ssp2.galaksion.com Open in urlscan Pro
142.91.121.92 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ssp2.galaksion.com/
Effective URL:
https://ssp2.galaksion.com/
Submission: On November 19 via api (November 19th 2023, 10:01:10 am UTC) from US — Scanned from NL

Summary HTTP 49 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 12 domains to perform 49 HTTP transactions. The main IP is 142.91.121.92, located in Netherlands and belongs to SERVERS-COM, US. The main domain is ssp2.galaksion.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 24th 2023. Valid for: a year.

This is the only time ssp2.galaksion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	142.91.121.92 142.91.121.92	7979 (SERVERS-COM) (SERVERS-COM)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
11	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3 9	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
4	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
5	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	13.32.27.114 13.32.27.114	16509 (AMAZON-02) (AMAZON-02)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	18.66.147.3 18.66.147.3	16509 (AMAZON-02) (AMAZON-02)
1	52.40.111.159 52.40.111.159	16509 (AMAZON-02) (AMAZON-02)
49	13

13 142.91.121.92 (Netherlands) 1 redirects

ASN7979 (SERVERS-COM, US)

ssp2.galaksion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-114.fra56.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o507988.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-3.fra60.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.40.111.159 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-111-159.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	stripe.com js.stripe.com — Cisco Umbrella Rank: 1287 q.stripe.com — Cisco Umbrella Rank: 7148 r.stripe.com — Cisco Umbrella Rank: 3546 m.stripe.com — Cisco Umbrella Rank: 1249	464 KB
13	galaksion.com 1 redirects ssp2.galaksion.com	2 MB
7	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 8755	3 KB
2	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 2317	274 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1354	16 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 4034	70 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	90 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	2 KB
1	sentry.io o507988.ingest.sentry.io	599 B
1	intercom.io widget.intercom.io — Cisco Umbrella Rank: 1771	3 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	185 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	47 KB
49	12

	Domain	Requested by
13	ssp2.galaksion.com	1 redirects ssp2.galaksion.com
9	js.stripe.com	ssp2.galaksion.com js.stripe.com
7	mc.yandex.com	2 redirects ssp2.galaksion.com
5	r.stripe.com	js.stripe.com
4	q.stripe.com	ssp2.galaksion.com
2	js.intercomcdn.com	widget.intercom.io
2	m.stripe.network	js.stripe.com m.stripe.network
2	mc.yandex.ru	1 redirects ssp2.galaksion.com
2	connect.facebook.net	ssp2.galaksion.com connect.facebook.net
2	fonts.googleapis.com	ssp2.galaksion.com
1	m.stripe.com	m.stripe.network
1	o507988.ingest.sentry.io	ssp2.galaksion.com
1	widget.intercom.io	ssp2.galaksion.com
1	www.facebook.com	ssp2.galaksion.com
1	www.googletagmanager.com	ssp2.galaksion.com
49	15

This site contains links to these domains. Also see Links.

Domain
galaksion.com

Subject Issuer	Validity	Valid
*.galaksion.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-24` - `2024-03-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-10-30` - `2024-01-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-28` - `2023-11-26`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-09` - `2024-01-18`	3 months	crt.sh
*.intercom.com Amazon RSA 2048 M02	`2023-02-14` - `2024-03-14`	a year	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
*.intercomcdn.com Amazon RSA 2048 M01	`2023-02-21` - `2024-01-29`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-05` - `2024-01-18`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://ssp2.galaksion.com/
Frame ID: 37719D9CE4794D79C02F41A9F4588FF9
Requests: 28 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-3132e16734973ccb58066950185c0af5.html
Frame ID: 4417E0D2B35343F335227E08997BB87F
Requests: 11 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: B21661CAD6CBA6C6D2160AA57C18853F
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 51323B22A1A06F673AF280B33B4D4F04
Requests: 4 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.e128bf6a.js
Frame ID: CF3CB6B68EEC2EA3F861B7A236E6D4F1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SSP

Page URL History Show full URLs

http://ssp2.galaksion.com/ HTTP 301
https://ssp2.galaksion.com/ Page URL

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

49
Requests

96 %
HTTPS

38 %
IPv6

12
Domains

15
Subdomains

13
IPs

4
Countries

2655 kB
Transfer

7999 kB
Size

20
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://galaksion.com/

Search URL Search Domain Scan URL

URL: http://galaksion.com/blog.html
Title: BLOG

Search URL Search Domain Scan URL

URL: https://galaksion.com/advertisers-terms
Title: Advertisers Terms and Conditions

Search URL Search Domain Scan URL

URL: https://galaksion.com/publishers-terms
Title: Publishers Terms and Conditions

Search URL Search Domain Scan URL

URL: https://galaksion.com/blog
Title: Blog

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ssp2.galaksion.com/ HTTP 301
https://ssp2.galaksion.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10192.yGs1_NJcVo3uzXPkU0PgaKodTCpBfQWxPkslCmPaLq3KDpayg3bIWe30rFmNqyEj.qXarqQGTDyNhxnQPFJhrSHCPd3I%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10192.6G_uubeU-m0LFLubtT3UwRDy4IjY9Qba0VWwW4xMBORnVbCYect-S7u_b1sZllng1YjiPYvmYlh6oxYaTwhPhdHRemxxuTfwLaHs4-xfsp6fFwdtQCuXL5w4Tl4iYK9uGPZdZFdjzLmt1KJFmEdBlz_s_cUiJ8av-3PzDg-3EDGf1rsjHhYG87zcDpAVYZ9BwAM2SWFNfS6ckIEdQLBFYT-9D7k5RKyOQV_Ij8qDsWs%2C.1ZPN1Cx1K_6mvO4ZRacFxPiDO6k%2C

Request Chain 33

https://mc.yandex.com/watch/62012557?wmode=7&page-url=https%3A%2F%2Fssp2.galaksion.com%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A820%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1161%3Acn%3A1%3Adp%3A0%3Als%3A1680011361970%3Ahid%3A966627384%3Az%3A60%3Ai%3A20231119110105%3Aet%3A1700388065%3Ac%3A1%3Arn%3A461183112%3Arqn%3A1%3Au%3A1700388065610738120%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C64%2C31%2C0%2C81%2C0%2C%2C700%2C0%2C%2C%2C%2C877%3Aco%3A0%3Acpf%3A1%3Ans%3A1700388063710%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1700388065%3At%3ASSP&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
https://mc.yandex.com/watch/62012557/1?wmode=7&page-url=https%3A%2F%2Fssp2.galaksion.com%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A820%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1161%3Acn%3A1%3Adp%3A0%3Als%3A1680011361970%3Ahid%3A966627384%3Az%3A60%3Ai%3A20231119110105%3Aet%3A1700388065%3Ac%3A1%3Arn%3A461183112%3Arqn%3A1%3Au%3A1700388065610738120%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C64%2C31%2C0%2C81%2C0%2C%2C700%2C0%2C%2C%2C%2C877%3Aco%3A0%3Acpf%3A1%3Ans%3A1700388063710%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1700388065%3At%3ASSP&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
ssp2.galaksion.com/
Redirect Chain

http://ssp2.galaksion.com/
https://ssp2.galaksion.com/

2 KB
1 KB

96ms
31ms

Document
text/html

142.91.121.92
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://ssp2.galaksion.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

142.91.121.92 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

c67534daddca415375f4d98fdb1f38a7bec4ba141c4a44dea5889d6950e4b3df

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Access-Control-Allow-Headers: Content-Type, Authorization
Access-Control-Allow-Methods: GET, POST, OPTIONS
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Sun, 19 Nov 2023 10:01:03 GMT
ETag: W/"6555f851-7aa"
Last-Modified: Thu, 16 Nov 2023 11:09:05 GMT
Server: nginx
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Sun, 19 Nov 2023 10:01:03 GMT
Location: https://ssp2.galaksion.com/
Server: nginx

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
840 B 118ms
43ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap

Requested by

Host: ssp2.galaksion.com
URL: https://ssp2.galaksion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssp2.galaksion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 19 Nov 2023 10:01:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 19 Nov 2023 09:44:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 19 Nov 2023 10:01:03 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
775 B 117ms
43ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: ssp2.galaksion.com
URL: https://ssp2.galaksion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssp2.galaksion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 19 Nov 2023 10:01:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 19 Nov 2023 10:01:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 19 Nov 2023 10:01:03 GMT

GET
H/1.1 200
OK 3.bb8b15434ad9a8f554f9.css
ssp2.galaksion.com/css/ 16 KB
6 KB 32ms
31ms Stylesheet
text/css 142.91.121.92
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp2.galaksion.com/css/3.bb8b15434ad9a8f554f9.css
Requested by: Host: ssp2.galaksion.com
URL: https://ssp2.galaksion.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.91.121.92 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 968af86e5fb189bad2f43a591075a96840fc095f9820712fafce780dbad81ba4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssp2.galaksion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 19 Nov 2023 10:01:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Nov 2023 11:09:05 GMT
Server: nginx
ETag: W/"6555f851-40d9"
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/css
Access-Control-Expose-Headers: Content-Length
Cache-Control: max-age=604800
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Authorization
Expires: Sun, 26 Nov 2023 10:01:03 GMT

GET
H/1.1 200
OK db9f7abf9bcb7bc65706.css
ssp2.galaksion.com/css/ 1023 B
713 B 63ms
30ms Stylesheet
text/css 142.91.121.92
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp2.galaksion.com/css/db9f7abf9bcb7bc65706.css
Requested by: Host: ssp2.galaksion.com
URL: https://ssp2.galaksion.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.91.121.92 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: f621a910f38f3d0f932e0c19b50c18eafdc455119f72ec5887c002d5d52f380c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssp2.galaksion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 19 Nov 2023 10:01:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Nov 2023 11:09:05 GMT
Server: nginx
ETag: W/"6555f851-3ff"
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/css
Access-Control-Expose-Headers: Content-Length
Cache-Control: max-age=604800
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Authorization
Expires: Sun, 26 Nov 2023 10:01:03 GMT

GET
H/1.1 200
OK vendors~analytics~bundle.8cc47e189d0231b6dcbc.js Show response
ssp2.galaksion.com/ 631 KB
214 KB 93ms
32ms Script
application/javascript 142.91.121.92
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://ssp2.galaksion.com/vendors~analytics~bundle.8cc47e189d0231b6dcbc.js

Requested by

Host: ssp2.galaksion.com
URL: https://ssp2.galaksion.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

142.91.121.92 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

bd84765a0a3d210a7cbdf97b42c2cc66516fa5697041490e9d27b005debb9249

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssp2.galaksion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 19 Nov 2023 10:01:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Nov 2023 11:09:05 GMT
Server: nginx
ETag: W/"6555f851-9dd6e"
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Authorization

GET
H/1.1 200
OK analytics.ef2f4a68bf86f6b0328e.js Show response
ssp2.galaksion.com/ 5 KB
3 KB 92ms
31ms Script
application/javascript 142.91.121.92
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://ssp2.galaksion.com/analytics.ef2f4a68bf86f6b0328e.js

Requested by

Host: ssp2.galaksion.com
URL: https://ssp2.galaksion.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

142.91.121.92 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

e3c31c4848311e1b3bd842fb52762bdd5505cc5d6fe6cbca15557a1b53ad7356

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssp2.galaksion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 19 Nov 2023 10:01:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Nov 2023 11:09:05 GMT
Server: nginx
ETag: W/"6555f851-127a"
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Authorization

GET
H/1.1 200
OK vendors~bundle.2ea5a93c1e8ee6aa415b.js Show response
ssp2.galaksion.com/ 2 MB
691 KB 94ms
32ms Script
application/javascript 142.91.121.92
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://ssp2.galaksion.com/vendors~bundle.2ea5a93c1e8ee6aa415b.js

Requested by

Host: ssp2.galaksion.com
URL: https://ssp2.galaksion.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

142.91.121.92 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

334ec62058393c770c708aaa5877745358379cc1261c406d651951a6cb45164f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssp2.galaksion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 19 Nov 2023 10:01:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Nov 2023 11:09:05 GMT
Server: nginx
ETag: W/"6555f851-24145f"
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Authorization

GET
H/1.1 200
OK bundle.7cbb42313e80e3f90068.js Show response
ssp2.galaksion.com/ 1 MB
324 KB 103ms
42ms Script
application/javascript 142.91.121.92
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://ssp2.galaksion.com/bundle.7cbb42313e80e3f90068.js

Requested by

Host: ssp2.galaksion.com
URL: https://ssp2.galaksion.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

142.91.121.92 , Netherlands, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

1091715f0c9fc9046e05148e83c76655960ad5ff9f0c8f36a15cc0cab008c861

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssp2.galaksion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 19 Nov 2023 10:01:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Nov 2023 11:09:05 GMT
Server: nginx
ETag: W/"6555f851-119a90"
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript; charset=utf-8
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Authorization

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 122 KB
47 KB 181ms
57ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NJLSX33&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: ssp2.galaksion.com
URL: https://ssp2.galaksion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4457ee68c2cf370475c39252a4c4827505fb28c063e8859946044e636c9c7a84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssp2.galaksion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 10:01:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47483
x-xss-protection: 0
last-modified: Sun, 19 Nov 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 19 Nov 2023 10:01:04 GMT

GET
H2 200 v3 Show response
js.stripe.com/ 556 KB
154 KB 111ms
27ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: ssp2.galaksion.com
URL: https://ssp2.galaksion.com/vendors~bundle.2ea5a93c1e8ee6aa415b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

90deaa6ce62764135079beba976e8df57220a817e759914adf09626153f38c16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssp2.galaksion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 19 Nov 2023 10:01:04 GMT
via: 1.1 varnish
age: 26
x-cache: HIT
content-length: 157344
x-request-id: e4a8687d-73e2-4847-a14a-7460fa9fdf06
x-served-by: cache-bru1480021-BRU
last-modified: Fri, 17 Nov 2023 21:21:15 GMT
server: Fastly
etag: "b2cc65458b2c4ec73e91a4fb930e6217"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H/1.1 200
OK 410da3249b31adc5cc08ecee334049f6.png
ssp2.galaksion.com/images/ 347 KB
347 KB 31ms
31ms Image
image/png 142.91.121.92
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp2.galaksion.com/images/410da3249b31adc5cc08ecee334049f6.png
Requested by: Host: ssp2.galaksion.com
URL: https://ssp2.galaksion.com/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.91.121.92 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 09310f40b2db42588393c4f076965e18dbc65bd205349a641eafa0c770ea46cd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssp2.galaksion.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 19 Nov 2023 10:01:04 GMT
Last-Modified: Thu, 16 Nov 2023 11:09:05 GMT
Server: nginx
ETag: "6555f851-56bff"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/png
Access-Control-Expose-Headers: Content-Length
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, Authorization
Content-Length: 355327
Expires: Sun, 26 Nov 2023 10:01:04 GMT

GET
H/1.1 200
OK 495c728d6c75102c5fad27e2398fa8c1.svg
ssp2.galaksion.com/images/ 12 KB
13 KB 31ms
31ms Image
image/svg+xml 142.91.121.92
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp2.galaksion.com/images/495c728d6c75102c5fad27e2398fa8c1.svg
Requested by: Host: ssp2.galaksion.com
URL: https://ssp2.galaksion.com/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.91.121.92 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 24067d9a9265f2a8f5815354ece2b26a4cf8c4046a8eb3629b45d92f9ea38efa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssp2.galaksion.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 19 Nov 2023 10:01:04 GMT
Last-Modified: Thu, 16 Nov 2023 11:09:05 GMT
Server: nginx
ETag: "6555f851-30e0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/svg+xml
Access-Control-Expose-Headers: Content-Length
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, Authorization
Content-Length: 12512
Expires: Sun, 26 Nov 2023 10:01:04 GMT

GET
H/1.1 200
OK 08a188da8f66b1e63ad251eb7067fdfa.png
ssp2.galaksion.com/images/ 2 KB
3 KB 32ms
31ms Image
image/png 142.91.121.92
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp2.galaksion.com/images/08a188da8f66b1e63ad251eb7067fdfa.png
Requested by: Host: ssp2.galaksion.com
URL: https://ssp2.galaksion.com/login
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.91.121.92 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 55e748b9acc9acc4f7f6cc48af7d2da5ec9f10835f9bdfdd1ac33ea0a22889df

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssp2.galaksion.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 19 Nov 2023 10:01:04 GMT
Last-Modified: Thu, 16 Nov 2023 11:09:05 GMT
Server: nginx
ETag: "6555f851-8a2"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/png
Access-Control-Expose-Headers: Content-Length
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, Authorization
Content-Length: 2210
Expires: Sun, 26 Nov 2023 10:01:04 GMT

GET
H/1.1 200
OK Nunito-ExtraLight.woff2
ssp2.galaksion.com/fonts/fonts/ 42 KB
42 KB 32ms
32ms Font
font/woff2 142.91.121.92
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp2.galaksion.com/fonts/fonts/Nunito-ExtraLight.woff2
Requested by: Host: ssp2.galaksion.com
URL: https://ssp2.galaksion.com/css/db9f7abf9bcb7bc65706.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.91.121.92 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: a7f44a4baf45eedc982f873b7adfe35dda374518f336a4345dc963e368128ece

Request headers

Referer: https://ssp2.galaksion.com/css/db9f7abf9bcb7bc65706.css
Origin: https://ssp2.galaksion.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 19 Nov 2023 10:01:04 GMT
Last-Modified: Thu, 16 Nov 2023 11:09:05 GMT
Server: nginx
ETag: "6555f851-a798"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: font/woff2
Access-Control-Allow-Origin: https://ssp2.galaksion.com
Access-Control-Expose-Headers: Content-Length
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, Authorization
Content-Length: 42904
Expires: Sun, 26 Nov 2023 10:01:04 GMT

GET
H/1.1 200
OK Nunito-Bold.woff2
ssp2.galaksion.com/fonts/fonts/ 43 KB
43 KB 32ms
32ms Font
font/woff2 142.91.121.92
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp2.galaksion.com/fonts/fonts/Nunito-Bold.woff2
Requested by: Host: ssp2.galaksion.com
URL: https://ssp2.galaksion.com/css/db9f7abf9bcb7bc65706.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.91.121.92 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 2793ddf49afaf0284df34bd7b8e7d2d539f703f1bec1b19cc7bf8de69ab12fd5

Request headers

Referer: https://ssp2.galaksion.com/css/db9f7abf9bcb7bc65706.css
Origin: https://ssp2.galaksion.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 19 Nov 2023 10:01:04 GMT
Last-Modified: Thu, 16 Nov 2023 11:09:05 GMT
Server: nginx
ETag: "6555f851-ab84"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: font/woff2
Access-Control-Allow-Origin: https://ssp2.galaksion.com
Access-Control-Expose-Headers: Content-Length
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type, Authorization
Content-Length: 43908
Expires: Sun, 26 Nov 2023 10:01:04 GMT

GET
H2 200 controller-3132e16734973ccb58066950185c0af5.html Show response
js.stripe.com/v3/ Frame 4417 325 B
711 B 28ms
27ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-3132e16734973ccb58066950185c0af5.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

43930e37bce5cf2bdc0406301b3170eb11dd357514ceae95a703a0fe034aaae1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ssp2.galaksion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 55
cache-control: max-age=60
content-encoding: br
content-length: 189
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 19 Nov 2023 10:01:04 GMT
etag: "3132e16734973ccb58066950185c0af5"
last-modified: Fri, 17 Nov 2023 21:03:03 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 5
x-content-type-options: nosniff
x-request-id: 9893f71b-7ef5-49b0-a088-7d73375102b9
x-served-by: cache-bru1480021-BRU

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 103ms
34ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ssp2.galaksion.com
URL: https://ssp2.galaksion.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssp2.galaksion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 19 Nov 2023 10:01:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: n4zRxaTQrSkKsbRcb/+MCP5ecmzG+3QyQ3XouTNnZxsGXAVf6jGdWrXQloi7p2Pj+c4BnofZdd0AUwVk1Puk+A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 200 KB
70 KB 246ms
111ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: ssp2.galaksion.com
URL: https://ssp2.galaksion.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ac8e8ffc35ba53190925d14ab161e6ca52390305a820f53dcd8acaf5fee759bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssp2.galaksion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 10:01:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 14 Nov 2023 10:50:54 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6553510e-11399"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 70553
expires: Sun, 19 Nov 2023 11:01:04 GMT

GET
H2 200 shared-7cc701e41de11d39c80345b2a8d3fc73.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4417 534 KB
129 KB 28ms
27ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-7cc701e41de11d39c80345b2a8d3fc73.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-3132e16734973ccb58066950185c0af5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

21e0577bdef99274f85366c05b4ed596183789bb3fff63766b84ecae349de050

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://js.stripe.com/v3/controller-3132e16734973ccb58066950185c0af5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 19 Nov 2023 10:01:04 GMT
via: 1.1 varnish
age: 132841
x-cache: HIT
content-length: 132140
x-request-id: 1a505270-4899-4546-93e6-8c3ce2663d19
x-served-by: cache-bru1480021-BRU
last-modified: Fri, 17 Nov 2023 21:03:17 GMT
server: Fastly
etag: "53769739a53ea437a208dabadb1a17b1"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3216

GET
H2 200 controller-d2b86c303c66a70842cb3c54e2f4456f.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4417 663 KB
172 KB 37ms
37ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-d2b86c303c66a70842cb3c54e2f4456f.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-3132e16734973ccb58066950185c0af5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0e2b6ca8941a2593894d63df4a7d687339e3be2dcd891b3f21f22441df2b23d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://js.stripe.com/v3/controller-3132e16734973ccb58066950185c0af5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 19 Nov 2023 10:01:04 GMT
via: 1.1 varnish
age: 132841
x-cache: HIT
content-length: 176348
x-request-id: d67fb998-e89a-41fe-8670-614c153eb37d
x-served-by: cache-bru1480021-BRU
last-modified: Fri, 17 Nov 2023 21:03:14 GMT
server: Fastly
etag: "5d94d4fa99a156ddc3ebe1357bee1d9a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 159

POST
H2 200 csp-report
q.stripe.com/ Frame 4417 0
717 B 525ms
170ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: ssp2.galaksion.com
URL: https://ssp2.galaksion.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 19 Nov 2023 10:01:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700388065204704
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1700388065204232
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 4417 474 B
369 B 86ms
32ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7cc701e41de11d39c80345b2a8d3fc73.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

879e5a20d16b6c5edeb74bd6ed1123fa8b57d8ae884e4e91b9bf968c6f7bcdfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-3132e16734973ccb58066950185c0af5.html
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 19 Nov 2023 10:01:04 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 58
x-cache: HIT
content-length: 298
x-request-id: c31d9b34-2a52-435d-9bd3-5fb0161da05e
x-served-by: cache-ams21024-AMS
last-modified: Fri, 17 Nov 2023 21:38:14 GMT
server: Fastly
etag: "fff34dce28f81b9d8afc4b96ff54fb36"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 16

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 4417 474 B
609 B 73ms
31ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7cc701e41de11d39c80345b2a8d3fc73.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

879e5a20d16b6c5edeb74bd6ed1123fa8b57d8ae884e4e91b9bf968c6f7bcdfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-3132e16734973ccb58066950185c0af5.html
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 19 Nov 2023 10:01:04 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 58
x-cache: HIT
content-length: 298
x-request-id: 9d05f306-91ec-4ab3-888b-72447235548d
x-served-by: cache-ams21024-AMS
last-modified: Fri, 17 Nov 2023 21:38:14 GMT
server: Fastly
etag: "fff34dce28f81b9d8afc4b96ff54fb36"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 16

GET
H2 200 2972157889529058 Show response
connect.facebook.net/signals/config/ 139 KB
36 KB 249ms
249ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2972157889529058?v=2.9.138&r=stable&domain=ssp2.galaksion.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

033cf48c1b11884b93581eae162b859827c079bed2f139c7ec0c8edb29604f62

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssp2.galaksion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 19 Nov 2023 10:01:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: MSkgfkvyxmpSX626mU820PvS0mDI0EhflMi9yL4rjdckP3VO8fnd2ShloBMRLgBz/1k/Mc5lzGPbAqZIjm5hdA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 4417 0
273 B 518ms
173ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7cc701e41de11d39c80345b2a8d3fc73.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 19 Nov 2023 10:01:05 GMT
x-stripe-server-envoy-start-time-us: 1700388065385960
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1700388065385509
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 4417 0
273 B 514ms
171ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7cc701e41de11d39c80345b2a8d3fc73.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 19 Nov 2023 10:01:05 GMT
x-stripe-server-envoy-start-time-us: 1700388065386201
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1700388065385593
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 4417 0
274 B 512ms
170ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7cc701e41de11d39c80345b2a8d3fc73.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 19 Nov 2023 10:01:05 GMT
x-stripe-server-envoy-start-time-us: 1700388065385953
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1700388065385685
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 4417 0
273 B 513ms
172ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7cc701e41de11d39c80345b2a8d3fc73.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 19 Nov 2023 10:01:05 GMT
x-stripe-server-envoy-start-time-us: 1700388065385937
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1700388065385560
access-control-allow-credentials: true
content-length: 0

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10192.yGs1_NJcVo3uzXPkU0PgaKodTCpBfQWxPkslCmPaLq3KDpayg3bIWe30rFmNqyEj.qXarqQGTDyNhxnQPFJhrSHCPd3I%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10192.6G_uubeU-m0LFLubtT3UwRDy4IjY9Qba0VWwW4xMBORnVbCYect-S7u_b1sZllng1YjiPYvmYlh6oxYaTwhPhdHRemxxuTfwLaHs4-xfsp6fFwdtQCuXL5w4Tl4iYK9uGPZdZFdjzL...

43 B
669 B

73ms
73ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10192.6G_uubeU-m0LFLubtT3UwRDy4IjY9Qba0VWwW4xMBORnVbCYect-S7u_b1sZllng1YjiPYvmYlh6oxYaTwhPhdHRemxxuTfwLaHs4-xfsp6fFwdtQCuXL5w4Tl4iYK9uGPZdZFdjzLmt1KJFmEdBlz_s_cUiJ8av-3PzDg-3EDGf1rsjHhYG87zcDpAVYZ9BwAM2SWFNfS6ckIEdQLBFYT-9D7k5RKyOQV_Ij8qDsWs%2C.1ZPN1Cx1K_6mvO4ZRacFxPiDO6k%2C

Requested by

Host: ssp2.galaksion.com
URL: https://ssp2.galaksion.com/login

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssp2.galaksion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 10:01:05 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10192.6G_uubeU-m0LFLubtT3UwRDy4IjY9Qba0VWwW4xMBORnVbCYect-S7u_b1sZllng1YjiPYvmYlh6oxYaTwhPhdHRemxxuTfwLaHs4-xfsp6fFwdtQCuXL5w4Tl4iYK9uGPZdZFdjzLmt1KJFmEdBlz_s_cUiJ8av-3PzDg-3EDGf1rsjHhYG87zcDpAVYZ9BwAM2SWFNfS6ckIEdQLBFYT-9D7k5RKyOQV_Ij8qDsWs%2C.1ZPN1Cx1K_6mvO4ZRacFxPiDO6k%2C
date: Sun, 19 Nov 2023 10:01:05 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
501 B 80ms
75ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: ssp2.galaksion.com
URL: https://ssp2.galaksion.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssp2.galaksion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 10:01:05 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 14 Nov 2023 10:50:54 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6553510e-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 19 Nov 2023 11:01:05 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 98ms
32ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2972157889529058&ev=PageView&dl=https%3A%2F%2Fssp2.galaksion.com%2Flogin&rl=&if=false&ts=1700388065203&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700388065201.151562981&cs_est=true&ler=empty&it=1700388064928&coo=false&rqm=GET

Requested by

Host: ssp2.galaksion.com
URL: https://ssp2.galaksion.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssp2.galaksion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 19 Nov 2023 10:01:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 bccgk1wg Show response
widget.intercom.io/widget/ 7 KB
3 KB 117ms
37ms Script
application/javascript 13.32.27.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/bccgk1wg
Requested by: Host: ssp2.galaksion.com
URL: https://ssp2.galaksion.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-114.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fbb4a34893d24dfb78d8ac6183949ec0b380794a0aed9ba54fdaa93488b6521e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssp2.galaksion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: DFWv45qYo9qpoNNvnim0iMficGj2Z9vI
content-encoding: gzip
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
date: Sun, 19 Nov 2023 09:43:05 GMT
x-amz-cf-pop: FRA56-C2
age: 1080
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2705
last-modified: Fri, 17 Nov 2023 12:45:06 GMT
server: AmazonS3
etag: "c5383fa331ec2fb9709b54e178c7ffd4"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=900, s-maxage=900, public
accept-ranges: bytes
x-amz-cf-id: _Bff3D6lKqLRILDnoqQSdP1pZfPlmYkF1wnHqwAgUeNvdvEdZTma2Q==

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame B216 200 B
955 B 28ms
27ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ssp2.galaksion.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 6179654
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 19 Nov 2023 10:01:05 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Fri, 08 Sep 2023 21:23:50 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 133658
x-content-type-options: nosniff
x-request-id: 5d0f7241-3c82-4648-ae04-1641962d85d7
x-served-by: cache-bru1480021-BRU

GET
H2

200

1 Show response
mc.yandex.com/watch/62012557/
Redirect Chain

https://mc.yandex.com/watch/62012557?wmode=7&page-url=https%3A%2F%2Fssp2.galaksion.com%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A820%3Afu%3A0%3...
https://mc.yandex.com/watch/62012557/1?wmode=7&page-url=https%3A%2F%2Fssp2.galaksion.com%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A820%3Afu%3A0...

446 B
565 B

72ms
72ms

Fetch
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/62012557/1?wmode=7&page-url=https%3A%2F%2Fssp2.galaksion.com%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A820%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1161%3Acn%3A1%3Adp%3A0%3Als%3A1680011361970%3Ahid%3A966627384%3Az%3A60%3Ai%3A20231119110105%3Aet%3A1700388065%3Ac%3A1%3Arn%3A461183112%3Arqn%3A1%3Au%3A1700388065610738120%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C64%2C31%2C0%2C81%2C0%2C%2C700%2C0%2C%2C%2C%2C877%3Aco%3A0%3Acpf%3A1%3Ans%3A1700388063710%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1700388065%3At%3ASSP&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

741b9be1ab220d56baf277dcf5ad9f18725d19f7b7802532c7e321b5d6855f9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssp2.galaksion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 10:01:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sun, 19-Nov-2023 10:01:05 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ssp2.galaksion.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 446
x-xss-protection: 1; mode=block
expires: Sun, 19-Nov-2023 10:01:05 GMT

Redirect headers

pragma: no-cache
date: Sun, 19 Nov 2023 10:01:05 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 19-Nov-2023 10:01:05 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/62012557/1?wmode=7&page-url=https%3A%2F%2Fssp2.galaksion.com%2Flogin&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Afp%3A820%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1161%3Acn%3A1%3Adp%3A0%3Als%3A1680011361970%3Ahid%3A966627384%3Az%3A60%3Ai%3A20231119110105%3Aet%3A1700388065%3Ac%3A1%3Arn%3A461183112%3Arqn%3A1%3Au%3A1700388065610738120%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C64%2C31%2C0%2C81%2C0%2C%2C700%2C0%2C%2C%2C%2C877%3Aco%3A0%3Acpf%3A1%3Ans%3A1700388063710%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1700388065%3At%3ASSP&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29
access-control-allow-origin: https://ssp2.galaksion.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 19-Nov-2023 10:01:05 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 4417 0
273 B 265ms
264ms Fetch
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-7cc701e41de11d39c80345b2a8d3fc73.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-159-182.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Sun, 19 Nov 2023 10:01:05 GMT
x-stripe-server-envoy-start-time-us: 1700388065551608
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1700388065551109
access-control-allow-credentials: true
content-length: 0

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B216 631 B
549 B 28ms
27ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 19 Nov 2023 10:01:05 GMT
via: 1.1 varnish
age: 6179654
x-cache: HIT
content-length: 399
x-request-id: cde53902-5e6a-499e-aed4-8363e781098e
x-served-by: cache-bru1480021-BRU
last-modified: Fri, 08 Sep 2023 21:23:49 GMT
server: Fastly
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 124050

POST
H2 200 csp-report
q.stripe.com/ Frame B216 0
717 B 173ms
172ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: ssp2.galaksion.com
URL: https://ssp2.galaksion.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 19 Nov 2023 10:01:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700388065490270
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1700388065489763
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame B216 0
717 B 171ms
170ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: ssp2.galaksion.com
URL: https://ssp2.galaksion.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 19 Nov 2023 10:01:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700388065490279
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1700388065489816
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 5132 930 B
1 KB 37ms
27ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 97
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 19 Nov 2023 10:01:05 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 14
x-content-type-options: nosniff
x-request-id: 766f2612-f133-4e6b-bd34-d0f193f1c442
x-served-by: cache-bru1480021-BRU
x-timer: S1700388065.456791,VS0,VE0

POST
H2 429 / Show response
o507988.ingest.sentry.io/api/5599860/envelope/ 198 B
599 B 136ms
60ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o507988.ingest.sentry.io/api/5599860/envelope/?sentry_key=11b3256fdf334027b1bf0ea9c7d768c4&sentry_version=7

Requested by

Host: ssp2.galaksion.com
URL: https://ssp2.galaksion.com/vendors~bundle.2ea5a93c1e8ee6aa415b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://ssp2.galaksion.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 19 Nov 2023 10:01:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198
x-sentry-rate-limits: 60:transaction;profile:organization:transaction_usage_exceeded
retry-after: 60

POST
H2 200 csp-report
q.stripe.com/ Frame 5132 0
491 B 170ms
170ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: ssp2.galaksion.com
URL: https://ssp2.galaksion.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 19 Nov 2023 10:01:05 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700388065560624
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1700388065560184
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 5132 87 KB
15 KB 28ms
27ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Sun, 19 Nov 2023 10:01:05 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 75
x-cache: HIT
content-length: 15509
x-request-id: 1afcb6fc-3824-42f2-ab2f-23ef45cc4167
x-served-by: cache-bru1480021-BRU
server: Fastly
x-timer: S1700388065.490260,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 12

GET
H2 200 frame-modern.e128bf6a.js Show response
js.intercomcdn.com/ Frame CF3C 513 KB
142 KB 120ms
37ms Script
application/javascript 18.66.147.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.e128bf6a.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/bccgk1wg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-3.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

adb4cd8878bf87f7fa60221be02f88daa8fda8876a0def68d90fd8ed3a6d8045

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: bxPy0N85GvKf.eRlOLVZeTabeXzBKF0s
content-encoding: gzip
via: 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
date: Sun, 19 Nov 2023 08:45:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 4554
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 144832
last-modified: Fri, 17 Nov 2023 12:42:44 GMT
server: AmazonS3
etag: "c7761a8867bd903a362109fe3d207d33"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: hU3-G9N2xc8xoq_S7MrYQQ0FfVzkb5F6fa6a0jedK6EnJrqlI2I-FA==

GET
H2 200 vendor-modern.39b0b15a.js Show response
js.intercomcdn.com/ Frame CF3C 426 KB
131 KB 192ms
109ms Script
application/javascript 18.66.147.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.39b0b15a.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/bccgk1wg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-3.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d6b0d063dfaebbc19c739741e85c8a273b960240b710774c74fd1947a343f6b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: mGzxzzETRqhXXHiYJCH1MEbFxhCW3m45
content-encoding: gzip
via: 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
date: Sun, 19 Nov 2023 08:20:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 6013
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 133793
last-modified: Wed, 15 Nov 2023 16:54:07 GMT
server: AmazonS3
etag: "c3d7c800929ac60bd7338a4bf9c3f40b"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: ZlzEPvRSqIQUwSfEISbBkfWCsqW7QmEhHV_WFo818hTRjMMPFQyEVg==

POST
H2 200 6 Show response
m.stripe.com/ Frame 5132 156 B
668 B 528ms
172ms XHR
application/json 52.40.111.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.40.111.159 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-40-111-159.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

18326c4034012711042f42f67fd647c1e89003b7f0b2f359d9b77e78d2c30c1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 19 Nov 2023 10:01:06 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700388066042203
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1700388066041525
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 62012557
mc.yandex.com/webvisor/ 43 B
0 346ms
280ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/62012557?wv-part=1&wmode=0&wv-hit=966627384&page-url=https%3A%2F%2Fssp2.galaksion.com%2Flogin&rn=405610322&wv-type=7&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1700388068%3Aw%3A1600x1200%3Av%3A1161%3Az%3A60%3Ai%3A20231119110107%3Au%3A1700388065610738120%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Ast%3A1700388068&t=gdpr(14)ti(1)

Requested by

Host: ssp2.galaksion.com
URL: https://ssp2.galaksion.com/vendors~bundle.2ea5a93c1e8ee6aa415b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ssp2.galaksion.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 10:01:08 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 19-Nov-2023 10:01:08 GMT
content-type: image/gif
access-control-allow-origin: https://ssp2.galaksion.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 19-Nov-2023 10:01:08 GMT

POST
H2 200 62012557
mc.yandex.com/webvisor/ 43 B
0 73ms
72ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/62012557?wv-part=1&wmode=0&wv-hit=966627384&page-url=https%3A%2F%2Fssp2.galaksion.com%2Flogin&rn=498996631&wv-type=7&browser-info=we%3A1%3Aet%3A1700388068%3Aw%3A1600x1200%3Av%3A1161%3Az%3A60%3Ai%3A20231119110108%3Au%3A1700388065610738120%3Avf%3A3akmpckrufnt9afj6lckkvrv%3Ast%3A1700388068&t=gdpr(14)ti(1)

Requested by

Host: ssp2.galaksion.com
URL: https://ssp2.galaksion.com/vendors~bundle.2ea5a93c1e8ee6aa415b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ssp2.galaksion.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 10:01:08 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 19-Nov-2023 10:01:08 GMT
content-type: image/gif
access-control-allow-origin: https://ssp2.galaksion.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 19-Nov-2023 10:01:08 GMT

GET
H2 200 trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js Show response
js.stripe.com/v3/fingerprinted/js/ 295 B
538 B 28ms
27ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssp2.galaksion.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 19 Nov 2023 10:01:10 GMT
via: 1.1 varnish
age: 3485603
x-cache: HIT
content-length: 221
x-request-id: d92b1a67-1d5b-4582-b648-39da33cf2981
x-served-by: cache-bru1480021-BRU
last-modified: Mon, 09 Oct 2023 20:07:20 GMT
server: Fastly
etag: "477956b204dfd45e10334fc060914d4b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 23252

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yandex.ru/	1970-01-21 01:55:48	Name: i Value: 5v0GChH6lKoyimn7k6d3mKItpNNSc6pyKwcMQ7n+RGy6TDr7C3yC5Ebv7dHreUJ72hdlkKQFARlDKYl8TAYW60BC/S0=
.yandex.ru/	1970-01-21 01:55:48	Name: yandexuid Value: 256197321700388064
.galaksion.com/	1970-01-21 01:05:24	Name: _ym_uid Value: 1700388065610738120
.galaksion.com/	1970-01-21 01:05:24	Name: _ym_d Value: 1700388065
.galaksion.com/	1970-01-20 18:29:24	Name: _fbp Value: fb.1.1700388065201.151562981
.mc.yandex.com/	1970-01-20 16:19:48	Name: sync_cookie_csrf Value: 1066633552fake
.galaksion.com/	1970-01-20 16:21:00	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 16:19:48	Name: sync_cookie_csrf Value: 1508782812fake
.yandex.com/	1970-01-21 01:05:24	Name: yandexuid Value: 256197321700388064
.yandex.com/	1970-01-21 01:05:24	Name: yuidss Value: 256197321700388064
.yandex.com/	1970-01-21 01:55:48	Name: i Value: 5v0GChH6lKoyimn7k6d3mKItpNNSc6pyKwcMQ7n+RGy6TDr7C3yC5Ebv7dHreUJ72hdlkKQFARlDKYl8TAYW60BC/S0=
.yandex.com/	1970-01-21 01:55:48	Name: yp Value: 1700474465.yu.3927616201700388065
.mc.yandex.com/	1970-01-20 16:21:14	Name: sync_cookie_ok Value: synced
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 423779911700388065
.yandex.com/	1970-01-21 01:05:24	Name: ymex Value: 1702980065.oyu.3927616201700388065#1731924065.yrts.1700388065
.yandex.com/	1970-01-21 01:05:24	Name: bh Value: KgI/MA==
.galaksion.com/	1970-01-20 16:19:49	Name: _ym_visorc Value: w
m.stripe.com/	1970-01-21 01:55:48	Name: m Value: e344c2ea-90fb-4c92-a781-91f9f08f031087e2f5
.ssp2.galaksion.com/	1970-01-21 01:05:24	Name: __stripe_mid Value: 7e23dd0d-eed7-4457-ac37-a04e6b18f61744a079
.ssp2.galaksion.com/	1970-01-20 16:19:49	Name: __stripe_sid Value: 40aebc39-ef66-4506-bb0e-30a47373fe2c35d09f

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network	error	URL: https://o507988.ingest.sentry.io/api/5599860/envelope/?sentry_key=11b3256fdf334027b1bf0ea9c7d768c4&sentry_version=7 Message: Failed to load resource: the server responded with a status of 429 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
js.intercomcdn.com
js.stripe.com
m.stripe.com
m.stripe.network
mc.yandex.com
mc.yandex.ru
o507988.ingest.sentry.io
q.stripe.com
r.stripe.com
ssp2.galaksion.com
widget.intercom.io
www.facebook.com
www.googletagmanager.com
13.32.27.114
142.91.121.92
151.101.128.176
18.66.147.3
2a00:1450:4001:806::200a
2a00:1450:4001:812::2008
2a02:6b8::1:119
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
34.120.195.249
52.40.111.159
54.186.23.98
54.187.159.182
033cf48c1b11884b93581eae162b859827c079bed2f139c7ec0c8edb29604f62
09310f40b2db42588393c4f076965e18dbc65bd205349a641eafa0c770ea46cd
0e2b6ca8941a2593894d63df4a7d687339e3be2dcd891b3f21f22441df2b23d4
0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849
1091715f0c9fc9046e05148e83c76655960ad5ff9f0c8f36a15cc0cab008c861
18326c4034012711042f42f67fd647c1e89003b7f0b2f359d9b77e78d2c30c1b
21e0577bdef99274f85366c05b4ed596183789bb3fff63766b84ecae349de050
24067d9a9265f2a8f5815354ece2b26a4cf8c4046a8eb3629b45d92f9ea38efa
2793ddf49afaf0284df34bd7b8e7d2d539f703f1bec1b19cc7bf8de69ab12fd5
334ec62058393c770c708aaa5877745358379cc1261c406d651951a6cb45164f
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
43930e37bce5cf2bdc0406301b3170eb11dd357514ceae95a703a0fe034aaae1
4457ee68c2cf370475c39252a4c4827505fb28c063e8859946044e636c9c7a84
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55e748b9acc9acc4f7f6cc48af7d2da5ec9f10835f9bdfdd1ac33ea0a22889df
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
741b9be1ab220d56baf277dcf5ad9f18725d19f7b7802532c7e321b5d6855f9c
879e5a20d16b6c5edeb74bd6ed1123fa8b57d8ae884e4e91b9bf968c6f7bcdfd
886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd
90deaa6ce62764135079beba976e8df57220a817e759914adf09626153f38c16
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
968af86e5fb189bad2f43a591075a96840fc095f9820712fafce780dbad81ba4
a7f44a4baf45eedc982f873b7adfe35dda374518f336a4345dc963e368128ece
ac8e8ffc35ba53190925d14ab161e6ca52390305a820f53dcd8acaf5fee759bb
adb4cd8878bf87f7fa60221be02f88daa8fda8876a0def68d90fd8ed3a6d8045
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
bd84765a0a3d210a7cbdf97b42c2cc66516fa5697041490e9d27b005debb9249
c67534daddca415375f4d98fdb1f38a7bec4ba141c4a44dea5889d6950e4b3df
d6b0d063dfaebbc19c739741e85c8a273b960240b710774c74fd1947a343f6b2
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c31c4848311e1b3bd842fb52762bdd5505cc5d6fe6cbca15557a1b53ad7356
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f621a910f38f3d0f932e0c19b50c18eafdc455119f72ec5887c002d5d52f380c
fbb4a34893d24dfb78d8ac6183949ec0b380794a0aed9ba54fdaa93488b6521e

ssp2.galaksion.com Open in urlscan Pro 142.91.121.92 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

96 %HTTPS

38 %IPv6

12 Domains

15 Subdomains

13 IPs

4 Countries

2655 kBTransfer

7999 kBSize

20 Cookies

5 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ssp2.galaksion.com Open in urlscan Pro
142.91.121.92 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

96 %
HTTPS

38 %
IPv6

12
Domains

15
Subdomains

13
IPs

4
Countries

2655 kB
Transfer

7999 kB
Size

20
Cookies

49 HTTP transactions
0 data transactions