3E0B	20 KB 3 KB	283ms 282ms	XHR application/json	54.149.131.178 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tidycal.com/booking-types/mp5zjxl/available-bookings?start=2024-01-01T10:00:00.000Z&end=2024-02-01T09:59:59.999Z Requested by Host: assets.tidycal.com URL: https://assets.tidycal.com/js/booking-page.js?id=155677029e7770084996298d9a01d434 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.149.131.178 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-149-131-178.us-west-2.compute.amazonaws.com Software Apache/2.4.38 (Debian) / Resource Hash 932f19114f1f7e31a7c95c3a17f280f9c8d16df7bfc6e38cc0227e2502b56597 Security Headers Name Value X-Frame-Options deny Request headers Accept application/json, text/plain, */* Referer https://tidycal.com/jozeitler/cdu-kandidatenshooting?embed&showAvatar=true X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers pragma no-cache date Sun, 14 Jan 2024 07:56:11 GMT content-encoding gzip server Apache/2.4.38 (Debian) x-frame-options deny vary Accept-Encoding content-type application/json cache-control max-age=0, must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
GET H2	200	controller-cd24e7c1f64e4a5ccfe0b4a332259a7c.html Show response js.stripe.com/v3/ Frame 3B04	325 B 1 KB	63ms 63ms	Document text/html	13.35.93.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/controller-cd24e7c1f64e4a5ccfe0b4a332259a7c.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.93.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-93-9.jfk50.r.cloudfront.net Software Cloudfront / Resource Hash a25071dc8b8fea33f964a353594f9712e0351e95478f31d6ab313596344ee3ce Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://tidycal.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 21 cache-control max-age=60 content-length 325 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Sun, 14 Jan 2024 07:55:52 GMT etag "cd24e7c1f64e4a5ccfe0b4a332259a7c" last-modified Fri, 12 Jan 2024 21:06:26 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 4bb97c894b41a52a86ef7d6744e0e642.cloudfront.net (CloudFront) x-amz-cf-id kXmRcUElFPow66VKTihe2m7X-cAbosduWi1HeMYN6cmMEBFiQR72pQ== x-amz-cf-pop JFK50-P8 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	shared-64da66ea531d8772e50e735fb155daaa.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 3B04	533 KB 117 KB	137ms 136ms	Script text/javascript	13.35.93.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/controller-cd24e7c1f64e4a5ccfe0b4a332259a7c.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.93.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-93-9.jfk50.r.cloudfront.net Software Cloudfront / Resource Hash 2e987865067b40c9e18fc2df48d3de4f13692396438efce24f4c0b9b278892e9 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://js.stripe.com/v3/controller-cd24e7c1f64e4a5ccfe0b4a332259a7c.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 07:07:05 GMT content-encoding br via 1.1 4bb97c894b41a52a86ef7d6744e0e642.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 2963 x-amz-cf-pop JFK50-P8 x-cache Hit from cloudfront last-modified Fri, 12 Jan 2024 21:06:39 GMT server Cloudfront etag W/"b2fc200c53b5cadce155fb305bce471a" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id ovbKKDgWzQnV06xQF6zXC_Ri4MI257sZiPQbw0YBqbnaI55v06gErg==
GET H2	200	controller-412bac64fa03cf1b2d253e11b4267c7b.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 3B04	691 KB 160 KB	153ms 152ms	Script text/javascript	13.35.93.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/controller-412bac64fa03cf1b2d253e11b4267c7b.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/controller-cd24e7c1f64e4a5ccfe0b4a332259a7c.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.93.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-93-9.jfk50.r.cloudfront.net Software Cloudfront / Resource Hash 74555b53d117ce3eede0e874b2a4ba7ca46fb33c790bcc76de43bf6428b60071 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://js.stripe.com/v3/controller-cd24e7c1f64e4a5ccfe0b4a332259a7c.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 07:06:54 GMT content-encoding br via 1.1 4bb97c894b41a52a86ef7d6744e0e642.cloudfront.net (CloudFront) strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff age 2963 x-amz-cf-pop JFK50-P8 x-cache Hit from cloudfront last-modified Fri, 12 Jan 2024 21:06:37 GMT server Cloudfront etag W/"2a6a43947b3826b137f44b2bfdc68271" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 timing-allow-origin * x-amz-cf-id qvWndetyXbgAdJOLi9_XE-Ryq-r8PWNX1dbFkE87cXDnX7NANQQ8vg==
POST H2	200	csp-report q.stripe.com/ Frame 3B04	0 717 B	364ms 114ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: cdu.jozeitler.de URL: https://cdu.jozeitler.de/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type application/csp-report Response headers date Sun, 14 Jan 2024 07:56:12 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1705218972036725 x-envoy-upstream-service-time 1 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 0 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1705218972036516 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
GET H2	200	.deploy_status_henson.json Show response js.stripe.com/v3/ Frame 3B04	474 B 867 B	189ms 64ms	Fetch application/json	13.35.93.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/.deploy_status_henson.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.93.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-93-9.jfk50.r.cloudfront.net Software Cloudfront / Resource Hash 549478ba46ac97af73018ed0ca78cfa43dae13eddcc812ced06f664bd7d22e57 Request headers Accept application/json Referer https://js.stripe.com/v3/controller-cd24e7c1f64e4a5ccfe0b4a332259a7c.html accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sun, 14 Jan 2024 07:55:56 GMT via 1.1 3ffc96c97d8be4bd38d62dce94cb1db0.cloudfront.net (CloudFront) last-modified Fri, 12 Jan 2024 21:47:32 GMT server Cloudfront age 22 x-amz-cf-pop JFK50-P8 etag "60455c1489f3dd8c3e61d0d8d0031cfd" vary Accept-Encoding x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=60 accept-ranges bytes content-length 474 x-amz-cf-id p9FfehxgqTvrl0UdDxSJF5iTYFfMTQkybxG6gY1jfNRpBGiTixKqDQ==
GET H2	200	.deploy_status_henson.json Show response js.stripe.com/v3/ Frame 3B04	474 B 865 B	167ms 63ms	Fetch application/json	13.35.93.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/.deploy_status_henson.json Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.93.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-93-9.jfk50.r.cloudfront.net Software Cloudfront / Resource Hash 549478ba46ac97af73018ed0ca78cfa43dae13eddcc812ced06f664bd7d22e57 Request headers Accept application/json Referer https://js.stripe.com/v3/controller-cd24e7c1f64e4a5ccfe0b4a332259a7c.html accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sun, 14 Jan 2024 07:55:56 GMT via 1.1 3ffc96c97d8be4bd38d62dce94cb1db0.cloudfront.net (CloudFront) last-modified Fri, 12 Jan 2024 21:47:32 GMT server Cloudfront age 22 x-amz-cf-pop JFK50-P8 etag "60455c1489f3dd8c3e61d0d8d0031cfd" vary Accept-Encoding x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=60 accept-ranges bytes content-length 474 x-amz-cf-id ecM2782iheoCEsuO_kKRXWiWDM8TU17Lo96ek3dyOl2jRs171WyiXg==
GET H2	200	m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response js.stripe.com/v3/ Frame EA87	200 B 1 KB	65ms 64ms	Document text/html	13.35.93.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.93.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-93-9.jfk50.r.cloudfront.net Software Cloudfront / Resource Hash 35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://tidycal.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 2156 cache-control max-age=31536000 content-length 200 content-security-policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Sun, 14 Jan 2024 07:20:16 GMT etag "3437aaddcdf6922d623e172c2d6f9278" last-modified Thu, 04 Jan 2024 21:10:00 GMT server Cloudfront strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 4bb97c894b41a52a86ef7d6744e0e642.cloudfront.net (CloudFront) x-amz-cf-id VuCzyFNjHfSaiF8R2m6Wqy5LylxXaxPC5QhIaGyMGe0mBxBDxhNQVQ== x-amz-cf-pop JFK50-P8 x-cache Hit from cloudfront x-content-type-options nosniff
GET H2	200	m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response js.stripe.com/v3/fingerprinted/js/ Frame EA87	526 B 1 KB	63ms 63ms	Script text/javascript	13.35.93.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.93.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-93-9.jfk50.r.cloudfront.net Software Cloudfront / Resource Hash ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Sun, 14 Jan 2024 06:56:23 GMT via 1.1 4bb97c894b41a52a86ef7d6744e0e642.cloudfront.net (CloudFront) x-content-type-options nosniff strict-transport-security max-age=31556926; includeSubDomains; preload age 3590 x-amz-cf-pop JFK50-P8 x-cache Hit from cloudfront content-length 526 last-modified Mon, 08 Jan 2024 21:41:57 GMT server Cloudfront etag "d96c709017743c0759cf3853d1806ba5" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes timing-allow-origin * x-amz-cf-id zLI_2RjUPA0k5_CVJEhkYb3tRmBBvSdIpV032RhQWFvHHi_pXszwMQ==
POST H2	200	csp-report q.stripe.com/ Frame EA87	0 714 B	126ms 125ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: cdu.jozeitler.de URL: https://cdu.jozeitler.de/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type application/csp-report Response headers date Sun, 14 Jan 2024 07:56:12 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1705218972142782 x-envoy-upstream-service-time 8 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 4 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1705218972142531 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame EA87	0 715 B	119ms 118ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: cdu.jozeitler.de URL: https://cdu.jozeitler.de/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type application/csp-report Response headers date Sun, 14 Jan 2024 07:56:12 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1705218972143203 x-envoy-upstream-service-time 2 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS x-stripe-server-envoy-upstream-service-time-ms 1 access-control-allow-origin https://js.stripe.com x-stripe-client-envoy-start-time-us 1705218972142594 cache-control max-age=0, no-cache, no-store, must-revalidate access-control-expose-headers Server, Range, Content-Type x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
GET H2	200	inner.html Show response m.stripe.network/ Frame BCCE	930 B 1 KB	131ms 33ms	Document text/html	151.101.192.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/inner.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.192.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes age 155 cache-control max-age=300, public content-encoding br content-length 540 content-security-policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Sun, 14 Jan 2024 07:56:12 GMT server Fastly strict-transport-security max-age=31556926; includeSubDomains; preload vary Accept-Encoding, Origin via 1.1 varnish x-cache HIT x-cache-hits 99 x-content-type-options nosniff x-request-id c1addf92-689f-4512-8058-a8f4fb3110e4 x-served-by cache-mia-kmia1760073-MIA x-timer S1705218972.260559,VS0,VE0
POST H2	200	csp-report q.stripe.com/ Frame BCCE	0 490 B	115ms 115ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: cdu.jozeitler.de URL: https://cdu.jozeitler.de/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type application/csp-report Response headers date Sun, 14 Jan 2024 07:56:12 GMT strict-transport-security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1705218972349685 x-envoy-upstream-service-time 1 content-length 0 x-stripe-bg-intended-route-color blue pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin x-stripe-server-envoy-upstream-service-time-ms 0 x-stripe-client-envoy-start-time-us 1705218972349472 cache-control max-age=0, no-cache, no-store, must-revalidate x-robots-tag none expires 0
GET H2	200	out-4.5.43.js Show response m.stripe.network/ Frame BCCE	87 KB 15 KB	33ms 32ms	Script text/javascript	151.101.192.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/out-4.5.43.js Requested by Host: m.stripe.network URL: https://m.stripe.network/inner.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.192.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://m.stripe.network/inner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload date Sun, 14 Jan 2024 07:56:12 GMT x-content-type-options nosniff content-encoding br via 1.1 varnish age 80 x-cache HIT content-length 15509 x-request-id 3b9559c5-cc75-486d-a07b-e7c505e69ab9 x-served-by cache-mia-kmia1760073-MIA server Fastly x-timer S1705218972.306785,VS0,VE0 vary Accept-Encoding, Origin content-type text/javascript; charset=utf-8 cache-control max-age=300, public accept-ranges bytes x-cache-hits 14
POST H2	200	6 Show response m.stripe.com/ Frame BCCE	156 B 667 B	374ms 115ms	XHR application/json	34.208.216.197 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/out-4.5.43.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.208.216.197 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-208-216-197.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 7049f7420f4775174fd3943dc2363a8ed8cad6147a91de258093fe9030449caf Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-stripe-bg-intended-route-color blue date Sun, 14 Jan 2024 07:56:12 GMT strict-transport-security max-age=31556926; includeSubDomains; preload x-content-type-options nosniff x-stripe-server-envoy-start-time-us 1705218972810278 server nginx content-type application/json;charset=utf-8 x-stripe-server-envoy-upstream-service-time-ms 2 access-control-allow-origin https://m.stripe.network x-stripe-client-envoy-start-time-us 1705218972810054 access-control-allow-credentials true access-control-allow-headers Content-Type content-length 156
POST H2	200	b Show response r.stripe.com/ Frame 3B04	0 273 B	127ms 117ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/b Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sun, 14 Jan 2024 07:56:13 GMT x-stripe-server-envoy-start-time-us 1705218973230509 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 4 x-stripe-client-envoy-start-time-us 1705218973230265 access-control-allow-credentials true content-length 0
POST H2	200	b Show response r.stripe.com/ Frame 3B04	0 273 B	126ms 118ms	Fetch text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/b Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-64da66ea531d8772e50e735fb155daaa.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers x-stripe-bg-intended-route-color blue date Sun, 14 Jan 2024 07:56:13 GMT x-stripe-server-envoy-start-time-us 1705218973230485 server nginx content-type text/plain access-control-allow-origin https://js.stripe.com x-stripe-server-envoy-upstream-service-time-ms 4 x-stripe-client-envoy-start-time-us 1705218973230298 access-control-allow-credentials true content-length 0

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| iFrameResize object| TidyCal

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			m.stripe.com/	1970-01-21 03:16:18	Name: m Value: 8e125b01-3f95-4ed5-952f-cbb6e586fdb5c2f68a

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=600000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.tidycal.com
cdu.jozeitler.de
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
m.stripe.com
m.stripe.network
public-tidycal.s3.us-west-2.amazonaws.com
q.stripe.com
r.stripe.com
tidycal.com
www.googletagmanager.com
13.35.93.9
151.101.192.176
2607:f8b0:4006:80e::2008
2607:f8b0:4006:81d::2003
2607:f8b0:4006:81e::200a
2a02:6ea0:c454::1
34.208.216.197
52.218.224.33
54.149.131.178
54.187.159.182
85.13.138.125
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed
0ff3235df9d6d5a413bba7f1dffcc9b847f6428a5353b52c86f2b68503b5396f
11f2d9aec4e259de3e1317b7b76e53aec52228afc18ea17e73bd48f719a014c9
2e987865067b40c9e18fc2df48d3de4f13692396438efce24f4c0b9b278892e9
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
549478ba46ac97af73018ed0ca78cfa43dae13eddcc812ced06f664bd7d22e57
56700c9877680130901ece5df3e2f19ea14f185d980612f856988425c63fa758
5c36110b7ed1eb112ab6cd2afd8966e412bbb379045460c121f61db7212bcde3
7049f7420f4775174fd3943dc2363a8ed8cad6147a91de258093fe9030449caf
74555b53d117ce3eede0e874b2a4ba7ca46fb33c790bcc76de43bf6428b60071
8771345dd9e81cc78e8d95528e91f63f371925319a78b2ae0fbf79fcf5ef8c10
932f19114f1f7e31a7c95c3a17f280f9c8d16df7bfc6e38cc0227e2502b56597
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
97e71e3981e8143a4b5c85585a4407e7bef93f8cdd8e4dbe40911bb5d681c448
a25071dc8b8fea33f964a353594f9712e0351e95478f31d6ab313596344ee3ce
b092de02eba2c5e1bb6ebda98f99dbdad627e0a26959854efa14a0af98acebba
b81211cca8c2f59138b6913b6f7fb33a6f5011db4a3bf58f443f096069dc3816
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
c9cc991deb5d27f267830a19f2301eb164d9e61ec08669c1a1a291c5620ff40a
d5737d1011d04a01cb5ae47102d6b46fee406d783fb71606c68e8a948d09eea6
d9cf8395ee0a7d904dbbbc5a13c251caf17b06a52199c10015d34556a8cf5a11
db02096a91c20ab62d459001a1059bc8d78caa35d637dc91494c4440815a6ac1
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e484f334fc0b401af75da518734f0187371290753ba5cd03a9acdf5ad3f23c0b
ebf03abf4f90ec7e5948aca0e1bdb7ed46257ee6a6d9782210dba22e0aa31858
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fe8836eed0fd707429a9a101f1fe4125759088fcaf6dcb039f95f23b8488682b