entregaai.bzflow.com Open in urlscan Pro
45.162.231.6 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://entregaai.bzflow.com/
Effective URL:
https://entregaai.bzflow.com/delivery/bees-foods/NWJvdUI4NDJ4T0FrK21FR3prOURlQT09
Submission: On March 22 via automatic, source certstream-suspicious (March 22nd 2023, 1:51:15 am UTC) — Scanned from DE

Summary HTTP 43 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 43 HTTP transactions. The main IP is 45.162.231.6, located in São Paulo, Brazil and belongs to QNAX LTDA, BR. The main domain is entregaai.bzflow.com.
TLS certificate: Issued by R3 on March 22nd 2023. Valid for: 3 months.

This is the only time entregaai.bzflow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	45.162.231.6 45.162.231.6	268581 (QNAX LTDA) (QNAX LTDA)
3	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
6	52.222.158.59 52.222.158.59	16509 (AMAZON-02) (AMAZON-02)
6	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
4	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
2	44.233.226.104 44.233.226.104	16509 (AMAZON-02) (AMAZON-02)
43	6

22 45.162.231.6 (São Paulo, Brazil)

ASN268581 (QNAX LTDA, BR)

entregaai.bzflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
deliverybr-api.builderall.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.222.158.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-158-59.cdg52.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.233.226.104 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-233-226-104.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	stripe.com js.stripe.com — Cisco Umbrella Rank: 955 q.stripe.com — Cisco Umbrella Rank: 6067 m.stripe.com — Cisco Umbrella Rank: 966	226 KB
12	bzflow.com entregaai.bzflow.com	7 MB
10	builderall.com deliverybr-api.builderall.com	47 KB
4	stripe.network m.stripe.network — Cisco Umbrella Rank: 1034	33 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 337	495 KB
43	5

	Domain	Requested by
12	entregaai.bzflow.com	entregaai.bzflow.com
10	deliverybr-api.builderall.com	entregaai.bzflow.com
6	q.stripe.com	entregaai.bzflow.com
6	js.stripe.com	entregaai.bzflow.com js.stripe.com
4	m.stripe.network	js.stripe.com m.stripe.network
3	cdn.jsdelivr.net	entregaai.bzflow.com cdn.jsdelivr.net
2	m.stripe.com	m.stripe.network
43	7

This site contains no links.

Subject Issuer	Validity	Valid
entregaai.bzflow.com R3	`2023-03-22` - `2023-06-20`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-02-06` - `2023-05-13`	3 months	crt.sh
builderall.com R3	`2023-02-05` - `2023-05-06`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-08` - `2023-04-08`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://entregaai.bzflow.com/delivery/bees-foods/NWJvdUI4NDJ4T0FrK21FR3prOURlQT09
Frame ID: 87C01CD5546727F07F1520A233B7AC4C
Requests: 23 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 8827B475010DDF7D5944316CD67AD24B
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 8BCDE0623D1B0B3F656F64A75ABCDC30
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: F65B4687BC33BB8826D647517BDACEB3
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: A44E306F828FF65BAEA595C1237E36A3
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bees foods

Page URL History Show full URLs

https://entregaai.bzflow.com/ Page URL
https://entregaai.bzflow.com/delivery/bees-foods/NWJvdUI4NDJ4T0FrK21FR3prOURlQT09 Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

43
Requests

100 %
HTTPS

17 %
IPv6

5
Domains

7
Subdomains

6
IPs

2
Countries

8333 kB
Transfer

14383 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://entregaai.bzflow.com/ Page URL
https://entregaai.bzflow.com/delivery/bees-foods/NWJvdUI4NDJ4T0FrK21FR3prOURlQT09 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
entregaai.bzflow.com/ 1021 B
647 B 919ms
214ms Document
text/html 45.162.231.6
QNAX LTDA

General

Check archive.org

Show headers Download Go to

Full URL: https://entregaai.bzflow.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.162.231.6 São Paulo, Brazil, ASN268581 (QNAX LTDA, BR),
Reverse DNS
Software: nginx /
Resource Hash: e8ea6240c0e62be67b4b7b2cec0ccb998bbabe6b63b6b1ab8ba247938a6e879e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 22 Mar 2023 01:51:08 GMT
etag: W/"63f91076-3fd"
last-modified: Fri, 24 Feb 2023 19:31:02 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@latest/css/ 331 KB
54 KB 46ms
6ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css

Requested by

Host: entregaai.bzflow.com
URL: https://entregaai.bzflow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b89606bf42acdeb4f05cff729f63f2f0574e87011d4aa5a05253a3bfcd7461bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://entregaai.bzflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 22 Mar 2023 01:51:08 GMT
x-content-type-options: nosniff
content-encoding: br
age: 3082
x-jsd-version: 7.2.96
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 54765
x-served-by: cache-fra-eddf8230135-FRA
x-jsd-version-type: version
etag: W/"52d34-McwSlO6CU7M543fkTyDaQiyOjpU"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 app.d4888721.css
entregaai.bzflow.com/css/ 2 KB
1 KB 212ms
208ms Stylesheet
text/css 45.162.231.6
QNAX LTDA

General

Check archive.org

Show headers Download Go to

Full URL: https://entregaai.bzflow.com/css/app.d4888721.css
Requested by: Host: entregaai.bzflow.com
URL: https://entregaai.bzflow.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.162.231.6 São Paulo, Brazil, ASN268581 (QNAX LTDA, BR),
Reverse DNS
Software: nginx /
Resource Hash: 54c31fa9fc5ab9ccfb7b4d7887dcbca8fa25e97d79c263def8e4aef4aa748b9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://entregaai.bzflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:08 GMT
content-encoding: gzip
last-modified: Fri, 24 Feb 2023 19:31:02 GMT
server: nginx
etag: W/"63f91076-8eb"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 chunk-vendors.9506a6d8.css
entregaai.bzflow.com/css/ 460 KB
67 KB 432ms
428ms Stylesheet
text/css 45.162.231.6
QNAX LTDA

General

Check archive.org

Show headers Download Go to

Full URL: https://entregaai.bzflow.com/css/chunk-vendors.9506a6d8.css
Requested by: Host: entregaai.bzflow.com
URL: https://entregaai.bzflow.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.162.231.6 São Paulo, Brazil, ASN268581 (QNAX LTDA, BR),
Reverse DNS
Software: nginx /
Resource Hash: 1fc3b15d0105cfa43877113cee7b4fccb405b98b1cb2aa03a8c297c1402c939a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://entregaai.bzflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:08 GMT
content-encoding: gzip
last-modified: Fri, 24 Feb 2023 19:31:02 GMT
server: nginx
etag: W/"63f91076-7312f"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 app.f7d7efd7.js Show response
entregaai.bzflow.com/js/ 5 MB
3 MB 640ms
637ms Script
application/javascript 45.162.231.6
QNAX LTDA

General

Check archive.org

Show headers Download Go to

Full URL: https://entregaai.bzflow.com/js/app.f7d7efd7.js
Requested by: Host: entregaai.bzflow.com
URL: https://entregaai.bzflow.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.162.231.6 São Paulo, Brazil, ASN268581 (QNAX LTDA, BR),
Reverse DNS
Software: nginx /
Resource Hash: 97653c3b23e61addd5119186f7117203a0ab86facf9a6a85cb50af461ea1d718

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://entregaai.bzflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:08 GMT
content-encoding: gzip
last-modified: Fri, 24 Feb 2023 19:31:02 GMT
server: nginx
etag: W/"63f91076-49ff3c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 chunk-vendors.41791bec.js Show response
entregaai.bzflow.com/js/ 883 KB
333 KB 640ms
638ms Script
application/javascript 45.162.231.6
QNAX LTDA

General

Check archive.org

Show headers Download Go to

Full URL: https://entregaai.bzflow.com/js/chunk-vendors.41791bec.js
Requested by: Host: entregaai.bzflow.com
URL: https://entregaai.bzflow.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.162.231.6 São Paulo, Brazil, ASN268581 (QNAX LTDA, BR),
Reverse DNS
Software: nginx /
Resource Hash: ac38c3e20a2d1f0a5afc15ba41d801c3d59a400a90f03d2fcaa6a4472dff389b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://entregaai.bzflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:08 GMT
content-encoding: gzip
last-modified: Fri, 24 Feb 2023 19:31:02 GMT
server: nginx
etag: W/"63f91076-dcbf9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 v3 Show response
js.stripe.com/ 450 KB
109 KB 103ms
20ms Script
text/javascript 52.222.158.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: entregaai.bzflow.com
URL: https://entregaai.bzflow.com/js/chunk-vendors.41791bec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.158.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-158-59.cdg52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

61a8acbd936696b1ab5850535748a30b8aa5c979e44b38da0d81dc72cbac7820

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://entregaai.bzflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 22 Mar 2023 01:51:10 GMT
via: 1.1 e0720e45d2e7ea5da3d185114a45e51e.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P2
age: 1
x-cache: Hit from cloudfront
last-modified: Tue, 21 Mar 2023 20:39:22 GMT
server: Cloudfront
etag: W/"2c59758e9400260cedd385b2e533ac26"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: f6223zaNNbA35fzUcK_20uuGt_3-g2OadGE7VTdTyB2zpiyE_6tA_g==

GET
H2 200 entregaai.bzflow.com
deliverybr-api.builderall.com/api/store/get-url-by-domain/ 115 B
445 B 232ms
232ms XHR
application/json 45.162.231.6
QNAX LTDA

General

Check archive.org

Show headers Download Go to

Full URL

https://deliverybr-api.builderall.com/api/store/get-url-by-domain/entregaai.bzflow.com

Requested by

Host: entregaai.bzflow.com
URL: https://entregaai.bzflow.com/js/chunk-vendors.41791bec.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.162.231.6 São Paulo, Brazil, ASN268581 (QNAX LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://entregaai.bzflow.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding, Origin
x-ratelimit-remaining: 199
content-type: application/json
access-control-allow-origin: https://entregaai.bzflow.com
cache-control: no-cache, private
access-control-allow-credentials: true
x-ratelimit-limit: 200
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

OPTIONS
H2 204 entregaai.bzflow.com
deliverybr-api.builderall.com/api/store/get-url-by-domain/ Frame 0
0 678ms
231ms Preflight 45.162.231.6
QNAX LTDA

General

Check archive.org

Show headers Download Go to

Full URL

https://deliverybr-api.builderall.com/api/store/get-url-by-domain/entregaai.bzflow.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.162.231.6 São Paulo, Brazil, ASN268581 (QNAX LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://entregaai.bzflow.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET
access-control-allow-origin: https://entregaai.bzflow.com
access-control-max-age: 0
cache-control: no-cache, private
date: Wed, 22 Mar 2023 01:51:10 GMT
server: nginx
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 lato-latin-400-normal.e1b3b590.woff2
entregaai.bzflow.com/fonts/ 23 KB
23 KB 209ms
209ms Font
font/woff2 45.162.231.6
QNAX LTDA

General

Check archive.org

Show headers Download Go to

Full URL: https://entregaai.bzflow.com/fonts/lato-latin-400-normal.e1b3b590.woff2
Requested by: Host: entregaai.bzflow.com
URL: https://entregaai.bzflow.com/css/chunk-vendors.9506a6d8.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.162.231.6 São Paulo, Brazil, ASN268581 (QNAX LTDA, BR),
Reverse DNS
Software: nginx /
Resource Hash: 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Request headers

Referer: https://entregaai.bzflow.com/css/chunk-vendors.9506a6d8.css
Origin: https://entregaai.bzflow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:10 GMT
last-modified: Fri, 24 Feb 2023 19:31:02 GMT
server: nginx
accept-ranges: bytes
etag: "63f91076-5c1c"
content-length: 23580
content-type: font/woff2

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 8827 200 B
1 KB 16ms
16ms Document
text/html 52.222.158.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.158.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-158-59.cdg52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://entregaai.bzflow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1705
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 22 Mar 2023 01:22:46 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Fri, 17 Mar 2023 20:02:38 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e0720e45d2e7ea5da3d185114a45e51e.cloudfront.net (CloudFront)
x-amz-cf-id: nDx2tLmaLQTsGa0OWIDbqm0-I-RhD5zftwUVS1aa6GaJShJ1_macUQ==
x-amz-cf-pop: CDG52-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 8827 0
640 B 547ms
171ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: entregaai.bzflow.com
URL: https://entregaai.bzflow.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 22 Mar 2023 01:51:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1679449870956379
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 8827 0
641 B 546ms
170ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: entregaai.bzflow.com
URL: https://entregaai.bzflow.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 22 Mar 2023 01:51:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1679449870956397
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8827 631 B
1 KB 16ms
16ms Script
text/javascript 52.222.158.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.158.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-158-59.cdg52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 22 Mar 2023 01:31:36 GMT
x-content-type-options: nosniff
via: 1.1 e0720e45d2e7ea5da3d185114a45e51e.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P2
age: 1176
x-cache: Hit from cloudfront
content-length: 631
last-modified: Fri, 17 Mar 2023 20:02:38 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 5pnVI_diBX3iK8i-sfqTqrYXxW4A8pyTa6OjdB62BwSLr05va20N8A==

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 8BCD 930 B
1 KB 44ms
6ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 136
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 22 Mar 2023 01:51:10 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 16
x-content-type-options: nosniff
x-request-id: 41c16e7a-581b-4137-af6b-2509a79793a8
x-served-by: cache-fra-eddf8230138-FRA
x-timer: S1679449871.550622,VS0,VE0

POST
H2 200 csp-report
q.stripe.com/ Frame 8BCD 0
414 B 479ms
171ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: entregaai.bzflow.com
URL: https://entregaai.bzflow.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/csp-report

Response headers

x-stripe-bg-intended-route-color: green
pragma: no-cache
date: Wed, 22 Mar 2023 01:51:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-client-envoy-start-time-us: 1679449870956515
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 8BCD 86 KB
16 KB 6ms
6ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 22 Mar 2023 01:51:10 GMT
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 varnish
age: 11
x-cache: HIT
content-length: 16031
x-request-id: 0e26411f-421b-4850-b2bd-cabbfa22e801
x-served-by: cache-fra-eddf8230138-FRA
server: Fastly
x-timer: S1679449871.562118,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 3

POST
H2 200 6 Show response
m.stripe.com/ Frame 8BCD 156 B
632 B 533ms
175ms XHR
application/json 44.233.226.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.233.226.104 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-233-226-104.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

6dc6f7130e81891024b4e605ba46f971604cd88639fd58f3eb7b393d826d4637

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 22 Mar 2023 01:51:11 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1679449871057607
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1679449871057159
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 Primary Request NWJvdUI4NDJ4T0FrK21FR3prOURlQT09 Show response
entregaai.bzflow.com/delivery/bees-foods/ 1021 B
646 B 209ms
209ms Document
text/html 45.162.231.6
QNAX LTDA

General

Check archive.org

Show headers Download Go to

Full URL: https://entregaai.bzflow.com/delivery/bees-foods/NWJvdUI4NDJ4T0FrK21FR3prOURlQT09
Requested by: Host: entregaai.bzflow.com
URL: https://entregaai.bzflow.com/js/app.f7d7efd7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.162.231.6 São Paulo, Brazil, ASN268581 (QNAX LTDA, BR),
Reverse DNS
Software: nginx /
Resource Hash: e8ea6240c0e62be67b4b7b2cec0ccb998bbabe6b63b6b1ab8ba247938a6e879e

Request headers

Referer: https://entregaai.bzflow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 22 Mar 2023 01:51:11 GMT
etag: W/"63f91076-3fd"
last-modified: Fri, 24 Feb 2023 19:31:02 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@latest/css/ 331 KB
54 KB 10ms
9ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css

Requested by

Host: entregaai.bzflow.com
URL: https://entregaai.bzflow.com/delivery/bees-foods/NWJvdUI4NDJ4T0FrK21FR3prOURlQT09

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b89606bf42acdeb4f05cff729f63f2f0574e87011d4aa5a05253a3bfcd7461bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://entregaai.bzflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 22 Mar 2023 01:51:11 GMT
x-content-type-options: nosniff
content-encoding: br
age: 3085
x-jsd-version: 7.2.96
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 54765
x-served-by: cache-fra-eddf8230135-FRA
x-jsd-version-type: version
etag: W/"52d34-McwSlO6CU7M543fkTyDaQiyOjpU"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 app.d4888721.css
entregaai.bzflow.com/css/ 2 KB
1 KB 210ms
209ms Stylesheet
text/css 45.162.231.6
QNAX LTDA

General

Check archive.org

Show headers Download Go to

Full URL: https://entregaai.bzflow.com/css/app.d4888721.css
Requested by: Host: entregaai.bzflow.com
URL: https://entregaai.bzflow.com/delivery/bees-foods/NWJvdUI4NDJ4T0FrK21FR3prOURlQT09
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.162.231.6 São Paulo, Brazil, ASN268581 (QNAX LTDA, BR),
Reverse DNS
Software: nginx /
Resource Hash: 54c31fa9fc5ab9ccfb7b4d7887dcbca8fa25e97d79c263def8e4aef4aa748b9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://entregaai.bzflow.com/delivery/bees-foods/NWJvdUI4NDJ4T0FrK21FR3prOURlQT09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:11 GMT
content-encoding: gzip
last-modified: Fri, 24 Feb 2023 19:31:02 GMT
server: nginx
etag: W/"63f91076-8eb"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 chunk-vendors.9506a6d8.css
entregaai.bzflow.com/css/ 460 KB
67 KB 222ms
221ms Stylesheet
text/css 45.162.231.6
QNAX LTDA

General

Check archive.org

Show headers Download Go to

Full URL: https://entregaai.bzflow.com/css/chunk-vendors.9506a6d8.css
Requested by: Host: entregaai.bzflow.com
URL: https://entregaai.bzflow.com/delivery/bees-foods/NWJvdUI4NDJ4T0FrK21FR3prOURlQT09
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.162.231.6 São Paulo, Brazil, ASN268581 (QNAX LTDA, BR),
Reverse DNS
Software: nginx /
Resource Hash: 1fc3b15d0105cfa43877113cee7b4fccb405b98b1cb2aa03a8c297c1402c939a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://entregaai.bzflow.com/delivery/bees-foods/NWJvdUI4NDJ4T0FrK21FR3prOURlQT09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:11 GMT
content-encoding: gzip
last-modified: Fri, 24 Feb 2023 19:31:02 GMT
server: nginx
etag: W/"63f91076-7312f"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 app.f7d7efd7.js Show response
entregaai.bzflow.com/js/ 5 MB
3 MB 232ms
231ms Script
application/javascript 45.162.231.6
QNAX LTDA

General

Check archive.org

Show headers Download Go to

Full URL: https://entregaai.bzflow.com/js/app.f7d7efd7.js
Requested by: Host: entregaai.bzflow.com
URL: https://entregaai.bzflow.com/delivery/bees-foods/NWJvdUI4NDJ4T0FrK21FR3prOURlQT09
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.162.231.6 São Paulo, Brazil, ASN268581 (QNAX LTDA, BR),
Reverse DNS
Software: nginx /
Resource Hash: 97653c3b23e61addd5119186f7117203a0ab86facf9a6a85cb50af461ea1d718

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://entregaai.bzflow.com/delivery/bees-foods/NWJvdUI4NDJ4T0FrK21FR3prOURlQT09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:11 GMT
content-encoding: gzip
last-modified: Fri, 24 Feb 2023 19:31:02 GMT
server: nginx
etag: W/"63f91076-49ff3c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 chunk-vendors.41791bec.js Show response
entregaai.bzflow.com/js/ 883 KB
333 KB 662ms
662ms Script
application/javascript 45.162.231.6
QNAX LTDA

General

Check archive.org

Show headers Download Go to

Full URL: https://entregaai.bzflow.com/js/chunk-vendors.41791bec.js
Requested by: Host: entregaai.bzflow.com
URL: https://entregaai.bzflow.com/delivery/bees-foods/NWJvdUI4NDJ4T0FrK21FR3prOURlQT09
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.162.231.6 São Paulo, Brazil, ASN268581 (QNAX LTDA, BR),
Reverse DNS
Software: nginx /
Resource Hash: ac38c3e20a2d1f0a5afc15ba41d801c3d59a400a90f03d2fcaa6a4472dff389b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://entregaai.bzflow.com/delivery/bees-foods/NWJvdUI4NDJ4T0FrK21FR3prOURlQT09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:11 GMT
content-encoding: gzip
last-modified: Fri, 24 Feb 2023 19:31:02 GMT
server: nginx
etag: W/"63f91076-dcbf9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

OPTIONS
H2 204 NWJvdUI4NDJ4T0FrK21FR3prOURlQT09
deliverybr-api.builderall.com/api/store/ Frame 0
0 220ms
220ms Preflight 45.162.231.6
QNAX LTDA

General

Check archive.org

Show headers Download Go to

Full URL

https://deliverybr-api.builderall.com/api/store/NWJvdUI4NDJ4T0FrK21FR3prOURlQT09

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.162.231.6 São Paulo, Brazil, ASN268581 (QNAX LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://entregaai.bzflow.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET
access-control-allow-origin: https://entregaai.bzflow.com
access-control-max-age: 0
cache-control: no-cache, private
date: Wed, 22 Mar 2023 01:51:12 GMT
server: nginx
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 v3 Show response
js.stripe.com/ 450 KB
109 KB 19ms
19ms Script
text/javascript 52.222.158.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: entregaai.bzflow.com
URL: https://entregaai.bzflow.com/js/chunk-vendors.41791bec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.158.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-158-59.cdg52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

61a8acbd936696b1ab5850535748a30b8aa5c979e44b38da0d81dc72cbac7820

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://entregaai.bzflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 22 Mar 2023 01:51:12 GMT
via: 1.1 e0720e45d2e7ea5da3d185114a45e51e.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P2
age: 9
x-cache: Hit from cloudfront
last-modified: Tue, 21 Mar 2023 20:39:22 GMT
server: Cloudfront
etag: W/"2c59758e9400260cedd385b2e533ac26"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: CjrsgwMzdSgIxboHsqRR2jdnMYm6LJ3RLvjxCnz58vTlyIgzu8DlUw==

GET
H2 200 NWJvdUI4NDJ4T0FrK21FR3prOURlQT09 Show response
deliverybr-api.builderall.com/api/store/ 2 KB
1 KB 230ms
230ms XHR
application/json 45.162.231.6
QNAX LTDA

General

Check archive.org

Show headers Download Go to

Full URL

https://deliverybr-api.builderall.com/api/store/NWJvdUI4NDJ4T0FrK21FR3prOURlQT09

Requested by

Host: entregaai.bzflow.com
URL: https://entregaai.bzflow.com/js/chunk-vendors.41791bec.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.162.231.6 São Paulo, Brazil, ASN268581 (QNAX LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

c19e5d1fb5f908ed4349b04759edb7af358256fb69f817d1085a9843359f9579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://entregaai.bzflow.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding, Origin
x-ratelimit-remaining: 198
content-type: application/json
access-control-allow-origin: https://entregaai.bzflow.com
cache-control: no-cache, private
access-control-allow-credentials: true
x-ratelimit-limit: 200
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 lato-latin-400-normal.e1b3b590.woff2
entregaai.bzflow.com/fonts/ 23 KB
23 KB 210ms
208ms Font
font/woff2 45.162.231.6
QNAX LTDA

General

Check archive.org

Show headers Download Go to

Full URL: https://entregaai.bzflow.com/fonts/lato-latin-400-normal.e1b3b590.woff2
Requested by: Host: entregaai.bzflow.com
URL: https://entregaai.bzflow.com/css/chunk-vendors.9506a6d8.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.162.231.6 São Paulo, Brazil, ASN268581 (QNAX LTDA, BR),
Reverse DNS
Software: nginx /
Resource Hash: 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Request headers

Referer: https://entregaai.bzflow.com/css/chunk-vendors.9506a6d8.css
Origin: https://entregaai.bzflow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:12 GMT
last-modified: Fri, 24 Feb 2023 19:31:02 GMT
server: nginx
accept-ranges: bytes
etag: "63f91076-5c1c"
content-length: 23580
content-type: font/woff2

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame F65B 200 B
1 KB 16ms
16ms Document
text/html 52.222.158.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.158.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-158-59.cdg52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://entregaai.bzflow.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1707
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 22 Mar 2023 01:22:46 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Fri, 17 Mar 2023 20:02:38 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 e0720e45d2e7ea5da3d185114a45e51e.cloudfront.net (CloudFront)
x-amz-cf-id: 4yCFOng8Emm7jGzqpqMFTut1IZ2EQNzgjF_bhJwyLsAsBoq4Kt9iVw==
x-amz-cf-pop: CDG52-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame F65B 0
640 B 170ms
170ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: entregaai.bzflow.com
URL: https://entregaai.bzflow.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 22 Mar 2023 01:51:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1679449872644045
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame F65B 0
640 B 171ms
170ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: entregaai.bzflow.com
URL: https://entregaai.bzflow.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 22 Mar 2023 01:51:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1679449872644291
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F65B 631 B
1 KB 16ms
16ms Script
text/javascript 52.222.158.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.158.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-158-59.cdg52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 22 Mar 2023 01:31:36 GMT
x-content-type-options: nosniff
via: 1.1 e0720e45d2e7ea5da3d185114a45e51e.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P2
age: 1178
x-cache: Hit from cloudfront
content-length: 631
last-modified: Fri, 17 Mar 2023 20:02:38 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: _Ba51vLBf9ZuTy5gcm72zLempaFQH8Au9C4hWOuhuQpYXOBOXlDEIA==

GET
H2 200 inner.html Show response
m.stripe.network/ Frame A44E 930 B
650 B 7ms
6ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 138
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 22 Mar 2023 01:51:12 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 17
x-content-type-options: nosniff
x-request-id: 663c0051-a907-42ef-8c2a-c0564aa65e50
x-served-by: cache-fra-eddf8230138-FRA
x-timer: S1679449873.576427,VS0,VE0

POST
H2 200 csp-report
q.stripe.com/ Frame A44E 0
414 B 169ms
169ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: entregaai.bzflow.com
URL: https://entregaai.bzflow.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/csp-report

Response headers

x-stripe-bg-intended-route-color: green
pragma: no-cache
date: Wed, 22 Mar 2023 01:51:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-client-envoy-start-time-us: 1679449872674094
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame A44E 86 KB
16 KB 7ms
6ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 22 Mar 2023 01:51:12 GMT
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 varnish
age: 13
x-cache: HIT
content-length: 16031
x-request-id: 67f343e8-e705-4237-88a6-fd06231baeba
x-served-by: cache-fra-eddf8230138-FRA
server: Fastly
x-timer: S1679449873.588394,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 4

POST
H2 200 6 Show response
m.stripe.com/ Frame A44E 156 B
631 B 175ms
175ms XHR
application/json 44.233.226.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.233.226.104 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-233-226-104.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

6dc6f7130e81891024b4e605ba46f971604cd88639fd58f3eb7b393d826d4637

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 22 Mar 2023 01:51:12 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1679449872695943
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1679449872695422
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

OPTIONS
H2 204 categories
deliverybr-api.builderall.com/api/store/NWJvdUI4NDJ4T0FrK21FR3prOURlQT09/ Frame 0
0 219ms
219ms Preflight 45.162.231.6
QNAX LTDA

General

Check archive.org

Show headers Download Go to

Full URL

https://deliverybr-api.builderall.com/api/store/NWJvdUI4NDJ4T0FrK21FR3prOURlQT09/categories

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.162.231.6 São Paulo, Brazil, ASN268581 (QNAX LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://entregaai.bzflow.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET
access-control-allow-origin: https://entregaai.bzflow.com
access-control-max-age: 0
cache-control: no-cache, private
date: Wed, 22 Mar 2023 01:51:12 GMT
server: nginx
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

OPTIONS
H2 204 items
deliverybr-api.builderall.com/api/store/NWJvdUI4NDJ4T0FrK21FR3prOURlQT09/ Frame 0
0 218ms
218ms Preflight 45.162.231.6
QNAX LTDA

General

Check archive.org

Show headers Download Go to

Full URL

https://deliverybr-api.builderall.com/api/store/NWJvdUI4NDJ4T0FrK21FR3prOURlQT09/items

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.162.231.6 São Paulo, Brazil, ASN268581 (QNAX LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://entregaai.bzflow.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: GET
access-control-allow-origin: https://entregaai.bzflow.com
access-control-max-age: 0
cache-control: no-cache, private
date: Wed, 22 Mar 2023 01:51:12 GMT
server: nginx
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 categories Show response
deliverybr-api.builderall.com/api/store/NWJvdUI4NDJ4T0FrK21FR3prOURlQT09/ 2 B
334 B 232ms
232ms XHR
application/json 45.162.231.6
QNAX LTDA

General

Check archive.org

Show headers Download Go to

Full URL

https://deliverybr-api.builderall.com/api/store/NWJvdUI4NDJ4T0FrK21FR3prOURlQT09/categories

Requested by

Host: entregaai.bzflow.com
URL: https://entregaai.bzflow.com/js/chunk-vendors.41791bec.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.162.231.6 São Paulo, Brazil, ASN268581 (QNAX LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://entregaai.bzflow.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding, Origin
x-ratelimit-remaining: 197
content-type: application/json
access-control-allow-origin: https://entregaai.bzflow.com
cache-control: no-cache, private
access-control-allow-credentials: true
x-ratelimit-limit: 200
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 items Show response
deliverybr-api.builderall.com/api/store/NWJvdUI4NDJ4T0FrK21FR3prOURlQT09/ 2 B
334 B 231ms
231ms XHR
application/json 45.162.231.6
QNAX LTDA

General

Check archive.org

Show headers Download Go to

Full URL

https://deliverybr-api.builderall.com/api/store/NWJvdUI4NDJ4T0FrK21FR3prOURlQT09/items

Requested by

Host: entregaai.bzflow.com
URL: https://entregaai.bzflow.com/js/chunk-vendors.41791bec.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.162.231.6 São Paulo, Brazil, ASN268581 (QNAX LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://entregaai.bzflow.com/
accept-language: de-DE,de;q=0.9
Authorization: Bearer null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding, Origin
x-ratelimit-remaining: 197
content-type: application/json
access-control-allow-origin: https://entregaai.bzflow.com
cache-control: no-cache, private
access-control-allow-credentials: true
x-ratelimit-limit: 200
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H3 200 materialdesignicons-webfont.woff2
cdn.jsdelivr.net/npm/@mdi/font@latest/fonts/ 387 KB
388 KB 15ms
7ms Font
font/woff2 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@mdi/font@latest/fonts/materialdesignicons-webfont.woff2?v=7.2.96

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c1c004a90e60a31becd3ca261781c3a13a2937b5b26338fd8dd89e10ab562849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css
Origin: https://entregaai.bzflow.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 22 Mar 2023 01:51:12 GMT
x-content-type-options: nosniff
age: 3087
x-jsd-version: 7.2.96
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 396732
x-served-by: cache-fra-eddf8230123-FRA
x-jsd-version-type: version
etag: W/"60dbc-Ny7iWtVyfhmKnwTiem7ds7fgSTo"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 NWJvdUI4NDJ4T0FrK21FR3prOURlQT09
deliverybr-api.builderall.com/api/images/OEdRMjFRanpyV09sOUJGRVcrdWVxekNRNFQvbzc3N3BoVWFmMzdLVm1wVlNnd1FGeG1qMkJWUkExNDgzd0o3OQ==.png/ 22 KB
22 KB 870ms
436ms Image
image/png 45.162.231.6
QNAX LTDA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://deliverybr-api.builderall.com/api/images/OEdRMjFRanpyV09sOUJGRVcrdWVxekNRNFQvbzc3N3BoVWFmMzdLVm1wVlNnd1FGeG1qMkJWUkExNDgzd0o3OQ==.png/NWJvdUI4NDJ4T0FrK21FR3prOURlQT09

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.162.231.6 São Paulo, Brazil, ASN268581 (QNAX LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

500ef11eb2d1e0414b6ed562c9ac9349105f8dabe13496d85ae3f2cbec7f3b13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://entregaai.bzflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:13 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
x-ratelimit-remaining: 196
content-type: image/png
vary: Origin
cache-control: no-cache, private
x-ratelimit-limit: 200
x-xss-protection: 1; mode=block

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://deliverybr-api.builderall.com/api/images/OEdRMjFRanpyV09sOUJGRVcrdWVxekNRNFQvbzc3N3BoVWFmMzdLVm1wVlNnd1FGeG1qMkJWUkExNDgzd0o3OQ==.png/NWJvdUI4NDJ4T0FrK21FR3prOURlQT09

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.162.231.6 São Paulo, Brazil, ASN268581 (QNAX LTDA, BR),

Reverse DNS

Software

nginx /

Resource Hash

500ef11eb2d1e0414b6ed562c9ac9349105f8dabe13496d85ae3f2cbec7f3b13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://entregaai.bzflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 01:51:13 GMT
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
x-ratelimit-remaining: 195
content-type: image/png
vary: Origin
cache-control: no-cache, private
x-ratelimit-limit: 200
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
m.stripe.com/	1970-01-20 20:06:49	Name: m Value: 29038377-3b79-41d8-8678-2b29fdb8034ede0c6b
.entregaai.bzflow.com/	1970-01-20 19:16:25	Name: __stripe_mid Value: f60f999e-51de-4f95-9d9e-a7caaab118c60a2392
.entregaai.bzflow.com/	1970-01-20 10:30:51	Name: __stripe_sid Value: cb04ad11-36fa-4fa2-ab10-d69a487d413c8e6898

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
deliverybr-api.builderall.com
entregaai.bzflow.com
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
151.101.192.176
2a04:4e42::485
44.233.226.104
45.162.231.6
52.222.158.59
54.187.119.242
1fc3b15d0105cfa43877113cee7b4fccb405b98b1cb2aa03a8c297c1402c939a
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
500ef11eb2d1e0414b6ed562c9ac9349105f8dabe13496d85ae3f2cbec7f3b13
54c31fa9fc5ab9ccfb7b4d7887dcbca8fa25e97d79c263def8e4aef4aa748b9e
61a8acbd936696b1ab5850535748a30b8aa5c979e44b38da0d81dc72cbac7820
6dc6f7130e81891024b4e605ba46f971604cd88639fd58f3eb7b393d826d4637
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
97653c3b23e61addd5119186f7117203a0ab86facf9a6a85cb50af461ea1d718
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
ac38c3e20a2d1f0a5afc15ba41d801c3d59a400a90f03d2fcaa6a4472dff389b
b89606bf42acdeb4f05cff729f63f2f0574e87011d4aa5a05253a3bfcd7461bf
c19e5d1fb5f908ed4349b04759edb7af358256fb69f817d1085a9843359f9579
c1c004a90e60a31becd3ca261781c3a13a2937b5b26338fd8dd89e10ab562849
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8ea6240c0e62be67b4b7b2cec0ccb998bbabe6b63b6b1ab8ba247938a6e879e
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

entregaai.bzflow.com Open in urlscan Pro 45.162.231.6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

100 %HTTPS

17 %IPv6

5 Domains

7 Subdomains

6 IPs

2 Countries

8333 kBTransfer

14383 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

entregaai.bzflow.com Open in urlscan Pro
45.162.231.6 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

100 %
HTTPS

17 %
IPv6

5
Domains

7
Subdomains

6
IPs

2
Countries

8333 kB
Transfer

14383 kB
Size

3
Cookies

43 HTTP transactions
0 data transactions