urlscan.io logo urlscan.io
SecurityTrails logo

booking.assist-up.com Open in urlscan Pro
2a02:4780:27:1113:0:23fc:b1e4:3  Public Scan

Go To Rescan Add Verdict Report
URL: https://booking.assist-up.com/
Submission: On September 12 via automatic, source certstream-suspicious — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 13 HTTP transactions. The main IP is 2a02:4780:27:1113:0:23fc:b1e4:3, located in Paris, France and belongs to AS-HOSTINGER, CY. The main domain is booking.assist-up.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on September 12th 2023. Valid for: 3 months.
This is the only time booking.assist-up.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2a02:4780:27:... 47583 (AS-HOSTINGER)
3 151.101.0.176 54113 (FASTLY)
3 54.187.119.242 16509 (AMAZON-02)
2 2600:9000:205... 16509 (AMAZON-02)
1 34.211.9.177 16509 (AMAZON-02)
2 34.217.160.121 16509 (AMAZON-02)
13 6
2    2a02:4780:27:1113:0:23fc:b1e4:3 (Paris, France)

ASN47583 (AS-HOSTINGER, CY)
booking.assist-up.com
3    151.101.0.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
3    54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com
q.stripe.com
2    2600:9000:2057:5200:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
1    34.211.9.177 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-211-9-177.us-west-2.compute.amazonaws.com
m.stripe.com
2    34.217.160.121 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-217-160-121.us-west-2.compute.amazonaws.com
api2.amplitude.com
Apex Domain
Subdomains		 Transfer
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1526
q.stripe.com — Cisco Umbrella Rank: 9326
m.stripe.com — Cisco Umbrella Rank: 1429
151 KB
2 amplitude.com
api2.amplitude.com — Cisco Umbrella Rank: 1204
286 B
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1625
18 KB
2 assist-up.com
booking.assist-up.com
158 KB
13 4
Domain Requested by
3 q.stripe.com booking.assist-up.com
3 js.stripe.com booking.assist-up.com
js.stripe.com
2 api2.amplitude.com booking.assist-up.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 booking.assist-up.com booking.assist-up.com
1 m.stripe.com m.stripe.network
13 6

This site contains no links.

Subject Issuer Validity Valid
booking.assist-up.com
ZeroSSL RSA Domain Secure Site CA		 2023-09-12 -
2023-12-11		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-07-31 -
2023-11-30		 4 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-08-01 -
2023-11-02		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-31 -
2023-10-26		 3 months crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA		 2023-01-23 -
2024-02-14		 a year crt.sh

This page contains 3 frames:

Primary Page: https://booking.assist-up.com/
Frame ID: 832B9ABB93326A901AC71B3002E17AB4
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: D5ED6FA65C1447D5CAD081864F134104
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 71681C4734446E27F2FA78B4DC6DD9E2
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Taxi Reza

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Page Statistics

13
Requests

100 %
HTTPS

33 %
IPv6

4
Domains

6
Subdomains

6
IPs

2
Countries

328 kB
Transfer

1120 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
booking.assist-up.com/ 		568 B
585 B 		Document
General
Check archive.org
Download Go to
Full URL
https://booking.assist-up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:27:1113:0:23fc:b1e4:3 Paris, France, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a9be8fa133f9f93f162f5b7a4c00ade620d17e2e0e3bf798c77823255bbb56a5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
226
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Tue, 12 Sep 2023 22:00:38 GMT
etag
"238-6500b927-c522cf4259cd762b;br"
last-modified
Tue, 12 Sep 2023 19:16:55 GMT
platform
hostinger
server
LiteSpeed
vary
Accept-Encoding
x-robots-tag
noindex, nofollow
index-225edffb.js
booking.assist-up.com/assets/ 		504 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://booking.assist-up.com/assets/index-225edffb.js
Requested by
Host: booking.assist-up.com
URL: https://booking.assist-up.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:27:1113:0:23fc:b1e4:3 Paris, France, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
b9d5dacaea013c012050ef2fe290944b8d219cbb128edf3d994af271819a858b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://booking.assist-up.com/
Origin
https://booking.assist-up.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 22:00:38 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 12 Sep 2023 19:16:55 GMT
server
LiteSpeed
etag
"7e188-6500b927-8496e90022d15f6;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
x-robots-tag
noindex, nofollow
content-length
161467
expires
Tue, 19 Sep 2023 22:00:38 GMT
v3
js.stripe.com/ 		527 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: booking.assist-up.com
URL: https://booking.assist-up.com/assets/index-225edffb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e65f01a1f0d745b5a1af7ab9846af18079bfdc7435a43f308b5e941f38ff79c7
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://booking.assist-up.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 12 Sep 2023 22:00:39 GMT
via
1.1 varnish
age
20
x-cache
HIT
content-length
150103
x-request-id
c77822d3-fdaa-4696-ae42-6f95116f050d
x-served-by
cache-lcy-eglc8600034-LCY
last-modified
Tue, 12 Sep 2023 20:38:35 GMT
server
Fastly
etag
"9afe9e2a2c09800422e3f9f98ccf0924"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
3
m-outer-27c67c0d52761104439bb051c7856ab1.html
js.stripe.com/v3/ Frame D5ED 		200 B
817 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://booking.assist-up.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
347777
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 12 Sep 2023 22:00:39 GMT
etag
"27c67c0d52761104439bb051c7856ab1"
last-modified
Fri, 08 Sep 2023 21:23:50 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
195712
x-content-type-options
nosniff
x-request-id
7dc19d48-a9bb-4785-9c3a-5223ce575ac2
x-served-by
cache-lcy-eglc8600034-LCY
m-outer-6576085ca35ee42f2f484cda6763e4aa.js
js.stripe.com/v3/fingerprinted/js/ Frame D5ED 		631 B
527 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 12 Sep 2023 22:00:39 GMT
via
1.1 varnish
age
347777
x-cache
HIT
content-length
399
x-request-id
73b31f62-1b68-468b-bcd7-6fe7ad17c4a6
x-served-by
cache-lcy-eglc8600034-LCY
last-modified
Fri, 08 Sep 2023 21:23:49 GMT
server
Fastly
etag
"70cacf09ae81711ac6dcbc5ee59750c4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
184398
csp-report
q.stripe.com/ Frame D5ED 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: booking.assist-up.com
URL: https://booking.assist-up.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 12 Sep 2023 22:00:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1694556040111971
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
2
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1694556040111441
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame D5ED 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: booking.assist-up.com
URL: https://booking.assist-up.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 12 Sep 2023 22:00:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1694556040111890
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
0
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1694556040111459
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
inner.html
m.stripe.network/ Frame 7168 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5200:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
170
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 12 Sep 2023 21:57:50 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
x-amz-cf-id
pn6gyE1rmEW0GJ0uhLzxuMnfwlaUcOC4x5WSdkzZ4a7iVKxJQLnYUA==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame 7168 		0
492 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: booking.assist-up.com
URL: https://booking.assist-up.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Tue, 12 Sep 2023 22:00:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1694556040111661
x-envoy-upstream-service-time
1
content-length
0
x-stripe-bg-intended-route-color
green
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
0
x-stripe-client-envoy-start-time-us
1694556040111449
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame 7168 		87 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5200:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 12 Sep 2023 21:58:20 GMT
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
via
1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"69cb7809b5011312e716f29b3d19dce6"
age
140
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
N4RCCrnuRBIfyq_sQbeJMiey6_z5m95XujIG03x1wfaeVynEMuHiZg==
6
m.stripe.com/ Frame 7168 		156 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.211.9.177 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-211-9-177.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
4615e9ee0ec72e6858161ee1d9de10e32964f086e7766cf271fd09d04b4104b1
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Tue, 12 Sep 2023 22:00:40 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1694556040160737
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
3
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1694556040160382
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
httpapi
api2.amplitude.com/2/ 		94 B
286 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Requested by
Host: booking.assist-up.com
URL: https://booking.assist-up.com/assets/index-225edffb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.160.121 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-160-121.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a9b77f6652c45b194717db77c0db3bff6cefd21430ac2abf4dd08ae3f1eefb77
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Referer
https://booking.assist-up.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 12 Sep 2023 22:00:40 GMT
strict-transport-security
max-age=15768000
trace-id
Root=1-6500df88-2fc77e0f25adbbec63d2dacb
content-length
94
access-control-allow-methods
GET, POST
content-type
application/json
httpapi
api2.amplitude.com/2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api2.amplitude.com/2/httpapi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.217.160.121 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-160-121.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://booking.assist-up.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-length
0
date
Tue, 12 Sep 2023 22:00:40 GMT
strict-transport-security
max-age=15768000

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| analyticsConnectorInstances object| webpackChunkStripeJSouter function| noop function| Stripe

5 Cookies

Domain/Path Name / Value
.assist-up.com/ Name: AMP_MKTG_149097ca6b
Value: JTdCJTdE
.assist-up.com/ Name: AMP_149097ca6b
Value: JTdCJTIyZGV2aWNlSWQlMjIlM0ElMjJiMDEwNmJiNy03NWY2LTQ4MTYtOTBiYi0yNzA4Nzc2MjcwZTElMjIlMkMlMjJzZXNzaW9uSWQlMjIlM0ExNjk0NTU2MDM5MTc3JTJDJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJsYXN0RXZlbnRUaW1lJTIyJTNBMTY5NDU1NjAzOTIyNSUyQyUyMmxhc3RFdmVudElkJTIyJTNBMCU3RA==
m.stripe.com/ Name: m
Value: 9979f617-46da-4026-bf2b-94c7fa705848d31346
.booking.assist-up.com/ Name: __stripe_mid
Value: eb6b6660-b1a8-4b5d-9aa6-0cf4b976ce9f118545
.booking.assist-up.com/ Name: __stripe_sid
Value: 6b1a0e44-2555-4d9c-88e1-54006570240128161f

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests