urlscan.io logo urlscan.io
SecurityTrails logo

gateway.filsam.com Open in urlscan Pro
2606:4700:3036::ac43:d45f  Public Scan

Go To Rescan Add Verdict Report
URL: https://gateway.filsam.com/
Submission: On June 02 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 8 domains to perform 53 HTTP transactions. The main IP is 2606:4700:3036::ac43:d45f, located in United States and belongs to . The main domain is gateway.filsam.com.
TLS certificate: Issued by E1 on May 8th 2023. Valid for: 3 months.
This is the only time gateway.filsam.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    2606:4700:3036::ac43:d45f (United States)

ASN- ()
gateway.filsam.com
1    18.66.192.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-73.muc50.r.cloudfront.net
js.braintreegateway.com
2    13.248.139.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae1d37305401c759d.awsglobalaccelerator.com
payments.braintree-api.com
16    3.64.4.62 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-4-62.eu-central-1.compute.amazonaws.com
client-analytics.braintreegateway.com
3    143.204.215.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-123.fra53.r.cloudfront.net
assets.braintreegateway.com
3    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
7    151.101.193.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
5    2606:4700::c6d9:fbfb (United States)

ASN- ()
songbird.cardinalcommerce.com
geo.cardinalcommerce.com
3    198.217.251.238 (United States)

ASN13335 (CLOUDFLARENET, US)
includes.ccdc02.com
1    151.101.65.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
2    2606:4700::c6d9:fbfa (United States)

ASN- ()
centinelapi.cardinalcommerce.com
2    2606:4700::6811:190e (None, )

ASN- ()
cdnjs.cloudflare.com
Apex Domain
Subdomains		 Transfer
20 braintreegateway.com
js.braintreegateway.com — Cisco Umbrella Rank: 7301
client-analytics.braintreegateway.com — Cisco Umbrella Rank: 8560
assets.braintreegateway.com — Cisco Umbrella Rank: 19861
158 KB
8 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2330
t.paypal.com — Cisco Umbrella Rank: 3078
29 KB
7 cardinalcommerce.com
songbird.cardinalcommerce.com — Cisco Umbrella Rank: 21146
centinelapi.cardinalcommerce.com — Cisco Umbrella Rank: 20525
geo.cardinalcommerce.com
26 KB
6 filsam.com
gateway.filsam.com
63 KB
3 ccdc02.com
includes.ccdc02.com — Cisco Umbrella Rank: 56561
172 KB
3 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2169
452 KB
2 cloudflare.com
cdnjs.cloudflare.com
31 KB
2 braintree-api.com
payments.braintree-api.com — Cisco Umbrella Rank: 9838
2 KB
53 8
Domain Requested by
16 client-analytics.braintreegateway.com js.braintreegateway.com
assets.braintreegateway.com
7 www.paypal.com www.paypalobjects.com
6 gateway.filsam.com gateway.filsam.com
4 geo.cardinalcommerce.com includes.ccdc02.com
geo.cardinalcommerce.com
cdnjs.cloudflare.com
3 includes.ccdc02.com songbird.cardinalcommerce.com
3 www.paypalobjects.com js.braintreegateway.com
www.paypal.com
3 assets.braintreegateway.com js.braintreegateway.com
2 cdnjs.cloudflare.com geo.cardinalcommerce.com
2 centinelapi.cardinalcommerce.com includes.ccdc02.com
2 payments.braintree-api.com js.braintreegateway.com
1 t.paypal.com
1 songbird.cardinalcommerce.com js.braintreegateway.com
1 js.braintreegateway.com gateway.filsam.com
53 13

This site contains no links.

Subject Issuer Validity Valid
filsam.com
E1		 2023-05-08 -
2023-08-06		 3 months crt.sh
checkout.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-07-28 -
2023-08-28		 a year crt.sh
payments.braintree-api.com
DigiCert SHA2 Extended Validation Server CA		 2022-09-15 -
2023-10-16		 a year crt.sh
client-analytics.braintreegateway.com
DigiCert SHA2 High Assurance Server CA		 2023-02-24 -
2024-03-26		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-11-09 -
2023-12-10		 a year crt.sh
*.cardinalcommerce.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-02-23 -
2024-03-25		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-11-19 -
2023-11-19		 a year crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh

This page contains 6 frames:

Primary Page: https://gateway.filsam.com/
Frame ID: BF2C8F2C26FA8BB2B1A0625E2CDC6895
Requests: 26 HTTP requests in this frame

Frame: https://www.paypal.com/smart/button?env=production&style.label=checkout&funding.disallowed=credit%2Cvenmo&domain=gateway.filsam.com&sessionID=uid_fd53af3d67_mji6mzi6ndc&buttonSessionID=uid_95b2ffa39e_mji6mzi6ndc&renderedButtons=paypal&storageID=uid_9f7116db27_mji6mzi6ndc&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQubWluLmpzIn0&uid=90daacde82&version=min&xcomponent=1
Frame ID: D0D4E23EC5F2F76E16B8B8349ECC48EA
Requests: 8 HTTP requests in this frame

Frame: data://truncated
Frame ID: 07DE4682F87F808C5EAC5C5566E2E8EE
Requests: 2 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.50.1/html/hosted-fields-frame.min.html
Frame ID: 0493BCF65005C41E2232A007B6FDF609
Requests: 2 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.50.1/html/hosted-fields-frame.min.html
Frame ID: 89648F2BEE2D1A720103352DFC15651F
Requests: 1 HTTP requests in this frame

Frame: https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=5c6ddc1d356dce155ccfe4a9&tmEventType=PAYMENT&referenceId=1_47be638c-f325-4079-b5ca-ae52b159d3e8&geolocation=false&origin=Songbird
Frame ID: F29C7179CBA888EEF4AF3E0F3A31374C
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Filsam Payment GatewayVisaMasterCardUnion PayAmerican ExpressJCBDiscoverDiners ClubMaestroPayPal LogoPayPal Credit LogoGeneric CardCVV BackCVV FrontCheckXLock LoaderApple Pay LogoGooglePay_mark_800_grayVenmo

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.braintreegateway\.com
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

53
Requests

96 %
HTTPS

33 %
IPv6

8
Domains

13
Subdomains

13
IPs

2
Countries

933 kB
Transfer

3543 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gateway.filsam.com/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gateway.filsam.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:d45f , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
8579e57b7727c4fd0af13a7ee35cf6532ecca7030fac994602548308ed6d5131

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
7d132772ee30bb4d-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 02 Jun 2023 22:32:45 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SvTjNtN5co3I%2FimgemTBOM%2FqrvcX05jnE2I%2FLD1SZwFqy1rymYoQmA93ubzDsNxgN6zwB8zdwucpHZsz%2BiW%2Bzpba2vve%2FLFVNJIRKtFEOIgMe0RLf70E95X5j33srufbOMi8lVpLEYqum3CiFXxIP%2FE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
app.css
gateway.filsam.com/css/ 		49 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gateway.filsam.com/css/app.css
Requested by
Host: gateway.filsam.com
URL: https://gateway.filsam.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:d45f , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3664aab2a5a0e584a27b81212936155b2bebe975b9c0989e9d05fb56c90c2a57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gateway.filsam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 22:32:45 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 02 Jul 2018 14:38:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"38020f-c2a1-57005285ec480-gzip"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IFKGuASBBENG8RkKn18JURnFZwkoNC051Qm0THXJ%2BFMVyD4oE41QkDLQUCpvBd7NURqsoVkN3XIqmAPMEtwTyYUdFGtLx7hlLO9hoQ1CYJqc0%2Fhd0zys9H87LgaF3DNbmBzZbT%2ByWw%2FsKT6AWxLuaI0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
7d132775d923bb4d-FRA
alt-svc
h3=":443"; ma=86400
overrides.css
gateway.filsam.com/css/ 		32 B
371 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gateway.filsam.com/css/overrides.css
Requested by
Host: gateway.filsam.com
URL: https://gateway.filsam.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:d45f , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
60ded7c3e9031c60ef3d19252417b8c6c88a6a7ae60f94df9c08243ce024f943

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gateway.filsam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 22:32:45 GMT
cf-cache-status
MISS
last-modified
Fri, 22 Jun 2018 13:20:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"380212-20-56f3ae6f2a040"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nry5aJG5ySjOA3WdB98eXLjQxgCIyFZjzZe2I1oYmWkWc%2Bm%2BSYAboDGJdDc6l33X%2FsAOg%2BtqtdbxWnIeaNPXkhjqpKJGvJ%2F2ynI7lz3ADE0uO33KWgmO7xFmKL6jhccZXdHxi2pDayZAVoY%2FYAkEp4g%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
7d132775d924bb4d-FRA
alt-svc
h3=":443"; ma=86400
content-length
32
dropin.min.js
js.braintreegateway.com/web/dropin/1.20.0/js/ 		351 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.braintreegateway.com/web/dropin/1.20.0/js/dropin.min.js
Requested by
Host: gateway.filsam.com
URL: https://gateway.filsam.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-73.muc50.r.cloudfront.net
Software
nginx /
Resource Hash
50eb773d3595b8f6bde7493ea0a2f5641b4b39e5a00794521dd66182aeab95f0
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gateway.filsam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-encoding
gzip
via
1.1 eec5ede1fdb15ceb2352a4ebfb155362.cloudfront.net (CloudFront)
date
Fri, 02 Jun 2023 18:44:53 GMT
x-amz-cf-pop
MUC50-P1
age
13672
x-cache
Hit from cloudfront
last-modified
Tue, 30 May 2023 17:33:41 GMT
server
nginx
etag
W/"64763375-57ba8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-id
dZhaUsmYB1NnA-8lAD7EUdgmuATQndDaXL3PLgiUUwHAjg43eXpg0g==
expires
Sat, 03 Jun 2023 18:44:53 GMT
demo.js
gateway.filsam.com/javascript/ 		350 B
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gateway.filsam.com/javascript/demo.js
Requested by
Host: gateway.filsam.com
URL: https://gateway.filsam.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:d45f , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf2541e13f9cdce1caf0645041686bb774a62b5422808c023fb8b5ac60d5642c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gateway.filsam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 22:32:45 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 22 Jun 2018 13:20:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"380248-15e-56f3ae6f2a040-gzip"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2PQy3sVDOWUo%2BQEYBumyCHZV153%2BoHfX2StjnLm7cWzv3WyIDREo97RpNbH3HhlRj5uz80X8D9BZTIJqYqnWFWT8UYoy2qGBiZrC9Yk1kiID1uMsJhuAo5zAMsqB1Qd5bdDlUxJiuQVFNMImdsRZ3Qo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
7d132775d925bb4d-FRA
alt-svc
h3=":443"; ma=86400
bt-mono-Bold.woff2
gateway.filsam.com/fonts/bt-mono/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gateway.filsam.com/fonts/bt-mono/bt-mono-Bold.woff2
Requested by
Host: gateway.filsam.com
URL: https://gateway.filsam.com/css/app.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:d45f , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
17826da2878c45b658830cb3fb2a36cc9b0cbf9c515f7f230851ca29345f920e

Request headers

Referer
https://gateway.filsam.com/css/app.css
Origin
https://gateway.filsam.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 22:32:45 GMT
cf-cache-status
MISS
last-modified
Fri, 22 Jun 2018 13:20:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"380219-67b8-56f3ae6f2a040-gzip"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K2tnSVvxa%2Fpht3QNxkX0A2OsBybLx9ss6%2BUw1z1qMx7qVJjeUkKz1%2BSKlg%2F1QwfphIRb2wrC%2Bl8Zeu04Go3DWLi%2BEAIMdN%2BMJ2dayDhH68nrPcM8%2FzQaKX%2Br6qSdN9q0DLr9Bc1X%2BTMxpcqJkyYsaHY%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=86400
cf-ray
7d1327767e76bbb0-FRA
alt-svc
h3=":443"; ma=86400
bt-mono-Regular.woff2
gateway.filsam.com/fonts/bt-mono/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gateway.filsam.com/fonts/bt-mono/bt-mono-Regular.woff2
Requested by
Host: gateway.filsam.com
URL: https://gateway.filsam.com/css/app.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:d45f , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7558c2d80b9b8614cb20237ea0fe90a4c8b737672fe9e7bc67885e899bcf579f

Request headers

Referer
https://gateway.filsam.com/css/app.css
Origin
https://gateway.filsam.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 22:32:45 GMT
cf-cache-status
MISS
last-modified
Fri, 22 Jun 2018 13:20:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"380221-61b8-56f3ae6f2a040-gzip"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SD%2F0zYF4FNCm5JwhlknQcAi190f9WGN7lLiHe5emipsOVN96Ayylz%2BUAnyv1VUrM0iFXM2pKRD96PRo7kY7UfgT36ALijMMtIO%2BhqJv%2FQv7lN9oA7CQrP5cKdf5Nhg8XSdfgN54v441WC1kpVShKYa4%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=86400
cf-ray
7d1327768e7abbb0-FRA
alt-svc
h3=":443"; ma=86400
graphql
payments.braintree-api.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://payments.braintree-api.com/graphql
Requested by
Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.20.0/js/dropin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.139.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae1d37305401c759d.awsglobalaccelerator.com
Software
nginx /
Resource Hash
f22a0e84ec46a1b6f7e9f6b2ae0af2da130afa372a1bde588a2a00217853e9e4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://gateway.filsam.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE2ODU4MzE1NjUsImp0aSI6IjkzOGZiZTVhLWYwM2QtNDczOC1iOWU2LTRhMzRkZjRiODFkYSIsInN1YiI6Inh3bnY1NjJzeWZrczQ4MnIiLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6Inh3bnY1NjJzeWZrczQ4MnIiLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0Ijp0cnVlfSwicmlnaHRzIjpbIm1hbmFnZV92YXVsdCJdLCJzY29wZSI6WyJCcmFpbnRyZWU6VmF1bHQiXSwib3B0aW9ucyI6e319.zQV88kmTrRH_nwBbXUR4SQqKR7RUSK5rCKPoo-LDdOQh4yWwACcjokwBcyjG3J7OaR6LTh9EJwuExPat2akF9g
Braintree-Version
2018-05-10
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 02 Jun 2023 22:32:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains; preload
server
nginx
vary
Braintree-Version, Accept-Encoding
braintree-version
2016-10-07
content-type
application/json
access-control-allow-origin
https://gateway.filsam.com
paypal-debug-id
116bd2f7adb14
cache-control
no-cache, no-store
x-frame-options
DENY
content-length
1436
graphql
payments.braintree-api.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://payments.braintree-api.com/graphql
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.139.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ae1d37305401c759d.awsglobalaccelerator.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,braintree-version,content-type
Access-Control-Request-Method
POST
Origin
https://gateway.filsam.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-headers
authorization,braintree-version,content-type
access-control-allow-methods
GET,DELETE,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://gateway.filsam.com
access-control-max-age
1800
date
Fri, 02 Jun 2023 22:32:46 GMT
paypal-debug-id
20b4e4bf39154
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
x-frame-options
DENY
xwnv562syfks482r
client-analytics.braintreegateway.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/xwnv562syfks482r
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.4.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-4-62.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gateway.filsam.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://gateway.filsam.com
Access-Control-Max-Age
3000
Connection
keep-alive
Content-Length
0
Date
Fri, 02 Jun 2023 22:32:46 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
xwnv562syfks482r
client-analytics.braintreegateway.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/xwnv562syfks482r
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.4.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-4-62.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gateway.filsam.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://gateway.filsam.com
Access-Control-Max-Age
3000
Connection
keep-alive
Content-Length
0
Date
Fri, 02 Jun 2023 22:32:46 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
xwnv562syfks482r
client-analytics.braintreegateway.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/xwnv562syfks482r
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.4.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-4-62.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gateway.filsam.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://gateway.filsam.com
Access-Control-Max-Age
3000
Connection
keep-alive
Content-Length
0
Date
Fri, 02 Jun 2023 22:32:46 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
xwnv562syfks482r
client-analytics.braintreegateway.com/ 		0
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/xwnv562syfks482r
Requested by
Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.20.0/js/dropin.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.4.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-4-62.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://gateway.filsam.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 02 Jun 2023 22:32:46 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
nginx
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://gateway.filsam.com
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
0
xwnv562syfks482r
client-analytics.braintreegateway.com/ 		0
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/xwnv562syfks482r
Requested by
Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.20.0/js/dropin.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.4.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-4-62.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://gateway.filsam.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 02 Jun 2023 22:32:46 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
nginx
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://gateway.filsam.com
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
0
xwnv562syfks482r
client-analytics.braintreegateway.com/ 		0
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/xwnv562syfks482r
Requested by
Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.20.0/js/dropin.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.4.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-4-62.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://gateway.filsam.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 02 Jun 2023 22:32:46 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
nginx
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://gateway.filsam.com
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
0
dropin.min.css
assets.braintreegateway.com/web/dropin/1.20.0/css/ 		21 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.braintreegateway.com/web/dropin/1.20.0/css/dropin.min.css
Requested by
Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.20.0/js/dropin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-123.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
6b77584e460a260308bc788ebd88fde8ffa478cc62651d16b7366bdff4f1ced5
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gateway.filsam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 02:52:55 GMT
content-security-policy
style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-encoding
gzip
via
1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
70791
x-cache
Hit from cloudfront
last-modified
Tue, 30 May 2023 17:33:39 GMT
server
nginx
etag
W/"64763373-52c9"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-id
582FBLo2YGipBeiiGNCmqf4rJSpL6wSkuW-l4GkvE16uJvRrAVtSbg==
expires
Sat, 03 Jun 2023 02:52:55 GMT
checkout.min.js
www.paypalobjects.com/api/ 		863 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/api/checkout.min.js
Requested by
Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.20.0/js/dropin.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C88) /
Resource Hash
f7d9c8184937ff854afd6da2a3de3fc970ef1c2820795e44e932499540fe5832
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gateway.filsam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 22:32:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
72802023219fd
dc
ccg11-origin-www-1.paypal.com
content-length
191373
last-modified
Wed, 24 May 2023 16:43:28 GMT
server
ECAcc (frc/4C88)
traceparent
00-000000000000000000072802023219fd-60441a92ace6fb6c-01
etag
W/"646e3eb0-d7ad2"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Sat, 03 Jun 2023 22:32:46 GMT
pptm.js
www.paypal.com/tagmanager/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=gateway.filsam.com&source=checkoutjs&t=xo&v=4.0.338
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-ffHNdPQn+1dfwEKPFOdApg9En5/AUsLRwy0LoOYcRZsJXJh/' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gateway.filsam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-ffHNdPQn+1dfwEKPFOdApg9En5/AUsLRwy0LoOYcRZsJXJh/' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 02 Jun 2023 22:32:47 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
0
x-cache
HIT
paypal-debug-id
f6374555f7467
server-timing
"traceparent;desc="00-0000000000000000000f6374555f7467-3b62c9aafe5f4d37-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4299
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230130-FRA
accept-ch
Sec-CH-UA-Full
traceparent
00-0000000000000000000f6374555f7467-a1b1aecf061614a8-01
x-timer
S1685745167.164242,VS0,VE558
etag
W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges
bytes
x-cache-hits
1
xwnv562syfks482r
client-analytics.braintreegateway.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/xwnv562syfks482r
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.4.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-4-62.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gateway.filsam.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://gateway.filsam.com
Access-Control-Max-Age
3000
Connection
keep-alive
Content-Length
0
Date
Fri, 02 Jun 2023 22:32:47 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
xwnv562syfks482r
client-analytics.braintreegateway.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/xwnv562syfks482r
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.4.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-4-62.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gateway.filsam.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://gateway.filsam.com
Access-Control-Max-Age
3000
Connection
keep-alive
Content-Length
0
Date
Fri, 02 Jun 2023 22:32:47 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
xwnv562syfks482r
client-analytics.braintreegateway.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/xwnv562syfks482r
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.4.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-4-62.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gateway.filsam.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://gateway.filsam.com
Access-Control-Max-Age
3000
Connection
keep-alive
Content-Length
0
Date
Fri, 02 Jun 2023 22:32:47 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
xwnv562syfks482r
client-analytics.braintreegateway.com/ 		0
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/xwnv562syfks482r
Requested by
Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.20.0/js/dropin.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.4.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-4-62.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://gateway.filsam.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 02 Jun 2023 22:32:47 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
nginx
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://gateway.filsam.com
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
0
xwnv562syfks482r
client-analytics.braintreegateway.com/ 		0
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/xwnv562syfks482r
Requested by
Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.20.0/js/dropin.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.4.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-4-62.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://gateway.filsam.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 02 Jun 2023 22:32:47 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
nginx
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://gateway.filsam.com
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
0
songbird.js
songbird.cardinalcommerce.com/cardinalcruise/v1/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://songbird.cardinalcommerce.com/cardinalcruise/v1/songbird.js
Requested by
Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.20.0/js/dropin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::c6d9:fbfb , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e44133cf24bc0b3ace873a5719e5da1acd8b0b0414899a21f4a9e7a3c09e2223
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gateway.filsam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 22:32:47 GMT
strict-transport-security
max-age=15552000
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1211
cf-bgj
minify
last-modified
Tue, 01 Mar 2022 19:58:10 GMT
server
cloudflare
etag
W/"0f522ada62dd81:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1MQejrrPSNYX1icjA9bf%2B0tpc9deJRpQ7ZUFKvRRpW9PWoDfyhWFbbFiOBtVg%2B4xRCBFTnBdiWi1cxjuEpjbewFESD4LB7643yY%2FQZjN3bJF2%2BRBGhXyBQIFnLQdXDnIzg4AL8IJZvowGwYcSBtLRC5idc%2BsiYiKJhTh"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
7d13277ebdb19bc2-FRA
expires
Sat, 03 Jun 2023 02:32:47 GMT
xwnv562syfks482r
client-analytics.braintreegateway.com/ 		0
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/xwnv562syfks482r
Requested by
Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.20.0/js/dropin.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.4.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-4-62.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://gateway.filsam.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 02 Jun 2023 22:32:47 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
nginx
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://gateway.filsam.com
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
0
button
www.paypal.com/smart/ Frame D0D4 		64 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/smart/button?env=production&style.label=checkout&funding.disallowed=credit%2Cvenmo&domain=gateway.filsam.com&sessionID=uid_fd53af3d67_mji6mzi6ndc&buttonSessionID=uid_95b2ffa39e_mji6mzi6ndc&renderedButtons=paypal&storageID=uid_9f7116db27_mji6mzi6ndc&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQubWluLmpzIn0&uid=90daacde82&version=min&xcomponent=1
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
65ead48a8e7738ea8817ae846e38cb113f5f728cb20e84e4699fc006352fe153
Security Headers
Name Value
Content-Security-Policy form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gateway.filsam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-security-policy
form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
date
Fri, 02 Jun 2023 22:32:47 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p
true
paypal-debug-id
f572861820a41
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
"traceparent;desc="00-0000000000000000000f572861820a41-92693887875aaf40-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f572861820a41-7c40bb061423cdea-01
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-csrf-jwt
__blank__
x-served-by
cache-fra-eddf8230130-FRA
x-timer
S1685745167.164242,VS0,VE287
x-xss-protection
1; mode=block
truncated
/ Frame 07DE 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
adf9b3c556710fac2e0f2ecf748a1f82afd023d7957336ef228db33f1deb83d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 07DE 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb91dfcb049d42c6a9b5b9798498ced5f618b7a5838c15468da7fe38745d4378

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/svg+xml
hosted-fields-frame.min.html
assets.braintreegateway.com/web/3.50.1/html/ Frame 0493 		106 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.braintreegateway.com/web/3.50.1/html/hosted-fields-frame.min.html
Requested by
Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.20.0/js/dropin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-123.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
69976183a43f554653d0e0631500b3dfaf2471935f734bf2ebe7a5cd34a17ed3
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;

Request headers

Referer
https://gateway.filsam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
82674
cache-control
max-age=86400
content-encoding
gzip
content-security-policy
style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-type
text/html
date
Thu, 01 Jun 2023 23:34:53 GMT
etag
W/"64763373-1a970"
expires
Fri, 02 Jun 2023 23:34:53 GMT
last-modified
Tue, 30 May 2023 17:33:39 GMT
server
nginx
vary
Accept-Encoding
via
1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
x-amz-cf-id
qk79q50uri6gwjTf2sQd3ljTiyb5oSFYIa1XxPrLxYY3imyGPk-L5w==
x-amz-cf-pop
FRA53-C1
x-cache
Hit from cloudfront
hosted-fields-frame.min.html
assets.braintreegateway.com/web/3.50.1/html/ Frame 8964 		106 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.braintreegateway.com/web/3.50.1/html/hosted-fields-frame.min.html
Requested by
Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.20.0/js/dropin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-123.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
69976183a43f554653d0e0631500b3dfaf2471935f734bf2ebe7a5cd34a17ed3
Security Headers
Name Value
Content-Security-Policy style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;

Request headers

Referer
https://gateway.filsam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
82674
cache-control
max-age=86400
content-encoding
gzip
content-security-policy
style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-type
text/html
date
Thu, 01 Jun 2023 23:34:53 GMT
etag
W/"64763373-1a970"
expires
Fri, 02 Jun 2023 23:34:53 GMT
last-modified
Tue, 30 May 2023 17:33:39 GMT
server
nginx
vary
Accept-Encoding
via
1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront)
x-amz-cf-id
WsJ_8SNCYwclJefp_w2mLNpM4SCwmuUXd6f-is_EGHyugmqDb3apDQ==
x-amz-cf-pop
FRA53-C1
x-cache
Hit from cloudfront
logger
www.paypal.com/xoplatform/logger/api/ 		1005 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cdfffb141a0f00f9e32125186178ad5db17a02e4e6346345740ffa782ed62c74
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

x-app-name
checkoutjs
Referer
https://gateway.filsam.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type
application/json

Response headers

date
Fri, 02 Jun 2023 22:32:47 GMT
via
1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS
paypal-debug-id
f5728617e623d
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-fra-eddf8230138-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f5728617e623d-d3bc88213969f1db-01
x-timer
S1685745167.447804,VS0,VE191
etag
W/"3ed-6BdjR7F1530vE6MIVHZL0uRF0X8"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gateway.filsam.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-app-name,x-requested-with
Access-Control-Request-Method
POST
Origin
https://gateway.filsam.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-app-name,x-requested-with
access-control-allow-methods
POST
access-control-allow-origin
https://gateway.filsam.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Fri, 02 Jun 2023 22:32:47 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f5728614f0441
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f5728614f0441-ad8aa30b132f8ffc-01
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-served-by
cache-fra-eddf8230138-FRA
x-timer
S1685745167.224140,VS0,VE188
1.b109e0c6fd2a5b6b93b2.songbird.js
includes.ccdc02.com/cardinalcruise/v1/b109e0c6fd2a5b6b93b2/ 		388 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://includes.ccdc02.com/cardinalcruise/v1/b109e0c6fd2a5b6b93b2/1.b109e0c6fd2a5b6b93b2.songbird.js
Requested by
Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/cardinalcruise/v1/songbird.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
198.217.251.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fce960620f0d8500bd6d37bc87230ee23df34fb6966e3a4505a7c37b5910c5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://gateway.filsam.com/
Origin
https://gateway.filsam.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 22:32:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 01 Mar 2022 19:58:10 GMT
server
cloudflare
etag
"0f522ada62dd81:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=15552000
cf-ray
7d13277fab9f6957-FRA
expires
Wed, 29 Nov 2023 22:32:47 GMT
xwnv562syfks482r
client-analytics.braintreegateway.com/ Frame 0493 		0
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/xwnv562syfks482r
Requested by
Host: assets.braintreegateway.com
URL: https://assets.braintreegateway.com/web/3.50.1/html/hosted-fields-frame.min.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.4.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-4-62.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://assets.braintreegateway.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 02 Jun 2023 22:32:47 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
nginx
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://assets.braintreegateway.com
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
0
xwnv562syfks482r
client-analytics.braintreegateway.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/xwnv562syfks482r
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.4.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-4-62.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://assets.braintreegateway.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://assets.braintreegateway.com
Access-Control-Max-Age
3000
Connection
keep-alive
Content-Length
0
Date
Fri, 02 Jun 2023 22:32:47 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
checkout.min.js
www.paypalobjects.com/api/ Frame D0D4 		863 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/api/checkout.min.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/button?env=production&style.label=checkout&funding.disallowed=credit%2Cvenmo&domain=gateway.filsam.com&sessionID=uid_fd53af3d67_mji6mzi6ndc&buttonSessionID=uid_95b2ffa39e_mji6mzi6ndc&renderedButtons=paypal&storageID=uid_9f7116db27_mji6mzi6ndc&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQubWluLmpzIn0&uid=90daacde82&version=min&xcomponent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C88) /
Resource Hash
f7d9c8184937ff854afd6da2a3de3fc970ef1c2820795e44e932499540fe5832
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 22:32:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
72802023219fd
dc
ccg11-origin-www-1.paypal.com
content-length
191373
last-modified
Wed, 24 May 2023 16:43:28 GMT
server
ECAcc (frc/4C88)
traceparent
00-000000000000000000072802023219fd-60441a92ace6fb6c-01
etag
W/"646e3eb0-d7ad2"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Sat, 03 Jun 2023 22:32:47 GMT
button.js
www.paypalobjects.com/api/xo/ Frame D0D4 		446 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/api/xo/button.js?date=2023-5-2
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/button?env=production&style.label=checkout&funding.disallowed=credit%2Cvenmo&domain=gateway.filsam.com&sessionID=uid_fd53af3d67_mji6mzi6ndc&buttonSessionID=uid_95b2ffa39e_mji6mzi6ndc&renderedButtons=paypal&storageID=uid_9f7116db27_mji6mzi6ndc&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQubWluLmpzIn0&uid=90daacde82&version=min&xcomponent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CA9) /
Resource Hash
d423b2b316d239308fcb45a1cbf9e68b6436767c2c4f6b4f2fbeb8190fb79f0a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 22:32:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
83c43bdb21e4c
dc
ccg11-origin-www-1.paypal.com
content-length
78632
last-modified
Tue, 28 Mar 2023 15:15:01 GMT
server
ECAcc (frc/4CA9)
traceparent
00-000000000000000000083c43bdb21e4c-061d40acfbcbac07-01
etag
"64230475-6f8fe"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Sat, 03 Jun 2023 22:32:47 GMT
truncated
/ Frame D0D4 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
adf9b3c556710fac2e0f2ecf748a1f82afd023d7957336ef228db33f1deb83d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame D0D4 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb91dfcb049d42c6a9b5b9798498ced5f618b7a5838c15468da7fe38745d4378

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/svg+xml
xwnv562syfks482r
client-analytics.braintreegateway.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/xwnv562syfks482r
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.4.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-4-62.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gateway.filsam.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://gateway.filsam.com
Access-Control-Max-Age
3000
Connection
keep-alive
Content-Length
0
Date
Fri, 02 Jun 2023 22:32:47 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
xwnv562syfks482r
client-analytics.braintreegateway.com/ 		0
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/xwnv562syfks482r
Requested by
Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/dropin/1.20.0/js/dropin.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.4.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-4-62.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://gateway.filsam.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 02 Jun 2023 22:32:47 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
nginx
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://gateway.filsam.com
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
0
graphql
www.paypal.com/ Frame D0D4 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/graphql?GetNativeEligibility
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/xo/button.js?date=2023-5-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7d65f93a8550121583e3a937bfea9c06ffc20881224cb227020eb892282ca233
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-QzaIIWO3uOHH6ela1Yf7z/LRLdGcOO+F0950SzAr72ZDQQ32' 'self' 'unsafe-inline' 'unsafe-eval' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data: https://c.paypal.com; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com; form-action 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

x-app-name
smart-payment-buttons
accept
application/json
Referer
https://www.paypal.com/smart/button?env=production&style.label=checkout&funding.disallowed=credit%2Cvenmo&domain=gateway.filsam.com&sessionID=uid_fd53af3d67_mji6mzi6ndc&buttonSessionID=uid_95b2ffa39e_mji6mzi6ndc&renderedButtons=paypal&storageID=uid_9f7116db27_mji6mzi6ndc&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQubWluLmpzIn0&uid=90daacde82&version=min&xcomponent=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
content-type
application/json

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-QzaIIWO3uOHH6ela1Yf7z/LRLdGcOO+F0950SzAr72ZDQQ32' 'self' 'unsafe-inline' 'unsafe-eval' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data: https://c.paypal.com; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com; form-action 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
date
Fri, 02 Jun 2023 22:32:47 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 varnish
content-encoding
br
x-cache
MISS
paypal-debug-id
f1779047b1c58
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230130-FRA
accept-ch
Sec-CH-UA-Full
traceparent
00-0000000000000000000f1779047b1c58-b78d03c395ffe3b2-01
x-timer
S1685745168.627878,VS0,VE276
etag
W/"674-6f2qZuWJPk1QrvSKvW0G/BU14Fc"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges
none
x-cache-hits
0
logger
www.paypal.com/xoplatform/logger/api/ Frame D0D4 		1012 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
248e7d86339d6b50cdb747b555de6181b4c6ee6916acca13dd4066ef1ab8176a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

x-app-name
checkoutjs
Referer
https://www.paypal.com/smart/button?env=production&style.label=checkout&funding.disallowed=credit%2Cvenmo&domain=gateway.filsam.com&sessionID=uid_fd53af3d67_mji6mzi6ndc&buttonSessionID=uid_95b2ffa39e_mji6mzi6ndc&renderedButtons=paypal&storageID=uid_9f7116db27_mji6mzi6ndc&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQubWluLmpzIn0&uid=90daacde82&version=min&xcomponent=1
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type
application/json

Response headers

date
Fri, 02 Jun 2023 22:32:47 GMT
via
1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS
paypal-debug-id
f1779048ee167
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-fra-eddf8230130-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f1779048ee167-8dae8d36ebd882c9-01
x-timer
S1685745168.642400,VS0,VE172
etag
W/"3f4-6C6dIQL3kredBVhsF2CwLXPSZzc"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0
logger
www.paypal.com/xoplatform/logger/api/ Frame D0D4 		1023 B
993 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/xo/button.js?date=2023-5-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
de7d1aa1746286f05572bc97fab1caeb972c3b1fd219da23db1356e7dc3edcfb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/smart/button?env=production&style.label=checkout&funding.disallowed=credit%2Cvenmo&domain=gateway.filsam.com&sessionID=uid_fd53af3d67_mji6mzi6ndc&buttonSessionID=uid_95b2ffa39e_mji6mzi6ndc&renderedButtons=paypal&storageID=uid_9f7116db27_mji6mzi6ndc&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQubWluLmpzIn0&uid=90daacde82&version=min&xcomponent=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 02 Jun 2023 22:32:47 GMT
via
1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS
paypal-debug-id
f177904a248f3
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-fra-eddf8230130-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f177904a248f3-a11b9492b11651ae-01
x-timer
S1685745168.688669,VS0,VE183
etag
W/"3ff-A249gbW0OMXjPTa5o2qAE6idrjU"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0
ts
t.paypal.com/ 		42 B
803 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Filsam%20Payment%20Gateway&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1685745167753&g=0&completeurl=https%3A%2F%2Fgateway.filsam.com%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gateway.filsam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-cache-hits
0
date
Fri, 02 Jun 2023 22:32:47 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
8ef368e925b75
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-eddf8230076-FRA
pragma
no-cache
correlation-id
8ef368e925b75
traceparent
00-00000000000000000008ef368e925b75-081160bf75e7544f-01
x-timer
S1685745168.835607,VS0,VE157
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Jun 2023 22:32:47 GMT
12.b109e0c6fd2a5b6b93b2.songbird.js
includes.ccdc02.com/cardinalcruise/v1/b109e0c6fd2a5b6b93b2/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://includes.ccdc02.com/cardinalcruise/v1/b109e0c6fd2a5b6b93b2/12.b109e0c6fd2a5b6b93b2.songbird.js
Requested by
Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/cardinalcruise/v1/songbird.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
198.217.251.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a029f8651c1abf6eb77706476716f84fa986d95ba7f3ade6583106f6f678f3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://gateway.filsam.com/
Origin
https://gateway.filsam.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 22:32:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
cf-cache-status
MISS
content-length
9688
last-modified
Tue, 01 Mar 2022 19:58:10 GMT
server
cloudflare
etag
"0f522ada62dd81:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=15552000
accept-ranges
bytes
cf-ray
7d13278789516957-FRA
expires
Wed, 29 Nov 2023 22:32:49 GMT
Init
centinelapi.cardinalcommerce.com/V1/Order/JWT/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://centinelapi.cardinalcommerce.com/V1/Order/JWT/Init
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::c6d9:fbfa , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-cardinal-tid
Access-Control-Request-Method
POST
Origin
https://gateway.filsam.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type, x-cardinal-tid
access-control-allow-methods
GET,POST,HEAD,OPTIONS
access-control-allow-origin
https://gateway.filsam.com
access-control-expose-headers
Access-Control-Allow-Origin
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cf-cache-status
DYNAMIC
cf-ray
7d13278b4e1718f5-FRA
content-length
0
date
Fri, 02 Jun 2023 22:32:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kY5uMcwsj2dKYYslKHoSDNmDkId7637uTC%2FfRrk4qQ7eJKcVlLsaN0zQM%2F0tNoZL9RFwTl6JiPeLfb08gyQWPesB781l7jNILOVkQEgfqvpYLagDPAkrOyzhYn3N%2F9gDebI4GCsyX%2BKknV8QdgSky%2FGEljuuxe7igkjylKx8"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Init
centinelapi.cardinalcommerce.com/V1/Order/JWT/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://centinelapi.cardinalcommerce.com/V1/Order/JWT/Init
Requested by
Host: includes.ccdc02.com
URL: https://includes.ccdc02.com/cardinalcruise/v1/b109e0c6fd2a5b6b93b2/1.b109e0c6fd2a5b6b93b2.songbird.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::c6d9:fbfa , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e970af248fe16f3aecde3340e10f9be1aacbb2daabb0c61a4c2fdad527d54d00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://gateway.filsam.com/
X-Cardinal-Tid
Tid-c856979d-930d-42f2-b418-7df9acc957e3
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Fri, 02 Jun 2023 22:32:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S6HH8p5okY7%2Bf2Cm5gkbpc5pBVfhgx6LIB4WKUtPFpIOY9i7T4HXxzC2b5nuQGU2eSuJCd8InP1v9snetZUyqyWy7JWgae%2BxVi6auaUDevJR8rWOkj%2BMbl%2FXbVTepTV17ZZWicxwrAlxphTFCkL0ur2pOZ2PntQvZ%2FVIHLDU"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://gateway.filsam.com
access-control-expose-headers
Access-Control-Allow-Origin
access-control-allow-credentials
true
cf-ray
7d13278c8f4718f5-FRA
11.b109e0c6fd2a5b6b93b2.songbird.js
includes.ccdc02.com/cardinalcruise/v1/b109e0c6fd2a5b6b93b2/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://includes.ccdc02.com/cardinalcruise/v1/b109e0c6fd2a5b6b93b2/11.b109e0c6fd2a5b6b93b2.songbird.js
Requested by
Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/cardinalcruise/v1/songbird.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
198.217.251.238 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87377a76242a921e0058aed55a8a705d9469eb122a5d26c6f3ff2e50fa55d127
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://gateway.filsam.com/
Origin
https://gateway.filsam.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 22:32:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
cf-cache-status
MISS
content-length
10265
last-modified
Tue, 01 Mar 2022 19:58:10 GMT
server
cloudflare
etag
"0f522ada62dd81:0"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=15552000
accept-ranges
bytes
cf-ray
7d13278e1edf6957-FRA
expires
Wed, 29 Nov 2023 22:32:50 GMT
Render
geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/ Frame F29C 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=5c6ddc1d356dce155ccfe4a9&tmEventType=PAYMENT&referenceId=1_47be638c-f325-4079-b5ca-ae52b159d3e8&geolocation=false&origin=Songbird
Requested by
Host: includes.ccdc02.com
URL: https://includes.ccdc02.com/cardinalcruise/v1/b109e0c6fd2a5b6b93b2/1.b109e0c6fd2a5b6b93b2.songbird.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::c6d9:fbfb , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
a796f0021da7dd799a8bcc6e45e34aca913cce1156d3dbf9a54a43cdfede6faa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://gateway.filsam.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7d13278e2db49bc2-FRA
content-encoding
gzip
content-language
de-DE
content-length
912
content-type
text/html;charset=UTF-8
date
Fri, 02 Jun 2023 22:32:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="This site does not have a p3p policy."
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lBs%2FuCeBh%2BzdLPGUDndioIHJ5CAg83oB%2ByJGZVfZe%2FB14YU%2FylI9e9xREs0OWnVRyKxeiB4elLvPg0ijJjhWe3EB%2B%2B4NcmdM968FqEf4O7SaANJHb5Ogel53t%2BUwt6OnOa6cqrGsk1yUdQualZnT9ex1Lv3S6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers, Accept-Encoding
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ Frame F29C 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: geo.cardinalcommerce.com
URL: https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=5c6ddc1d356dce155ccfe4a9&tmEventType=PAYMENT&referenceId=1_47be638c-f325-4079-b5ca-ae52b159d3e8&geolocation=false&origin=Songbird
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.cardinalcommerce.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 22:32:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
713877
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27958
last-modified
Mon, 04 May 2020 23:01:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb09ed3-15d84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7zoiiXEk0TGUuMsjULRgjPIEBniAubbXS1mbvkmKDu2tsSCACymNLsh9%2FYuddWjydD4Vy1EVbeoozz0mlJjNt1ud8tVbUyU5XJPI6xNZyAw9NhYHk7RPx1d2qouMvVJU0Bv0Xn%2BYyMjOHmmyW4IGdp49"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7d1327904c689b25-FRA
expires
Wed, 22 May 2024 22:32:49 GMT
json3.min.js
cdnjs.cloudflare.com/ajax/libs/json3/3.3.2/ Frame F29C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/json3/3.3.2/json3.min.js
Requested by
Host: geo.cardinalcommerce.com
URL: https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=5c6ddc1d356dce155ccfe4a9&tmEventType=PAYMENT&referenceId=1_47be638c-f325-4079-b5ca-ae52b159d3e8&geolocation=false&origin=Songbird
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7c3e64ef84e5290feef3e6e6943c4618cd3b609995b6d7bde6e898b06bbf5d5a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.cardinalcommerce.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 22:32:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
716744
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3209
last-modified
Mon, 04 May 2020 16:11:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec9-1fd1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LqOyXaTc06V7PRer9wDGFBA6vKGZfs5eSmPB2kha56u4Z3KmWzJrwPyJJvyYBZkx4yMA%2BQiinhyBY4L3KfvoCVaUAzNsw4u7BMw1XygJcxRnZr2CbTQtnrHwmmrKpuQJn72Wy%2BOhz1AA0VA28QcLZCQu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7d1327905c699b25-FRA
expires
Wed, 22 May 2024 22:32:49 GMT
6d028a6f5c5c7a8f8dbd924b0fc274afbf37412e.min.js
geo.cardinalcommerce.com/DeviceFingerprintWeb/includes/js/ Frame F29C 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.cardinalcommerce.com/DeviceFingerprintWeb/includes/js/6d028a6f5c5c7a8f8dbd924b0fc274afbf37412e.min.js
Requested by
Host: geo.cardinalcommerce.com
URL: https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=5c6ddc1d356dce155ccfe4a9&tmEventType=PAYMENT&referenceId=1_47be638c-f325-4079-b5ca-ae52b159d3e8&geolocation=false&origin=Songbird
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::c6d9:fbfb , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
d59d7ef453977062a7c216e3fa8d62c26a8e49b62c1625d23f655ed457f10808
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=5c6ddc1d356dce155ccfe4a9&tmEventType=PAYMENT&referenceId=1_47be638c-f325-4079-b5ca-ae52b159d3e8&geolocation=false&origin=Songbird
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 22:32:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
623006
p3p
CP="This site does not have a p3p policy."
content-length
13047
last-modified
Mon, 15 May 2023 14:27:10 GMT
server
cloudflare
vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=El%2FdnkUGue8R1VoWiS958oYXO1ibpxrI8%2FHWLfk8e5GM1w%2Brt%2FOQNv2mcH3x7CVbeiPhl%2FgMZMN0qg5pmoC9WqXjGpKEY9SsPqGmgY7oP4xSL7nNXUKKgu%2BksKcn3BhsZStks08%2FzqCoS7CHsIdiYoJNxfKNhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
7d13278f8f159bc2-FRA
expires
Sun, 02 Jul 2023 22:32:49 GMT
profiler.min-9b15af370acf9a49c263d6ce6eb98aad.js
geo.cardinalcommerce.com/DeviceFingerprintWeb/includes/js/ Frame F29C 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.cardinalcommerce.com/DeviceFingerprintWeb/includes/js/profiler.min-9b15af370acf9a49c263d6ce6eb98aad.js
Requested by
Host: geo.cardinalcommerce.com
URL: https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=5c6ddc1d356dce155ccfe4a9&tmEventType=PAYMENT&referenceId=1_47be638c-f325-4079-b5ca-ae52b159d3e8&geolocation=false&origin=Songbird
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::c6d9:fbfb , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4e9feb1d841e6203ec015683d93cbb37565b5e1b777c2ecc73e1bf2e1634feba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=5c6ddc1d356dce155ccfe4a9&tmEventType=PAYMENT&referenceId=1_47be638c-f325-4079-b5ca-ae52b159d3e8&geolocation=false&origin=Songbird
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 22:32:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
801864
p3p
CP="This site does not have a p3p policy."
cf-bgj
minify
last-modified
Mon, 15 May 2023 14:27:24 GMT
server
cloudflare
etag
W/"9b15af370acf9a49c263d6ce6eb98aad"
vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XajNFZL%2FJkR3f%2BNg31tLjghctIDEhHd3mozWEK3vOqtljREliLtxgtpP%2BlI5oKWumn0czIB%2BsW4nlqQQ1%2BRSOhNz1H4%2BeBcvQ8%2B1PXG0zZeeWntJI3AZ7yh2B6khPuOTifTvo2X9dlnvYmz%2F5JAysCxOWPP08w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
7d13278f8f179bc2-FRA
expires
Sun, 02 Jul 2023 22:32:49 GMT
acsprofiler.min-778cef0df8df664fcb2495b12cc3e6ea.js
geo.cardinalcommerce.com/DeviceFingerprintWeb/includes/js/ Frame F29C 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.cardinalcommerce.com/DeviceFingerprintWeb/includes/js/acsprofiler.min-778cef0df8df664fcb2495b12cc3e6ea.js
Requested by
Host: geo.cardinalcommerce.com
URL: https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=5c6ddc1d356dce155ccfe4a9&tmEventType=PAYMENT&referenceId=1_47be638c-f325-4079-b5ca-ae52b159d3e8&geolocation=false&origin=Songbird
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::c6d9:fbfb , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
883044c771e73c1ec7eb13890f838d2574243667a0ee7c777601173695842e92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=5c6ddc1d356dce155ccfe4a9&tmEventType=PAYMENT&referenceId=1_47be638c-f325-4079-b5ca-ae52b159d3e8&geolocation=false&origin=Songbird
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 22:32:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
801864
p3p
CP="This site does not have a p3p policy."
cf-bgj
minify
last-modified
Mon, 15 May 2023 14:27:26 GMT
server
cloudflare
etag
W/"778cef0df8df664fcb2495b12cc3e6ea"
vary
accept-encoding,origin,access-control-request-headers,access-control-request-method,accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eXWXzFnXL40wkrTfvpuXEuhaEDGve0m%2F2B3uX5NhmeXRMkWkqSR8rLzMfcvImy9Sx7mU9OtSQOQ8gmgodLBqNm6lOA6HWRHzDxwqeUQwvZ0SBmIiPQ5D%2Bt17TKQnZKFb4NrtwRBCLTHd6Fge9gNIG32am2BBtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
7d13278f8f189bc2-FRA
expires
Sun, 02 Jul 2023 22:32:49 GMT
SaveBrowserData
geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/ Frame F29C 		0
0
3.b109e0c6fd2a5b6b93b2.songbird.js
includes.ccdc02.com/cardinalcruise/v1/b109e0c6fd2a5b6b93b2/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
geo.cardinalcommerce.com
URL
https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/SaveBrowserData
Domain
includes.ccdc02.com
URL
https://includes.ccdc02.com/cardinalcruise/v1/b109e0c6fd2a5b6b93b2/3.b109e0c6fd2a5b6b93b2.songbird.js

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| onbeforetoggle object| onscrollend object| braintree object| form string| client_token object| __postRobot__ object| __zoid__ function| onLegacyPaymentAuthorize function| watchForLegacyFallback function| onLegacyFallback string| LOG_LEVEL function| __pptmLoadedWithNoContent object| paypal object| PAYPAL object| ppxo object| paypalDDL function| songbirdLoader object| Cardinal object| __paypal_global__ function| setImmediate function| clearImmediate

9 Cookies

Domain/Path Name / Value
gateway.filsam.com/ Name: PHPSESSID
Value: i8hgp8leh5k220c46ce37bg1j2
.paypal.com/ Name: l7_az
Value: dcg13.slc
.paypal.com/ Name: ts_c
Value: vr%3D7e3deb8d1880a1f1ded9a0b8ffb8697d%26vt%3D7e3deb8d1880a1f1ded9a0b8ffb8697c
.paypal.com/ Name: enforce_policy
Value: gdpr_v2.1
.paypal.com/ Name: LANG
Value: de_DE%3BDE
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTY4NTc0NTE2NzgzMCIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/ Name: tsrce
Value: graphqlnodeweb
www.paypal.com/ Name: nsid
Value: s%3Ai4-H1VJS5_98sIVwOb8Osd0gFHt7WxKD.vC78zD2NXesqL%2BAAOjEXgD%2F%2FO5OfPbXQN84tAJSz2iM
.paypal.com/ Name: ts
Value: vreXpYrS%3D1780353167%26vteXpYrS%3D1685746967%26vr%3D7e3deb8d1880a1f1ded9a0b8ffb8697d%26vt%3D7e3deb8d1880a1f1ded9a0b8ffb8697c%26vtyp%3Dnew

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.braintreegateway.com
cdnjs.cloudflare.com
centinelapi.cardinalcommerce.com
client-analytics.braintreegateway.com
gateway.filsam.com
geo.cardinalcommerce.com
includes.ccdc02.com
js.braintreegateway.com
payments.braintree-api.com
songbird.cardinalcommerce.com
t.paypal.com
www.paypal.com
www.paypalobjects.com
geo.cardinalcommerce.com
includes.ccdc02.com
13.248.139.42
143.204.215.123
151.101.193.21
151.101.65.35
18.66.192.73
192.229.221.25
198.217.251.238
2606:4700:3036::ac43:d45f
2606:4700::6811:190e
2606:4700::c6d9:fbfa
2606:4700::c6d9:fbfb
3.64.4.62
17826da2878c45b658830cb3fb2a36cc9b0cbf9c515f7f230851ca29345f920e
248e7d86339d6b50cdb747b555de6181b4c6ee6916acca13dd4066ef1ab8176a
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
2fce960620f0d8500bd6d37bc87230ee23df34fb6966e3a4505a7c37b5910c5c
3664aab2a5a0e584a27b81212936155b2bebe975b9c0989e9d05fb56c90c2a57
4e9feb1d841e6203ec015683d93cbb37565b5e1b777c2ecc73e1bf2e1634feba
50eb773d3595b8f6bde7493ea0a2f5641b4b39e5a00794521dd66182aeab95f0
5a029f8651c1abf6eb77706476716f84fa986d95ba7f3ade6583106f6f678f3a
60ded7c3e9031c60ef3d19252417b8c6c88a6a7ae60f94df9c08243ce024f943
65ead48a8e7738ea8817ae846e38cb113f5f728cb20e84e4699fc006352fe153
69976183a43f554653d0e0631500b3dfaf2471935f734bf2ebe7a5cd34a17ed3
6b77584e460a260308bc788ebd88fde8ffa478cc62651d16b7366bdff4f1ced5
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7558c2d80b9b8614cb20237ea0fe90a4c8b737672fe9e7bc67885e899bcf579f
7c3e64ef84e5290feef3e6e6943c4618cd3b609995b6d7bde6e898b06bbf5d5a
7d65f93a8550121583e3a937bfea9c06ffc20881224cb227020eb892282ca233
8579e57b7727c4fd0af13a7ee35cf6532ecca7030fac994602548308ed6d5131
87377a76242a921e0058aed55a8a705d9469eb122a5d26c6f3ff2e50fa55d127
883044c771e73c1ec7eb13890f838d2574243667a0ee7c777601173695842e92
a796f0021da7dd799a8bcc6e45e34aca913cce1156d3dbf9a54a43cdfede6faa
adf9b3c556710fac2e0f2ecf748a1f82afd023d7957336ef228db33f1deb83d3
cdfffb141a0f00f9e32125186178ad5db17a02e4e6346345740ffa782ed62c74
cf2541e13f9cdce1caf0645041686bb774a62b5422808c023fb8b5ac60d5642c
d423b2b316d239308fcb45a1cbf9e68b6436767c2c4f6b4f2fbeb8190fb79f0a
d59d7ef453977062a7c216e3fa8d62c26a8e49b62c1625d23f655ed457f10808
de7d1aa1746286f05572bc97fab1caeb972c3b1fd219da23db1356e7dc3edcfb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44133cf24bc0b3ace873a5719e5da1acd8b0b0414899a21f4a9e7a3c09e2223
e970af248fe16f3aecde3340e10f9be1aacbb2daabb0c61a4c2fdad527d54d00
f22a0e84ec46a1b6f7e9f6b2ae0af2da130afa372a1bde588a2a00217853e9e4
f7d9c8184937ff854afd6da2a3de3fc970ef1c2820795e44e932499540fe5832
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fb91dfcb049d42c6a9b5b9798498ced5f618b7a5838c15468da7fe38745d4378