595thebook1.com Open in urlscan Pro
104.19.152.30 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://595thebook1.com/
Submission: On March 05 via api (March 5th 2024, 12:17:09 am UTC) from BE — Scanned from DE

Summary HTTP 86 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 8 domains to perform 86 HTTP transactions. The main IP is 104.19.152.30, located in and belongs to CLOUDFLARENET, US. The main domain is 595thebook1.com.
TLS certificate: Issued by GTS CA 1P5 on February 17th 2024. Valid for: 3 months.

This is the only time 595thebook1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	104.19.152.30 104.19.152.30	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a04:4e42:200... 2a04:4e42:200::720	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
14	108.138.7.13 108.138.7.13	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400c:c1d::5c	15169 (GOOGLE) (GOOGLE)
1	198.202.176.81 198.202.176.81	16509 (AMAZON-02) (AMAZON-02)
6	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	18.173.205.14 18.173.205.14	16509 (AMAZON-02) (AMAZON-02)
3	44.237.70.166 44.237.70.166	16509 (AMAZON-02) (AMAZON-02)
86	12

29 104.19.152.30 (None, )

ASN13335 (CLOUDFLARENET, US)

595thebook1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a04:4e42:200::720 (United States)

ASN54113 (FASTLY, US)

assets.univer.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 108.138.7.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-13.fra56.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c1d::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.202.176.81 (United States)

ASN16509 (AMAZON-02, US)

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.173.205.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-14.fra56.r.cloudfront.net

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.237.70.166 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-70-166.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	595thebook1.com 595thebook1.com	724 KB
24	stripe.com js.stripe.com — Cisco Umbrella Rank: 1155 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 5082 r.stripe.com — Cisco Umbrella Rank: 2301 m.stripe.com — Cisco Umbrella Rank: 1134	690 KB
15	google.com pay.google.com — Cisco Umbrella Rank: 2753 play.google.com — Cisco Umbrella Rank: 33	422 KB
10	univer.se assets.univer.se — Cisco Umbrella Rank: 672047	137 KB
4	gstatic.com www.gstatic.com	102 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1243	16 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2089	254 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	92 KB
86	8

	Domain	Requested by
29	595thebook1.com	595thebook1.com
14	js.stripe.com	595thebook1.com js.stripe.com
12	play.google.com	www.gstatic.com
10	assets.univer.se	595thebook1.com
6	r.stripe.com	js.stripe.com
4	www.gstatic.com	pay.google.com www.gstatic.com
3	m.stripe.com	m.stripe.network
3	pay.google.com	js.stripe.com pay.google.com www.gstatic.com
2	m.stripe.network	js.stripe.com m.stripe.network
1	merchant-ui-api.stripe.com	js.stripe.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	595thebook1.com
86	12

This site contains links to these domains. Also see Links.

Domain
instagram.com
www.tiktok.com
youtube.com
a.co

Subject Issuer	Validity	Valid
595thebook1.com GTS CA 1P5	`2024-02-17` - `2024-05-17`	3 months	crt.sh
assets.univer.se Certainly Intermediate R1	`2024-02-29` - `2024-03-30`	a month	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-02-07` - `2024-05-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2024-02-26` - `2024-05-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-26` - `2024-05-23`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://595thebook1.com/
Frame ID: 2B6A6BEE338D283E44F8EDF2EA268BE8
Requests: 42 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-1b517d3dc8887d756b42ce62fc15d620.html
Frame ID: 8AA2FC4B8A58A2547E84FA31CBF312DB
Requests: 12 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-0ad4ab4836fd48b704f9836c381309d4.html
Frame ID: 082F544CA04E7F7FC58ADCEAD7E42F37
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-bd09705d396c9abb97489a362b8310e0.html
Frame ID: DAB8B9ABD3877461453DEFC808C462DB
Requests: 3 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 640BC8854FC21943CE5BE4351E1FCF4C
Requests: 12 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: EC6AC4AB53053AB3CEA1C419B6DBCB46
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 2F46AC22BF4059C8C6DFA79B2F94382B
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

595 website

Detected technologies

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

86
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

12
Subdomains

12
IPs

4
Countries

2184 kB
Transfer

6482 kB
Size

7
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://instagram.com/595shampain

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@595tvshow?_t=8jxvHsLj6sA&_r=1

Search URL Search Domain Scan URL

URL: https://youtube.com/@shampain595?si=J44ByF0QpMjh566O

Search URL Search Domain Scan URL

URL: https://a.co/d/1X53aR6

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

86 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
595thebook1.com/ 69 KB
11 KB 573ms
540ms Document
text/html 104.19.152.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://595thebook1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.152.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

ff51a258d38a9cf458df1443d301af5c9783d105ed51d45697c4d7fd3b30a392

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://tools.univer.se

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=30
cf-cache-status: MISS
cf-ray: 85f5ebb7eeef91ff-FRA
content-encoding: gzip
content-security-policy: frame-ancestors https://tools.univer.se
content-type: text/html; charset=utf-8
date: Tue, 05 Mar 2024 00:17:03 GMT
expires: Tue, 05 Mar 2024 00:17:33 GMT
server: cloudflare
universe-request-id: 72bd3d1d
vary: Accept-Encoding
x-powered-by: Next.js

GET
H2 200 895e5565db0d3747.css
595thebook1.com/_next/static/css/ 78 KB
7 KB 476ms
476ms Stylesheet
text/css 104.19.152.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://595thebook1.com/_next/static/css/895e5565db0d3747.css

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.152.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

2e538a1227badf43d89fb23f00a8cc4469c668cf4c93cbb58f165f37bb8d8d5f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://tools.univer.se

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://595thebook1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:17:03 GMT
content-security-policy: frame-ancestors https://tools.univer.se
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 20 Feb 2024 19:15:27 GMT
server: cloudflare
x-powered-by: Express
etag: W/"13874-18dc7f1c51f"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 85f5ebbb589691ff-FRA
universe-request-id: 93cd5843
alt-svc: h3=":443"; ma=86400
expires: Wed, 05 Mar 2025 00:17:03 GMT

GET
H2 200 e8970d5e4d41fdcf.css
595thebook1.com/_next/static/css/ 5 KB
1 KB 456ms
456ms Stylesheet
text/css 104.19.152.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://595thebook1.com/_next/static/css/e8970d5e4d41fdcf.css

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.152.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

54c38ca8b8d2308f356d36b725c6ad240d69b64a2f3a4ccc7146d97c536c054b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://tools.univer.se

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://595thebook1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:17:03 GMT
content-security-policy: frame-ancestors https://tools.univer.se
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 20 Feb 2024 19:15:27 GMT
server: cloudflare
x-powered-by: Express
etag: W/"1493-18dc7f1c51f"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 85f5ebbb589791ff-FRA
universe-request-id: cd6afbf0
alt-svc: h3=":443"; ma=86400
expires: Wed, 05 Mar 2025 00:17:03 GMT

GET
H2 200 webpack-a4033d6c2c7257c3.js Show response
595thebook1.com/_next/static/chunks/ 5 KB
2 KB 453ms
452ms Script
application/javascript 104.19.152.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://595thebook1.com/_next/static/chunks/webpack-a4033d6c2c7257c3.js

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.152.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

733ae5f26a384e1d572cd9a64444812f3e008bb78178a4803ec17688449efaf1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://tools.univer.se

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://595thebook1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:17:03 GMT
content-security-policy: frame-ancestors https://tools.univer.se
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 20 Feb 2024 19:15:27 GMT
server: cloudflare
x-powered-by: Express
etag: W/"143b-18dc7f1c51f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 85f5ebbb68a391ff-FRA
universe-request-id: 02701911
alt-svc: h3=":443"; ma=86400
expires: Wed, 05 Mar 2025 00:17:03 GMT

GET
H2 200 framework-125c15452a409aa6.js Show response
595thebook1.com/_next/static/chunks/ 138 KB
44 KB 629ms
628ms Script
application/javascript 104.19.152.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://595thebook1.com/_next/static/chunks/framework-125c15452a409aa6.js

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.152.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

365722b88937784a58b6f5bb017c82aaf62b3f145b498232722efa17ecb7bb23

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://tools.univer.se

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://595thebook1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:17:03 GMT
content-security-policy: frame-ancestors https://tools.univer.se
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 20 Feb 2024 19:15:27 GMT
server: cloudflare
x-powered-by: Express
etag: W/"226bc-18dc7f1c51f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 85f5ebbb68a891ff-FRA
universe-request-id: 57e162ab
alt-svc: h3=":443"; ma=86400
expires: Wed, 05 Mar 2025 00:17:03 GMT

GET
H2 200 main-4a5c585d77346699.js Show response
595thebook1.com/_next/static/chunks/ 122 KB
36 KB 568ms
567ms Script
application/javascript 104.19.152.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://595thebook1.com/_next/static/chunks/main-4a5c585d77346699.js

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.152.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

9557e6c2beb0082e229d1f1ef6df4a3a1fb44b0cfcb4b22e3aa97b689ec7911a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://tools.univer.se

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://595thebook1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:17:03 GMT
content-security-policy: frame-ancestors https://tools.univer.se
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 20 Feb 2024 19:15:27 GMT
server: cloudflare
x-powered-by: Express
etag: W/"1e6b2-18dc7f1c51f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 85f5ebbb68ab91ff-FRA
universe-request-id: 8285f6f3
alt-svc: h3=":443"; ma=86400
expires: Wed, 05 Mar 2025 00:17:03 GMT

GET
H2 200 _app-802cdc3a3fadb0e6.js Show response
595thebook1.com/_next/static/chunks/pages/ 18 KB
7 KB 449ms
449ms Script
application/javascript 104.19.152.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://595thebook1.com/_next/static/chunks/pages/_app-802cdc3a3fadb0e6.js

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.152.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d148febbedebffccd13e59bed8d24becfd660114e85d320e058c833919422b63

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://tools.univer.se

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://595thebook1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:17:03 GMT
content-security-policy: frame-ancestors https://tools.univer.se
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 20 Feb 2024 19:15:27 GMT
server: cloudflare
x-powered-by: Express
etag: W/"49bc-18dc7f1c51f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 85f5ebbb68ad91ff-FRA
universe-request-id: b124c42d
alt-svc: h3=":443"; ma=86400
expires: Wed, 05 Mar 2025 00:17:03 GMT

GET
H2 200 383-f1a04010a971a356.js Show response
595thebook1.com/_next/static/chunks/ 185 KB
57 KB 567ms
566ms Script
application/javascript 104.19.152.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://595thebook1.com/_next/static/chunks/383-f1a04010a971a356.js

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.152.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

36ee6f326f5db19c8d533bf24139f833c9fe29b9e7570293cf6259a6ae279d79

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://tools.univer.se

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://595thebook1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:17:03 GMT
content-security-policy: frame-ancestors https://tools.univer.se
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 20 Feb 2024 19:15:27 GMT
server: cloudflare
x-powered-by: Express
etag: W/"2e472-18dc7f1c51f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 85f5ebbb68b091ff-FRA
universe-request-id: 92bc6f5b
alt-svc: h3=":443"; ma=86400
expires: Wed, 05 Mar 2025 00:17:03 GMT

GET
H2 200 739-f29f59ac0ddb4ec8.js Show response
595thebook1.com/_next/static/chunks/ 261 KB
69 KB 565ms
564ms Script
application/javascript 104.19.152.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://595thebook1.com/_next/static/chunks/739-f29f59ac0ddb4ec8.js

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.152.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e1a133d01ec0fb908680b9f8edd130ba5589a69883c26e6d630338dd0a36560e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://tools.univer.se

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://595thebook1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:17:03 GMT
content-security-policy: frame-ancestors https://tools.univer.se
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 20 Feb 2024 20:39:54 GMT
server: cloudflare
x-powered-by: Express
etag: W/"415ce-18dc83f18d1"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 85f5ebbb68b291ff-FRA
universe-request-id: 417ed30f
alt-svc: h3=":443"; ma=86400
expires: Wed, 05 Mar 2025 00:17:03 GMT

GET
H2 200 %5B%5B...slug%5D%5D-82ab07dafaa97dd5.js Show response
595thebook1.com/_next/static/chunks/pages/ 4 KB
1 KB 461ms
461ms Script
application/javascript 104.19.152.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://595thebook1.com/_next/static/chunks/pages/%5B%5B...slug%5D%5D-82ab07dafaa97dd5.js

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.152.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

37f9a0ef8b3a2ac3dbf0eb4634d31399c485302ccff7bfc56d53314711828ef6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://tools.univer.se

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://595thebook1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:17:03 GMT
content-security-policy: frame-ancestors https://tools.univer.se
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 20 Feb 2024 19:15:27 GMT
server: cloudflare
x-powered-by: Express
etag: W/"1020-18dc7f1c51f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 85f5ebbb68b391ff-FRA
universe-request-id: 8903e9da
alt-svc: h3=":443"; ma=86400
expires: Wed, 05 Mar 2025 00:17:03 GMT

GET
H2 200 _buildManifest.js Show response
595thebook1.com/_next/static/OmgVy5sdVG1mmsLJsfLoD/ 1 KB
700 B 431ms
430ms Script
application/javascript 104.19.152.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://595thebook1.com/_next/static/OmgVy5sdVG1mmsLJsfLoD/_buildManifest.js

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.152.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b9f5e925b7df5a734f3b58d1edf7bfea6474ce92cb18e74aadd6a8793668cc1a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://tools.univer.se

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://595thebook1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:17:03 GMT
content-security-policy: frame-ancestors https://tools.univer.se
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 20 Feb 2024 19:15:27 GMT
server: cloudflare
x-powered-by: Express
etag: W/"4de-18dc7f1c51b"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 85f5ebbb68b491ff-FRA
universe-request-id: bae15159
alt-svc: h3=":443"; ma=86400
expires: Wed, 05 Mar 2025 00:17:03 GMT

GET
H2 200 _ssgManifest.js Show response
595thebook1.com/_next/static/OmgVy5sdVG1mmsLJsfLoD/ 80 B
147 B 448ms
447ms Script
application/javascript 104.19.152.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://595thebook1.com/_next/static/OmgVy5sdVG1mmsLJsfLoD/_ssgManifest.js

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.152.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

678f6ce2cb80b1fe72fc67e7412be6e2ab6ada083111b64f7c40d35e3cba5e00

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://tools.univer.se

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://595thebook1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:17:03 GMT
content-security-policy: frame-ancestors https://tools.univer.se
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 20 Feb 2024 19:15:27 GMT
server: cloudflare
x-powered-by: Express
etag: W/"50-18dc7f1c51b"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 85f5ebbb68b591ff-FRA
universe-request-id: c0a5b377
alt-svc: h3=":443"; ma=86400
expires: Wed, 05 Mar 2025 00:17:03 GMT

GET
H2 200 bb3ea40a-d1df-45b1-a1ca-45c52afc1124
assets.univer.se/ 15 KB
15 KB 214ms
158ms Image
image/avif 2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.univer.se/bb3ea40a-d1df-45b1-a1ca-45c52afc1124?fit=crop&auto=compress,format&w=750&q=60

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

335b1ad5f6152d2602643ed1626128ac6d5b8382fbe9087fc49908412bf2ecb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://595thebook1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:17:03 GMT
x-content-type-options: nosniff
age: 168
x-cache: HIT, MISS
x-imgix-id: 0ecc58341232a9b1caa011b6a706461c522b8af5
cross-origin-resource-policy: cross-origin
content-length: 14881
x-served-by: cache-sjc1000141-SJC, cache-fra-eddf8230136-FRA
x-imgix-render-farm: 02.131592
last-modified: Tue, 05 Mar 2024 00:14:15 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 71965681-b789-4279-b4a6-71f1fbff17ad
assets.univer.se/ 35 KB
36 KB 215ms
159ms Image
image/avif 2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.univer.se/71965681-b789-4279-b4a6-71f1fbff17ad?fit=crop&auto=compress,format&w=750&q=60

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

9eee50031d6603e48d639dc1b59cf45e113f08093211dd1dbf0b8b6c13695861

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://595thebook1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:17:03 GMT
x-content-type-options: nosniff
age: 168
x-cache: HIT, MISS
x-imgix-id: 960d51a17c82d6c10f2c6818bb99b0a5e4a88a95
cross-origin-resource-policy: cross-origin
content-length: 36248
x-served-by: cache-sjc10047-SJC, cache-fra-eddf8230136-FRA
x-imgix-render-farm: 02.131592
last-modified: Tue, 05 Mar 2024 00:14:15 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 7b9da544-161b-4b23-aae8-132b0099e02a
assets.univer.se/ 16 KB
16 KB 211ms
165ms Image
image/avif 2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.univer.se/7b9da544-161b-4b23-aae8-132b0099e02a?fit=crop&auto=compress,format&w=750&q=60

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

1d429a51d480440ecb88daa3aed0dc47801b7bd7f41a97d1adf0211b147ddfb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://595thebook1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:17:03 GMT
x-content-type-options: nosniff
age: 168
x-cache: HIT, MISS
x-imgix-id: 6d3e9cded4930a5e8f60773bda135bdc6f96b8ac
cross-origin-resource-policy: cross-origin
content-length: 16729
x-served-by: cache-sjc10076-SJC, cache-fra-eddf8230136-FRA
x-imgix-render-farm: 02.131592
last-modified: Tue, 05 Mar 2024 00:14:15 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 8f467ebe-923d-46d0-9903-ec7ec1df1a03
assets.univer.se/ 25 KB
25 KB 214ms
168ms Image
image/avif 2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.univer.se/8f467ebe-923d-46d0-9903-ec7ec1df1a03?fit=clip&auto=compress,format&w=375&q=60

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

37eb1dcb4bb40781e7eaea841cbd6d47c3b09168d6d8a002c2c17c91f1548a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://595thebook1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:17:03 GMT
x-content-type-options: nosniff
age: 168
x-cache: HIT, MISS
x-imgix-id: 12be566bf57c0016d4aa62c414ffb092c1511f11
cross-origin-resource-policy: cross-origin
content-length: 25768
x-served-by: cache-sjc1000087-SJC, cache-fra-eddf8230136-FRA
x-imgix-render-farm: 02.131592
last-modified: Tue, 05 Mar 2024 00:14:15 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 50b7899a-6326-4f41-8ecd-885bea51beac
assets.univer.se/ 8 KB
8 KB 213ms
167ms Image
image/avif 2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.univer.se/50b7899a-6326-4f41-8ecd-885bea51beac?fit=crop&auto=compress,format&w=375&q=60

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

6c8280fa2dcfa76ab7650aae1d3dda1579b7bb414d02266a7eb1b50c01fc7f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://595thebook1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:17:03 GMT
x-content-type-options: nosniff
age: 1401068
x-cache: HIT, MISS
x-imgix-id: 899bb79c79c0c579cb27f29f700112037221bddc
cross-origin-resource-policy: cross-origin
content-length: 8458
x-served-by: cache-sjc10071-SJC, cache-fra-eddf8230136-FRA
x-imgix-render-farm: 02.131624
last-modified: Sat, 17 Feb 2024 19:05:55 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 8df2855f-781a-4add-ad54-241f0193dc38
assets.univer.se/ 5 KB
5 KB 210ms
165ms Image
image/avif 2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.univer.se/8df2855f-781a-4add-ad54-241f0193dc38?fit=crop&auto=compress,format&w=375&q=60

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

96bde80afdec67307061a56332d1eb99d605125a30993de0bcf97350dc126fa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://595thebook1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:17:03 GMT
x-content-type-options: nosniff
age: 168
x-cache: HIT, MISS
x-imgix-id: cd01e829851758797a207b4288fe5584666266fd
cross-origin-resource-policy: cross-origin
content-length: 5240
x-served-by: cache-sjc1000141-SJC, cache-fra-eddf8230136-FRA
x-imgix-render-farm: 02.131592
last-modified: Tue, 05 Mar 2024 00:14:15 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 6bae8d7d-7bd4-49b5-9e29-43032ddcc1e5
assets.univer.se/ 8 KB
8 KB 156ms
156ms Image
image/avif 2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.univer.se/6bae8d7d-7bd4-49b5-9e29-43032ddcc1e5?fit=crop&auto=compress,format&w=375&q=60

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

e44612bc41bcce006e8122b5d42cf56ed32eddfcd68b1fc761db7abbe6bf4eb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://595thebook1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:17:03 GMT
x-content-type-options: nosniff
age: 168
x-cache: HIT, MISS
x-imgix-id: c73f6a132a71286e565cd1917fa3d27368076a7c
cross-origin-resource-policy: cross-origin
content-length: 7717
x-served-by: cache-sjc10043-SJC, cache-fra-eddf8230136-FRA
x-imgix-render-farm: 02.131592
last-modified: Tue, 05 Mar 2024 00:14:15 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 instagram.svg
595thebook1.com/static/icons/ 2 KB
1 KB 453ms
452ms Image
image/svg+xml 104.19.152.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://595thebook1.com/static/icons/instagram.svg

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.152.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f2039d7de5434a3dcd2b82b718c5870dc7d3080fe1999ed87c7374ee7693367c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://tools.univer.se

Request headers

Referer: https://595thebook1.com/
Origin: https://595thebook1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:17:04 GMT
content-security-policy: frame-ancestors https://tools.univer.se
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 20 Feb 2024 19:15:30 GMT
server: cloudflare
x-powered-by: Express
etag: W/"73b-18dc7f1d05f"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2678400
cf-ray: 85f5ebbe6e321c11-FRA
universe-request-id: 1431d1ea
alt-svc: h3=":443"; ma=86400
expires: Fri, 05 Apr 2024 00:17:04 GMT

GET
H3 200 musical.ly.svg
595thebook1.com/static/icons/ 697 B
719 B 484ms
483ms Image
image/svg+xml 104.19.152.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://595thebook1.com/static/icons/musical.ly.svg

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.152.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

4da92d690644b8b734c908b8e6d42b135e4f47656bfcc8a8cec47e667da56bd3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://tools.univer.se

Request headers

Referer: https://595thebook1.com/
Origin: https://595thebook1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:17:04 GMT
content-security-policy: frame-ancestors https://tools.univer.se
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 20 Feb 2024 19:15:30 GMT
server: cloudflare
x-powered-by: Express
etag: W/"2b9-18dc7f1d06b"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2678400
cf-ray: 85f5ebbe6e331c11-FRA
universe-request-id: aecd7456
alt-svc: h3=":443"; ma=86400
expires: Fri, 05 Apr 2024 00:17:04 GMT

GET
H3 200 youtube.svg
595thebook1.com/static/icons/ 737 B
741 B 456ms
455ms Image
image/svg+xml 104.19.152.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://595thebook1.com/static/icons/youtube.svg

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.152.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

2cd121268fb89a25e946154f6aa3d2857eaa7c8e57117387a15eda3f5bc555a2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://tools.univer.se

Request headers

Referer: https://595thebook1.com/
Origin: https://595thebook1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:17:04 GMT
content-security-policy: frame-ancestors https://tools.univer.se
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 20 Feb 2024 19:15:30 GMT
server: cloudflare
x-powered-by: Express
etag: W/"2e1-18dc7f1d097"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2678400
cf-ray: 85f5ebbe6e361c11-FRA
universe-request-id: 029f7e37
alt-svc: h3=":443"; ma=86400
expires: Fri, 05 Apr 2024 00:17:04 GMT

GET
H3 200 amazon.svg
595thebook1.com/static/icons/ 4 KB
2 KB 457ms
456ms Image
image/svg+xml 104.19.152.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://595thebook1.com/static/icons/amazon.svg

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.152.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

81e50f1c5fa737d896596f6484b390c51ac8b452752cd0129abc74d17cd15d31

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://tools.univer.se

Request headers

Referer: https://595thebook1.com/
Origin: https://595thebook1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:17:04 GMT
content-security-policy: frame-ancestors https://tools.univer.se
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 20 Feb 2024 19:15:29 GMT
server: cloudflare
x-powered-by: Express
etag: W/"100a-18dc7f1d037"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2678400
cf-ray: 85f5ebbe6e371c11-FRA
universe-request-id: 6024c70d
alt-svc: h3=":443"; ma=86400
expires: Fri, 05 Apr 2024 00:17:04 GMT

GET
H3 200 LeagueGothic-Regular.woff2
595thebook1.com/static/fonts/ 17 KB
17 KB 567ms
566ms Font
font/woff2 104.19.152.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://595thebook1.com/static/fonts/LeagueGothic-Regular.woff2

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/_next/static/css/895e5565db0d3747.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.152.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

420f5db1d617f5d8514f44b185d158eb14673c35e24f908452fc98c4506c8634

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://tools.univer.se

Request headers

Referer: https://595thebook1.com/_next/static/css/895e5565db0d3747.css
Origin: https://595thebook1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:17:04 GMT
content-security-policy: frame-ancestors https://tools.univer.se
cf-cache-status: MISS
x-powered-by: Express
universe-request-id: 44fa1358
content-length: 16960
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 20 Feb 2024 19:15:29 GMT
server: cloudflare
etag: W/"4240-18dc7f1cf07"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 85f5ebbe6e381c11-FRA
expires: Fri, 05 Apr 2024 00:17:04 GMT

GET
H3 200 ZillaSlab-Regular.woff2
595thebook1.com/static/fonts/ 68 KB
68 KB 343ms
342ms Font
font/woff2 104.19.152.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://595thebook1.com/static/fonts/ZillaSlab-Regular.woff2

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/_next/static/css/895e5565db0d3747.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.152.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0a697e5cd3a0da721f535c959367a8cdf657a39aabe3373af9556720db1560bd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://tools.univer.se

Request headers

Referer: https://595thebook1.com/_next/static/css/895e5565db0d3747.css
Origin: https://595thebook1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:17:04 GMT
content-security-policy: frame-ancestors https://tools.univer.se
cf-cache-status: MISS
x-powered-by: Express
universe-request-id: e530fe49
content-length: 69524
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 20 Feb 2024 19:15:29 GMT
server: cloudflare
etag: W/"10f94-18dc7f1d01b"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 85f5ebbe6e391c11-FRA
expires: Fri, 05 Apr 2024 00:17:03 GMT

GET
H3 200 Universe---HelveticaNeueLTStd-Roman.woff2
595thebook1.com/static/fonts/ 15 KB
16 KB 566ms
565ms Font
font/woff2 104.19.152.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://595thebook1.com/static/fonts/Universe---HelveticaNeueLTStd-Roman.woff2

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/_next/static/css/895e5565db0d3747.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.152.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

4cbd16522fa0b8362338b5bf7a5c1c90099af315006779030aa4bbe8254b074a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://tools.univer.se

Request headers

Referer: https://595thebook1.com/_next/static/css/895e5565db0d3747.css
Origin: https://595thebook1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:17:04 GMT
content-security-policy: frame-ancestors https://tools.univer.se
cf-cache-status: MISS
x-powered-by: Express
universe-request-id: 95fd2a78
content-length: 15764
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 20 Feb 2024 19:15:29 GMT
server: cloudflare
etag: W/"3d94-18dc7f1cff7"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 85f5ebbe6e3a1c11-FRA
expires: Fri, 05 Apr 2024 00:17:04 GMT

GET
H3 200 SF-UI-Text-Bold.woff2
595thebook1.com/static/fonts/ 97 KB
98 KB 665ms
665ms Font
font/woff2 104.19.152.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://595thebook1.com/static/fonts/SF-UI-Text-Bold.woff2

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/_next/static/css/895e5565db0d3747.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.152.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

344b3e8ac9d168dd5b83785a87a06d3c4dc5f1abea77a595875253d2a2da0ce4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://tools.univer.se

Request headers

Referer: https://595thebook1.com/_next/static/css/895e5565db0d3747.css
Origin: https://595thebook1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:17:04 GMT
content-security-policy: frame-ancestors https://tools.univer.se
cf-cache-status: MISS
x-powered-by: Express
universe-request-id: b93d0cb5
content-length: 99812
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 20 Feb 2024 19:15:29 GMT
server: cloudflare
etag: W/"185e4-18dc7f1cf5b"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 85f5ebbe6e3c1c11-FRA
expires: Fri, 05 Apr 2024 00:17:04 GMT

GET
H3 200 IndieFlower.woff2
595thebook1.com/static/fonts/ 27 KB
27 KB 545ms
544ms Font
font/woff2 104.19.152.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://595thebook1.com/static/fonts/IndieFlower.woff2

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/_next/static/css/895e5565db0d3747.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.152.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

262f4c64361482759cfa355efdc7a33235bf095370f080f4235397a1367aa932

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://tools.univer.se

Request headers

Referer: https://595thebook1.com/_next/static/css/895e5565db0d3747.css
Origin: https://595thebook1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:17:04 GMT
content-security-policy: frame-ancestors https://tools.univer.se
cf-cache-status: MISS
x-powered-by: Express
universe-request-id: 4889a055
content-length: 27248
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 20 Feb 2024 19:15:29 GMT
server: cloudflare
etag: W/"6a70-18dc7f1cecb"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 85f5ebbe6e3d1c11-FRA
expires: Fri, 05 Apr 2024 00:17:04 GMT

GET
H3 200 Junicode-Regular.woff2
595thebook1.com/static/fonts/ 252 KB
252 KB 676ms
675ms Font
font/woff2 104.19.152.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://595thebook1.com/static/fonts/Junicode-Regular.woff2

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/_next/static/css/895e5565db0d3747.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.152.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f63074e190b99b06994f05c04c51fd8a20105b6de7842df8466d45b2b6ea7b53

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://tools.univer.se

Request headers

Referer: https://595thebook1.com/_next/static/css/895e5565db0d3747.css
Origin: https://595thebook1.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:17:04 GMT
content-security-policy: frame-ancestors https://tools.univer.se
cf-cache-status: MISS
x-powered-by: Express
universe-request-id: ad075778
content-length: 258156
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 20 Feb 2024 19:15:29 GMT
server: cloudflare
etag: W/"3f06c-18dc7f1cef7"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 85f5ebbe6e3e1c11-FRA
expires: Fri, 05 Apr 2024 00:17:04 GMT

GET
H2 200 9e77e7cf-377c-48cd-a486-e07912beaed9
assets.univer.se/ 5 KB
5 KB 163ms
163ms Image
image/avif 2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.univer.se/9e77e7cf-377c-48cd-a486-e07912beaed9?fit=crop&auto=compress,format&w=375&q=60

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

056fa4eba94af4a693582bdfcf375059c1c73533b1ae73467b1ee5898094fc5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://595thebook1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:17:03 GMT
x-content-type-options: nosniff
age: 166
x-cache: HIT, MISS
x-imgix-id: 895710abfdfcf5ba5a42ef8b6632bfb65fbe4502
cross-origin-resource-policy: cross-origin
content-length: 4687
x-served-by: cache-sjc10049-SJC, cache-fra-eddf8230136-FRA
x-imgix-render-farm: 02.131592
last-modified: Tue, 05 Mar 2024 00:14:17 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 d7cfeeff-10aa-4920-be8b-f7a912e3e0ee
assets.univer.se/ 8 KB
9 KB 163ms
163ms Image
image/avif 2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.univer.se/d7cfeeff-10aa-4920-be8b-f7a912e3e0ee?fit=crop&auto=compress,format&w=375&q=60

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

5502b7e14c8613a93907aa329ac4bc4a69216a9f589d78aedcffbd7eaeee9799

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://595thebook1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:17:03 GMT
x-content-type-options: nosniff
age: 167
x-cache: HIT, MISS
x-imgix-id: 8d850af06632a1283eec8d50f1dfbd7ec182722c
cross-origin-resource-policy: cross-origin
content-length: 8651
x-served-by: cache-sjc1000092-SJC, cache-fra-eddf8230136-FRA
x-imgix-render-farm: 02.131592
last-modified: Tue, 05 Mar 2024 00:14:17 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 f3ce0cab-62c2-440f-bfb6-d7adcf8b7626
assets.univer.se/ 10 KB
10 KB 163ms
163ms Image
image/avif 2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.univer.se/f3ce0cab-62c2-440f-bfb6-d7adcf8b7626?fit=crop&auto=compress,format&w=375&q=60

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

85d1ae83230d6471bfdee44e22a800716b99f47b7cf419e28d6484d7db7803f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://595thebook1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:17:03 GMT
x-content-type-options: nosniff
age: 516880
x-cache: HIT, MISS
x-imgix-id: 0f54169b14ff0bb10580742ae47147444b313d88
cross-origin-resource-policy: cross-origin
content-length: 10222
x-served-by: cache-sjc10063-SJC, cache-fra-eddf8230136-FRA
x-imgix-render-farm: 02.131592
last-modified: Wed, 28 Feb 2024 00:42:24 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 200.c1777e2723f3d869.js Show response
595thebook1.com/_next/static/chunks/ 1 KB
981 B 601ms
601ms Script
application/javascript 104.19.152.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://595thebook1.com/_next/static/chunks/200.c1777e2723f3d869.js

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/_next/static/chunks/webpack-a4033d6c2c7257c3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.152.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e24d3773a495e687dd365e68c44a4b5ab9a59d0551d333d3fc8b93b6b8050617

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://tools.univer.se

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://595thebook1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:17:04 GMT
content-security-policy: frame-ancestors https://tools.univer.se
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 20 Feb 2024 19:15:27 GMT
server: cloudflare
x-powered-by: Express
etag: W/"42c-18dc7f1c51b"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 85f5ebc05fa01c11-FRA
universe-request-id: e9a5351c
alt-svc: h3=":443"; ma=86400
expires: Wed, 05 Mar 2025 00:17:04 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
92 KB 48ms
27ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CX6QWFXGS9&l=ga4DataLayer

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/_next/static/chunks/739-f29f59ac0ddb4ec8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6e518301f74c2641d23e59b3216d03232727535153abf3c4bed81786dbfe6773

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://595thebook1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:17:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93860
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Mar 2024 00:17:04 GMT

GET
H3 200 73683 Show response
595thebook1.com/_api/v1/sites/2159353/downloads/ 826 B
673 B 472ms
472ms Fetch
application/json 104.19.152.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://595thebook1.com/_api/v1/sites/2159353/downloads/73683

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/_next/static/chunks/739-f29f59ac0ddb4ec8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.152.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d64907b1c5fc1cbd10f3e4e8688c9e97b580f0c7fd9a0487547a1a300172f5e8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://tools.univer.se

Request headers

Referer: https://595thebook1.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 05 Mar 2024 00:17:04 GMT
content-security-policy: frame-ancestors https://tools.univer.se
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"33a-PiGXmyWt7q5xxdcs5fohLHf/hXo"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 85f5ebc07fc01c11-FRA
universe-request-id: 857a158a
alt-svc: h3=":443"; ma=86400

GET
H3 200 73739 Show response
595thebook1.com/_api/v1/sites/2159353/downloads/ 827 B
676 B 482ms
481ms Fetch
application/json 104.19.152.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://595thebook1.com/_api/v1/sites/2159353/downloads/73739

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/_next/static/chunks/739-f29f59ac0ddb4ec8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.152.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

a21fd9d251126696faa8cef45239d8cb111b2143e5a544bc6c571cdbe3895486

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://tools.univer.se

Request headers

Referer: https://595thebook1.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 05 Mar 2024 00:17:04 GMT
content-security-policy: frame-ancestors https://tools.univer.se
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"33b-7kqzM2RRfbkXYISa0mkuipeg7ug"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 85f5ebc07fc11c11-FRA
universe-request-id: 8abad24b
alt-svc: h3=":443"; ma=86400

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 37ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CX6QWFXGS9&gtm=45je42t1v894777412za200&_p=1709597824068&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=479972819.1709597824&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&dt=595%20website&dl=https%3A%2F%2F595thebook1.com%2F&dp=%2F&dr=&sid=1709597824&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.page_hash=&tfd=1501
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CX6QWFXGS9&l=ga4DataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://595thebook1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 00:17:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://595thebook1.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 details Show response
595thebook1.com/_api/v4/products/415261/ 492 B
558 B 161ms
160ms Fetch
application/json 104.19.152.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://595thebook1.com/_api/v4/products/415261/details

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/_next/static/chunks/739-f29f59ac0ddb4ec8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.152.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0f99092601adf2a78e784aedee4ba8f4114a67516c728213aa7325686af84f95

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://tools.univer.se

Request headers

Referer: https://595thebook1.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 05 Mar 2024 00:17:04 GMT
content-security-policy: frame-ancestors https://tools.univer.se
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"1ec-m04FyQuQwDQ1jTpO9wXCdNnD4UY"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 85f5ebc379e21c11-FRA
universe-request-id: d285e420
alt-svc: h3=":443"; ma=86400

POST
H3 200 validate Show response
595thebook1.com/_api/v3/merchants/131877/ 28 B
277 B 483ms
483ms Fetch
application/json 104.19.152.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://595thebook1.com/_api/v3/merchants/131877/validate

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/_next/static/chunks/739-f29f59ac0ddb4ec8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.152.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

4a16710f06bb122988f46b2076db1797fa31e78a60b1079f32e1afbd988702c1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://tools.univer.se

Request headers

Referer: https://595thebook1.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 05 Mar 2024 00:17:05 GMT
content-security-policy: frame-ancestors https://tools.univer.se
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"1c-rCWsZYrlIIeZpzuCtXHb6MwbW1U"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 85f5ebc379e51c11-FRA
universe-request-id: 17458735
content-length: 28
alt-svc: h3=":443"; ma=86400

GET
H2 200 v3 Show response
js.stripe.com/ 603 KB
148 KB 33ms
8ms Script
text/javascript 108.138.7.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/_next/static/chunks/383-f1a04010a971a356.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-13.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

0030f5a99c7993b12e2fabfd97fc80fca835db69e270cb872bfa8e8821af3d82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://595thebook1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:16:28 GMT
content-encoding: br
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 40
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
last-modified: Mon, 04 Mar 2024 21:49:33 GMT
server: Cloudfront
etag: W/"68bcc669e847f4536a08e4ba24b5a206"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: f4KnnmQGlDAs84DApbC1ZggZum8lXuKJDfnDhKTyQKBBc3zrWAdBhw==

GET
H3 200 shipping-rates Show response
595thebook1.com/_api/v1/sites/2159353/ 354 B
442 B 189ms
189ms Fetch
application/json 104.19.152.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://595thebook1.com/_api/v1/sites/2159353/shipping-rates

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/_next/static/chunks/739-f29f59ac0ddb4ec8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.152.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

356d9cbf0f55f808017fc2eb90244ad4b2a92519885e844a5ba90c3ded1a66b1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://tools.univer.se

Request headers

Accept: application/json
Referer: https://595thebook1.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 05 Mar 2024 00:17:04 GMT
content-security-policy: frame-ancestors https://tools.univer.se
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"162-vFnPP4WedE+kc9QUOEogJ9PiB4w"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 85f5ebc379e71c11-FRA
universe-request-id: c9227762
alt-svc: h3=":443"; ma=86400

GET
H3 200 details Show response
595thebook1.com/_api/v4/products/415467/ 499 B
541 B 505ms
505ms Fetch
application/json 104.19.152.30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://595thebook1.com/_api/v4/products/415467/details

Requested by

Host: 595thebook1.com
URL: https://595thebook1.com/_next/static/chunks/739-f29f59ac0ddb4ec8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.152.30 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

1f0fa3d211b33bb9635299065143da7d2da1099120163a68bc2ab72803a97538

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://tools.univer.se

Request headers

Referer: https://595thebook1.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 05 Mar 2024 00:17:05 GMT
content-security-policy: frame-ancestors https://tools.univer.se
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"1f3-mBMsNLYvkQeGaDL0PW9mKh5khO8"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cf-ray: 85f5ebc389f31c11-FRA
universe-request-id: 691ab2b8
alt-svc: h3=":443"; ma=86400

GET
H2 200 controller-1b517d3dc8887d756b42ce62fc15d620.html Show response
js.stripe.com/v3/ Frame 8AA2 297 B
1 KB 8ms
8ms Document
text/html 108.138.7.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-1b517d3dc8887d756b42ce62fc15d620.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-13.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

04dd08cd5be76d0779ac2b77f734115d0fa01d5b6f14db00adca5433bdf30065

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://595thebook1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 51
cache-control: max-age=60, stale-while-revalidate=900
content-length: 297
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 05 Mar 2024 00:16:14 GMT
etag: "1b517d3dc8887d756b42ce62fc15d620"
last-modified: Mon, 04 Mar 2024 21:05:23 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
x-amz-cf-id: 07GGhV19CqKJGH0VvFH0XVUEbwJRNzuik2eMdggZVlDjh3gVWPLTRg==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-google-pay-0ad4ab4836fd48b704f9836c381309d4.html Show response
js.stripe.com/v3/ Frame 082F 408 B
1 KB 8ms
7ms Document
text/html 108.138.7.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-0ad4ab4836fd48b704f9836c381309d4.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-13.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

375cd0866100903ea8dd941ab323f78564bfc406a6055c729d8c14b284f1ca5e

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://595thebook1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3438
cache-control: max-age=31536000
content-length: 408
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 04 Mar 2024 23:19:47 GMT
etag: "0ad4ab4836fd48b704f9836c381309d4"
last-modified: Mon, 04 Mar 2024 21:05:38 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
x-amz-cf-id: mcej-SDE1hcL_XbqLONYdjsW6fjUmlqgslnX7IJ-umZVN8i493K0ug==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 payment-request-inner-browser-bd09705d396c9abb97489a362b8310e0.html Show response
js.stripe.com/v3/ Frame DAB8 344 B
2 KB 8ms
8ms Document
text/html 108.138.7.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-bd09705d396c9abb97489a362b8310e0.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-13.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f86da5e9aacdcab57c6381b2053c36e9ef22ffe815d128b1a80083dbda3f480d

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://595thebook1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 41
cache-control: max-age=60, stale-while-revalidate=900
content-length: 344
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 05 Mar 2024 00:16:23 GMT
etag: "bd09705d396c9abb97489a362b8310e0"
last-modified: Mon, 04 Mar 2024 21:05:38 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
x-amz-cf-id: w8nVgKXqULUg18AdrRQSVYheHzMIGCWcDLpopoWfFWsaytFqZq8tJQ==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 shared-ef74aa054e59fdac81b538dfec92a050.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8AA2 537 KB
117 KB 8ms
8ms Script
text/javascript 108.138.7.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-1b517d3dc8887d756b42ce62fc15d620.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-13.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

39dfb37816eab2a94aa07e46af7d0523d11a47ca1f7d21544570e3c409fa0586

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-1b517d3dc8887d756b42ce62fc15d620.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:09:41 GMT
content-encoding: br
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 444
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
last-modified: Mon, 04 Mar 2024 21:05:37 GMT
server: Cloudfront
etag: W/"d49550815942227dc97b7500620f7224"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: PfCdKPnmuNykfL1dL-FkuCDpZpBuyaRRkHvX9Ue7DXnPyd_xtOiU5Q==

GET
H2 200 controller-04d5ca8de94b7905dcf997a15299c7fc.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8AA2 699 KB
164 KB 11ms
10ms Script
text/javascript 108.138.7.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-04d5ca8de94b7905dcf997a15299c7fc.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-1b517d3dc8887d756b42ce62fc15d620.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-13.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

2977f53d6b12e6f52f665d17184d9d978ea0fcc0409cfad267cc1ac88b337543

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-1b517d3dc8887d756b42ce62fc15d620.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:09:41 GMT
content-encoding: br
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 444
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
last-modified: Mon, 04 Mar 2024 21:05:34 GMT
server: Cloudfront
etag: W/"f10c423591daea093ee5530eda913c19"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 8DiZo3XWpdKAWH5cq7FJV9RPFgoJ09W4T6kJljRk2ItkkNbWN2wldA==

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 082F 117 KB
36 KB 131ms
76ms Script
application/javascript 2a00:1450:400c:c1d::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-0ad4ab4836fd48b704f9836c381309d4.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1d::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9efb3c3c478916f95dd26b4d6c664a5ff18cbb3df8da939c88b55a5abf0fc81e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-36Xqv6mr54Ohp5UmkwySiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:17:04 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-36Xqv6mr54Ohp5UmkwySiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjKtHikmLw1JBiWF4qxVBRK8WwZCaQX3OTqXPPTaZ1XY-YFrY_ZdLkesZUH_WMaSbvc6a4E8-ZBN88Z3r35SUTz9eXTBJArAHEO3w8WMR8prMeiZ7OyrduOqsKEOuun84aCsRO6TNYg4DYp34GawwQC_FwNJycuZ5NoGP_rodMAN0cMww"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Tue, 05 Mar 2024 00:17:04 GMT

GET
H2 200 shared-ef74aa054e59fdac81b538dfec92a050.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 082F 537 KB
117 KB 8ms
7ms Script
text/javascript 108.138.7.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-0ad4ab4836fd48b704f9836c381309d4.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-13.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

39dfb37816eab2a94aa07e46af7d0523d11a47ca1f7d21544570e3c409fa0586

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-0ad4ab4836fd48b704f9836c381309d4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:09:41 GMT
content-encoding: br
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 444
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
last-modified: Mon, 04 Mar 2024 21:05:37 GMT
server: Cloudfront
etag: W/"d49550815942227dc97b7500620f7224"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: a9bkdIpOtNpsWwHrMNEjRT7L78x0V7zdsElYE7Aa32mSYRZxkCtWFg==

GET
H2 200 payment-request-inner-google-pay-c83e5fd7cbd25a878b3ffc70ebb53333.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 082F 12 KB
5 KB 8ms
8ms Script
text/javascript 108.138.7.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-c83e5fd7cbd25a878b3ffc70ebb53333.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-0ad4ab4836fd48b704f9836c381309d4.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-13.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

06e9cfa1e2fb5b8269f55ebb7dc5ced06737bc1e3faec047ca535265a9d7ac85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-0ad4ab4836fd48b704f9836c381309d4.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:06:35 GMT
content-encoding: gzip
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 629
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 21:07:03 GMT
server: Cloudfront
etag: W/"7946a1d9a17729b6659d22b18a313c0e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 6co_c8SQq16S2J0jr8khHvhsumADgJNmjOV_8YONyzbm7NSTyvYrOQ==

GET
H2 200 shared-ef74aa054e59fdac81b538dfec92a050.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DAB8 537 KB
117 KB 10ms
8ms Script
text/javascript 108.138.7.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-bd09705d396c9abb97489a362b8310e0.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-13.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

39dfb37816eab2a94aa07e46af7d0523d11a47ca1f7d21544570e3c409fa0586

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-bd09705d396c9abb97489a362b8310e0.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:09:41 GMT
content-encoding: br
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 444
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
last-modified: Mon, 04 Mar 2024 21:05:37 GMT
server: Cloudfront
etag: W/"d49550815942227dc97b7500620f7224"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Hafa7_RS2DSQDxbaJ1F1pKh3dO_U37LzFPQWtBcUVGuFUxXZ1LimSA==

GET
H2 200 payment-request-inner-browser-792795e2c4e2210721d96228540c4e06.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DAB8 13 KB
6 KB 12ms
10ms Script
text/javascript 108.138.7.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-792795e2c4e2210721d96228540c4e06.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-bd09705d396c9abb97489a362b8310e0.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-13.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

fedfc64728beee4dcdf576abb2dd3c44b462afc3b5db8c53704629a1ee6dd14c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-bd09705d396c9abb97489a362b8310e0.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:14:11 GMT
content-encoding: br
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 1107
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
last-modified: Thu, 29 Feb 2024 21:07:03 GMT
server: Cloudfront
etag: W/"32dba56f50e599b5cc53a055305f8c45"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: eGTqJueTar3ZG2QQYB9L8JRFfk2VdJl8DtnLtcRFrdMyqg5pXHX7Ng==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 8AA2 474 B
917 B 20ms
8ms Fetch
application/json 108.138.7.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-13.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

5e155e1f89e5ca084a3510deea330a8ca019b906bc61469408830959033ce71f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-1b517d3dc8887d756b42ce62fc15d620.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Mar 2024 00:16:25 GMT
via: 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 40
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
content-length: 474
last-modified: Mon, 04 Mar 2024 21:49:34 GMT
server: Cloudfront
etag: "741c7a42906bbd9aa745c3aea07bcd08"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: YPHHRnZMthToCGnsWTQqiUL1EpOynht29c5EJq7bFxT1Q1j_QkHczA==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 8AA2 474 B
916 B 14ms
8ms Fetch
application/json 108.138.7.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-13.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

5e155e1f89e5ca084a3510deea330a8ca019b906bc61469408830959033ce71f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-1b517d3dc8887d756b42ce62fc15d620.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Mar 2024 00:16:25 GMT
via: 1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 40
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
content-length: 474
last-modified: Mon, 04 Mar 2024 21:49:34 GMT
server: Cloudfront
etag: "741c7a42906bbd9aa745c3aea07bcd08"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
x-amz-cf-id: 7FwwMnA8fA3VJ26DjS4-iPW1HputKyxeDj6BEmpR6Fx34eVVXLQfVg==

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame 8AA2 2 KB
3 KB 311ms
244ms Fetch
application/json 198.202.176.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.202.176.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

081d630801864461bece1a63695ef920b119a1bfbb2579e794e4a34cecd47eaf

Security Headers

Name	Value
Content-Security-Policy	report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 05 Mar 2024 00:17:04 GMT
content-security-policy: report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 2487
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
cross-origin-opener-policy-report-only: same-origin; report-to=https://q.stripe.com/coop-report
expires: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 8AA2 0
275 B 523ms
176ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 05 Mar 2024 00:17:05 GMT
x-stripe-server-envoy-start-time-us: 1709597825144118
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1709597825143429
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 8AA2 0
274 B 691ms
345ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 05 Mar 2024 00:17:05 GMT
x-stripe-server-envoy-start-time-us: 1709597825313211
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1709597825312686
access-control-allow-credentials: true
content-length: 0

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 640B 19 KB
8 KB 86ms
85ms Document
text/html 2a00:1450:400c:c1d::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1d::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

68ef6a96312f31b83476e06c9cb490287a0eee5813138ef9fea69580eacc987c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-byBk5uKxj8o1t-lGoaSYjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-byBk5uKxj8o1t-lGoaSYjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Tue, 05 Mar 2024 00:17:04 GMT
expires: Tue, 05 Mar 2024 00:17:04 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzjKtHikmLw1JBiWF4qxVBRK8WwZCaQX3OTqXPPTaZ1XY-YFrY_ZdLkesZUH_WMaSbvc6a4E8-ZBN88Z3r35SUTz9eXTBJArAHEO3w8WMR8prMeiZ7OyrduOqsKEOuun84aCsRO6TNYg4DYp34GawwQC_FwNJycuZ5NYMeuD-uZAd43Mzw"
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.N_t3ngWcK6E.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 640B 160 KB
57 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.N_t3ngWcK6E.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgRP0_CdhWFw23qyvGYs9ZgeNJ6tg/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

524fea35761d2dd09e0bdc660357cd742cab9daf53c44142b9ad7a3e986bf772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57770
x-xss-protection: 0
last-modified: Fri, 01 Mar 2024 17:33:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 00:16:59 GMT

GET
H2 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.N_t3ngWcK6E.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1... Frame 640B 75 KB
27 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.N_t3ngWcK6E.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1wwshw.L.B1.O/am=gEEy/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgtLOdNkCake2LIxo8nzYzk3QI_ow/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.N_t3ngWcK6E.es5.O/am=gEEy/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgRP0_CdhWFw23qyvGYs9ZgeNJ6tg/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

556856423e6f70e130c5d3a9e13b16f1baf03b97dee1badbcff2a3b24fcc79bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 18:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22601
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27673
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 02:22:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 18:00:23 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 640B 1 MB
377 KB 76ms
75ms XHR
text/html 2a00:1450:400c:c1d::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c1d::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b77a799b96f2412d2faaa51993add15e29456ff87f1863a394b8379232bfc1ab

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-waSOBoQZMIVF1NxPzqhIkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:17:05 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-waSOBoQZMIVF1NxPzqhIkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayUi/web-reports?context=eJzjKtHikmLw1JBiWF4qxVBRK8WwZCaQX3OTqXPPTaZ1XY-YFrY_ZdLkesZUH_WMaSbvc6a4E8-ZBN88Z3r35SUTz9eXTBJArAHEO3w8WMR8prMeiZ7OyrduOqsKEOuun84aCsRO6TNYg4DYp34GawwQC3FzNJ6cuZ5N4MKOE9IAqm8ykw"
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Tue, 05 Mar 2024 00:17:05 GMT

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame EC6A 200 B
1 KB 9ms
9ms Document
text/html 108.138.7.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-13.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://595thebook1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2190
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 04 Mar 2024 23:40:36 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Thu, 29 Feb 2024 21:07:05 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
x-amz-cf-id: 7kK2SfKaZKXL3APcj6yMLOFYjDb4j8PR9SM0JOfYZCMBoibZOgt6vw==
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.N_t3ngWcK6E.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1... Frame 640B 10 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.N_t3ngWcK6E.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1wwshw.L.B1.O/am=gEEy/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgtLOdNkCake2LIxo8nzYzk3QI_ow/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da0f3e2f8aa2ce342250808424eccbefb2129849e955b090e3fa5f4175bec032

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 18:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22602
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4169
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 02:22:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 18:00:23 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.N_t3ngWcK6E.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1... Frame 640B 37 KB
14 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.N_t3ngWcK6E.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1wwshw.L.B1.O/am=gEEy/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgtLOdNkCake2LIxo8nzYzk3QI_ow/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4593f8753341196cc2324e4ab0b75837cc33a998fdb36851cd65167dd7c500c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 18:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22602
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14347
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 02:22:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 18:00:23 GMT

POST
H3 200 log Show response
play.google.com/ Frame 640B 131 B
155 B 78ms
63ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 05 Mar 2024 00:17:05 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Mar 2024 00:17:05 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 67ms
36ms Preflight
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 05 Mar 2024 00:17:05 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 640B 131 B
155 B 77ms
63ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 05 Mar 2024 00:17:05 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Mar 2024 00:17:05 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 68ms
38ms Preflight
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 05 Mar 2024 00:17:05 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 640B 131 B
155 B 76ms
61ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 05 Mar 2024 00:17:05 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Mar 2024 00:17:05 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 66ms
37ms Preflight
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 05 Mar 2024 00:17:05 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 640B 131 B
155 B 75ms
61ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 05 Mar 2024 00:17:05 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Mar 2024 00:17:05 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 67ms
38ms Preflight
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 05 Mar 2024 00:17:05 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 8AA2 0
274 B 382ms
347ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 05 Mar 2024 00:17:05 GMT
x-stripe-server-envoy-start-time-us: 1709597825313566
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1709597825312749
access-control-allow-credentials: true
content-length: 0

POST
H3 200 log Show response
play.google.com/ Frame 640B 131 B
155 B 76ms
62ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 05 Mar 2024 00:17:05 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Mar 2024 00:17:05 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 59ms
37ms Preflight
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 05 Mar 2024 00:17:05 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame EC6A 526 B
1 KB 8ms
7ms Script
text/javascript 108.138.7.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.7.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-7-13.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:14:10 GMT
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 2273
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
content-length: 526
last-modified: Thu, 29 Feb 2024 21:07:03 GMT
server: Cloudfront
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: RbxLVPz_bmYcNMTnAsWcOqmmaEDo1FoZ_yDb0f_FPT2uXSfn5s6kYw==

POST
H3 200 log Show response
play.google.com/ Frame 640B 131 B
155 B 73ms
59ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 05 Mar 2024 00:17:05 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Mar 2024 00:17:05 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 55ms
38ms Preflight
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 05 Mar 2024 00:17:05 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 8AA2 0
274 B 370ms
348ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 05 Mar 2024 00:17:05 GMT
x-stripe-server-envoy-start-time-us: 1709597825313083
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 6
x-stripe-client-envoy-start-time-us: 1709597825312516
access-control-allow-credentials: true
content-length: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 2F46 930 B
2 KB 22ms
8ms Document
text/html 18.173.205.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-14.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 224
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 05 Mar 2024 00:13:22 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
x-amz-cf-id: aN8J3hYSUOJbi6auBlX4FjqlQx8umhtmd6-5l3DFVDDgiG9eSoXmYQ==
x-amz-cf-pop: FRA56-P12
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 2F46 87 KB
15 KB 8ms
7ms Script
text/javascript 18.173.205.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-14.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 00:14:09 GMT
content-encoding: br
via: 1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 177
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: FRA56-P12
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: ef826-fnhzdRtsL9OjnUjJ54pdfvC8l_Slse5hyLLMJrbMgObCTY6A==

POST
H2 200 6 Show response
m.stripe.com/ Frame 2F46 156 B
669 B 527ms
177ms XHR
application/json 44.237.70.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.70.166 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-70-166.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

2ef4ae745b985560679a6e13b40520eb20050049380a423dd802524652b49598

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 05 Mar 2024 00:17:05 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1709597825546799
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1709597825546614
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame 2F46 156 B
668 B 178ms
178ms XHR
application/json 44.237.70.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.70.166 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-70-166.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

2ef4ae745b985560679a6e13b40520eb20050049380a423dd802524652b49598

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 05 Mar 2024 00:17:05 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1709597825735808
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1709597825735208
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame 2F46 156 B
668 B 227ms
227ms XHR
application/json 44.237.70.166
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.70.166 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-70-166.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

2ef4ae745b985560679a6e13b40520eb20050049380a423dd802524652b49598

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 05 Mar 2024 00:17:05 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1709597825785665
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1709597825785074
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 b Show response
r.stripe.com/ Frame 8AA2 0
274 B 174ms
173ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 05 Mar 2024 00:17:05 GMT
x-stripe-server-envoy-start-time-us: 1709597825798051
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1709597825797301
access-control-allow-credentials: true
content-length: 0

POST
H2 200 b Show response
r.stripe.com/ Frame 8AA2 0
274 B 175ms
175ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/b
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ef74aa054e59fdac81b538dfec92a050.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 05 Mar 2024 00:17:06 GMT
x-stripe-server-envoy-start-time-us: 1709597826121803
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1709597826120966
access-control-allow-credentials: true
content-length: 0

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.595thebook1.com/	1970-01-20 18:53:19	Name: __cf_bm Value: 5O4kbXC0Kpvl1Rg3DjbTQoP5nH7METLB6W1_LFELKGQ-1709597823-1.0.1.1-n8Nu_ihANiQH.Kv_7RIcgCY2E.mPEPBhw67oxpR26Bjw2CUPQ6Kv.aBTj24tdMmWPKBFyJBzE.RIzAT805kGZw
.595thebook1.com/	1970-01-21 04:29:17	Name: _ga_CX6QWFXGS9 Value: GS1.1.1709597824.1.0.1709597824.0.0.0
.595thebook1.com/	1970-01-21 04:29:17	Name: _ga Value: GA1.1.479972819.1709597824
.google.com/	1970-01-20 23:16:49	Name: NID Value: 512=B_EnL9DCLcVMsaPxWkEs6UMY65O1WmxLQF6RlkqIfQI1clT7xU2ca4MkHP4lmq2yPcVExBHu4h3zX_v1Jy28tl6VSyEYczB15AeTk40apzPXA0NSm_5F2C7hWy9ycJUa5G8V3dBwmJgdrUmZ1Fw4JTofOMA680L0DXThTiu0GsQ
m.stripe.com/	1970-01-21 04:29:17	Name: m Value: c31bc040-bc21-43c6-9025-bc85459b7274338579
.595thebook1.com/	1970-01-21 03:38:53	Name: __stripe_mid Value: 0a873cf0-50b1-41e7-bd05-fe2bff9756f811d416
.595thebook1.com/	1970-01-20 18:53:19	Name: __stripe_sid Value: 7349155a-30b0-44fc-833d-6fb2d32871c7714e36

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://595thebook1.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://595thebook1.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://595thebook1.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://595thebook1.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://595thebook1.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://595thebook1.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://595thebook1.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://595thebook1.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://595thebook1.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://595thebook1.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://595thebook1.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://595thebook1.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://595thebook1.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://595thebook1.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://595thebook1.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://595thebook1.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://595thebook1.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://595thebook1.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://595thebook1.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://595thebook1.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors https://tools.univer.se

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

595thebook1.com
assets.univer.se
js.stripe.com
m.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
pay.google.com
play.google.com
r.stripe.com
region1.google-analytics.com
www.googletagmanager.com
www.gstatic.com
104.19.152.30
108.138.7.13
18.173.205.14
198.202.176.81
2001:4860:4802:34::36
2a00:1450:4001:81c::2003
2a00:1450:4001:828::200e
2a00:1450:4001:831::2008
2a00:1450:400c:c1d::5c
2a04:4e42:200::720
44.237.70.166
54.187.119.242
0030f5a99c7993b12e2fabfd97fc80fca835db69e270cb872bfa8e8821af3d82
04dd08cd5be76d0779ac2b77f734115d0fa01d5b6f14db00adca5433bdf30065
056fa4eba94af4a693582bdfcf375059c1c73533b1ae73467b1ee5898094fc5e
06e9cfa1e2fb5b8269f55ebb7dc5ced06737bc1e3faec047ca535265a9d7ac85
081d630801864461bece1a63695ef920b119a1bfbb2579e794e4a34cecd47eaf
0a697e5cd3a0da721f535c959367a8cdf657a39aabe3373af9556720db1560bd
0f99092601adf2a78e784aedee4ba8f4114a67516c728213aa7325686af84f95
1d429a51d480440ecb88daa3aed0dc47801b7bd7f41a97d1adf0211b147ddfb2
1f0fa3d211b33bb9635299065143da7d2da1099120163a68bc2ab72803a97538
262f4c64361482759cfa355efdc7a33235bf095370f080f4235397a1367aa932
2977f53d6b12e6f52f665d17184d9d978ea0fcc0409cfad267cc1ac88b337543
2cd121268fb89a25e946154f6aa3d2857eaa7c8e57117387a15eda3f5bc555a2
2e538a1227badf43d89fb23f00a8cc4469c668cf4c93cbb58f165f37bb8d8d5f
2ef4ae745b985560679a6e13b40520eb20050049380a423dd802524652b49598
335b1ad5f6152d2602643ed1626128ac6d5b8382fbe9087fc49908412bf2ecb1
344b3e8ac9d168dd5b83785a87a06d3c4dc5f1abea77a595875253d2a2da0ce4
356d9cbf0f55f808017fc2eb90244ad4b2a92519885e844a5ba90c3ded1a66b1
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
365722b88937784a58b6f5bb017c82aaf62b3f145b498232722efa17ecb7bb23
36ee6f326f5db19c8d533bf24139f833c9fe29b9e7570293cf6259a6ae279d79
375cd0866100903ea8dd941ab323f78564bfc406a6055c729d8c14b284f1ca5e
37eb1dcb4bb40781e7eaea841cbd6d47c3b09168d6d8a002c2c17c91f1548a07
37f9a0ef8b3a2ac3dbf0eb4634d31399c485302ccff7bfc56d53314711828ef6
39dfb37816eab2a94aa07e46af7d0523d11a47ca1f7d21544570e3c409fa0586
420f5db1d617f5d8514f44b185d158eb14673c35e24f908452fc98c4506c8634
4a16710f06bb122988f46b2076db1797fa31e78a60b1079f32e1afbd988702c1
4cbd16522fa0b8362338b5bf7a5c1c90099af315006779030aa4bbe8254b074a
4da92d690644b8b734c908b8e6d42b135e4f47656bfcc8a8cec47e667da56bd3
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
524fea35761d2dd09e0bdc660357cd742cab9daf53c44142b9ad7a3e986bf772
54c38ca8b8d2308f356d36b725c6ad240d69b64a2f3a4ccc7146d97c536c054b
5502b7e14c8613a93907aa329ac4bc4a69216a9f589d78aedcffbd7eaeee9799
556856423e6f70e130c5d3a9e13b16f1baf03b97dee1badbcff2a3b24fcc79bc
5e155e1f89e5ca084a3510deea330a8ca019b906bc61469408830959033ce71f
678f6ce2cb80b1fe72fc67e7412be6e2ab6ada083111b64f7c40d35e3cba5e00
68ef6a96312f31b83476e06c9cb490287a0eee5813138ef9fea69580eacc987c
6c8280fa2dcfa76ab7650aae1d3dda1579b7bb414d02266a7eb1b50c01fc7f83
6e518301f74c2641d23e59b3216d03232727535153abf3c4bed81786dbfe6773
733ae5f26a384e1d572cd9a64444812f3e008bb78178a4803ec17688449efaf1
81e50f1c5fa737d896596f6484b390c51ac8b452752cd0129abc74d17cd15d31
85d1ae83230d6471bfdee44e22a800716b99f47b7cf419e28d6484d7db7803f8
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9557e6c2beb0082e229d1f1ef6df4a3a1fb44b0cfcb4b22e3aa97b689ec7911a
96bde80afdec67307061a56332d1eb99d605125a30993de0bcf97350dc126fa9
9eee50031d6603e48d639dc1b59cf45e113f08093211dd1dbf0b8b6c13695861
9efb3c3c478916f95dd26b4d6c664a5ff18cbb3df8da939c88b55a5abf0fc81e
a21fd9d251126696faa8cef45239d8cb111b2143e5a544bc6c571cdbe3895486
b77a799b96f2412d2faaa51993add15e29456ff87f1863a394b8379232bfc1ab
b9f5e925b7df5a734f3b58d1edf7bfea6474ce92cb18e74aadd6a8793668cc1a
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
c4593f8753341196cc2324e4ab0b75837cc33a998fdb36851cd65167dd7c500c
d148febbedebffccd13e59bed8d24becfd660114e85d320e058c833919422b63
d64907b1c5fc1cbd10f3e4e8688c9e97b580f0c7fd9a0487547a1a300172f5e8
da0f3e2f8aa2ce342250808424eccbefb2129849e955b090e3fa5f4175bec032
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e1a133d01ec0fb908680b9f8edd130ba5589a69883c26e6d630338dd0a36560e
e24d3773a495e687dd365e68c44a4b5ab9a59d0551d333d3fc8b93b6b8050617
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44612bc41bcce006e8122b5d42cf56ed32eddfcd68b1fc761db7abbe6bf4eb2
f2039d7de5434a3dcd2b82b718c5870dc7d3080fe1999ed87c7374ee7693367c
f63074e190b99b06994f05c04c51fd8a20105b6de7842df8466d45b2b6ea7b53
f86da5e9aacdcab57c6381b2053c36e9ef22ffe815d128b1a80083dbda3f480d
fedfc64728beee4dcdf576abb2dd3c44b462afc3b5db8c53704629a1ee6dd14c
ff51a258d38a9cf458df1443d301af5c9783d105ed51d45697c4d7fd3b30a392

595thebook1.com Open in urlscan Pro 104.19.152.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

86 Requests

100 %HTTPS

50 %IPv6

8 Domains

12 Subdomains

12 IPs

4 Countries

2184 kBTransfer

6482 kBSize

7 Cookies

4 Outgoing links

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

595thebook1.com Open in urlscan Pro
104.19.152.30 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

100 %
HTTPS

50 %
IPv6

8
Domains

12
Subdomains

12
IPs

4
Countries

2184 kB
Transfer

6482 kB
Size

7
Cookies

86 HTTP transactions
0 data transactions