urlscan.io logo urlscan.io
SecurityTrails logo

wellsr.com Open in urlscan Pro
2001:4860:4802:34::15  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://wellsr.com/
Effective URL: https://wellsr.com/
Submission: On May 07 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 3 countries across 13 domains to perform 124 HTTP transactions. The main IP is 2001:4860:4802:34::15, located in United States and belongs to GOOGLE, US. The main domain is wellsr.com.
TLS certificate: Issued by GTS CA 1D4 on March 30th 2022. Valid for: 3 months.
This is the only time wellsr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

27    2001:4860:4802:34::15 (United States)

ASN15169 (GOOGLE, US)
wellsr.com
10    2606:4700::6810:c119 (United States)

ASN13335 (CLOUDFLARENET, US)
gumroad.com
assets.gumroad.com
app.gumroad.com
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
docs.google.com
3    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
3    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
10    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
12    151.101.0.176 (United States)

ASN54113 (FASTLY, US)
js.stripe.com
1    2606:4700::6810:c019 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.gumroad.com
26    54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com
q.stripe.com
r.stripe.com
4    2a00:1450:400c:c0b::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
pay.google.com
2    2600:9000:223e:fe00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
1    54.148.50.223 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-50-223.us-west-2.compute.amazonaws.com
m.stripe.com
13    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
play.google.com
Apex Domain
Subdomains		 Transfer
39 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2561
q.stripe.com — Cisco Umbrella Rank: 14128
m.stripe.com — Cisco Umbrella Rank: 2153
r.stripe.com — Cisco Umbrella Rank: 8127
343 KB
27 wellsr.com
wellsr.com
405 KB
22 google.com
docs.google.com — Cisco Umbrella Rank: 308
www.google.com — Cisco Umbrella Rank: 20
pay.google.com — Cisco Umbrella Rank: 4137
play.google.com — Cisco Umbrella Rank: 69
402 KB
11 gumroad.com
gumroad.com — Cisco Umbrella Rank: 68641
assets.gumroad.com — Cisco Umbrella Rank: 110291
app.gumroad.com — Cisco Umbrella Rank: 134053
2 MB
10 gstatic.com
www.gstatic.com
569 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 111
3 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
40 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 2747
18 KB
2 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 2633
655 B
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 65
stats.g.doubleclick.net — Cisco Umbrella Rank: 175
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 142
83 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1595
5 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 126
15 KB
124 13
Domain Requested by
27 wellsr.com 1 redirects wellsr.com
21 r.stripe.com js.stripe.com
13 play.google.com www.gstatic.com
12 js.stripe.com app.gumroad.com
js.stripe.com
10 www.gstatic.com docs.google.com
www.gstatic.com
www.google.com
pay.google.com
7 assets.gumroad.com gumroad.com
app.gumroad.com
assets.gumroad.com
5 q.stripe.com wellsr.com
4 pay.google.com js.stripe.com
pay.google.com
wellsr.com
www.gstatic.com
3 app.gumroad.com assets.gumroad.com
app.gumroad.com
static.cloudflareinsights.com
3 fonts.googleapis.com docs.google.com
3 www.google.com wellsr.com
app.gumroad.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.gstatic.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 www.google.co.uk wellsr.com
2 docs.google.com wellsr.com
www.gstatic.com
2 www.googletagmanager.com wellsr.com
www.googletagmanager.com
1 m.stripe.com m.stripe.network
1 static.cloudflareinsights.com app.gumroad.com
1 stats.g.doubleclick.net www.google-analytics.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 gumroad.com wellsr.com
124 22

This site contains links to these domains. Also see Links.

Domain
gum.co
twitter.com
www.linkedin.com
Subject Issuer Validity Valid
wellsr.com
GTS CA 1D4		 2022-03-30 -
2022-06-28		 3 months crt.sh
gumroad.com
Cloudflare Inc ECC CA-3		 2022-01-06 -
2023-01-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
www.google.co.uk
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2022-04-19 -
2022-08-05		 4 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2022-06-09		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-11 -
2022-08-03		 4 months crt.sh

This page contains 9 frames:

Primary Page: https://wellsr.com/
Frame ID: 8B5A1B8BE23743A74352B5C7330AB314
Requests: 39 HTTP requests in this frame

Frame: https://docs.google.com/forms/d/e/1FAIpQLSf8G9O3_mae51Rc63GpA5QupQf2zuxoswmcsXrWxJpHm7H3cQ/viewform?embedded=true
Frame ID: 3230DBC59C4BAB47170133C25275AAFC
Requests: 10 HTTP requests in this frame

Frame: https://app.gumroad.com/overlay_page?all_permalinks%5Bgum.co%5D=vba-bundle%2Cvba-userforms%2Cvba-fund%2Cvba-loops%2Cvba-array%2Cvba-strings%2Cfile-io
Frame ID: F1FD55681FACC37359032A71C8F5D17A
Requests: 17 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-08a68483638f1673180e789f690b2a14.html
Frame ID: DA4F04E018C8EF5A938D34A7F44D07E0
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-253fff51c40ba8ada666d2d54dbfb338.html
Frame ID: 17213A4E861528B4B7FCE443D654B9BD
Requests: 25 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-f4eba57731b7811e6f94acd4cd0a0ed8.html
Frame ID: 5260BCC6A7C8FFABF590207DE717F8F5
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-f689c9fd347c1d66b4430aeaf044d196.html
Frame ID: 85C9D08E638D084841B15EE037FD929B
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 9360C2E09BDC278C1EB9908EB3F1635C
Requests: 4 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 5AA51AE3B1CB238574BFACF492116F18
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

wellsr.com - Write better macros in 7 days

Page URL History Show full URLs

  1. http://wellsr.com/ HTTP 301
    https://wellsr.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

124
Requests

100 %
HTTPS

80 %
IPv6

13
Domains

22
Subdomains

21
IPs

3
Countries

3990 kB
Transfer

13804 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://wellsr.com/ HTTP 301
    https://wellsr.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

124 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wellsr.com/
Redirect Chain
  • http://wellsr.com/
  • https://wellsr.com/
35 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wellsr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
d1e879130612b39a0fb5f22546cdbc46a9ff590eb355918ae4add16fa1f387a9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
public, max-age=2764800
content-encoding
gzip
content-type
text/html
date
Sat, 07 May 2022 02:46:17 GMT
etag
"8dAiQw"
expires
Wed, 08 Jun 2022 02:46:17 GMT
server
Google Frontend
x-cloud-trace-context
715779d608b52bff1434cccef482825b

Redirect headers

Content-Length
0
Content-Type
text/html
Date
Sat, 07 May 2022 02:46:17 GMT
Location
https://wellsr.com/
Server
Google Frontend
X-Cloud-Trace-Context
5c62447caaac250e7c0b5769c0712366;o=1
bootstrap.css
wellsr.com/vba/assets/css/ 		106 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wellsr.com/vba/assets/css/bootstrap.css
Requested by
Host: wellsr.com
URL: https://wellsr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
48d562fc8562321ea2ec8f6c728d05a7daa3caa9270328463b75a652d1590e59

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:18 GMT
content-encoding
gzip
server
Google Frontend
etag
"8dAiQw"
content-type
text/css
x-cloud-trace-context
742cab1d2855cbc5079953c3533d4439
cache-control
public, max-age=2764800
expires
Wed, 08 Jun 2022 02:46:18 GMT
main.css
wellsr.com/vba/assets/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wellsr.com/vba/assets/css/main.css?v=1.2
Requested by
Host: wellsr.com
URL: https://wellsr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
2e820292fbcccd43c24653088437425858d8d7d8cde8899e71f38c3e57a76cbc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:18 GMT
content-encoding
gzip
server
Google Frontend
etag
"8dAiQw"
content-type
text/css
x-cloud-trace-context
6f980cc83827e492935fb3308c648cd6
cache-control
public, max-age=2764800
expires
Wed, 08 Jun 2022 02:46:18 GMT
RyanWells.jpg
wellsr.com/vba/assets/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wellsr.com/vba/assets/img/RyanWells.jpg
Requested by
Host: wellsr.com
URL: https://wellsr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
82a7b891e41b6b701e84741115485bdc91997e0bce9f272896ea2fb268c25f09

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:18 GMT
cache-control
public, max-age=2764800
expires
Wed, 08 Jun 2022 02:46:18 GMT
server
Google Frontend
etag
"8dAiQw"
x-cloud-trace-context
de32b629fed607d15467206b2f1da725
content-type
image/jpeg
vba-cheat-sheet-BUNDLE-900x400-6cs-2.png
wellsr.com/vba/assets/img/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wellsr.com/vba/assets/img/vba-cheat-sheet-BUNDLE-900x400-6cs-2.png
Requested by
Host: wellsr.com
URL: https://wellsr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c6528f91115f2a2c00bd814ccdb64e7c7ca11b00be4a9726827522f06dbbde89

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:18 GMT
cache-control
public, max-age=2764800
expires
Wed, 08 Jun 2022 02:46:18 GMT
server
Google Frontend
etag
"8dAiQw"
x-cloud-trace-context
6f980cc83827e492935fb3308c648cd6
content-type
image/png
vba-cheat-sheet-userforms-700x350.png
wellsr.com/vba/assets/img/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wellsr.com/vba/assets/img/vba-cheat-sheet-userforms-700x350.png
Requested by
Host: wellsr.com
URL: https://wellsr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
1bd984ee0dbd6abdfddb3f8a524a0f543de242a323d5618564bd9070affc5922

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:18 GMT
cache-control
public, max-age=2764800
expires
Wed, 08 Jun 2022 02:46:18 GMT
server
Google Frontend
etag
"8dAiQw"
x-cloud-trace-context
742cab1d2855cbc5079953c3533d4439
content-type
image/png
vba-cheat-sheet-fundamentals-700x350-2.png
wellsr.com/vba/assets/img/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wellsr.com/vba/assets/img/vba-cheat-sheet-fundamentals-700x350-2.png
Requested by
Host: wellsr.com
URL: https://wellsr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
8798a316b058a55eec257e5e318b4ef51006d76fae343f4423931420c4ad7115

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:18 GMT
cache-control
public, max-age=2764800
expires
Wed, 08 Jun 2022 02:46:18 GMT
server
Google Frontend
etag
"8dAiQw"
x-cloud-trace-context
6f980cc83827e492935fb3308c648cd6
content-type
image/png
vba-cheat-sheet-logic-and-loops-700x350-2.png
wellsr.com/vba/assets/img/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wellsr.com/vba/assets/img/vba-cheat-sheet-logic-and-loops-700x350-2.png
Requested by
Host: wellsr.com
URL: https://wellsr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
a6f8e4ba6c96ab328d4ea5f464dbe8669f45e4bcd5d2870c98131d01dd54148b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:18 GMT
cache-control
public, max-age=2764800
expires
Wed, 08 Jun 2022 02:46:18 GMT
server
Google Frontend
etag
"8dAiQw"
x-cloud-trace-context
6f980cc83827e492935fb3308c648cd6
content-type
image/png
vba-cheat-sheet-arrays-700x350-2.png
wellsr.com/vba/assets/img/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wellsr.com/vba/assets/img/vba-cheat-sheet-arrays-700x350-2.png
Requested by
Host: wellsr.com
URL: https://wellsr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
8beb91faabf6915f70e400e6baec47aa0a164f909ab1f5d0e8fe13437b7409fe

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:18 GMT
cache-control
public, max-age=2764800
expires
Wed, 08 Jun 2022 02:46:18 GMT
server
Google Frontend
etag
"8dAiQw"
x-cloud-trace-context
9c223631b3ce4d8d16856c86503c834f
content-type
image/png
vba-cheat-sheet-strings-700x350.png
wellsr.com/vba/assets/img/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wellsr.com/vba/assets/img/vba-cheat-sheet-strings-700x350.png
Requested by
Host: wellsr.com
URL: https://wellsr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4551cf03541f48dddca3dedf7c0e3b6c95a273266590ddd0d90a82a63c6ef8d1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:18 GMT
cache-control
public, max-age=2764800
expires
Wed, 08 Jun 2022 02:46:18 GMT
server
Google Frontend
etag
"8dAiQw"
x-cloud-trace-context
9533ac1cc3518af2c7e5f1e598e74939
content-type
image/png
vba-cheat-sheet-FILE-IO-700x350.png
wellsr.com/vba/assets/img/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wellsr.com/vba/assets/img/vba-cheat-sheet-FILE-IO-700x350.png
Requested by
Host: wellsr.com
URL: https://wellsr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
3a16557efb933ed279d279d91759f4d41be6bf026f8837b14b533990391a80be

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:18 GMT
cache-control
public, max-age=2764800
expires
Wed, 08 Jun 2022 02:46:18 GMT
server
Google Frontend
etag
"8dAiQw"
x-cloud-trace-context
7289cc5dda9a0ab2f8935652adcd9d2c
content-type
image/png
VBA-Code-Library.png
wellsr.com/vba/assets/img/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wellsr.com/vba/assets/img/VBA-Code-Library.png
Requested by
Host: wellsr.com
URL: https://wellsr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
f7be445ab455d46dbd2b95b1ecfe06a7a22dbe84756525f33ec234b45db48e96

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:18 GMT
cache-control
public, max-age=2764800
expires
Wed, 08 Jun 2022 02:46:18 GMT
server
Google Frontend
etag
"8dAiQw"
x-cloud-trace-context
742cab1d2855cbc5079953c3533d4439
content-type
image/png
2017-08-02-vba-progress-bar-header.png
wellsr.com/vba/assets/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wellsr.com/vba/assets/images/2017-08-02-vba-progress-bar-header.png
Requested by
Host: wellsr.com
URL: https://wellsr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4871fb15ea4f7a00a78189ab49f2eca3ec80772cf54932d0546930cb53f169fb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:18 GMT
cache-control
public, max-age=2764800
expires
Wed, 08 Jun 2022 02:46:18 GMT
server
Google Frontend
etag
"8dAiQw"
x-cloud-trace-context
07c8bb747dd2ea072c6156c7d0472f65
content-type
image/png
2016-02-26-Excel-Splash-Screen-Header.png
wellsr.com/vba/assets/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wellsr.com/vba/assets/images/2016-02-26-Excel-Splash-Screen-Header.png
Requested by
Host: wellsr.com
URL: https://wellsr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4405f54624e1d4129bb3f9be1187cb760a64478bd91125294da82034c366148a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:18 GMT
cache-control
public, max-age=2764800
expires
Wed, 08 Jun 2022 02:46:18 GMT
server
Google Frontend
etag
"8dAiQw"
x-cloud-trace-context
3aa1f18f29b730676224b05eb2157dec
content-type
image/png
VBA-Guide-Form-Control-Checkboxes.png
wellsr.com/vba/assets/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wellsr.com/vba/assets/images/VBA-Guide-Form-Control-Checkboxes.png
Requested by
Host: wellsr.com
URL: https://wellsr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
05f7d1e011f36877cc3c0b5a5ec0e5c3913097478bcdee36dc335b7cae672c58

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:18 GMT
cache-control
public, max-age=2764800
expires
Wed, 08 Jun 2022 02:46:18 GMT
server
Google Frontend
etag
"8dAiQw"
x-cloud-trace-context
de32b629fed607d15467206b2f1da725
content-type
image/png
2016-01-05-Dot-Grid-Paper-Macro.png
wellsr.com/vba/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wellsr.com/vba/assets/images/2016-01-05-Dot-Grid-Paper-Macro.png
Requested by
Host: wellsr.com
URL: https://wellsr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
8d2740ad102451a54ca634d1d0042ec4f508d43b49a7d942f0b98bea01a248ed

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:18 GMT
cache-control
public, max-age=2764800
expires
Wed, 08 Jun 2022 02:46:18 GMT
server
Google Frontend
etag
"8dAiQw"
x-cloud-trace-context
93268bb0d29a9d2b8e76ff9595a561f8
content-type
image/png
2017-04-07-show-system-tray-notification-balloon-when-macro-is-done.png
wellsr.com/vba/assets/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wellsr.com/vba/assets/images/2017-04-07-show-system-tray-notification-balloon-when-macro-is-done.png
Requested by
Host: wellsr.com
URL: https://wellsr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4802bae394c28f4b8eeae34823280b32ee80c159d58b188d1dccf7af1256a48d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:18 GMT
cache-control
public, max-age=2764800
expires
Wed, 08 Jun 2022 02:46:18 GMT
server
Google Frontend
etag
"8dAiQw"
x-cloud-trace-context
e8471b4d2c131b348f1a3afc268665db
content-type
image/png
2018-01-12-vba-sleep.png
wellsr.com/vba/assets/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wellsr.com/vba/assets/images/2018-01-12-vba-sleep.png
Requested by
Host: wellsr.com
URL: https://wellsr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
5aaf5f4ca5429e1827c57a37cc8e8dab12b2e87d5b529f7272e7deb73f7a5d5b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:18 GMT
cache-control
public, max-age=2764800
expires
Wed, 08 Jun 2022 02:46:18 GMT
server
Google Frontend
etag
"8dAiQw"
x-cloud-trace-context
baee31a09041d6e17736d1a1ed761c71
content-type
image/png
2017-12-10-change-vba-msgbox-text-color.png
wellsr.com/vba/assets/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wellsr.com/vba/assets/images/2017-12-10-change-vba-msgbox-text-color.png
Requested by
Host: wellsr.com
URL: https://wellsr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
5183cd9fad19d719abb094176d8bba3332e4f15579c351f394b7ea51623b5fb2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:18 GMT
cache-control
public, max-age=2764800
expires
Wed, 08 Jun 2022 02:46:18 GMT
server
Google Frontend
etag
"8dAiQw"
x-cloud-trace-context
3aa1f18f29b730676224b05eb2157dec
content-type
image/png
font-awesome.min.css
wellsr.com/vba/assets/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wellsr.com/vba/assets/css/font-awesome.min.css
Requested by
Host: wellsr.com
URL: https://wellsr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:18 GMT
content-encoding
gzip
server
Google Frontend
etag
"8dAiQw"
content-type
text/css
x-cloud-trace-context
6f980cc83827e492935fb3308c648cd6
cache-control
public, max-age=2764800
expires
Wed, 08 Jun 2022 02:46:18 GMT
modernizr.custom.js
wellsr.com/vba/assets/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wellsr.com/vba/assets/js/modernizr.custom.js
Requested by
Host: wellsr.com
URL: https://wellsr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
5bed074367042548e1f1ce7d18ba273b797a7a142899b5fdafabf24aa17bb645

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:18 GMT
content-encoding
gzip
server
Google Frontend
etag
"8dAiQw"
content-type
text/plain
x-cloud-trace-context
6f980cc83827e492935fb3308c648cd6
cache-control
public, max-age=2764800
expires
Wed, 08 Jun 2022 02:46:18 GMT
gumroad.js
gumroad.com/js/ 		245 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gumroad.com/js/gumroad.js
Requested by
Host: wellsr.com
URL: https://wellsr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a82a276949088b9ec85293bec302a5917923d6daff21bba3edc7ddc3c54d5582
Security Headers
Name Value
Content-Security-Policy default-src https 'self'; child-src * data: blob:; connect-src 'self' bam.nr-data.net www.dropbox.com api.dropboxapi.com s3.amazonaws.com/gumroad s3.amazonaws.com/gumroad/ gumroad-public-storage.s3.amazonaws.com gumroad-public-storage.s3.amazonaws.com/ s3.amazonaws.com/gumroad-public-storage s3.amazonaws.com/gumroad-public-storage/ www.google.com www.gstatic.com *.facebook.com *.facebook.net www.google-analytics.com *.g.doubleclick.net www.googletagmanager.com files.gumroad.com/ d1bdh6c3ceakz5.cloudfront.net/ *.braintreegateway.com www.paypalobjects.com *.paypal.com *.braintree-api.com iframe.ly app.gumroad.com; font-src * data: blob:; frame-src * data: blob:; img-src * data: blob:; media-src * data: blob:; object-src * data: blob:; script-src 'self' 'unsafe-eval' ajax.cloudflare.com static.cloudflareinsights.com js.stripe.com api.stripe.com *.braintreegateway.com *.braintree-api.com www.paypalobjects.com *.paypal.com www.google-analytics.com ssl.google-analytics.com www.googletagmanager.com optimize.google.com www.googleadservices.com www.google.com www.gstatic.com *.facebook.net *.facebook.com *.newrelic.com *.nr-data.net www.dropbox.com s.ytimg.com cdn.iframe.ly *.jwpcdn.com content.jwplatform.com/libraries/3vz4Z4wu.js *.jwpsrv.com blob: 'self' data: gumroad.us3.list-manage.com analytics.twitter.com app.gumroad.com assets.gumroad.com; style-src 'self' 'unsafe-inline' s.ytimg.com ssl.p.jwpcdn.com optimize.google.com assets.gumroad.com; worker-src * data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-permitted-cross-domain-policies
none
x-revision
c1c791bebef0
x-xss-protection
1; mode=block
x-request-id
9f872351-a4b6-4cd4-a19b-7a4929f60446
x-runtime
0.004944
server
cloudflare
etag
W/"a82a276949088b9ec85293bec302a591"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
x-download-options
noopen
content-type
text/javascript; charset=utf-8
vary
Origin, Accept-Encoding
cache-control
public, max-age=3600
content-security-policy
default-src https 'self'; child-src * data: blob:; connect-src 'self' bam.nr-data.net www.dropbox.com api.dropboxapi.com s3.amazonaws.com/gumroad s3.amazonaws.com/gumroad/ gumroad-public-storage.s3.amazonaws.com gumroad-public-storage.s3.amazonaws.com/ s3.amazonaws.com/gumroad-public-storage s3.amazonaws.com/gumroad-public-storage/ www.google.com www.gstatic.com *.facebook.com *.facebook.net www.google-analytics.com *.g.doubleclick.net www.googletagmanager.com files.gumroad.com/ d1bdh6c3ceakz5.cloudfront.net/ *.braintreegateway.com www.paypalobjects.com *.paypal.com *.braintree-api.com iframe.ly app.gumroad.com; font-src * data: blob:; frame-src * data: blob:; img-src * data: blob:; media-src * data: blob:; object-src * data: blob:; script-src 'self' 'unsafe-eval' ajax.cloudflare.com static.cloudflareinsights.com js.stripe.com api.stripe.com *.braintreegateway.com *.braintree-api.com www.paypalobjects.com *.paypal.com www.google-analytics.com ssl.google-analytics.com www.googletagmanager.com optimize.google.com www.googleadservices.com www.google.com www.gstatic.com *.facebook.net *.facebook.com *.newrelic.com *.nr-data.net www.dropbox.com s.ytimg.com cdn.iframe.ly *.jwpcdn.com content.jwplatform.com/libraries/3vz4Z4wu.js *.jwpsrv.com blob: 'self' data: gumroad.us3.list-manage.com analytics.twitter.com app.gumroad.com assets.gumroad.com; style-src 'self' 'unsafe-inline' s.ytimg.com ssl.p.jwpcdn.com optimize.google.com assets.gumroad.com; worker-src * data: blob:
cf-ray
70769fdabd4671a2-LHR
x-gr
PROD
expires
Sat, 07 May 2022 03:46:18 GMT
js
www.googletagmanager.com/gtag/ 		104 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-54273882-1
Requested by
Host: wellsr.com
URL: https://wellsr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3916e5f1565a790aa99db8ee22796ebbe5e19aaeaf579c42cd9a57e8874e99fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:18 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40726
x-xss-protection
0
last-modified
Sat, 07 May 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 07 May 2022 02:46:18 GMT
jquery-2.1.3.min.js
wellsr.com/vba/assets/js/ 		82 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wellsr.com/vba/assets/js/jquery-2.1.3.min.js
Requested by
Host: wellsr.com
URL: https://wellsr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:18 GMT
content-encoding
gzip
server
Google Frontend
etag
"8dAiQw"
content-type
text/plain
x-cloud-trace-context
6f980cc83827e492935fb3308c648cd6
cache-control
public, max-age=2764800
expires
Wed, 08 Jun 2022 02:46:18 GMT
bootstrap.min.js
wellsr.com/vba/assets/js/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wellsr.com/vba/assets/js/bootstrap.min.js
Requested by
Host: wellsr.com
URL: https://wellsr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
3e460b21839bf49543aeac626269114e5bc49092a516d7e94da7dbaee582bfd6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:18 GMT
content-encoding
gzip
server
Google Frontend
etag
"8dAiQw"
content-type
text/plain
x-cloud-trace-context
e00e38b938a3ded501ec79509eb7876a
cache-control
public, max-age=2764800
expires
Wed, 08 Jun 2022 02:46:18 GMT
viewform
docs.google.com/forms/d/e/1FAIpQLSf8G9O3_mae51Rc63GpA5QupQf2zuxoswmcsXrWxJpHm7H3cQ/ Frame 3230 		40 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://docs.google.com/forms/d/e/1FAIpQLSf8G9O3_mae51Rc63GpA5QupQf2zuxoswmcsXrWxJpHm7H3cQ/viewform?embedded=true
Requested by
Host: wellsr.com
URL: https://wellsr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ea9b0050528f760da37a45435d5383e1f5dddbb628c0a7c0b353d5670201f13f
Security Headers
Name Value
Content-Security-Policy base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-OyNF4t1SuxojDs/zVFO9zw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wellsr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-OyNF4t1SuxojDs/zVFO9zw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
content-type
text/html; charset=utf-8
date
Sat, 07 May 2022 02:46:18 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
GSE
x-content-type-options
nosniff
x-robots-tag
noindex, nofollow, nosnippet
x-xss-protection
1; mode=block
wellsrPRO-colored-header.png
wellsr.com/vba/assets/img/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wellsr.com/vba/assets/img/wellsrPRO-colored-header.png
Requested by
Host: wellsr.com
URL: https://wellsr.com/vba/assets/css/main.css?v=1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
64a7799ea4ca1af9266ab31268a843e5619daaf0c75d477e98635e323bb1555c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsr.com/vba/assets/css/main.css?v=1.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:18 GMT
cache-control
public, max-age=2764800
expires
Wed, 08 Jun 2022 02:46:18 GMT
server
Google Frontend
etag
"8dAiQw"
x-cloud-trace-context
e604ca3d32d3ae4d9036c3925e68a503
content-type
image/png
fontawesome-webfont.woff2
wellsr.com/vba/assets/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wellsr.com/vba/assets/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: wellsr.com
URL: https://wellsr.com/vba/assets/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://wellsr.com/vba/assets/css/font-awesome.min.css
Origin
https://wellsr.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:18 GMT
cache-control
public, max-age=2764800
expires
Wed, 08 Jun 2022 02:46:18 GMT
server
Google Frontend
etag
"8dAiQw"
x-cloud-trace-context
e604ca3d32d3ae4d9036c3925e68a503
content-type
application/octet-stream
glyphicons-halflings-regular.woff
wellsr.com/vba/assets/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wellsr.com/vba/assets/fonts/glyphicons-halflings-regular.woff
Requested by
Host: wellsr.com
URL: https://wellsr.com/vba/assets/css/bootstrap.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
63faf0af44a428f182686f0d924bb30e369a9549630c7b98a969394f58431067

Request headers

Referer
https://wellsr.com/vba/assets/css/bootstrap.css
Origin
https://wellsr.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:18 GMT
cache-control
public, max-age=2764800
expires
Wed, 08 Jun 2022 02:46:18 GMT
server
Google Frontend
etag
"8dAiQw"
x-cloud-trace-context
e604ca3d32d3ae4d9036c3925e68a503
content-type
application/octet-stream
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-54273882-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4288
date
Sat, 07 May 2022 01:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 07 May 2022 03:34:50 GMT
js
www.googletagmanager.com/gtag/ 		111 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-963968006&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-54273882-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
183d815bca871c9931d361fbaafe89cfd9c18bd3327c2bfbdd56fb64352cbccd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:18 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44166
x-xss-protection
0
last-modified
Sat, 07 May 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 07 May 2022 02:46:18 GMT
gumroad-overlay-a64c26f43cba0121e3bc447ef2addcd677643f326633a598a0b35be993d5fe47.js
assets.gumroad.com/assets/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.gumroad.com/assets/gumroad-overlay-a64c26f43cba0121e3bc447ef2addcd677643f326633a598a0b35be993d5fe47.js
Requested by
Host: gumroad.com
URL: https://gumroad.com/js/gumroad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc54dc10df64f97c9d16ef10113b122fd8f7f9a2b420d6d052730803d767a081

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:18 GMT
via
1.1 ea71b96212c28d5f0611046b8d2932f6.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
5568334
x-cache
Miss from cloudfront
last-modified
Thu, 03 Mar 2022 15:47:50 GMT
content-encoding
br
cf-bgj
minify
server
cloudflare
etag
W/"11704e1bd3072c8e89b636b50f02276f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-pop
MIA3-C4
cf-ray
70769fdcae8871a2-LHR
x-amz-cf-id
t1uqtpeyTgHMw8YBJcJ_3_LjflUEp2QE107U_NgeTnvTYcn6aA9Gww==
expires
Sun, 07 May 2023 02:46:18 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-963968006&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
89ba0d4f6cf9500041778760fea24e37c6de04955c6a62b5435c64b600423749
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14865
x-xss-protection
0
server
cafe
etag
2710672821686371805
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 07 May 2022 02:46:18 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1026264567&t=pageview&_s=1&dl=https%3A%2F%2Fwellsr.com%2F&ul=en-us&de=UTF-8&dt=wellsr.com%20-%20Write%20better%20macros%20in%207%20days&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1197150690&gjid=608710588&cid=1137792819.1651891578&tid=UA-54273882-1&_gid=91187902.1651891578&_r=1&gtm=2ou540&z=2114758845
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wellsr.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 07 May 2022 02:46:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wellsr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/963968006/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/963968006/?random=1651891578517&cv=9&fst=1651891578517&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwellsr.com%2F&tiba=wellsr.com%20-%20Write%20better%20macros%20in%207%20days&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
63e402e751c5b0e0c08e35552e7a3b568dfe089c17461a801fe51210afbbe545
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 May 2022 02:46:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1042
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-54273882-1&cid=1137792819.1651891578&jid=1197150690&gjid=608710588&_gid=91187902.1651891578&_u=YEBAAUAAAAAAAC~&z=860005280
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wellsr.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 07 May 2022 02:46:18 GMT
content-type
text/plain
access-control-allow-origin
https://wellsr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-54273882-1&cid=1137792819.1651891578&jid=1197150690&_u=YEBAAUAAAAAAAC~&z=818492495
Requested by
Host: wellsr.com
URL: https://wellsr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 May 2022 02:46:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-54273882-1&cid=1137792819.1651891578&jid=1197150690&_u=YEBAAUAAAAAAAC~&z=818492495
Requested by
Host: wellsr.com
URL: https://wellsr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 May 2022 02:46:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
icon
fonts.googleapis.com/ Frame 3230 		616 B
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons+Extended
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSf8G9O3_mae51Rc63GpA5QupQf2zuxoswmcsXrWxJpHm7H3cQ/viewform?embedded=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7f50ba7f71d671e13629f319f4473ee86c2838291f6fe2aee64cc648a9508de9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 07 May 2022 02:46:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 07 May 2022 02:46:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 07 May 2022 02:46:18 GMT
rs=AMjVe6jLLnrd3x2ikdjR9C751EyuHgaDNw
www.gstatic.com/_/freebird/_/ss/k=freebird.v.R46qnXQkJRs.L.W.O/d=1/ Frame 3230 		422 KB
69 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/freebird/_/ss/k=freebird.v.R46qnXQkJRs.L.W.O/d=1/rs=AMjVe6jLLnrd3x2ikdjR9C751EyuHgaDNw
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSf8G9O3_mae51Rc63GpA5QupQf2zuxoswmcsXrWxJpHm7H3cQ/viewform?embedded=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c0ddac859dc295a993f2f028035839fbcc56ebda9837c1ef3d36a257c31228b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 07:11:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
243310
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70487
x-xss-protection
0
last-modified
Tue, 03 May 2022 02:28:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-forms"
vary
Accept-Encoding, Origin
report-to
{"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 May 2023 07:11:08 GMT
css
fonts.googleapis.com/ Frame 3230 		18 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSf8G9O3_mae51Rc63GpA5QupQf2zuxoswmcsXrWxJpHm7H3cQ/viewform?embedded=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
69a686db46a18fcbcf62cd22463c95fa7b145a8a528bdfa50548504af19cf4ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 07 May 2022 01:03:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 07 May 2022 02:46:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 07 May 2022 02:46:18 GMT
css
fonts.googleapis.com/ Frame 3230 		1 KB
530 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSf8G9O3_mae51Rc63GpA5QupQf2zuxoswmcsXrWxJpHm7H3cQ/viewform?embedded=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
efcfd5f131f020f9bb29522378f775dfec4bbfff377a5ed0f4526818ead60a7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 07 May 2022 01:08:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 07 May 2022 02:46:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 07 May 2022 02:46:18 GMT
googlelogo_dark_clr_74x24px.svg
www.gstatic.com/images/branding/googlelogo/svg/ Frame 3230 		1 KB
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_dark_clr_74x24px.svg
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSf8G9O3_mae51Rc63GpA5QupQf2zuxoswmcsXrWxJpHm7H3cQ/viewform?embedded=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4af84efe90891185d9b29a841181ca9d26d7560864ea47b6cd709d3b964aee3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 16:43:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
468175
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
689
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 01 May 2023 16:43:23 GMT
m=viewer_base
www.gstatic.com/_/freebird/_/js/k=freebird.v.en_GB.R1Eb5tay5K8.O/d=1/rs=AMjVe6j1ltnjxRQ-AjHQ3Qw5hQ-t-P66vQ/ Frame 3230 		346 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/freebird/_/js/k=freebird.v.en_GB.R1Eb5tay5K8.O/d=1/rs=AMjVe6j1ltnjxRQ-AjHQ3Qw5hQ-t-P66vQ/m=viewer_base
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/e/1FAIpQLSf8G9O3_mae51Rc63GpA5QupQf2zuxoswmcsXrWxJpHm7H3cQ/viewform?embedded=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
974588d6b1f61fd9d11f999246be4165801656c20e0b3a6f4dbbeab527a01843
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 04 May 2022 16:33:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
209596
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115610
x-xss-protection
0
last-modified
Mon, 02 May 2022 22:25:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-forms"
vary
Accept-Encoding, Origin
report-to
{"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 04 May 2023 16:33:02 GMT
/
www.google.com/pagead/1p-user-list/963968006/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/963968006/?random=1651891578517&cv=9&fst=1651888800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwellsr.com%2F&tiba=wellsr.com%20-%20Write%20better%20macros%20in%207%20days&async=1&fmt=3&is_vtc=1&random=3019115480&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: wellsr.com
URL: https://wellsr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 May 2022 02:46:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.uk/pagead/1p-user-list/963968006/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/pagead/1p-user-list/963968006/?random=1651891578517&cv=9&fst=1651888800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa540&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwellsr.com%2F&tiba=wellsr.com%20-%20Write%20better%20macros%20in%207%20days&async=1&fmt=3&is_vtc=1&random=3019115480&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: wellsr.com
URL: https://wellsr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wellsr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 May 2022 02:46:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m=MpJwZc,n73qwf,syv,ws9Tlc,sy0,syl,sym,syn,sy1,syo,syu,sy30,sy31,V3dDOb,sy2h,gkf10d,j2YlP,sy4,sy5,sy1s,sy1u,sy1t,sy1r,OShpD,syk,syq,syw,syp,syx,sy17,sy3l,A4UTCb,sy2,owcnme,sy1v,sy1x,sy2m,Sk9apb,J8m...
www.gstatic.com/_/freebird/_/js/k=freebird.v.en_GB.R1Eb5tay5K8.O/d=0/rs=AMjVe6j1ltnjxRQ-AjHQ3Qw5hQ-t-P66vQ/ Frame 3230 		424 KB
135 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/freebird/_/js/k=freebird.v.en_GB.R1Eb5tay5K8.O/d=0/rs=AMjVe6j1ltnjxRQ-AjHQ3Qw5hQ-t-P66vQ/m=MpJwZc,n73qwf,syv,ws9Tlc,sy0,syl,sym,syn,sy1,syo,syu,sy30,sy31,V3dDOb,sy2h,gkf10d,j2YlP,sy4,sy5,sy1s,sy1u,sy1t,sy1r,OShpD,syk,syq,syw,syp,syx,sy17,sy3l,A4UTCb,sy2,owcnme,sy1v,sy1x,sy2m,Sk9apb,J8mJTc,UUJqVe,CP1oW,sy2k,gZjhIf,sy1f,sy1e,sy7,sy1c,sys,sy1g,pxq3x,syf,syt,O6y8ed,sy38,sy39,sy3b,sy2u,sy3a,sy3c,Xhpexc,Q91hve,sy8,sy2s,sy2q,mRfQQ,sy3e,sy3d,CFa0o,sy3m,VXdfxd,szrus,sy3x,sy3y,sy3v,sy42,sy3w,sy3z,sy43,sy40,sy41,sy44,s39S4,sy1a,ENNBBf,syh,cEt90b,L1AAkb,KUM7Z,QvB8bb,bCfhJc,sy2l,sy37,u9ZRK,pItcJd,yZuGp,aW3pY,sy2x,sy2y,sy2z,I6YDgd,sy3n,N5Lqpc,sy12,syy,sy11,syz,sy13,sy14,sy1d,sy10,sy15,sy16,sy18,sy19,sy1b,sy1h,fgj8Rb,sy62,yxTchf,sy63,sy64,xQtZb,IvDHfc,sy3f,sy3g,sy3j,sy36,sy2j,i5dxUd,sy3h,sy3i,sy3k,sy3p,sy3t,sy34,wg1P6b,EcW08c,sy3o,sy3q,sy3r,sy3s,t8tqF,p2tbsc,sye,sy1k,sy2w,LxALBf,sy33,sy35,sy52,sy53,vofJp,qddgKe,sy4j,SM1lmd,QwQO1b,WdhPgc,sy1z,sy24,sy1w,sy2v,QMSdQb,JCrucd,ok0nye,sy22,sy23,xmYr4,sy9,sy2t,sy3u,sy4a,sy45,sy4b,sy47,sy4e,sy4f,sy4h,sy46,sy4d,sy4g,sbHRWb,RGrRJf,OkF2xb,DhgO0d,ID6c7,oZECf,sy48,sy4r,sy4m,sy4t,sy4u,sy4v,rmdjlf,sy6,TOfxwf,A2m8uc,akEJMc,zG2TEe,sy4c,yUS4Lc,KOZzeb,sy4o,sy4p,sy4n,riEgMd,sy54,lSvzH,sy4i,oCiKKc
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.en_GB.R1Eb5tay5K8.O/d=1/rs=AMjVe6j1ltnjxRQ-AjHQ3Qw5hQ-t-P66vQ/m=viewer_base
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
568317cfbe3304e91ae0415569947ba19e18ef68020071d6c3a1888e4458fe7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 19:29:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
112603
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
137785
x-xss-protection
0
last-modified
Mon, 02 May 2022 22:25:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-forms"
vary
Accept-Encoding, Origin
report-to
{"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://docs.google.com
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 05 May 2023 19:29:36 GMT
overlay_page
app.gumroad.com/ Frame F1FD 		41 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.gumroad.com/overlay_page?all_permalinks%5Bgum.co%5D=vba-bundle%2Cvba-userforms%2Cvba-fund%2Cvba-loops%2Cvba-array%2Cvba-strings%2Cfile-io
Requested by
Host: assets.gumroad.com
URL: https://assets.gumroad.com/assets/gumroad-overlay-a64c26f43cba0121e3bc447ef2addcd677643f326633a598a0b35be993d5fe47.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c608bbcb733068b0102dbdc96938d5d029d391bd641ad86109bc78dfaf3dadc
Security Headers
Name Value
Content-Security-Policy default-src https 'self'; child-src * data: blob:; connect-src 'self' bam.nr-data.net www.dropbox.com api.dropboxapi.com s3.amazonaws.com/gumroad s3.amazonaws.com/gumroad/ gumroad-public-storage.s3.amazonaws.com gumroad-public-storage.s3.amazonaws.com/ s3.amazonaws.com/gumroad-public-storage s3.amazonaws.com/gumroad-public-storage/ www.google.com www.gstatic.com *.facebook.com *.facebook.net www.google-analytics.com *.g.doubleclick.net www.googletagmanager.com files.gumroad.com/ d1bdh6c3ceakz5.cloudfront.net/ *.braintreegateway.com www.paypalobjects.com *.paypal.com *.braintree-api.com iframe.ly app.gumroad.com; font-src * data: blob:; frame-src * data: blob:; img-src * data: blob:; media-src * data: blob:; object-src * data: blob:; script-src 'self' 'unsafe-eval' ajax.cloudflare.com static.cloudflareinsights.com js.stripe.com api.stripe.com *.braintreegateway.com *.braintree-api.com www.paypalobjects.com *.paypal.com www.google-analytics.com ssl.google-analytics.com www.googletagmanager.com optimize.google.com www.googleadservices.com www.google.com www.gstatic.com *.facebook.net *.facebook.com *.newrelic.com *.nr-data.net www.dropbox.com s.ytimg.com cdn.iframe.ly *.jwpcdn.com content.jwplatform.com/libraries/3vz4Z4wu.js *.jwpsrv.com blob: 'self' data: gumroad.us3.list-manage.com analytics.twitter.com app.gumroad.com assets.gumroad.com 'nonce-0KTC8aBwn6JJHhjFoUIjWpsrBwWPXVOxMskQJgOAhOM=' 'unsafe-inline'; style-src 'self' 'unsafe-inline' s.ytimg.com ssl.p.jwpcdn.com optimize.google.com assets.gumroad.com; worker-src * data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wellsr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
70769fe26abf71a2-LHR
content-encoding
br
content-security-policy
default-src https 'self'; child-src * data: blob:; connect-src 'self' bam.nr-data.net www.dropbox.com api.dropboxapi.com s3.amazonaws.com/gumroad s3.amazonaws.com/gumroad/ gumroad-public-storage.s3.amazonaws.com gumroad-public-storage.s3.amazonaws.com/ s3.amazonaws.com/gumroad-public-storage s3.amazonaws.com/gumroad-public-storage/ www.google.com www.gstatic.com *.facebook.com *.facebook.net www.google-analytics.com *.g.doubleclick.net www.googletagmanager.com files.gumroad.com/ d1bdh6c3ceakz5.cloudfront.net/ *.braintreegateway.com www.paypalobjects.com *.paypal.com *.braintree-api.com iframe.ly app.gumroad.com; font-src * data: blob:; frame-src * data: blob:; img-src * data: blob:; media-src * data: blob:; object-src * data: blob:; script-src 'self' 'unsafe-eval' ajax.cloudflare.com static.cloudflareinsights.com js.stripe.com api.stripe.com *.braintreegateway.com *.braintree-api.com www.paypalobjects.com *.paypal.com www.google-analytics.com ssl.google-analytics.com www.googletagmanager.com optimize.google.com www.googleadservices.com www.google.com www.gstatic.com *.facebook.net *.facebook.com *.newrelic.com *.nr-data.net www.dropbox.com s.ytimg.com cdn.iframe.ly *.jwpcdn.com content.jwplatform.com/libraries/3vz4Z4wu.js *.jwpsrv.com blob: 'self' data: gumroad.us3.list-manage.com analytics.twitter.com app.gumroad.com assets.gumroad.com 'nonce-0KTC8aBwn6JJHhjFoUIjWpsrBwWPXVOxMskQJgOAhOM=' 'unsafe-inline'; style-src 'self' 'unsafe-inline' s.ytimg.com ssl.p.jwpcdn.com optimize.google.com assets.gumroad.com; worker-src * data: blob:
content-type
text/html; charset=utf-8
date
Sat, 07 May 2022 02:46:19 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
strict-transport-security
max-age=31536000
vary
Origin
x-content-type-options
nosniff
x-download-options
noopen
x-gr
PROD
x-permitted-cross-domain-policies
none
x-request-id
c9f6f493-8b83-40ec-8f6d-9df2b16dec8b
x-revision
c1c791bebef0
x-runtime
0.072627
x-xss-protection
1; mode=block
design-e74e6295.css
assets.gumroad.com/packs/css/ Frame F1FD 		337 KB
55 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.gumroad.com/packs/css/design-e74e6295.css
Requested by
Host: app.gumroad.com
URL: https://app.gumroad.com/overlay_page?all_permalinks%5Bgum.co%5D=vba-bundle%2Cvba-userforms%2Cvba-fund%2Cvba-loops%2Cvba-array%2Cvba-strings%2Cfile-io
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fbb150f671846505f4bd7bc1c73039ee3f536a8a9d91ab05868ded0d199a389

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://app.gumroad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:19 GMT
via
1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
623726
cf-polished
origSize=345404
x-cache
Miss from cloudfront
last-modified
Fri, 29 Apr 2022 19:03:20 GMT
content-encoding
br
cf-bgj
minify
server
cloudflare
etag
W/"d5425fae7efba727b03feccbb31587fa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA60-P4
cf-ray
70769fe3ebf271a2-LHR
x-amz-cf-id
n0BmkGsZtp9IJuv4kYvvO8Q2xUqUFGDiG2GyiGAo1fn8s5fON5qWog==
expires
Sun, 07 May 2023 02:46:19 GMT
rocket-loader.min.js
app.gumroad.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame F1FD 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.gumroad.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: app.gumroad.com
URL: https://app.gumroad.com/overlay_page?all_permalinks%5Bgum.co%5D=vba-bundle%2Cvba-userforms%2Cvba-fund%2Cvba-loops%2Cvba-array%2Cvba-strings%2Cfile-io
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://app.gumroad.com/overlay_page?all_permalinks%5Bgum.co%5D=vba-bundle%2Cvba-userforms%2Cvba-fund%2Cvba-loops%2Cvba-array%2Cvba-strings%2Cfile-io
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 29 Apr 2022 17:17:34 GMT
server
cloudflare
etag
W/"626c1dae-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
70769fe3ebf371a2-LHR
vary
Accept-Encoding
expires
Mon, 09 May 2022 02:46:19 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ Frame F1FD 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: app.gumroad.com
URL: https://app.gumroad.com/overlay_page?all_permalinks%5Bgum.co%5D=vba-bundle%2Cvba-userforms%2Cvba-fund%2Cvba-loops%2Cvba-array%2Cvba-strings%2Cfile-io
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://app.gumroad.com/
Origin
https://app.gumroad.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:19 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
70769fe45c6776ff-LHR
m=sy49,sWGJ4b,sy1o,sy1l,sy1n,sy1p,sy4x,sy58,EGNJFf,iSvg6e,sy4w,uY3Nvd
www.gstatic.com/_/freebird/_/js/k=freebird.v.en_GB.R1Eb5tay5K8.O/d=0/rs=AMjVe6j1ltnjxRQ-AjHQ3Qw5hQ-t-P66vQ/ Frame 3230 		22 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/freebird/_/js/k=freebird.v.en_GB.R1Eb5tay5K8.O/d=0/rs=AMjVe6j1ltnjxRQ-AjHQ3Qw5hQ-t-P66vQ/m=sy49,sWGJ4b,sy1o,sy1l,sy1n,sy1p,sy4x,sy58,EGNJFf,iSvg6e,sy4w,uY3Nvd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.en_GB.R1Eb5tay5K8.O/d=1/rs=AMjVe6j1ltnjxRQ-AjHQ3Qw5hQ-t-P66vQ/m=viewer_base
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1ad9e05d2b52c7749768db7ac3edb36de4447c9a0a29250e93a3cea339c1978
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 09:04:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150120
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7980
x-xss-protection
0
last-modified
Mon, 02 May 2022 22:25:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-forms"
vary
Accept-Encoding, Origin
report-to
{"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://docs.google.com
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 05 May 2023 09:04:19 GMT
naLogImpressions
docs.google.com/forms/d/e/1FAIpQLSf8G9O3_mae51Rc63GpA5QupQf2zuxoswmcsXrWxJpHm7H3cQ/ Frame 3230 		0
13 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://docs.google.com/forms/d/e/1FAIpQLSf8G9O3_mae51Rc63GpA5QupQf2zuxoswmcsXrWxJpHm7H3cQ/naLogImpressions
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.en_GB.R1Eb5tay5K8.O/d=1/rs=AMjVe6j1ltnjxRQ-AjHQ3Qw5hQ-t-P66vQ/m=viewer_base
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-cBXQBWKZBKAWhbwapfxUeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'

Request headers

X-Same-Domain
1
Referer
https://docs.google.com/forms/d/e/1FAIpQLSf8G9O3_mae51Rc63GpA5QupQf2zuxoswmcsXrWxJpHm7H3cQ/viewform?embedded=true
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 07 May 2022 02:46:19 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-cBXQBWKZBKAWhbwapfxUeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
GSE
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
js.stripe.com/v3/ Frame F1FD 		299 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: app.gumroad.com
URL: https://app.gumroad.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
b1dce346afdbb1638e2b272cc3fec60c56251f846bf5f598a07e608598cebbde
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://app.gumroad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
47
x-cache
HIT
content-length
72331
etag
"a9a92481a09e2244cd2812bcbcd75135"
x-request-id
1e5cf79c-8bb8-4948-a6b8-89e75c0fef1c
x-served-by
cache-lhr7366-LHR
access-control-allow-origin
*
last-modified
Thu, 05 May 2022 20:08:29 GMT
server
Fastly
date
Sat, 07 May 2022 02:46:19 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2
overlay-be0e3a14f3210f9ee829.js
assets.gumroad.com/packs/js/ Frame F1FD 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.gumroad.com/packs/js/overlay-be0e3a14f3210f9ee829.js
Requested by
Host: app.gumroad.com
URL: https://app.gumroad.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9e9de319cd71cca61fe38e2e1112df6ce2d802d9367aa7dc0f16834af32aa1e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://app.gumroad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:19 GMT
via
1.1 a62211aa91c2317f2c505a32aa17cf8a.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
362969
cf-polished
origSize=14280
x-cache
Miss from cloudfront
last-modified
Mon, 02 May 2022 21:41:10 GMT
content-encoding
br
cf-bgj
minify
server
cloudflare
etag
W/"55609aa5b823a35fad65d5e902edb41e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-pop
MIA3-C4
cf-ray
70769fe46c6a71a2-LHR
x-amz-cf-id
8A5B6NUjcow6dvo5-o3bDTFQdPueoSaeU_q6gxCuVZG_LAnrMldEyQ==
expires
Sun, 07 May 2023 02:46:19 GMT
webpack-commons-30b6346e80560b14183b.js
assets.gumroad.com/packs/js/ Frame F1FD 		2 MB
523 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.gumroad.com/packs/js/webpack-commons-30b6346e80560b14183b.js
Requested by
Host: app.gumroad.com
URL: https://app.gumroad.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d20283e5d52e01f016f88524377bb8238a59b40b003dd091dfe3155c267cd65e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://app.gumroad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:19 GMT
via
1.1 dc44064c54cfe99859200f562d23535e.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
81166
cf-polished
origSize=2006946
x-cache
Miss from cloudfront
last-modified
Fri, 06 May 2022 03:36:15 GMT
content-encoding
br
cf-bgj
minify
server
cloudflare
etag
W/"5fcd9b9390d388593655b8b492433982"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-pop
ORD51-C2
cf-ray
70769fe46c6d71a2-LHR
x-amz-cf-id
8LS2IjFsTqwAPNy7J52SWc_lDl_6C0HVW-TJhaJ1prUTGSzfWpsknw==
expires
Sun, 07 May 2023 02:46:19 GMT
webpack-runtime-bdb191055a09ae39f7db.js
assets.gumroad.com/packs/js/ Frame F1FD 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.gumroad.com/packs/js/webpack-runtime-bdb191055a09ae39f7db.js
Requested by
Host: app.gumroad.com
URL: https://app.gumroad.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31ac407aaf5ce6e6ed9bfe35bd8f21f749eaf5b13b5e79fc7e96ecd112a374ff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://app.gumroad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:19 GMT
via
1.1 ec3c5df6777270d9633f0082bf016380.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
362987
cf-polished
origSize=4062
x-cache
Miss from cloudfront
last-modified
Mon, 02 May 2022 21:41:49 GMT
content-encoding
br
cf-bgj
minify
server
cloudflare
etag
W/"f18970583f87926ab8f2095c0f82bad4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-pop
WAW50-C1
cf-ray
70769fe46c6e71a2-LHR
x-amz-cf-id
9978qQ99atPVAgS9yPWvsoiwg0bPQ40FGKzSkc2ZuAuV9UqUfzveLw==
expires
Sun, 07 May 2023 02:46:19 GMT
enterprise.js
www.google.com/recaptcha/ Frame F1FD 		942 B
607 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js?render=explicit
Requested by
Host: app.gumroad.com
URL: https://app.gumroad.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
61b46ade1160aabacabd50997c9a5ff0cdad8e23482173b42cf07df30fd41dc1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://app.gumroad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
586
x-xss-protection
1; mode=block
expires
Sat, 07 May 2022 02:46:19 GMT
application-19ca3aac871e27160e5ca3c2f1891d055982872e9ab16a214f033111bb35903f.js
assets.gumroad.com/assets/ Frame F1FD 		6 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.gumroad.com/assets/application-19ca3aac871e27160e5ca3c2f1891d055982872e9ab16a214f033111bb35903f.js
Requested by
Host: app.gumroad.com
URL: https://app.gumroad.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2327c19848c0c26f24a7175b5e7461497a90a1c370b7913261d063d7c1f729a5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://app.gumroad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:19 GMT
via
1.1 34e660e44c1e373f9aead85077545872.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
81166
cf-polished
origSize=5894326
x-cache
Miss from cloudfront
last-modified
Fri, 06 May 2022 03:33:44 GMT
content-encoding
br
cf-bgj
minify
server
cloudflare
etag
W/"371dbdf7325941e7c9940e70dee74916"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-pop
ORD51-C2
cf-ray
70769fe46c6f71a2-LHR
x-amz-cf-id
xLsl4quf1BF1AaWurWWDauIpOXXAbzOxpnsambFOTK3EtNymzkPxzw==
expires
Sun, 07 May 2023 02:46:19 GMT
truncated
/ Frame F1FD 		44 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ Frame F1FD 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ Frame F1FD 		90 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ Frame F1FD 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/webp
recaptcha__en.js
www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/ Frame F1FD 		360 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/nEGwmCAyCoKVn9PSwAGnQWhY/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
303b7acf1f54f053c84b9a9d889a693ff90e39ecec8fdadac43201449d116be8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.gumroad.com/
Origin
https://app.gumroad.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 02:44:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86505
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145286
x-xss-protection
0
last-modified
Mon, 02 May 2022 04:03:50 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 06 May 2023 02:44:35 GMT
19db990205089207b039.woff2
assets.gumroad.com/packs/static/ Frame F1FD 		66 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.gumroad.com/packs/static/19db990205089207b039.woff2
Requested by
Host: assets.gumroad.com
URL: https://assets.gumroad.com/packs/css/design-e74e6295.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c019 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da3a4a9ffefbd4c563fc28b1cb72a6b2cec089285f571e6c682e35a825d1ff76

Request headers

Referer
https://assets.gumroad.com/packs/css/design-e74e6295.css
Origin
https://app.gumroad.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:20 GMT
via
1.1 0fe58376b9b8f183d15a40bca52256e1.cloudfront.net (CloudFront)
vary
Origin, Accept-Encoding
cf-cache-status
HIT
age
12424549
x-cache
Miss from cloudfront
content-length
67176
last-modified
Tue, 23 Nov 2021 16:38:44 GMT
server
cloudflare
etag
"d64a48ba0b9752af91d3858d8a95d2ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
access-control-expose-headers
ETag, Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control
public, max-age=31536000
x-amz-cf-pop
CPH50-C2
accept-ranges
bytes
cf-ray
70769fe9e84271a2-LHR
x-amz-cf-id
AC0KkwTvx8VT6Auwlis4Go61KJ1gDWYBBTH2TP8kN2K_LGSDReiXJQ==
expires
Sun, 07 May 2023 02:46:20 GMT
m-outer-08a68483638f1673180e789f690b2a14.html
js.stripe.com/v3/ Frame DA4F 		240 B
575 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-08a68483638f1673180e789f690b2a14.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
eaf2bd3d92596d7daa1105013ab1a9df04c5638908c58a816aebedd3d299aefd
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.gumroad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
358079
cache-control
max-age=31536000
content-encoding
br
content-length
141
content-security-policy
default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 07 May 2022 02:46:20 GMT
etag
"08a68483638f1673180e789f690b2a14"
last-modified
Mon, 02 May 2022 23:16:40 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
105598
x-content-type-options
nosniff
x-request-id
9ffbaa13-0fd3-4671-81be-1b22eb4b9d5c
x-served-by
cache-lhr7366-LHR
controller-253fff51c40ba8ada666d2d54dbfb338.html
js.stripe.com/v3/ Frame 1721 		349 B
568 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-253fff51c40ba8ada666d2d54dbfb338.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
cf4971368894c9e77c351b26623b513fe37f6597ce76a6f51ccd165089127ca7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.gumroad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
20
cache-control
max-age=60
content-encoding
br
content-length
168
content-security-policy
default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 07 May 2022 02:46:20 GMT
etag
"253fff51c40ba8ada666d2d54dbfb338"
last-modified
Thu, 05 May 2022 19:48:15 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-content-type-options
nosniff
x-request-id
bacf23e4-b208-445f-b4a1-3cd1973580ab
x-served-by
cache-lhr7366-LHR
payment-request-inner-google-pay-f4eba57731b7811e6f94acd4cd0a0ed8.html
js.stripe.com/v3/ Frame 5260 		434 B
713 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/payment-request-inner-google-pay-f4eba57731b7811e6f94acd4cd0a0ed8.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
8ca5380cf88de9a018d563458a7f4450bf6ee2b621033fbd9e3146e2d6efa808
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self' https://pay.google.com; style-src 'self'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.gumroad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
37
cache-control
max-age=60
content-encoding
br
content-length
199
content-security-policy
default-src 'none'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self' https://pay.google.com; style-src 'self'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 07 May 2022 02:46:20 GMT
etag
"f4eba57731b7811e6f94acd4cd0a0ed8"
last-modified
Thu, 05 May 2022 19:48:52 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-content-type-options
nosniff
x-request-id
79dcfe1f-e4be-46d4-adc1-d35cf28662a3
x-served-by
cache-lhr7366-LHR
payment-request-inner-browser-f689c9fd347c1d66b4430aeaf044d196.html
js.stripe.com/v3/ Frame 85C9 		370 B
635 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/payment-request-inner-browser-f689c9fd347c1d66b4430aeaf044d196.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
6bf54ad399d39a6b2d90785b31326f8f69117a720b2d8bdb8b460b731662f54c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.gumroad.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
19
cache-control
max-age=60
content-encoding
br
content-length
178
content-security-policy
default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 07 May 2022 02:46:20 GMT
etag
"f689c9fd347c1d66b4430aeaf044d196"
last-modified
Thu, 05 May 2022 19:48:52 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
2
x-content-type-options
nosniff
x-request-id
4d22d337-b6b5-4c78-b06e-e09c2e91f70d
x-served-by
cache-lhr7366-LHR
csp-report
q.stripe.com/ Frame DA4F 		0
571 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: wellsr.com
URL: https://wellsr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 07 May 2022 02:46:20 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
rum
app.gumroad.com/cdn-cgi/ Frame F1FD 		0
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.gumroad.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://app.gumroad.com/overlay_page?all_permalinks%5Bgum.co%5D=vba-bundle%2Cvba-userforms%2Cvba-fund%2Cvba-loops%2Cvba-array%2Cvba-strings%2Cfile-io
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type
application/json

Response headers

date
Sat, 07 May 2022 02:46:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://app.gumroad.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
70769fe9e84471a2-LHR
vary
Origin
m-outer-a862395be942d34811e19def0b9ea803.js
js.stripe.com/v3/fingerprinted/js/ Frame DA4F 		1 KB
819 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-a862395be942d34811e19def0b9ea803.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-08a68483638f1673180e789f690b2a14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
32efd3c886b0811738301f293d38482b2b18f34a7d2b5ed6dd197fd08c821815
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://js.stripe.com/v3/m-outer-08a68483638f1673180e789f690b2a14.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
10
x-cache
HIT
content-length
645
etag
"799080ebea6eade0766c4725741ce6bf"
x-request-id
e7644d38-4165-47d8-a4b9-269214290280
x-served-by
cache-lhr7366-LHR
access-control-allow-origin
*
last-modified
Mon, 02 May 2022 23:16:41 GMT
server
Fastly
date
Sat, 07 May 2022 02:46:20 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
csp-report
q.stripe.com/ Frame 1721 		0
570 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: wellsr.com
URL: https://wellsr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 07 May 2022 02:46:20 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
9
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
shared-48112994ab72a8e695e59fe4ecca7ca8.js
js.stripe.com/v3/fingerprinted/js/ Frame 1721 		216 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-253fff51c40ba8ada666d2d54dbfb338.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
6d8ae0c2a72a4788401dfafdb70222050b25fb608994674d095eec4585681c4b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://js.stripe.com/v3/controller-253fff51c40ba8ada666d2d54dbfb338.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
12
x-cache
HIT
content-length
55983
etag
"9672c0428c119c8686a9f75259395447"
x-request-id
b55ddaf3-7960-44b5-9c4e-81dc0410c9c5
x-served-by
cache-lhr7366-LHR
access-control-allow-origin
*
last-modified
Thu, 05 May 2022 19:48:17 GMT
server
Fastly
date
Sat, 07 May 2022 02:46:20 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
controller-ab4f2ccc05668c4224ee272d7082b806.js
js.stripe.com/v3/fingerprinted/js/ Frame 1721 		364 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-ab4f2ccc05668c4224ee272d7082b806.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-253fff51c40ba8ada666d2d54dbfb338.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
13340c405759bddee57db1be76be9bd19c908fa2d51d5a9dc57c2b7d85d4d4fe
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://js.stripe.com/v3/controller-253fff51c40ba8ada666d2d54dbfb338.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
28
x-cache
HIT
content-length
91826
etag
"b98b71f18a7437acf426dec8f1560bb4"
x-request-id
06561d20-e514-4554-ab70-15a0c28d0e5f
x-served-by
cache-lhr7366-LHR
access-control-allow-origin
*
last-modified
Thu, 05 May 2022 19:48:34 GMT
server
Fastly
date
Sat, 07 May 2022 02:46:20 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
csp-report
q.stripe.com/ Frame 5260 		0
570 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: wellsr.com
URL: https://wellsr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 07 May 2022 02:46:20 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 85C9 		0
570 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: wellsr.com
URL: https://wellsr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 07 May 2022 02:46:21 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
pay.js
pay.google.com/gp/p/js/ Frame 5260 		95 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-f4eba57731b7811e6f94acd4cd0a0ed8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d9b157d7d07680e7a086016c2407b912e07a0240676e0f2519ca181db578d68
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-Ie0cLXpLkdaXOooGaZbOSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-Ie0cLXpLkdaXOooGaZbOSg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 07 May 2022 02:46:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-Ie0cLXpLkdaXOooGaZbOSg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-Ie0cLXpLkdaXOooGaZbOSg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport
expires
Sat, 07 May 2022 02:46:20 GMT
shared-48112994ab72a8e695e59fe4ecca7ca8.js
js.stripe.com/v3/fingerprinted/js/ Frame 5260 		216 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-f4eba57731b7811e6f94acd4cd0a0ed8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
6d8ae0c2a72a4788401dfafdb70222050b25fb608994674d095eec4585681c4b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-google-pay-f4eba57731b7811e6f94acd4cd0a0ed8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
12
x-cache
HIT
content-length
55983
etag
"9672c0428c119c8686a9f75259395447"
x-request-id
450e028b-f7b9-4159-a8ec-67be0dad79c5
x-served-by
cache-lhr7366-LHR
access-control-allow-origin
*
last-modified
Thu, 05 May 2022 19:48:17 GMT
server
Fastly
date
Sat, 07 May 2022 02:46:20 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2
payment-request-inner-google-pay-fb3099f361cc78eb5d39336b62f281e7.js
js.stripe.com/v3/fingerprinted/js/ Frame 5260 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-fb3099f361cc78eb5d39336b62f281e7.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-f4eba57731b7811e6f94acd4cd0a0ed8.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
b7c65f47753298df94823321dbc736d0125ecedf060cbb777a4184912e11bdcf
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-google-pay-f4eba57731b7811e6f94acd4cd0a0ed8.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
40
x-cache
HIT
content-length
4372
etag
"4377efb6b546949207f65ff4fc73326a"
x-request-id
f4879f36-ea34-4ac7-91d4-fb239fb2f235
x-served-by
cache-lhr7366-LHR
access-control-allow-origin
*
last-modified
Mon, 02 May 2022 23:16:43 GMT
server
Fastly
date
Sat, 07 May 2022 02:46:20 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
shared-48112994ab72a8e695e59fe4ecca7ca8.js
js.stripe.com/v3/fingerprinted/js/ Frame 85C9 		216 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-f689c9fd347c1d66b4430aeaf044d196.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
6d8ae0c2a72a4788401dfafdb70222050b25fb608994674d095eec4585681c4b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-browser-f689c9fd347c1d66b4430aeaf044d196.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
12
x-cache
HIT
content-length
55983
etag
"9672c0428c119c8686a9f75259395447"
x-request-id
bd3bb4ce-5b2d-4172-900a-d887fc4d5555
x-served-by
cache-lhr7366-LHR
access-control-allow-origin
*
last-modified
Thu, 05 May 2022 19:48:17 GMT
server
Fastly
date
Sat, 07 May 2022 02:46:20 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
3
payment-request-inner-browser-0677fe59f1d6eff0a16cc13cf3fa4b55.js
js.stripe.com/v3/fingerprinted/js/ Frame 85C9 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-0677fe59f1d6eff0a16cc13cf3fa4b55.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-f689c9fd347c1d66b4430aeaf044d196.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
ffea9cf540dd47ad03b3d2fee9728a9bda9c431107883fea9c1b0939ffdd786e
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://js.stripe.com/v3/payment-request-inner-browser-f689c9fd347c1d66b4430aeaf044d196.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
28
x-cache
HIT
content-length
4069
etag
"9061856f94656bc6ed54223049a3c06f"
x-request-id
16576291-c322-4263-9d94-5278502bbcc4
x-served-by
cache-lhr7366-LHR
access-control-allow-origin
*
last-modified
Wed, 04 May 2022 20:50:03 GMT
server
Fastly
date
Sat, 07 May 2022 02:46:20 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
inner.html
m.stripe.network/ Frame 9360 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-a862395be942d34811e19def0b9ea803.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:fe00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
33
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 07 May 2022 02:45:51 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
x-amz-cf-id
5eIlVZdjYsCZdv1JYhMYzv37GJ0Lr7sR4aXE8Q36qTPC-RwRVmXo5A==
x-amz-cf-pop
FRA56-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame 9360 		0
344 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: wellsr.com
URL: https://wellsr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Sat, 07 May 2022 02:46:21 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
x-robots-tag
none
content-length
0
x-content-type-options
nosniff
expires
0
out-4.5.42.js
m.stripe.network/ Frame 9360 		86 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:fe00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
188
x-cache
Hit from cloudfront
date
Sat, 07 May 2022 02:43:12 GMT
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 e37b7824685046c107e13d08c43993fc.cloudfront.net (CloudFront)
cache-control
max-age=300, public
x-amz-cf-pop
FRA56-P4
timing-allow-origin
*
x-amz-cf-id
_HeF_0Z7ZP1AM0jh45dEauhhgu-6JWL1FCzPE6dPXyRw5WXTslhgYQ==
6
m.stripe.com/ Frame 9360 		156 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.148.50.223 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-148-50-223.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
156ea9c77a21418752a360a2ebe85246eb45823b33e0efe842f8561e9f60ecb1
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 07 May 2022 02:46:21 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
0
r.stripe.com/ Frame 1721 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Sat, 07 May 2022 02:46:21 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 1721 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Sat, 07 May 2022 02:46:21 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 1721 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Sat, 07 May 2022 02:46:21 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 1721 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Sat, 07 May 2022 02:46:21 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 1721 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Sat, 07 May 2022 02:46:21 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 1721 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Sat, 07 May 2022 02:46:21 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 1721 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Sat, 07 May 2022 02:46:21 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 1721 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Sat, 07 May 2022 02:46:21 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 1721 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Sat, 07 May 2022 02:46:21 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 1721 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Sat, 07 May 2022 02:46:21 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 1721 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Sat, 07 May 2022 02:46:21 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 1721 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Sat, 07 May 2022 02:46:21 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 1721 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Sat, 07 May 2022 02:46:21 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 1721 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Sat, 07 May 2022 02:46:21 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 1721 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Sat, 07 May 2022 02:46:21 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
payframe
pay.google.com/gp/p/ui/ Frame 5AA5 		18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6f5fb8018cc9e30869c5485f251af4cbe4f835595bbefdd0f3dc8b7b2484f4a1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-pALxuCYvFblt3pIZn1c0jA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-pALxuCYvFblt3pIZn1c0jA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-pALxuCYvFblt3pIZn1c0jA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-pALxuCYvFblt3pIZn1c0jA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Sat, 07 May 2022 02:46:21 GMT
expires
Sat, 07 May 2022 02:46:21 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
0
r.stripe.com/ Frame 1721 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Sat, 07 May 2022 02:46:21 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 5AA5 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by
Host: wellsr.com
URL: https://wellsr.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 07 May 2022 02:46:21 GMT
referrer-policy
no-referrer
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1608
content-type
text/html; charset=UTF-8
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.eY_9izLoegs.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AM... Frame 5AA5 		149 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.eY_9izLoegs.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjpwlVsgdLmSLdEeB9axkizh64ISQ/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3f53c3d1c021819edcc0b730947df13465c913d010107657bb789eeb2001e81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 16:29:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37019
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53431
x-xss-protection
0
last-modified
Fri, 06 May 2022 10:24:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 06 May 2023 16:29:22 GMT
m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.eY_9izLoegs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TZw... Frame 5AA5 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.eY_9izLoegs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TZwrwsT61-4.L.B1.O/am=DAAC/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrg6kv-94N0NoIgkvsQIVudbMqSzwQ/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.eY_9izLoegs.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjpwlVsgdLmSLdEeB9axkizh64ISQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da3cc1c61d60509619a980f9026c558efb9b71e5c8d27a9a4007fdcdf613bdaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 16:29:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37018
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28676
x-xss-protection
0
last-modified
Fri, 06 May 2022 04:27:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 06 May 2023 16:29:23 GMT
analytics.js
www.google-analytics.com/ Frame 5AA5 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.eY_9izLoegs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TZwrwsT61-4.L.B1.O/am=DAAC/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrg6kv-94N0NoIgkvsQIVudbMqSzwQ/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4291
date
Sat, 07 May 2022 01:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 07 May 2022 03:34:50 GMT
pay
pay.google.com/gp/p/ui/ Frame 5AA5 		1 MB
347 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.eY_9izLoegs.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjpwlVsgdLmSLdEeB9axkizh64ISQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0b::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
429c03d3e17593239a567ff1f0e99ea295851c53443b1976504eeaba2960274a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RNeQYdATxH-UlZKbTFkc3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-RNeQYdATxH-UlZKbTFkc3A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge
server
ESF
cross-origin-opener-policy
unsafe-none
date
Sat, 07 May 2022 02:46:21 GMT
x-frame-options
DENY
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-RNeQYdATxH-UlZKbTFkc3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-RNeQYdATxH-UlZKbTFkc3A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
expires
Sat, 07 May 2022 02:46:21 GMT
log
play.google.com/ Frame 5AA5 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.eY_9izLoegs.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjpwlVsgdLmSLdEeB9axkizh64ISQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 07 May 2022 02:46:21 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Sat, 07 May 2022 02:46:21 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 07 May 2022 02:46:21 GMT
expires
Sat, 07 May 2022 02:46:21 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 5AA5 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.eY_9izLoegs.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjpwlVsgdLmSLdEeB9axkizh64ISQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 07 May 2022 02:46:21 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Sat, 07 May 2022 02:46:21 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 07 May 2022 02:46:21 GMT
expires
Sat, 07 May 2022 02:46:21 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 5AA5 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.eY_9izLoegs.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjpwlVsgdLmSLdEeB9axkizh64ISQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 07 May 2022 02:46:21 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Sat, 07 May 2022 02:46:21 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 07 May 2022 02:46:21 GMT
expires
Sat, 07 May 2022 02:46:21 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 5AA5 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.eY_9izLoegs.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjpwlVsgdLmSLdEeB9axkizh64ISQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 07 May 2022 02:46:21 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Sat, 07 May 2022 02:46:21 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 07 May 2022 02:46:21 GMT
expires
Sat, 07 May 2022 02:46:21 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 5AA5 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.eY_9izLoegs.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjpwlVsgdLmSLdEeB9axkizh64ISQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 07 May 2022 02:46:21 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Sat, 07 May 2022 02:46:21 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 07 May 2022 02:46:21 GMT
expires
Sat, 07 May 2022 02:46:21 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.eY_9izLoegs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TZw... Frame 5AA5 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.eY_9izLoegs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TZwrwsT61-4.L.B1.O/am=DAAC/d=1/exm=Das5Le,IZT63,PrPYRd,Ru0Pgb,ZyYHPb,_b,_tp,hc6Ubd,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrg6kv-94N0NoIgkvsQIVudbMqSzwQ/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.eY_9izLoegs.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjpwlVsgdLmSLdEeB9axkizh64ISQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eddf29d523bbcdd878275937839ba0d53eba293f49fd071620c060f67de4b74c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 16:29:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37018
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7430
x-xss-protection
0
last-modified
Fri, 06 May 2022 04:27:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 06 May 2023 16:29:23 GMT
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.eY_9izLoegs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TZw... Frame 5AA5 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.eY_9izLoegs.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.TZwrwsT61-4.L.B1.O/am=DAAC/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_tp,hc6Ubd,hhhU8,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfrg6kv-94N0NoIgkvsQIVudbMqSzwQ/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.eY_9izLoegs.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjpwlVsgdLmSLdEeB9axkizh64ISQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9eaa8492697d3f550d78e5f4a87b622b5a3c991cd6a4c1a95c85aff1352efbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 06 May 2022 16:29:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37018
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14174
x-xss-protection
0
last-modified
Fri, 06 May 2022 04:27:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 06 May 2023 16:29:23 GMT
log
play.google.com/ Frame 5AA5 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.eY_9izLoegs.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjpwlVsgdLmSLdEeB9axkizh64ISQ/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pay.google.com/
X-Goog-AuthUser
0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 07 May 2022 02:46:21 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Sat, 07 May 2022 02:46:21 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Sat, 07 May 2022 02:46:21 GMT
expires
Sat, 07 May 2022 02:46:21 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
0
r.stripe.com/ Frame 1721 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Sat, 07 May 2022 02:46:21 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 1721 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Sat, 07 May 2022 02:46:21 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 1721 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Sat, 07 May 2022 02:46:21 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 1721 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Sat, 07 May 2022 02:46:21 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame 1721 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Sat, 07 May 2022 02:46:21 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
log
play.google.com/ Frame 5AA5 		131 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.eY_9izLoegs.es5.O/am=DAAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrjpwlVsgdLmSLdEeB9axkizh64ISQ/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Sat, 07 May 2022 02:46:21 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://pay.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Sat, 07 May 2022 02:46:21 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| gtag object| dataLayer function| trackOutboundLink object| html5 object| Modernizr function| yepnope object| google_tag_manager function| $ function| jQuery object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| GumroadOverlay

11 Cookies

Domain/Path Name / Value
.docs.google.com/forms/d/e/1FAIpQLSf8G9O3_mae51Rc63GpA5QupQf2zuxoswmcsXrWxJpHm7H3cQ Name: S
Value: spreadsheet_forms=V56rnBE0io8o3UHbEcplgmHf3AfeGbOw1NzaQFpUsko
.docs.google.com/forms/d/e/1FAIpQLSf8G9O3_mae51Rc63GpA5QupQf2zuxoswmcsXrWxJpHm7H3cQ Name: COMPASS
Value: spreadsheet_forms=CjIACWuJV5zWDeh1jdZKo-CQqNBOHsQHw_39EikHkJmyGXto3HJ-xwSqozkXMiTXfKkQrBCK19eTBho0AAlriVfDQc9obeCuhGxQMdODDlgu8S1rOU6uFlojBnfHTwR2X_8JKVvPJxtA5mbCoFcXjQ==
.wellsr.com/ Name: _gcl_au
Value: 1.1.98307871.1651891578
.wellsr.com/ Name: _ga
Value: GA1.2.1137792819.1651891578
.wellsr.com/ Name: _gid
Value: GA1.2.91187902.1651891578
.wellsr.com/ Name: _gat_gtag_UA_54273882_1
Value: 1
.google.com/ Name: NID
Value: 511=IzY5kLilrxxlM9g6fYN5kL-47qjBqdUnwdOQdVLMxZu1ViJNN7H6LI7WNo0TdrRaP1Laz7C9aNdiqIP3wldczmmDRbEINwoEjNkKnHPpm-r_8CA_U_XKKWfvrxilQ4UpRwqKmPDHfdtTnJAxU7Ip_XQNC1fXpkM0WbjILa8s3UE
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
app.gumroad.com/ Name: _gumroad_guid
Value: 24171bdf-aad6-4228-8ddc-ba8dd609b097
.gumroad.com/ Name: _gumroad_app_session
Value: km9exoFTbCqA7v5VLpFxIwjvYW7L7k23urDjD4lGFxr%2FmGVIgAtJHSMP4g0QIGRoPoqaQDlHH%2F0vjGMHNtcvvHHUy4vTaB9k99nyw%2FkF0zzIL8yUXR%2BqvaL%2Bg6SiK17tOiIm14RzrNW4bet%2FdVZY40n8kPzSLv%2F6MycwpqVAtzLMLs41JU1J9QCBR3SgR7wNMd6%2Fgbma1WCoWmcUYZS6o6XuD5xChKhYn51Hx1xpYZaXvWAcwkFNgzvSWlYRdMY%2FiAt0rjdmD0mpgFIEWIQPyKEQqSoHMzxnytRp2fy3XN2TSvu9z1KNg5zH%2B2e5nyKImhtchcSNoXb8GAQecg%3D%3D--VjjYKbsK6oqFISzS--cdiOLbR3m7FJ6FowtA4yNA%3D%3D
m.stripe.com/ Name: m
Value: b4c2c7dc-821e-4068-842b-7445e7288ca0e77569

3 Console Messages

Source Level URL
Text
security error URL: https://app.gumroad.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-eval' ajax.cloudflare.com static.cloudflareinsights.com js.stripe.com api.stripe.com *.braintreegateway.com *.braintree-api.com www.paypalobjects.com *.paypal.com www.google-analytics.com ssl.google-analytics.com www.googletagmanager.com optimize.google.com www.googleadservices.com www.google.com www.gstatic.com *.facebook.net *.facebook.com *.newrelic.com *.nr-data.net www.dropbox.com s.ytimg.com cdn.iframe.ly *.jwpcdn.com content.jwplatform.com/libraries/3vz4Z4wu.js *.jwpsrv.com blob: 'self' data: gumroad.us3.list-manage.com analytics.twitter.com app.gumroad.com assets.gumroad.com 'nonce-0KTC8aBwn6JJHhjFoUIjWpsrBwWPXVOxMskQJgOAhOM=' 'unsafe-inline'". Note that 'unsafe-inline' is ignored if either a hash or nonce value is present in the source list.
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.gumroad.com
assets.gumroad.com
docs.google.com
fonts.googleapis.com
googleads.g.doubleclick.net
gumroad.com
js.stripe.com
m.stripe.com
m.stripe.network
pay.google.com
play.google.com
q.stripe.com
r.stripe.com
static.cloudflareinsights.com
stats.g.doubleclick.net
wellsr.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
142.250.184.226
151.101.0.176
2001:4860:4802:34::15
2600:9000:223e:fe00:19:7d10:bd80:93a1
2606:4700:440e::ac40:9c1a
2606:4700::6810:c019
2606:4700::6810:c119
2a00:1450:4001:803::200e
2a00:1450:4001:827::2008
2a00:1450:4001:828::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c08::9a
2a00:1450:400c:c0b::5c
54.148.50.223
54.187.159.182
05f7d1e011f36877cc3c0b5a5ec0e5c3913097478bcdee36dc335b7cae672c58
13340c405759bddee57db1be76be9bd19c908fa2d51d5a9dc57c2b7d85d4d4fe
156ea9c77a21418752a360a2ebe85246eb45823b33e0efe842f8561e9f60ecb1
183d815bca871c9931d361fbaafe89cfd9c18bd3327c2bfbdd56fb64352cbccd
1bd984ee0dbd6abdfddb3f8a524a0f543de242a323d5618564bd9070affc5922
2327c19848c0c26f24a7175b5e7461497a90a1c370b7913261d063d7c1f729a5
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e820292fbcccd43c24653088437425858d8d7d8cde8899e71f38c3e57a76cbc
303b7acf1f54f053c84b9a9d889a693ff90e39ecec8fdadac43201449d116be8
31ac407aaf5ce6e6ed9bfe35bd8f21f749eaf5b13b5e79fc7e96ecd112a374ff
32efd3c886b0811738301f293d38482b2b18f34a7d2b5ed6dd197fd08c821815
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
3916e5f1565a790aa99db8ee22796ebbe5e19aaeaf579c42cd9a57e8874e99fc
3a16557efb933ed279d279d91759f4d41be6bf026f8837b14b533990391a80be
3c0ddac859dc295a993f2f028035839fbcc56ebda9837c1ef3d36a257c31228b
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3c608bbcb733068b0102dbdc96938d5d029d391bd641ad86109bc78dfaf3dadc
3e460b21839bf49543aeac626269114e5bc49092a516d7e94da7dbaee582bfd6
429c03d3e17593239a567ff1f0e99ea295851c53443b1976504eeaba2960274a
4405f54624e1d4129bb3f9be1187cb760a64478bd91125294da82034c366148a
4551cf03541f48dddca3dedf7c0e3b6c95a273266590ddd0d90a82a63c6ef8d1
4802bae394c28f4b8eeae34823280b32ee80c159d58b188d1dccf7af1256a48d
4871fb15ea4f7a00a78189ab49f2eca3ec80772cf54932d0546930cb53f169fb
48d562fc8562321ea2ec8f6c728d05a7daa3caa9270328463b75a652d1590e59
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5183cd9fad19d719abb094176d8bba3332e4f15579c351f394b7ea51623b5fb2
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
568317cfbe3304e91ae0415569947ba19e18ef68020071d6c3a1888e4458fe7e
5aaf5f4ca5429e1827c57a37cc8e8dab12b2e87d5b529f7272e7deb73f7a5d5b
5bed074367042548e1f1ce7d18ba273b797a7a142899b5fdafabf24aa17bb645
61b46ade1160aabacabd50997c9a5ff0cdad8e23482173b42cf07df30fd41dc1
63e402e751c5b0e0c08e35552e7a3b568dfe089c17461a801fe51210afbbe545
63faf0af44a428f182686f0d924bb30e369a9549630c7b98a969394f58431067
64a7799ea4ca1af9266ab31268a843e5619daaf0c75d477e98635e323bb1555c
69a686db46a18fcbcf62cd22463c95fa7b145a8a528bdfa50548504af19cf4ee
6bf54ad399d39a6b2d90785b31326f8f69117a720b2d8bdb8b460b731662f54c
6d8ae0c2a72a4788401dfafdb70222050b25fb608994674d095eec4585681c4b
6f5fb8018cc9e30869c5485f251af4cbe4f835595bbefdd0f3dc8b7b2484f4a1
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
7f50ba7f71d671e13629f319f4473ee86c2838291f6fe2aee64cc648a9508de9
7fbb150f671846505f4bd7bc1c73039ee3f536a8a9d91ab05868ded0d199a389
82a7b891e41b6b701e84741115485bdc91997e0bce9f272896ea2fb268c25f09
8798a316b058a55eec257e5e318b4ef51006d76fae343f4423931420c4ad7115
89ba0d4f6cf9500041778760fea24e37c6de04955c6a62b5435c64b600423749
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
8beb91faabf6915f70e400e6baec47aa0a164f909ab1f5d0e8fe13437b7409fe
8ca5380cf88de9a018d563458a7f4450bf6ee2b621033fbd9e3146e2d6efa808
8d2740ad102451a54ca634d1d0042ec4f508d43b49a7d942f0b98bea01a248ed
8d9b157d7d07680e7a086016c2407b912e07a0240676e0f2519ca181db578d68
974588d6b1f61fd9d11f999246be4165801656c20e0b3a6f4dbbeab527a01843
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ad9e05d2b52c7749768db7ac3edb36de4447c9a0a29250e93a3cea339c1978
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a6f8e4ba6c96ab328d4ea5f464dbe8669f45e4bcd5d2870c98131d01dd54148b
a82a276949088b9ec85293bec302a5917923d6daff21bba3edc7ddc3c54d5582
b1dce346afdbb1638e2b272cc3fec60c56251f846bf5f598a07e608598cebbde
b3f53c3d1c021819edcc0b730947df13465c913d010107657bb789eeb2001e81
b7c65f47753298df94823321dbc736d0125ecedf060cbb777a4184912e11bdcf
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c6528f91115f2a2c00bd814ccdb64e7c7ca11b00be4a9726827522f06dbbde89
cc54dc10df64f97c9d16ef10113b122fd8f7f9a2b420d6d052730803d767a081
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf4971368894c9e77c351b26623b513fe37f6597ce76a6f51ccd165089127ca7
d1e879130612b39a0fb5f22546cdbc46a9ff590eb355918ae4add16fa1f387a9
d20283e5d52e01f016f88524377bb8238a59b40b003dd091dfe3155c267cd65e
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d9e9de319cd71cca61fe38e2e1112df6ce2d802d9367aa7dc0f16834af32aa1e
d9eaa8492697d3f550d78e5f4a87b622b5a3c991cd6a4c1a95c85aff1352efbe
da3a4a9ffefbd4c563fc28b1cb72a6b2cec089285f571e6c682e35a825d1ff76
da3cc1c61d60509619a980f9026c558efb9b71e5c8d27a9a4007fdcdf613bdaa
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea9b0050528f760da37a45435d5383e1f5dddbb628c0a7c0b353d5670201f13f
eaf2bd3d92596d7daa1105013ab1a9df04c5638908c58a816aebedd3d299aefd
eddf29d523bbcdd878275937839ba0d53eba293f49fd071620c060f67de4b74c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efcfd5f131f020f9bb29522378f775dfec4bbfff377a5ed0f4526818ead60a7f
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f4af84efe90891185d9b29a841181ca9d26d7560864ea47b6cd709d3b964aee3
f7be445ab455d46dbd2b95b1ecfe06a7a22dbe84756525f33ec234b45db48e96
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
ffea9cf540dd47ad03b3d2fee9728a9bda9c431107883fea9c1b0939ffdd786e