www.abcya.com Open in urlscan Pro
2604:1380:4601:5e00::3  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request subtraction_game Show response www.abcya.com/games/	2 KB 3 KB	346ms 266ms	Document text/html	2604:1380:4601:5e00::3 PACKET
General Check archive.org Show headers Download Go to Full URL https://www.abcya.com/games/subtraction_game Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2604:1380:4601:5e00::3 , Netherlands, ASN54825 (PACKET, US), Reverse DNS Software Netlify / Resource Hash 4ecb1aab19f9f2741a5538813c9c31f188ad2cdaf18a436ef39c3fda2d5a4a6c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :method GET :authority www.abcya.com :scheme https :path /games/subtraction_game pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers cache-control public, max-age=0, must-revalidate content-security-policy-report-only frame-ancestors 'self'; default-src 'self' https://tpc.googlesyndication.com/safeframe/; connect-src 'self' https://*.abcya.com https://*.playwire.com https://csi.gstatic.com https://dt.clnmde.com https://kinesis.us-east-1.amazonaws.com https://www.google-analytics.com https://*.media.net https://*.googlesyndication.com https://*.doubleclick.net https://*.arcademics.com wss://*.arcademics.com; font-src 'self' https://*.media.net https://d33wubrfki0l68.cloudfront.net https://fonts.gstatic.com https://*.arcademics.com; frame-src 'self' blob: https://cdn.intergi.com https://*.playwire.com https://*.stripe.com https://*.abcya.com https://pxlclnmdecom-a.akamaihd.net https://*.googlesyndication.com https://*.doubleclick.net https://www.google.com; img-src 'self' data: https://*.arcademics.com https://*.net https://*.abcya.com https://cdn.intergi.com https://*.playwire.com https://*.media.net https://d33wubrfki0l68.cloudfront.net https://dt.clnmde.com https://www.googletagmanager.com https://*.doubleclick.net https://intergi-phoenix.s3.amazonaws.com https://px.moatads.com https://*.googlesyndication.com https://www.google-analytics.com https://www.google.com https://ssl.gstatic.com https://www.gstatic.com https://www.kidsafeseal.com https://s02mdn.net/; media-src 'self'; object-src https://*.abcya.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://adservice.google.com https://cdn.ampproject.org https://cdn.intergi.com https://cdn.intergient.com https://*.playwire.com https://*.media.net https://d33wubrfki0l68.cloudfront.net https://*.stripe.com https://mb.moatads.com https://pxlclnmdecom-a.akamaihd.net https://*.doubleclick.net https://*.arcademics.com https://*.googlesyndication.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googleadservices.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.google.com https://www.googletagmanager.com https://tagmanager.google.com https://www.googletagservices.com https://www.gstatic.com https://z.moatads.com; style-src 'self' 'unsafe-inline' https://cdn.intergi.com https://d33wubrfki0l68.cloudfront.net https://fonts.googleapis.com https://tagmanager.google.com; report-uri https://www.ixl.com/actions/csp/report-abcya; report-to csp-endpoint; content-type text/html; charset=UTF-8 date Fri, 20 Aug 2021 00:22:44 GMT etag "339359434cbad0b7c949fa53a6e2fe11-ssl-df" referrer-policy strict-origin-when-cross-origin strict-transport-security max-age=31536000 age 0 vary Accept-Encoding content-encoding br x-content-type-options nosniff x-frame-options SAMEORIGIN server Netlify x-nf-request-id 01FDGF0HDBBHTBKS5PVMM2PHTZ x-xss-protection 1; mode=block
GET H2	200	strings.js Show response www.abcya.com/client/	113 KB 35 KB	42ms 41ms	Script application/javascript	2604:1380:4601:5e00::3 PACKET
General Check archive.org Show headers Download Go to Full URL https://www.abcya.com/client/strings.js Requested by Host: www.abcya.com URL: https://www.abcya.com/games/subtraction_game Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2604:1380:4601:5e00::3 , Netherlands, ASN54825 (PACKET, US), Reverse DNS Software Netlify / Resource Hash 1c677bdab562f6a85e11996237e55df45b5385a080192c364655538d02414139 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /client/strings.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.abcya.com referer https://www.abcya.com/games/subtraction_game :scheme https sec-fetch-site same-origin :method GET Referer https://www.abcya.com/games/subtraction_game User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-nf-request-id 01FDGF0HQP29XNCCZBVT367H3A date Thu, 19 Aug 2021 22:29:50 GMT content-encoding gzip x-content-type-options nosniff age 6774 content-security-policy-report-only frame-ancestors 'self'; default-src 'self' https://tpc.googlesyndication.com/safeframe/; connect-src 'self' https://*.abcya.com https://*.playwire.com https://csi.gstatic.com https://dt.clnmde.com https://kinesis.us-east-1.amazonaws.com https://www.google-analytics.com https://*.media.net https://*.googlesyndication.com https://*.doubleclick.net https://*.arcademics.com wss://*.arcademics.com; font-src 'self' https://*.media.net https://d33wubrfki0l68.cloudfront.net https://fonts.gstatic.com https://*.arcademics.com; frame-src 'self' blob: https://cdn.intergi.com https://*.playwire.com https://*.stripe.com https://*.abcya.com https://pxlclnmdecom-a.akamaihd.net https://*.googlesyndication.com https://*.doubleclick.net https://www.google.com; img-src 'self' data: https://*.arcademics.com https://*.net https://*.abcya.com https://cdn.intergi.com https://*.playwire.com https://*.media.net https://d33wubrfki0l68.cloudfront.net https://dt.clnmde.com https://www.googletagmanager.com https://*.doubleclick.net https://intergi-phoenix.s3.amazonaws.com https://px.moatads.com https://*.googlesyndication.com https://www.google-analytics.com https://www.google.com https://ssl.gstatic.com https://www.gstatic.com https://www.kidsafeseal.com https://s02mdn.net/; media-src 'self'; object-src https://*.abcya.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://adservice.google.com https://cdn.ampproject.org https://cdn.intergi.com https://cdn.intergient.com https://*.playwire.com https://*.media.net https://d33wubrfki0l68.cloudfront.net https://*.stripe.com https://mb.moatads.com https://pxlclnmdecom-a.akamaihd.net https://*.doubleclick.net https://*.arcademics.com https://*.googlesyndication.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googleadservices.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.google.com https://www.googletagmanager.com https://tagmanager.google.com https://www.googletagservices.com https://www.gstatic.com https://z.moatads.com; style-src 'self' 'unsafe-inline' https://cdn.intergi.com https://d33wubrfki0l68.cloudfront.net https://fonts.googleapis.com https://tagmanager.google.com; report-uri https://www.ixl.com/actions/csp/report-abcya; report-to csp-endpoint; strict-transport-security max-age=31536000 content-length 36055 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin server Netlify x-frame-options SAMEORIGIN etag "92572c300ef87cb1a086bb28a219ffc0-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=0, must-revalidate accept-ranges bytes
GET H2	200	552.js Show response www.abcya.com/client/	1 MB 298 KB	94ms 94ms	Script application/javascript	2604:1380:4601:5e00::3 PACKET
General Check archive.org Show headers Download Go to Full URL https://www.abcya.com/client/552.js Requested by Host: www.abcya.com URL: https://www.abcya.com/games/subtraction_game Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2604:1380:4601:5e00::3 , Netherlands, ASN54825 (PACKET, US), Reverse DNS Software Netlify / Resource Hash 4a151e806127590f83d3cb868e6a4850852ced2baf07dccf0398f76b4185eb57 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /client/552.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.abcya.com referer https://www.abcya.com/games/subtraction_game :scheme https sec-fetch-site same-origin :method GET Referer https://www.abcya.com/games/subtraction_game User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-nf-request-id 01FDGF0HQP1ACWEZVGYTZJ7947 date Thu, 19 Aug 2021 23:44:14 GMT content-encoding br x-content-type-options nosniff age 2310 content-security-policy-report-only frame-ancestors 'self'; default-src 'self' https://tpc.googlesyndication.com/safeframe/; connect-src 'self' https://*.abcya.com https://*.playwire.com https://csi.gstatic.com https://dt.clnmde.com https://kinesis.us-east-1.amazonaws.com https://www.google-analytics.com https://*.media.net https://*.googlesyndication.com https://*.doubleclick.net https://*.arcademics.com wss://*.arcademics.com; font-src 'self' https://*.media.net https://d33wubrfki0l68.cloudfront.net https://fonts.gstatic.com https://*.arcademics.com; frame-src 'self' blob: https://cdn.intergi.com https://*.playwire.com https://*.stripe.com https://*.abcya.com https://pxlclnmdecom-a.akamaihd.net https://*.googlesyndication.com https://*.doubleclick.net https://www.google.com; img-src 'self' data: https://*.arcademics.com https://*.net https://*.abcya.com https://cdn.intergi.com https://*.playwire.com https://*.media.net https://d33wubrfki0l68.cloudfront.net https://dt.clnmde.com https://www.googletagmanager.com https://*.doubleclick.net https://intergi-phoenix.s3.amazonaws.com https://px.moatads.com https://*.googlesyndication.com https://www.google-analytics.com https://www.google.com https://ssl.gstatic.com https://www.gstatic.com https://www.kidsafeseal.com https://s02mdn.net/; media-src 'self'; object-src https://*.abcya.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://adservice.google.com https://cdn.ampproject.org https://cdn.intergi.com https://cdn.intergient.com https://*.playwire.com https://*.media.net https://d33wubrfki0l68.cloudfront.net https://*.stripe.com https://mb.moatads.com https://pxlclnmdecom-a.akamaihd.net https://*.doubleclick.net https://*.arcademics.com https://*.googlesyndication.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googleadservices.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.google.com https://www.googletagmanager.com https://tagmanager.google.com https://www.googletagservices.com https://www.gstatic.com https://z.moatads.com; style-src 'self' 'unsafe-inline' https://cdn.intergi.com https://d33wubrfki0l68.cloudfront.net https://fonts.googleapis.com https://tagmanager.google.com; report-uri https://www.ixl.com/actions/csp/report-abcya; report-to csp-endpoint; strict-transport-security max-age=31536000 content-length 304480 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin server Netlify x-frame-options SAMEORIGIN etag "cb87be9ca6e5e889e354289a13b1786f-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=0, must-revalidate accept-ranges bytes
GET H2	200	main.js Show response www.abcya.com/client/	663 KB 129 KB	56ms 55ms	Script application/javascript	2604:1380:4601:5e00::3 PACKET
General Check archive.org Show headers Download Go to Full URL https://www.abcya.com/client/main.js Requested by Host: www.abcya.com URL: https://www.abcya.com/games/subtraction_game Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2604:1380:4601:5e00::3 , Netherlands, ASN54825 (PACKET, US), Reverse DNS Software Netlify / Resource Hash 747fa2107dc6b8fe30dd7a9e71c5dea69e14d9831dd13adf716143eef8c73903 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /client/main.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.abcya.com referer https://www.abcya.com/games/subtraction_game :scheme https sec-fetch-site same-origin :method GET Referer https://www.abcya.com/games/subtraction_game User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-nf-request-id 01FDGF0HQTC671KHZ225XYV5EX date Thu, 19 Aug 2021 22:35:15 GMT content-encoding gzip x-content-type-options nosniff age 6449 content-security-policy-report-only frame-ancestors 'self'; default-src 'self' https://tpc.googlesyndication.com/safeframe/; connect-src 'self' https://*.abcya.com https://*.playwire.com https://csi.gstatic.com https://dt.clnmde.com https://kinesis.us-east-1.amazonaws.com https://www.google-analytics.com https://*.media.net https://*.googlesyndication.com https://*.doubleclick.net https://*.arcademics.com wss://*.arcademics.com; font-src 'self' https://*.media.net https://d33wubrfki0l68.cloudfront.net https://fonts.gstatic.com https://*.arcademics.com; frame-src 'self' blob: https://cdn.intergi.com https://*.playwire.com https://*.stripe.com https://*.abcya.com https://pxlclnmdecom-a.akamaihd.net https://*.googlesyndication.com https://*.doubleclick.net https://www.google.com; img-src 'self' data: https://*.arcademics.com https://*.net https://*.abcya.com https://cdn.intergi.com https://*.playwire.com https://*.media.net https://d33wubrfki0l68.cloudfront.net https://dt.clnmde.com https://www.googletagmanager.com https://*.doubleclick.net https://intergi-phoenix.s3.amazonaws.com https://px.moatads.com https://*.googlesyndication.com https://www.google-analytics.com https://www.google.com https://ssl.gstatic.com https://www.gstatic.com https://www.kidsafeseal.com https://s02mdn.net/; media-src 'self'; object-src https://*.abcya.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://adservice.google.com https://cdn.ampproject.org https://cdn.intergi.com https://cdn.intergient.com https://*.playwire.com https://*.media.net https://d33wubrfki0l68.cloudfront.net https://*.stripe.com https://mb.moatads.com https://pxlclnmdecom-a.akamaihd.net https://*.doubleclick.net https://*.arcademics.com https://*.googlesyndication.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googleadservices.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.google.com https://www.googletagmanager.com https://tagmanager.google.com https://www.googletagservices.com https://www.gstatic.com https://z.moatads.com; style-src 'self' 'unsafe-inline' https://cdn.intergi.com https://d33wubrfki0l68.cloudfront.net https://fonts.googleapis.com https://tagmanager.google.com; report-uri https://www.ixl.com/actions/csp/report-abcya; report-to csp-endpoint; strict-transport-security max-age=31536000 content-length 131824 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin server Netlify x-frame-options SAMEORIGIN etag "5e7890d8b8f0a89acce0528ec4b6acfa-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=0, must-revalidate accept-ranges bytes
GET H2	200	main.css www.abcya.com/client/	191 KB 26 KB	22ms 21ms	Stylesheet text/css	2604:1380:4601:5e00::3 PACKET
General Check archive.org Show headers Download Go to Full URL https://www.abcya.com/client/main.css Requested by Host: www.abcya.com URL: https://www.abcya.com/games/subtraction_game Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2604:1380:4601:5e00::3 , Netherlands, ASN54825 (PACKET, US), Reverse DNS Software Netlify / Resource Hash 410e99ac80f6a08210479bfc7bad17cf33044c512a1b30d56f4e9719600e463d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /client/main.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority www.abcya.com referer https://www.abcya.com/games/subtraction_game :scheme https sec-fetch-site same-origin :method GET Referer https://www.abcya.com/games/subtraction_game User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-nf-request-id 01FDGF0HQPR9HM3RAV4SEG3ETA date Thu, 19 Aug 2021 21:59:08 GMT content-encoding br x-content-type-options nosniff age 8616 content-security-policy-report-only frame-ancestors 'self'; default-src 'self' https://tpc.googlesyndication.com/safeframe/; connect-src 'self' https://*.abcya.com https://*.playwire.com https://csi.gstatic.com https://dt.clnmde.com https://kinesis.us-east-1.amazonaws.com https://www.google-analytics.com https://*.media.net https://*.googlesyndication.com https://*.doubleclick.net https://*.arcademics.com wss://*.arcademics.com; font-src 'self' https://*.media.net https://d33wubrfki0l68.cloudfront.net https://fonts.gstatic.com https://*.arcademics.com; frame-src 'self' blob: https://cdn.intergi.com https://*.playwire.com https://*.stripe.com https://*.abcya.com https://pxlclnmdecom-a.akamaihd.net https://*.googlesyndication.com https://*.doubleclick.net https://www.google.com; img-src 'self' data: https://*.arcademics.com https://*.net https://*.abcya.com https://cdn.intergi.com https://*.playwire.com https://*.media.net https://d33wubrfki0l68.cloudfront.net https://dt.clnmde.com https://www.googletagmanager.com https://*.doubleclick.net https://intergi-phoenix.s3.amazonaws.com https://px.moatads.com https://*.googlesyndication.com https://www.google-analytics.com https://www.google.com https://ssl.gstatic.com https://www.gstatic.com https://www.kidsafeseal.com https://s02mdn.net/; media-src 'self'; object-src https://*.abcya.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://adservice.google.com https://cdn.ampproject.org https://cdn.intergi.com https://cdn.intergient.com https://*.playwire.com https://*.media.net https://d33wubrfki0l68.cloudfront.net https://*.stripe.com https://mb.moatads.com https://pxlclnmdecom-a.akamaihd.net https://*.doubleclick.net https://*.arcademics.com https://*.googlesyndication.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googleadservices.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.google.com https://www.googletagmanager.com https://tagmanager.google.com https://www.googletagservices.com https://www.gstatic.com https://z.moatads.com; style-src 'self' 'unsafe-inline' https://cdn.intergi.com https://d33wubrfki0l68.cloudfront.net https://fonts.googleapis.com https://tagmanager.google.com; report-uri https://www.ixl.com/actions/csp/report-abcya; report-to csp-endpoint; strict-transport-security max-age=31536000 content-length 26748 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin server Netlify x-frame-options SAMEORIGIN etag "bf09f3552fd1ea0c9ffe19f43c410017-ssl" vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=0, must-revalidate accept-ranges bytes
GET H3-29	200	gtm.js Show response www.googletagmanager.com/	120 KB 44 KB	24ms 24ms	Script application/javascript	2a00:1450:4001:827::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5VZ5QT Requested by Host: www.abcya.com URL: https://www.abcya.com/games/subtraction_game Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ed3468adb49e940eed26918b1158d3ecf717457a818a64ae92467cd4672d1fc7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.abcya.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 00:22:44 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44513 x-xss-protection 0 last-modified Fri, 20 Aug 2021 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 20 Aug 2021 00:22:44 GMT
GET H3-29	200	analytics.js Show response www.google-analytics.com/	48 KB 19 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VZ5QT Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.abcya.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 13 Jul 2021 18:24:06 GMT server Golfe2 age 4143 date Thu, 19 Aug 2021 23:13:41 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19672 expires Fri, 20 Aug 2021 01:13:41 GMT
GET H2	200	css fonts.googleapis.com/	10 KB 867 B	17ms 17ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:300,300i,400,400i,700,700i Requested by Host: www.abcya.com URL: https://www.abcya.com/client/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d8951a9db73811e892e6d3e082e5ffa1deacb9ee6e532c4adc88b4fff9deab21 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.abcya.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 20 Aug 2021 00:22:44 GMT server ESF date Fri, 20 Aug 2021 00:22:44 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 20 Aug 2021 00:22:44 GMT
GET H3-29	200	linkid.js Show response www.google-analytics.com/plugins/ua/	2 KB 882 B	8ms 7ms	Script text/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/linkid.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.abcya.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 19 Aug 2021 23:53:00 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe age 1784 vary Accept-Encoding content-type text/javascript cache-control public, max-age=3600 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 859 x-xss-protection 0 expires Fri, 20 Aug 2021 00:53:00 GMT
GET H3-29	200	ec.js Show response www.google-analytics.com/plugins/ua/	3 KB 1 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/ec.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.abcya.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 00:21:39 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe age 65 vary Accept-Encoding content-type text/javascript cache-control public, max-age=3600 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1306 x-xss-protection 0 expires Fri, 20 Aug 2021 01:21:39 GMT
POST H3-29	200	collect Show response www.google-analytics.com/j/	1 B 21 B	13ms 13ms	XHR text/plain	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1351254539&t=pageview&_s=1&dl=https%3A%2F%2Fwww.abcya.com%2Fgames%2Fsubtraction_game&ul=en-us&de=UTF-8&dt=ABCya!%20%E2%80%A2%20Educational%20Computer%20Games%20and%20Apps%20for%20Kids&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEArAAAAAC~&jid=2045559869&gjid=971098657&cid=1858168657.1629418965&tid=UA-3079883-1&_gid=1000115659.1629418965&_r=1&gtm=2wg8i05VZ5QT&cg1=Not%20a%20game%20page&cg2=Not%20a%20game%20page&cd10=0&cd11=2021-08-20T02%3A22%3A44.759%2B02%3A00&cd14=41&z=732308866 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.abcya.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 20 Aug 2021 00:22:44 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.abcya.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	v3 Show response js.stripe.com/	235 KB 64 KB	128ms 49ms	Script application/javascript	13.224.96.104 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3 Requested by Host: www.abcya.com URL: https://www.abcya.com/client/552.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.104 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-104.zrh50.r.cloudfront.net Software AmazonS3 / Resource Hash a756773b693ded1566a8f2c8bb1a800c4c4fa47058dabbfd14016397ff54c8be Security Headers Name Value Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self'; Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://www.abcya.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 20 Aug 2021 00:20:04 GMT content-encoding gzip vary Accept-Encoding age 162 via 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-request-id CR7XE5VBG6E1XWGY x-amz-id-2 HOGAzkzuusHCnL78YejTGrIiKJxUFkcLgA2yeiW9EZkEBjxPua2dmMDS6lYLDZEVrmyNYfaMp/E= last-modified Thu, 19 Aug 2021 22:39:57 GMT server AmazonS3 etag W/"980d01d7df16148077e39e2d18a454f7" strict-transport-security max-age=31556926; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=300 content-security-policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self'; x-amz-cf-pop ZRH50-C1 timing-allow-origin * x-amz-cf-id Nq0JmE212Q5A-b7gfgbpoblOpwfb59XK2n4yI1wf2gDPkpnR9P-slg==
GET H2	200	59415af3f111af81d684.worker.js www.abcya.com/	744 KB 195 KB	21ms 21ms	Other application/javascript	2604:1380:4601:5e00::3 PACKET
General Check archive.org Show headers Download Go to Full URL https://www.abcya.com/59415af3f111af81d684.worker.js Requested by Host: www.abcya.com URL: https://www.abcya.com/games/subtraction_game Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2604:1380:4601:5e00::3 , Netherlands, ASN54825 (PACKET, US), Reverse DNS Software Netlify / Resource Hash 9b4d869a1a4b050df6e6ef1eacb0f42e0f34d418b21ee30b613202d693e4e88e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :path /59415af3f111af81d684.worker.js pragma no-cache cookie _ga=GA1.2.1858168657.1629418965; _gid=GA1.2.1000115659.1629418965; _gat_UA-3079883-1=1 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode same-origin accept */* cache-control no-cache sec-fetch-dest worker :authority www.abcya.com referer https://www.abcya.com/games/subtraction_game :scheme https sec-fetch-site same-origin :method GET Referer https://www.abcya.com/games/subtraction_game User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-nf-request-id 01FDGF0J5RVBSBTF7E5X895JJK date Thu, 19 Aug 2021 23:13:10 GMT content-encoding br x-content-type-options nosniff age 4175 content-security-policy-report-only frame-ancestors 'self'; default-src 'self' https://tpc.googlesyndication.com/safeframe/; connect-src 'self' https://*.abcya.com https://*.playwire.com https://csi.gstatic.com https://dt.clnmde.com https://kinesis.us-east-1.amazonaws.com https://www.google-analytics.com https://*.media.net https://*.googlesyndication.com https://*.doubleclick.net https://*.arcademics.com wss://*.arcademics.com; font-src 'self' https://*.media.net https://d33wubrfki0l68.cloudfront.net https://fonts.gstatic.com https://*.arcademics.com; frame-src 'self' blob: https://cdn.intergi.com https://*.playwire.com https://*.stripe.com https://*.abcya.com https://pxlclnmdecom-a.akamaihd.net https://*.googlesyndication.com https://*.doubleclick.net https://www.google.com; img-src 'self' data: https://*.arcademics.com https://*.net https://*.abcya.com https://cdn.intergi.com https://*.playwire.com https://*.media.net https://d33wubrfki0l68.cloudfront.net https://dt.clnmde.com https://www.googletagmanager.com https://*.doubleclick.net https://intergi-phoenix.s3.amazonaws.com https://px.moatads.com https://*.googlesyndication.com https://www.google-analytics.com https://www.google.com https://ssl.gstatic.com https://www.gstatic.com https://www.kidsafeseal.com https://s02mdn.net/; media-src 'self'; object-src https://*.abcya.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://adservice.google.com https://cdn.ampproject.org https://cdn.intergi.com https://cdn.intergient.com https://*.playwire.com https://*.media.net https://d33wubrfki0l68.cloudfront.net https://*.stripe.com https://mb.moatads.com https://pxlclnmdecom-a.akamaihd.net https://*.doubleclick.net https://*.arcademics.com https://*.googlesyndication.com https://www.google-analytics.com https://ssl.google-analytics.com https://www.googleadservices.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.google.com https://www.googletagmanager.com https://tagmanager.google.com https://www.googletagservices.com https://www.gstatic.com https://z.moatads.com; style-src 'self' 'unsafe-inline' https://cdn.intergi.com https://d33wubrfki0l68.cloudfront.net https://fonts.googleapis.com https://tagmanager.google.com; report-uri https://www.ixl.com/actions/csp/report-abcya; report-to csp-endpoint; strict-transport-security max-age=31536000 content-length 199283 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin server Netlify x-frame-options SAMEORIGIN etag "44c2a5f86826d2e08829cdd5c54377cd-ssl" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=0, must-revalidate accept-ranges bytes
GET H2	200	m-outer-5564a2ae650989ada0dc7f7250ae34e9.html Show response js.stripe.com/v3/ Frame C742	215 B 950 B	46ms 46ms	Document text/html	13.224.96.104 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.104 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-104.zrh50.r.cloudfront.net Software AmazonS3 / Resource Hash 2f90c4b8fb3b8afbf228232c4afb00f5a1d0efab1c7f7ebf313d730d3cd050f3 Security Headers Name Value Content-Security-Policy default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers :method GET :authority js.stripe.com :scheme https :path /v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.abcya.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.abcya.com/ Response headers content-type text/html; charset=utf-8 content-length 215 x-amz-id-2 6oTLOeYA745EpiXA+vPlPR/RCMeaJnthwGwyg4jTSxsWs2qHfaybngonAT11A4DAQc4qTOsv3Cc= x-amz-request-id 9S492RA9R54PGSCP last-modified Tue, 29 Jun 2021 17:25:38 GMT accept-ranges bytes server AmazonS3 strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * access-control-allow-origin * content-security-policy default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; date Fri, 20 Aug 2021 00:19:32 GMT cache-control public, max-age=300 etag "5564a2ae650989ada0dc7f7250ae34e9" x-cache Hit from cloudfront via 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront) x-amz-cf-pop ZRH50-C1 x-amz-cf-id 93RXxPSYLXeCQYGs8NJsB5eHglLi43aqaeLfQ6GIiGoBShLY7vgm5Q== age 193
GET H2	200	m-outer-60c368c1e1eddba7bd149e4b4f5408df.js Show response js.stripe.com/v3/fingerprinted/js/ Frame C742	1 KB 1 KB	44ms 44ms	Script application/javascript	13.224.96.104 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/m-outer-60c368c1e1eddba7bd149e4b4f5408df.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.96.104 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-96-104.zrh50.r.cloudfront.net Software AmazonS3 / Resource Hash 691b9a514dcd9541c4d3fa26dc23c391eaf00535415d84f9cda5f910fe721840 Security Headers Name Value Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self'; Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://js.stripe.com/v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding gzip etag W/"78581b5abad6c4e7b59c0f8ee45a8134" age 278 via 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-request-id A585K5RDC47HJZGK x-amz-id-2 P6jrXirAlwwJ8ZEpTqtb5z/RSFrOQVnQgSnjwRjqlh5bXcl9oPU6SIW1YyuZ+f5gTVuA6/2LuAQ= last-modified Tue, 29 Jun 2021 17:25:39 GMT server AmazonS3 date Fri, 20 Aug 2021 00:18:07 GMT vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=300 content-security-policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self'; x-amz-cf-pop ZRH50-C1 timing-allow-origin * x-amz-cf-id iAanZ0KPRCr5E786oTCcGyBkTrUmKcqwpp37AO1q6KmKCoMjUiU-rw==
GET H2	200	inner.html Show response m.stripe.network/ Frame 74E9	932 B 1 KB	29ms 7ms	Document text/html	151.101.192.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/inner.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-60c368c1e1eddba7bd149e4b4f5408df.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.192.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a Security Headers Name Value Content-Security-Policy default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self'; Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers :method GET :authority m.stripe.network :scheme https :path /inner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://js.stripe.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://js.stripe.com/ Response headers server nginx content-type text/html; charset=utf-8 last-modified Thu, 12 Aug 2021 00:00:27 GMT etag W/"6114649b-3a4" strict-transport-security max-age=31556926; includeSubDomains; preload cache-control public, max-age=300 timing-allow-origin * content-security-policy default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self'; content-encoding gzip via 1.1 varnish, 1.1 varnish accept-ranges bytes date Fri, 20 Aug 2021 00:22:45 GMT age 96 x-served-by cache-sea4472-SEA, cache-hhn4042-HHN x-cache HIT, HIT x-cache-hits 1, 47 x-timer S1629418965.493196,VS0,VE0 vary Accept-Encoding content-length 537
GET H2	200	out-4.5.40.js Show response m.stripe.network/ Frame 74E9	85 KB 18 KB	8ms 7ms	Script application/x-javascript	151.101.192.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/out-4.5.40.js Requested by Host: m.stripe.network URL: https://m.stripe.network/inner.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.192.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39 Security Headers Name Value Content-Security-Policy default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self'; Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://m.stripe.network/inner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding gzip etag W/"6114649b-154bc" age 210 x-cache HIT, HIT content-length 18452 x-served-by cache-sea4470-SEA, cache-hhn4042-HHN last-modified Thu, 12 Aug 2021 00:00:27 GMT server nginx x-timer S1629418966.505706,VS0,VE0 date Fri, 20 Aug 2021 00:22:45 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 via 1.1 varnish, 1.1 varnish cache-control public, max-age=300 content-security-policy default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self'; accept-ranges bytes timing-allow-origin * x-cache-hits 1, 83
POST H2	200	6 Show response m.stripe.com/ Frame 74E9	156 B 516 B	568ms 190ms	XHR text/plain	54.186.42.192 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/out-4.5.40.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.186.42.192 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-186-42-192.us-west-2.compute.amazonaws.com Software nginx / Resource Hash e2654e4bc52f0fa515bfe4e389fed7746d9559692806188df20c41a7d30c9a6b Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Fri, 20 Aug 2021 00:22:46 GMT content-encoding gzip x-content-type-options nosniff server nginx vary Accept-Encoding content-type text/plain;charset=utf-8 access-control-allow-origin https://m.stripe.network access-control-allow-credentials true strict-transport-security max-age=31556926; includeSubDomains; preload access-control-allow-headers Content-Type

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dataLayer string| branch object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| webpackChunkABCyaLibrary undefined| ABCyaLibrary function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _pdfjsCompatibilityChecked object| core object| Modernizr boolean| gtmFired object| local_data object| __webpackStripeJSv3Jsonp function| Stripe

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.www.abcya.com/	1970-01-19 20:37:00	Name: __stripe_sid Value: 60cbe9f2-c59b-4a7b-abc8-0de5f1d67b76ca9195
			.www.abcya.com/	1970-01-20 05:22:34	Name: __stripe_mid Value: 1d05d93e-0dd1-443c-ab77-87e509ba2b46b79eb9
			.abcya.com/	1970-01-19 20:36:59	Name: _gat_UA-3079883-1 Value: 1
			.abcya.com/	1970-01-19 20:38:25	Name: _gid Value: GA1.2.1000115659.1629418965
			.abcya.com/	1970-01-20 14:08:10	Name: _ga Value: GA1.2.1858168657.1629418965

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
js.stripe.com
m.stripe.com
m.stripe.network
www.abcya.com
www.google-analytics.com
www.googletagmanager.com
13.224.96.104
151.101.192.176
2604:1380:4601:5e00::3
2a00:1450:4001:808::200e
2a00:1450:4001:827::2008
2a00:1450:4001:831::200a
54.186.42.192
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
1c677bdab562f6a85e11996237e55df45b5385a080192c364655538d02414139
2f90c4b8fb3b8afbf228232c4afb00f5a1d0efab1c7f7ebf313d730d3cd050f3
410e99ac80f6a08210479bfc7bad17cf33044c512a1b30d56f4e9719600e463d
4a151e806127590f83d3cb868e6a4850852ced2baf07dccf0398f76b4185eb57
4ecb1aab19f9f2741a5538813c9c31f188ad2cdaf18a436ef39c3fda2d5a4a6c
691b9a514dcd9541c4d3fa26dc23c391eaf00535415d84f9cda5f910fe721840
6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
747fa2107dc6b8fe30dd7a9e71c5dea69e14d9831dd13adf716143eef8c73903
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9b4d869a1a4b050df6e6ef1eacb0f42e0f34d418b21ee30b613202d693e4e88e
a756773b693ded1566a8f2c8bb1a800c4c4fa47058dabbfd14016397ff54c8be
c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a
d8951a9db73811e892e6d3e082e5ffa1deacb9ee6e532c4adc88b4fff9deab21
e2654e4bc52f0fa515bfe4e389fed7746d9559692806188df20c41a7d30c9a6b
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
ed3468adb49e940eed26918b1158d3ecf717457a818a64ae92467cd4672d1fc7