urlscan.io logo urlscan.io
SecurityTrails logo

tidycal.com Open in urlscan Pro
44.231.2.49  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://booking.sabercpp.com/
Effective URL: https://tidycal.com/sabercpp
Submission: On November 27 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 8 domains to perform 26 HTTP transactions. The main IP is 44.231.2.49, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is tidycal.com. The Cisco Umbrella rank of the primary domain is 981534.
TLS certificate: Issued by Amazon RSA 2048 M02 on October 24th 2023. Valid for: a year.
This is the only time tidycal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 35.212.49.138 15169 (GOOGLE)
1 44.231.2.49 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
5 52.222.191.36 16509 (AMAZON-02)
5 169.150.247.38 60068 (CDN77 ^_^)
1 2001:4860:480... 15169 (GOOGLE)
3 52.85.92.113 16509 (AMAZON-02)
1 52.218.246.73 16509 (AMAZON-02)
3 3.121.132.229 16509 (AMAZON-02)
3 54.186.23.98 16509 (AMAZON-02)
2 151.101.128.176 54113 (FASTLY)
1 52.37.229.91 16509 (AMAZON-02)
26 11
1    35.212.49.138 (Washington, United States)

ASN15169 (GOOGLE, US)
PTR: 138.49.212.35.bc.googleusercontent.com
booking.sabercpp.com
1    44.231.2.49 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-231-2-49.us-west-2.compute.amazonaws.com
tidycal.com
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    52.222.191.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-191-36.ham50.r.cloudfront.net
platform.illow.io
5    169.150.247.38 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 169-150-247-38.bunnyinfra.net
assets.tidycal.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    52.85.92.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-92-113.ham50.r.cloudfront.net
js.stripe.com
1    52.218.246.73 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com
public-tidycal.s3.us-west-2.amazonaws.com
3    3.121.132.229 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-132-229.eu-central-1.compute.amazonaws.com
api.platform.illow.io
3    54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
q.stripe.com
2    151.101.128.176 (United States)

ASN54113 (FASTLY, US)
m.stripe.network
1    52.37.229.91 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-37-229-91.us-west-2.compute.amazonaws.com
m.stripe.com
Apex Domain
Subdomains		 Transfer
8 illow.io
platform.illow.io — Cisco Umbrella Rank: 130262
api.platform.illow.io — Cisco Umbrella Rank: 143728
134 KB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1287
q.stripe.com — Cisco Umbrella Rank: 7148
m.stripe.com — Cisco Umbrella Rank: 1249
142 KB
6 tidycal.com
tidycal.com — Cisco Umbrella Rank: 981534
assets.tidycal.com
793 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1354
16 KB
1 amazonaws.com
public-tidycal.s3.us-west-2.amazonaws.com
22 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462
251 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
88 KB
1 sabercpp.com
booking.sabercpp.com
134 B
26 8
Domain Requested by
5 assets.tidycal.com tidycal.com
assets.tidycal.com
5 platform.illow.io tidycal.com
platform.illow.io
3 q.stripe.com tidycal.com
3 api.platform.illow.io platform.illow.io
3 js.stripe.com assets.tidycal.com
js.stripe.com
2 m.stripe.network js.stripe.com
m.stripe.network
1 m.stripe.com m.stripe.network
1 public-tidycal.s3.us-west-2.amazonaws.com tidycal.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com tidycal.com
1 tidycal.com
1 booking.sabercpp.com 1 redirects
26 12

This site contains no links.

Subject Issuer Validity Valid
tidycal.com
Amazon RSA 2048 M02		 2023-10-24 -
2024-11-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
platform.illow.io
Amazon RSA 2048 M01		 2023-03-16 -
2024-04-13		 a year crt.sh
assets.tidycal.com
R3		 2023-11-17 -
2024-02-15		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2023-10-30 -
2024-01-25		 3 months crt.sh
*.s3-us-west-2.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-08-03		 10 months crt.sh
api.platform.illow.io
Amazon RSA 2048 M02		 2023-11-27 -
2024-12-26		 a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-10-09 -
2024-01-18		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-05 -
2024-01-18		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://tidycal.com/sabercpp
Frame ID: 4BF852E8829FEDCD77692DBBB88FF81D
Requests: 15 HTTP requests in this frame

Frame: https://platform.illow.io/banner.css
Frame ID: 53B57D554D6364282BFAD91A804BC92E
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 898B3B3EF1F88E356F4A2989E8134754
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 5D67F5AF893F3304814BE45E39160BC0
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Daniel | TidyCal

Page URL History Show full URLs

  1. https://booking.sabercpp.com/ HTTP 301
    https://tidycal.com/sabercpp Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

26
Requests

100 %
HTTPS

17 %
IPv6

8
Domains

12
Subdomains

11
IPs

2
Countries

1195 kB
Transfer

4189 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://booking.sabercpp.com/ HTTP 301
    https://tidycal.com/sabercpp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sabercpp
tidycal.com/
Redirect Chain
  • https://booking.sabercpp.com/
  • https://tidycal.com/sabercpp
26 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tidycal.com/sabercpp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.231.2.49 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-231-2-49.us-west-2.compute.amazonaws.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
9edc7d2935ad8d2af2eb147d7b1deac8dae161f9dac4ff277868a91458bf616b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 27 Nov 2023 16:16:30 GMT
pragma
no-cache
server
Apache/2.4.38 (Debian)
vary
Accept-Encoding

Redirect headers

content-length
24
content-type
text/plain
date
Mon, 27 Nov 2023 16:16:29 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
location
https://tidycal.com/sabercpp
server
nginx
x-proxy-cache-info
DT:1
js
www.googletagmanager.com/gtag/ 		257 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MDNVPSWCJ1
Requested by
Host: tidycal.com
URL: https://tidycal.com/sabercpp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f64105163e4e348b050736ae42e0c0642677cbabe8240dc307a5424b9ee5dcea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tidycal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 16:16:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89233
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 27 Nov 2023 16:16:30 GMT
banner.js
platform.illow.io/ 		162 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.illow.io/banner.js?siteId=23109836-65ba-4d76-b41d-6dc0aed5aa7f
Requested by
Host: tidycal.com
URL: https://tidycal.com/sabercpp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.191.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-191-36.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca8c6ad895b870749f2686d9a3dbc21eedb41f7b05e7e51ced41bb05a73d9db5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tidycal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 14:45:47 GMT
x-amz-version-id
JaGXPYZK7AYyzhjpds4p0LHwxmoDIBmU
content-encoding
br
content-security-policy
upgrade-insecure-requests;
via
1.1 2e44a3b2c1d0f478404fb20d9971a778.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
HAM50-C2
age
5444
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 26 Nov 2023 23:33:43 GMT
server
AmazonS3
etag
W/"52aa61c726028e23111c48e0345536ef"
vary
Accept-Encoding, Origin
content-type
application/javascript;charset=UTF-8
permissions-policy
camera=(), microphone=(), geolocation=(), interest-cohort=()
x-amz-cf-id
6IdB5MxffwrcwIwA91Qhz980l1qR53pEgud8EdzP9Kg1RjeM3pRhTw==
app.css
assets.tidycal.com/css/ 		255 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.tidycal.com/css/app.css?id=28f55eb94c59ecf07138cd913cdee8a3
Requested by
Host: tidycal.com
URL: https://tidycal.com/sabercpp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
169-150-247-38.bunnyinfra.net
Software
BunnyCDN-DE1-1081 /
Resource Hash
945635cd9dba145d2c469beb762451af0e1e3e51f9117eacf1161a3cd35d44f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tidycal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 16:16:30 GMT
content-encoding
br
cdn-edgestorageid
1080
cdn-cachedat
11/22/2023 17:53:21
cdn-pullzone
440171
last-modified
Wed, 22 Nov 2023 17:36:24 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"3fd49-60ac128753600"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
62e58fc517270c11cbe41e9e6a4912cd
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
booking-page.js
assets.tidycal.com/js/ 		2 MB
459 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.tidycal.com/js/booking-page.js?id=62a1dd63a3537b82ac8d8d81939f6678
Requested by
Host: tidycal.com
URL: https://tidycal.com/sabercpp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
169-150-247-38.bunnyinfra.net
Software
BunnyCDN-DE1-1081 /
Resource Hash
bce850793a3cb8d39cd9ee742fbd03bf6591c400f52611cfe4c26c9f63e8bebb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tidycal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 16:16:30 GMT
content-encoding
br
cdn-edgestorageid
1081
cdn-cachedat
11/15/2023 17:16:37
cdn-pullzone
440171
last-modified
Wed, 15 Nov 2023 17:08:07 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"22b816-60a33f26b6bc0"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control
public, max-age=2592000
cdn-requestid
cadd543df5ff48e614914f9b70353597
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-MDNVPSWCJ1&gtm=45je3b81v872460421&_p=1701101790382&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1572346913.1701101790&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701101790&sct=1&seg=0&dl=https%3A%2F%2Ftidycal.com%2Fsabercpp&dt=Daniel%20%7C%20TidyCal&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.content_group=booking-page.show&tfd=1170
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MDNVPSWCJ1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tidycal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Nov 2023 16:16:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tidycal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Roboto-Regular.ttf
assets.tidycal.com/fonts/ 		167 KB
92 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.tidycal.com/fonts/Roboto-Regular.ttf
Requested by
Host: assets.tidycal.com
URL: https://assets.tidycal.com/css/app.css?id=28f55eb94c59ecf07138cd913cdee8a3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
169-150-247-38.bunnyinfra.net
Software
BunnyCDN-DE1-1081 /
Resource Hash
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed

Request headers

Referer
https://assets.tidycal.com/css/app.css?id=28f55eb94c59ecf07138cd913cdee8a3
Origin
https://tidycal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 16:16:30 GMT
content-encoding
br
cdn-edgestorageid
1080
cdn-cachedat
11/10/2023 20:18:27
cdn-pullzone
440171
last-modified
Thu, 09 Nov 2023 23:42:28 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"29d08-609c0c1ad6100"
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
746ad9d1d6a98247e6cff655d622db52
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
v3
js.stripe.com/ 		556 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: assets.tidycal.com
URL: https://assets.tidycal.com/js/booking-page.js?id=62a1dd63a3537b82ac8d8d81939f6678
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.92.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-92-113.ham50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
16125b67dd44a6df2eadad443e941af6085d45a67fad4421f2160d92fe605278
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tidycal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 16:16:27 GMT
content-encoding
br
via
1.1 7b39f60eed6e589bf869ce2ecfe6ab8c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
45
x-amz-cf-pop
HAM50-C1
x-cache
Hit from cloudfront
last-modified
Tue, 21 Nov 2023 22:18:19 GMT
server
Cloudfront
etag
W/"e28d4375fad3ffbfb5f7bdf0303a2787"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
0dMKn6pu3QQMV1l_bzCyzXn4w_V1M62Ir9ktPQh9UL1mctXsz__AyQ==
OKFPmUy6G3zAl19QoGjCr2t8l25k8RExd5LGAGXg.jpg
public-tidycal.s3.us-west-2.amazonaws.com/profile_pictures/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://public-tidycal.s3.us-west-2.amazonaws.com/profile_pictures/OKFPmUy6G3zAl19QoGjCr2t8l25k8RExd5LGAGXg.jpg
Requested by
Host: tidycal.com
URL: https://tidycal.com/sabercpp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.246.73 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
ac95d29fb26ad3dee0888fbe8988a617cacda31678acfcc164df976e11394a23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tidycal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Mon, 27 Nov 2023 16:16:32 GMT
Last-Modified
Sun, 26 Nov 2023 20:10:33 GMT
Server
AmazonS3
x-amz-request-id
GJAMAPSXENRHF343
ETag
"76a6a2fdeb2d05f41dea0e03d23f6ef2"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
21880
x-amz-id-2
0o0JShB3+IX+ZCuwXm25d3apWIDr/Snx7lPKNIZrXCcrKHzYECJFmj2sF07I+wI56VgRT9FRlyU=
Roboto-Bold.ttf
assets.tidycal.com/fonts/ 		166 KB
93 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.tidycal.com/fonts/Roboto-Bold.ttf
Requested by
Host: assets.tidycal.com
URL: https://assets.tidycal.com/css/app.css?id=28f55eb94c59ecf07138cd913cdee8a3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
169-150-247-38.bunnyinfra.net
Software
BunnyCDN-DE1-1081 /
Resource Hash
c9cc991deb5d27f267830a19f2301eb164d9e61ec08669c1a1a291c5620ff40a

Request headers

Referer
https://assets.tidycal.com/css/app.css?id=28f55eb94c59ecf07138cd913cdee8a3
Origin
https://tidycal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 16:16:30 GMT
content-encoding
br
cdn-edgestorageid
1082
cdn-cachedat
11/10/2023 20:19:18
cdn-pullzone
440171
last-modified
Thu, 09 Nov 2023 23:42:28 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"2996c-609c0c1ad6100"
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
c7ecd067b5ac58ead1fb3dd3742a5c30
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
Roboto-Italic.ttf
assets.tidycal.com/fonts/ 		169 KB
97 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.tidycal.com/fonts/Roboto-Italic.ttf
Requested by
Host: assets.tidycal.com
URL: https://assets.tidycal.com/css/app.css?id=28f55eb94c59ecf07138cd913cdee8a3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.38 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
169-150-247-38.bunnyinfra.net
Software
BunnyCDN-DE1-1081 /
Resource Hash
2c0958e0c7e9b63f36f672d3cccba14ca0d7ce2e3d6945b38e4ef3de35b79691

Request headers

Referer
https://assets.tidycal.com/css/app.css?id=28f55eb94c59ecf07138cd913cdee8a3
Origin
https://tidycal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 16:16:30 GMT
content-encoding
br
cdn-edgestorageid
1080
cdn-cachedat
11/10/2023 20:21:10
cdn-pullzone
440171
last-modified
Thu, 09 Nov 2023 23:42:28 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"2a5cc-609c0c1ad6100"
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
7cdde9ce7c43eb8c44f0ef54a0048eeb
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
en.json
platform.illow.io/translations/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://platform.illow.io/translations/en.json
Requested by
Host: platform.illow.io
URL: https://platform.illow.io/banner.js?siteId=23109836-65ba-4d76-b41d-6dc0aed5aa7f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.191.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-191-36.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
43218bd29a4e64a1cd09e8efa434d385bc0d02684674931ca6618937f9a50e3c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tidycal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 15:20:07 GMT
x-amz-version-id
UADu4v5.Ze9OFBh_lL1sqhQc.sJVfJmj
content-encoding
br
content-security-policy
upgrade-insecure-requests;
via
1.1 729c9decceac24f1bd37b7aa21870c5a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
HAM50-C2
age
3384
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 30 Oct 2023 19:00:39 GMT
server
AmazonS3
etag
W/"77719fb9677d5685302c54b9c8d9e6c5"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
permissions-policy
camera=(), microphone=(), geolocation=(), interest-cohort=()
x-amz-cf-id
zPXiBefUzisWckf-yhyszz32G4TDdZQhvSH35ZrsNQpcnjIse_SrLQ==
23109836-65ba-4d76-b41d-6dc0aed5aa7f
api.platform.illow.io/public/cookies/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.platform.illow.io/public/cookies/23109836-65ba-4d76-b41d-6dc0aed5aa7f
Requested by
Host: platform.illow.io
URL: https://platform.illow.io/banner.js?siteId=23109836-65ba-4d76-b41d-6dc0aed5aa7f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.132.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-132-229.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
edcdb0ba4da453f8a22077b3711c6562449a56d1190bcea67f0e29e0a965a410
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tidycal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 16:16:30 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
etag
W/"582-7SWEwBg4/eyQQwaO0j23JgHXhb0"
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-download-options
noopen
content-length
1410
x-xss-protection
0
configurations
api.platform.illow.io/public/cookies/23109836-65ba-4d76-b41d-6dc0aed5aa7f/ 		111 B
685 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.platform.illow.io/public/cookies/23109836-65ba-4d76-b41d-6dc0aed5aa7f/configurations
Requested by
Host: platform.illow.io
URL: https://platform.illow.io/banner.js?siteId=23109836-65ba-4d76-b41d-6dc0aed5aa7f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.132.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-132-229.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
05c8427d6d8b0d1b4f97fc054741238290cebbd114a5bfd0a322c11b5a93261a
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tidycal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 16:16:30 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
etag
W/"6f-g7PZmm7Hy7OEC/jfNecSd/2GHYY"
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-download-options
noopen
content-length
111
x-xss-protection
0
23109836-65ba-4d76-b41d-6dc0aed5aa7f
api.platform.illow.io/public/banner-customization/ 		634 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.platform.illow.io/public/banner-customization/23109836-65ba-4d76-b41d-6dc0aed5aa7f?lng=en
Requested by
Host: platform.illow.io
URL: https://platform.illow.io/banner.js?siteId=23109836-65ba-4d76-b41d-6dc0aed5aa7f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.132.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-132-229.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
b8a5e607cf4fea196da8f6f492cb29f99dfa18aa9bb32577dafd5d48f1494e17
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tidycal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 16:16:30 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
etag
W/"27a-L1BYN1bLRxHXa684PKlvQvSws7Q"
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-download-options
noopen
content-length
634
x-xss-protection
0
banner.css
platform.illow.io/ Frame 53B5 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://platform.illow.io/banner.css
Requested by
Host: platform.illow.io
URL: https://platform.illow.io/banner.js?siteId=23109836-65ba-4d76-b41d-6dc0aed5aa7f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.191.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-191-36.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5123b4c95f923ee22852c65f1809a70285c3491723d65e317f67da42b699b3c5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 14:46:03 GMT
x-amz-version-id
xXHmRSU2uFvKIGIXqLEVLikUoYh1HLbu
content-encoding
br
content-security-policy
upgrade-insecure-requests;
via
1.1 2e44a3b2c1d0f478404fb20d9971a778.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
HAM50-C2
age
5428
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 26 Nov 2023 23:33:41 GMT
server
AmazonS3
etag
W/"c93ec3cfeb4087aad5f1acb1c772df8a"
vary
Accept-Encoding, Origin
content-type
text/css
permissions-policy
camera=(), microphone=(), geolocation=(), interest-cohort=()
x-amz-cf-id
skTdokfRWAni18YXYVqTLXPP0b8qe1u_wLzgA4fvFFPx88URjsEPAg==
inter-1ZL7W0Q5nw.269fabf1.woff2
platform.illow.io/ Frame 53B5 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://platform.illow.io/inter-1ZL7W0Q5nw.269fabf1.woff2
Requested by
Host: platform.illow.io
URL: https://platform.illow.io/banner.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.191.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-191-36.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://platform.illow.io/banner.css
Origin
https://tidycal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 14:46:13 GMT
x-amz-version-id
ikNc8GH1zt8pchUZakC_1C8Op93LntiK
via
1.1 729c9decceac24f1bd37b7aa21870c5a.cloudfront.net (CloudFront)
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
HAM50-C2
age
5418
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
37780
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 26 Nov 2023 23:33:41 GMT
server
AmazonS3
etag
"e1b9f0ecaaebb12c93064cd3c406f82b"
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
permissions-policy
camera=(), microphone=(), geolocation=(), interest-cohort=()
accept-ranges
bytes
x-amz-cf-id
I7pYWxkpR4zTkOdGxkFj6ieMSo2EYjMwrulhonHOWOxe32fEPlBrNw==
inter-1ZL7W0Q5nw.269fabf1.woff2
platform.illow.io/ Frame 53B5 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://platform.illow.io/inter-1ZL7W0Q5nw.269fabf1.woff2
Requested by
Host: platform.illow.io
URL: https://platform.illow.io/banner.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.191.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-191-36.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://platform.illow.io/banner.css
Origin
https://tidycal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 14:46:13 GMT
x-amz-version-id
ikNc8GH1zt8pchUZakC_1C8Op93LntiK
via
1.1 729c9decceac24f1bd37b7aa21870c5a.cloudfront.net (CloudFront)
content-security-policy
upgrade-insecure-requests;
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
HAM50-C2
age
5418
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
37780
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 26 Nov 2023 23:33:41 GMT
server
AmazonS3
etag
"e1b9f0ecaaebb12c93064cd3c406f82b"
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
permissions-policy
camera=(), microphone=(), geolocation=(), interest-cohort=()
accept-ranges
bytes
x-amz-cf-id
H1rBuwst8NxElgUcH2RaADVuCW0TaiXWVSPpeoB6Tc6gEHYO_QdGsA==
m-outer-27c67c0d52761104439bb051c7856ab1.html
js.stripe.com/v3/ Frame 898B 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.92.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-92-113.ham50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tidycal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2123
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 27 Nov 2023 15:41:12 GMT
etag
"27c67c0d52761104439bb051c7856ab1"
last-modified
Fri, 03 Nov 2023 20:07:03 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 7b39f60eed6e589bf869ce2ecfe6ab8c.cloudfront.net (CloudFront)
x-amz-cf-id
plllmFsaF3PVBjlGevLbXDJc3e4WU5oQGABUT7b_-ErQVp-PrH0CTA==
x-amz-cf-pop
HAM50-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
m-outer-6576085ca35ee42f2f484cda6763e4aa.js
js.stripe.com/v3/fingerprinted/js/ Frame 898B 		631 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.92.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-92-113.ham50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 16:12:21 GMT
via
1.1 7b39f60eed6e589bf869ce2ecfe6ab8c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
252
x-amz-cf-pop
HAM50-C1
x-cache
Hit from cloudfront
content-length
631
last-modified
Fri, 03 Nov 2023 20:07:01 GMT
server
Cloudfront
etag
"70cacf09ae81711ac6dcbc5ee59750c4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Es85hZ_YWuuirzd8leFccXR5ZT_GwEjg-fpUysvar9phbkFCpQ2ppA==
csp-report
q.stripe.com/ Frame 898B 		0
715 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: tidycal.com
URL: https://tidycal.com/sabercpp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 27 Nov 2023 16:16:31 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1701101791858543
x-envoy-upstream-service-time
4
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1701101791856134
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 898B 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: tidycal.com
URL: https://tidycal.com/sabercpp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 27 Nov 2023 16:16:31 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1701101791856449
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1701101791856162
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
inner.html
m.stripe.network/ Frame 5D67 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
152
cache-control
max-age=300, public
content-encoding
br
content-length
540
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 27 Nov 2023 16:16:31 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
HIT
x-cache-hits
202
x-content-type-options
nosniff
x-request-id
a9dd5af5-f63c-4318-a29e-46150bd48a70
x-served-by
cache-fra-eddf8230132-FRA
x-timer
S1701101791.465665,VS0,VE0
csp-report
q.stripe.com/ Frame 5D67 		0
488 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: tidycal.com
URL: https://tidycal.com/sabercpp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 27 Nov 2023 16:16:31 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1701101791856927
x-envoy-upstream-service-time
3
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
1
x-stripe-client-envoy-start-time-us
1701101791856316
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame 5D67 		87 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Mon, 27 Nov 2023 16:16:31 GMT
x-content-type-options
nosniff
content-encoding
br
via
1.1 varnish
age
88
x-cache
HIT
content-length
15509
x-request-id
04a7659f-8a55-48ed-97f4-4c3b4baf6546
x-served-by
cache-fra-eddf8230132-FRA
server
Fastly
x-timer
S1701101791.475711,VS0,VE0
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
accept-ranges
bytes
x-cache-hits
120
6
m.stripe.com/ Frame 5D67 		156 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.37.229.91 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-229-91.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
9f630723c4ead4dd160096db7b30c4663418f4e910c5fa27239278bccf158be8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Mon, 27 Nov 2023 16:16:31 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1701101791964340
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
3
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1701101791963678
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| __tcfapiQueue function| __tcfapi object| TCGLOBALS object| intlTelInputGlobals object| intlTelInputUtils function| iFrameResize number| uidEvent function| axios function| trackAppSumoClick object| illow object| wibson object| webpackChunkStripeJSouter function| noop function| Stripe

5 Cookies

Domain/Path Name / Value
.tidycal.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IlJzMWdVR1VuK2p2bUZwS01ZaVRvZ3c9PSIsInZhbHVlIjoiUmp5L1JvYkV0YStPSHJCbTNaa01mcnBoNGUwWlBWejZERWM2aFFHRk5RRE1jczNtb29FeXB3YjdGOUZ1UnkxdnM1RU0rNU1Nc3JtbFkyanNwZ1VNUGJLTisxa2xqNDdacUQraEVxUExoYzdxbzY2MEltM3ZKT1BMRkNjUGo4MjEiLCJtYWMiOiIyN2Y3YzQ5NGQwMjljMjhiM2VjYjZlOWI2MDQ4MWJiYjYzYjY2NTJhOWFiMDVhOGI1ODNhMDIzYWZlOWM5MDczIiwidGFnIjoiIn0%3D
.tidycal.com/ Name: tidycal_session
Value: eyJpdiI6InFkb2doOGpLMStHUllOWDc4ajFSRlE9PSIsInZhbHVlIjoiR1RWTWowaFR2OVhZaUVXcEd2T3pKbllOUVBURWthZFpCbWVWVTdOaE8rVkRqc21OLzJPRGNGbXk5VzhVQ080MzYzbWFWakFOSUkvWnhjLzczUHAxMEs2NHRpM054WkE2dTkySUdVRWRLZVU1NEk4R0JyU0twaDRuYVpZaWFtZjYiLCJtYWMiOiJlYmFjNWYxM2ZlNGU0OTc1MThkNmE1NDRkMTAwODRlNDg4MzQwZDE5Y2NiMWZlYTMxZTQxZDA5ZTM5ZTBmYWI0IiwidGFnIjoiIn0%3D
m.stripe.com/ Name: m
Value: f7404949-9fc8-48cf-a145-dd4716b44eb5c5fe97
.tidycal.com/ Name: __stripe_mid
Value: 7e8f8319-59a1-4049-b93d-b4bed7435f9d9c828b
.tidycal.com/ Name: __stripe_sid
Value: e42d0d4d-cb15-4b8f-90b0-6d53fa857c4c931c2b

1 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.platform.illow.io
assets.tidycal.com
booking.sabercpp.com
js.stripe.com
m.stripe.com
m.stripe.network
platform.illow.io
public-tidycal.s3.us-west-2.amazonaws.com
q.stripe.com
region1.google-analytics.com
tidycal.com
www.googletagmanager.com
151.101.128.176
169.150.247.38
2001:4860:4802:34::36
2a00:1450:4001:810::2008
3.121.132.229
35.212.49.138
44.231.2.49
52.218.246.73
52.222.191.36
52.37.229.91
52.85.92.113
54.186.23.98
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed
05c8427d6d8b0d1b4f97fc054741238290cebbd114a5bfd0a322c11b5a93261a
16125b67dd44a6df2eadad443e941af6085d45a67fad4421f2160d92fe605278
2c0958e0c7e9b63f36f672d3cccba14ca0d7ce2e3d6945b38e4ef3de35b79691
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
39e72c0794c12f2dbb14a0f61ca946b535f795b1478fcf795bd26e5cb52ded34
43218bd29a4e64a1cd09e8efa434d385bc0d02684674931ca6618937f9a50e3c
5123b4c95f923ee22852c65f1809a70285c3491723d65e317f67da42b699b3c5
945635cd9dba145d2c469beb762451af0e1e3e51f9117eacf1161a3cd35d44f5
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9edc7d2935ad8d2af2eb147d7b1deac8dae161f9dac4ff277868a91458bf616b
9f630723c4ead4dd160096db7b30c4663418f4e910c5fa27239278bccf158be8
ac95d29fb26ad3dee0888fbe8988a617cacda31678acfcc164df976e11394a23
b8a5e607cf4fea196da8f6f492cb29f99dfa18aa9bb32577dafd5d48f1494e17
bce850793a3cb8d39cd9ee742fbd03bf6591c400f52611cfe4c26c9f63e8bebb
c9cc991deb5d27f267830a19f2301eb164d9e61ec08669c1a1a291c5620ff40a
ca8c6ad895b870749f2686d9a3dbc21eedb41f7b05e7e51ced41bb05a73d9db5
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edcdb0ba4da453f8a22077b3711c6562449a56d1190bcea67f0e29e0a965a410
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f64105163e4e348b050736ae42e0c0642677cbabe8240dc307a5424b9ee5dcea