laptop-payments.endlessos.org Open in urlscan Pro
151.101.194.132 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://laptop-payments.endlessos.org/
Submission: On March 31 via automatic, source certstream-suspicious (March 31st 2023, 4:04:18 pm UTC) — Scanned from DE

Summary HTTP 50 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 11 domains to perform 50 HTTP transactions. The main IP is 151.101.194.132, located in United States and belongs to FASTLY, US. The main domain is laptop-payments.endlessos.org.
TLS certificate: Issued by R3 on March 31st 2023. Valid for: 3 months.

This is the only time laptop-payments.endlessos.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	151.101.194.132 151.101.194.132	54113 (FASTLY) (FASTLY)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
6	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	34.102.176.152 34.102.176.152	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2606:4700::68... 2606:4700::6812:135f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
10	151.101.193.21 151.101.193.21	54113 (FASTLY) (FASTLY)
6	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
6	151.101.65.35 151.101.65.35	54113 (FASTLY) (FASTLY)
1 2	64.4.245.84 64.4.245.84	17012 (PAYPAL) (PAYPAL)
50	14

4 151.101.194.132 (United States)

ASN54113 (FASTLY, US)

laptop-payments.endlessos.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.176.152 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 152.176.102.34.bc.googleusercontent.com

static.wixstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:135f (United States)

ASN13335 (CLOUDFLARENET, US)

config.gorgias.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.gorgias.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.193.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.65.35 (United States)

ASN54113 (FASTLY, US)

c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.245.84 (United States) 1 redirects

ASN17012 (PAYPAL, US)

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	paypal.com 1 redirects www.paypal.com — Cisco Umbrella Rank: 2477 t.paypal.com — Cisco Umbrella Rank: 3199 c.paypal.com — Cisco Umbrella Rank: 5512 b.stats.paypal.com — Cisco Umbrella Rank: 5099 dub.stats.paypal.com — Cisco Umbrella Rank: 21041 c6.paypal.com — Cisco Umbrella Rank: 6640	349 KB
6	gorgias.chat config.gorgias.chat — Cisco Umbrella Rank: 9849 assets.gorgias.chat — Cisco Umbrella Rank: 12059	341 KB
6	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 374	190 KB
4	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2321	35 KB
4	endlessos.org laptop-payments.endlessos.org	41 KB
3	gstatic.com fonts.gstatic.com	47 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2284	263 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	77 KB
1	wixstatic.com static.wixstatic.com — Cisco Umbrella Rank: 5346	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	2 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 756	24 KB
50	11

	Domain	Requested by
10	www.paypal.com	laptop-payments.endlessos.org www.paypal.com www.paypalobjects.com
6	cdn.jsdelivr.net	laptop-payments.endlessos.org cdn.jsdelivr.net
5	c.paypal.com	www.paypal.com c.paypal.com
4	www.paypalobjects.com	laptop-payments.endlessos.org www.paypal.com www.paypalobjects.com
4	laptop-payments.endlessos.org	laptop-payments.endlessos.org
3	assets.gorgias.chat	config.gorgias.chat
3	fonts.gstatic.com	fonts.googleapis.com
3	config.gorgias.chat	laptop-payments.endlessos.org config.gorgias.chat
2	t.paypal.com	laptop-payments.endlessos.org
1	c6.paypal.com
1	dub.stats.paypal.com	www.paypal.com
1	b.stats.paypal.com	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	laptop-payments.endlessos.org
1	static.wixstatic.com	laptop-payments.endlessos.org
1	fonts.googleapis.com	laptop-payments.endlessos.org
1	code.jquery.com	laptop-payments.endlessos.org
50	17

This site contains no links.

Subject Issuer	Validity	Valid
laptop-payments.endlessos.org R3	`2023-03-31` - `2023-06-29`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.wixstatic.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-05` - `2023-09-01`	6 months	crt.sh
gorgias.chat Cloudflare Inc ECC CA-3	`2023-02-09` - `2023-05-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-13` - `2023-06-05`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-11-10` - `2023-11-10`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://laptop-payments.endlessos.org/
Frame ID: F95126F3087E47CDF103FE5FEA347945
Requests: 30 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?style.label=pay&style.layout=vertical&style.color=gold&style.shape=pill&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.361&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWF0VVVac1JZb1VMZmxmdFl4cUFqM21ISkhyZmJqN0wyY2FzQ0o3U3pXaTlvZ3BQUGs1d1kyUUppcEpwWWhUdWJqdEhMbHhMc1JCNFNnNk4mdmF1bHQ9dHJ1ZSZpbnRlbnQ9c3Vic2NyaXB0aW9uJmRpc2FibGUtZnVuZGluZz1jcmVkaXQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9ocGhnZ2NpZmRtdWdpb3lpc21haWduaGlxZXdyZmkifX0&clientID=AatUUZsRYoULflftYxqAj3mHJHrfbj7L2casCJ7SzWi9ogpPPk5wY2QJipJpYhTubjtHLlxLsRB4Sg6N&sdkCorrelationID=f185647221122&storageID=uid_06032e0bac_mty6mdq6mtq&sessionID=uid_a66ce90ada_mty6mdq6mtq&buttonSessionID=uid_93980c9475_mty6mdq6mtq&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=subscription_setup&currency=USD&intent=subscription&commit=true&vault=true&disableFunding.0=credit&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Frame ID: 21B88D71E0CE5DB14FC862585C4B2B9E
Requests: 7 HTTP requests in this frame

Frame: https://www.paypalobjects.com/js-sdk-logos/2.2.6/paypal-blue.svg
Frame ID: 256A66F9085396AFF11773742CDC751F
Requests: 2 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: E224315D6324CD370C2C6B46F2E9A4CB
Requests: 2 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: F393D11C743F0DE9C3D97F508B4D21C8
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_a66ce90ada_mty6mdq6mtq&s=SMART_PAYMENT_BUTTONS
Frame ID: F1E3646E9520DFFC7B853DEF4104B11D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Endless Laptop

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

50
Requests

92 %
HTTPS

54 %
IPv6

11
Domains

17
Subdomains

14
IPs

3
Countries

1109 kB
Transfer

2718 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://b.stats.paypal.com/v2/counter.cgi?p=uid_a66ce90ada_mty6mdq6mtq&s=SMART_PAYMENT_BUTTONS HTTP 302
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_a66ce90ada_mty6mdq6mtq&s=SMART_PAYMENT_BUTTONS

50 HTTP transactions
-1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
laptop-payments.endlessos.org/ 6 KB
6 KB 586ms
497ms Document
text/html 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://laptop-payments.endlessos.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b7cb85653649d42a266ed2324a1ad7178d965b30d9516225da813e615ccbc3fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: max-age=600, s-maxage=3600
content-length: 5771
content-type: text/html
date: Fri, 31 Mar 2023 16:04:12 GMT
etag: "c177c40ea875471ee28a8294e1c28e95"
last-modified: Tue, 25 Jan 2022 20:29:38 GMT
server: AmazonS3
strict-transport-security: max-age=604800
via: 1.1 varnish
x-amz-id-2: nwq4mORg7oQu/gGVGh3a1Fei/wTv3uLBdW8Qn/qbrAhUb5V05g7yHBx43QJYLso3yIKorCw/O+0=
x-amz-request-id: ZRS0FBWSHQWD95ZC
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230134-FRA
x-timer: S1680278652.203560,VS0,VE490

GET
H2 200 jquery-3.5.1.slim.min.js Show response
code.jquery.com/ 71 KB
24 KB 180ms
24ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.slim.min.js
Requested by: Host: laptop-payments.endlessos.org
URL: https://laptop-payments.endlessos.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db

Request headers

Referer: https://laptop-payments.endlessos.org/
Origin: https://laptop-payments.endlessos.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 16:04:12 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-11abc"
vary: Accept-Encoding
x-hw: 1680278652.dop242.fr8.t,1680278652.cds233.fr8.hn,1680278652.cds240.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24606

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/ 82 KB
22 KB 40ms
21ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js

Requested by

Host: laptop-payments.endlessos.org
URL: https://laptop-payments.endlessos.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://laptop-payments.endlessos.org/
Origin: https://laptop-payments.endlessos.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 16:04:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3223834
x-jsd-version: 4.6.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230133-FRA, cache-yyz4552-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"1499a-rsVR5NVzRjCI/KfRT7ZE6zifGDk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FisISJFVLkrIOQUAXO6OGLZKRz5BlJkK6GyozYjd5fk1HbIUPrfiCiCLQw8sy81PdvimEKSlGEWRccXnTt8UKczsaZ%2BYSMJsi3l7qchgFf8%2BmhXnN0VSOhtf%2FtEz%2FpQmgEiOYxlema2FB3fmmsQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7b09d3ab8fb59007-FRA

GET
H2 200 intlTelInput.min.js Show response
cdn.jsdelivr.net/npm/intl-tel-input@17.0.13/build/js/ 29 KB
11 KB 36ms
17ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/intl-tel-input@17.0.13/build/js/intlTelInput.min.js

Requested by

Host: laptop-payments.endlessos.org
URL: https://laptop-payments.endlessos.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8f6de98e9dfdcfe1e69e2c779b2f03c2ef56116eedd6341bcee226d87819c6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://laptop-payments.endlessos.org/
Origin: https://laptop-payments.endlessos.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 16:04:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3223620
x-jsd-version: 17.0.13
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230124-FRA, cache-yyz4559-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"7351-nAoMrxZYiRoDxgMLKhy+lFcZtCA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYYsUQXCK%2BoK%2FUJlQRpZ1O%2BhTZXUbSTRkj22q%2FHdMix3Ta8qArHMbuZkBWPmOrICOM8SBzOiLZRBJyVGe2QudZSiNHdi4GZSXcpj4W51aZDTeHbfFzOlrFG0pYy3KZodfCBc9SbFIyLmy1mIvTc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7b09d3ab8fb69007-FRA

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/ 158 KB
25 KB 34ms
16ms Stylesheet
text/css 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css

Requested by

Host: laptop-payments.endlessos.org
URL: https://laptop-payments.endlessos.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://laptop-payments.endlessos.org/
Origin: https://laptop-payments.endlessos.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 16:04:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3223835
x-jsd-version: 4.6.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230111-FRA, cache-yyz4545-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VmzSm7p%2BUmwPwZTTFSf6TZuSLXUSbB3LeOI5kpJWPJImeJiausDt7Z%2FEkXKkFxkQdcX2ughaGLsFePyPu4Os2pHakcl0jDhrXBpY05AddMBBgfi47YMx9md%2FbAlH19JWpmTSSyxbyye8uUwlnlk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7b09d3ab8fb29007-FRA

GET
H2 200 intlTelInput.min.css
cdn.jsdelivr.net/npm/intl-tel-input@17.0.13/build/css/ 19 KB
3 KB 33ms
15ms Stylesheet
text/css 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/intl-tel-input@17.0.13/build/css/intlTelInput.min.css

Requested by

Host: laptop-payments.endlessos.org
URL: https://laptop-payments.endlessos.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6956e8710cf477f7014440385ae16ee4b8cc7ecfd02fddd4d2f0c6c7fd15845

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://laptop-payments.endlessos.org/
Origin: https://laptop-payments.endlessos.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 16:04:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3223620
x-jsd-version: 17.0.13
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230119-FRA, cache-yyz4550-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"4ad5-/7iiVjPE3eq4HRsXQqwv0LRCpMY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dq9uTwl7Pb5Ql%2FxfDZ1XXtk6hCjR62lBAWx07pU4O6508n1W%2BaUkV8C6bV4Eo3f8mSjVIfBllXQMBUUAk%2BAGLaIr6nBgQ2jSK%2B73qJbiPZlJa64Nh9p6lrScU%2BZlnPpfv8C4j%2BJo1KyvsARTjgw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7b09d3ab8fb49007-FRA

GET
H2 200 styles.css
laptop-payments.endlessos.org/ 1 KB
1 KB 469ms
468ms Stylesheet
text/css 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://laptop-payments.endlessos.org/styles.css

Requested by

Host: laptop-payments.endlessos.org
URL: https://laptop-payments.endlessos.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bc36e175fef6cf8e701fa63a62f49720172953a6f7d539a7f34c7769dc701468

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://laptop-payments.endlessos.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 16:04:13 GMT
via: 1.1 varnish
strict-transport-security: max-age=604800
x-amz-request-id: R6G0G7Z0QZ3MFHF7
age: 0
x-cache: MISS
content-length: 1192
x-amz-id-2: 9MxmqJXBu3JUxWoiMbeMsF8nj3tbDuoZqoeEuGuhioK+irgGFrRWtVPJbJufJDRpgJBMYfOmijA=
x-served-by: cache-fra-eddf8230134-FRA
last-modified: Tue, 25 Jan 2022 20:29:38 GMT
server: AmazonS3
x-timer: S1680278653.706613,VS0,VE452
etag: "0538dc20d132b056c2b4ae377472dad8"
content-type: text/css
cache-control: max-age=600, s-maxage=3600
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 css2
fonts.googleapis.com/ 25 KB
2 KB 40ms
18ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: laptop-payments.endlessos.org
URL: https://laptop-payments.endlessos.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca00e9050ed6adef62cc61def53f61c9e985afa226c8230d4113e2beb89e10e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://laptop-payments.endlessos.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 31 Mar 2023 16:04:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 31 Mar 2023 14:10:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 31 Mar 2023 16:04:12 GMT

GET
H2 200 settings.js Show response
laptop-payments.endlessos.org/ 1 KB
2 KB 519ms
518ms Script
text/javascript 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://laptop-payments.endlessos.org/settings.js

Requested by

Host: laptop-payments.endlessos.org
URL: https://laptop-payments.endlessos.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

8ae7f6b594f98002fea2c5fd7195635437851db5b0ca6e0df585321650f19f13

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://laptop-payments.endlessos.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 16:04:13 GMT
via: 1.1 varnish
strict-transport-security: max-age=604800
x-amz-request-id: R6GDJB1BAXXEW8KC
age: 0
x-cache: MISS
content-length: 1398
x-amz-id-2: N9EgCEYaWHZALh+9KIDer9fcuJ9hEfgaMjMlmZ61Tu819Rn5wXyo6SOmgpYU1y4sp3efMMwsPdA=
x-served-by: cache-fra-eddf8230134-FRA
last-modified: Wed, 21 Dec 2022 05:08:33 GMT
server: AmazonS3
x-timer: S1680278653.706676,VS0,VE512
etag: "4b9c18522698a48bd5b4f3e3b70a9f86"
content-type: text/javascript
cache-control: max-age=600, s-maxage=3600
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 Group%207%20Copy.webp
static.wixstatic.com/media/b2b0b7_f34d593debcc4bf39d969126570f3c7f~mv2.png/v1/crop/x_0,y_0,w_317,h_91/fill/w_132,h_38,al_c,q_85,usm_0.66_1.00_0.01/ 2 KB
2 KB 375ms
349ms Image
image/webp 34.102.176.152
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/b2b0b7_f34d593debcc4bf39d969126570f3c7f~mv2.png/v1/crop/x_0,y_0,w_317,h_91/fill/w_132,h_38,al_c,q_85,usm_0.66_1.00_0.01/Group%207%20Copy.webp
Requested by: Host: laptop-payments.endlessos.org
URL: https://laptop-payments.endlessos.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 152.176.102.34.bc.googleusercontent.com
Software: openresty/1.21.4.1 /
Resource Hash: 2cd81e79f6ee2c45d9fadfde33d66aeea762136c8e01d27919f7732b1cc38c43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://laptop-payments.endlessos.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 16:04:13 GMT
via: 1.1 google
server: openresty/1.21.4.1
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=15552000, immutable
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1768
wix-tracer: 2NmoWzt0GBMeKeznolKxa51zZPe
x-seen-by: image-manipulator-54fd5c7947-4jj5v

GET
H2 200 paypal.js Show response
laptop-payments.endlessos.org/ 32 KB
33 KB 679ms
679ms Script
text/javascript 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://laptop-payments.endlessos.org/paypal.js

Requested by

Host: laptop-payments.endlessos.org
URL: https://laptop-payments.endlessos.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

600242141879c14c058dfd0245202d184ed76a1b81c72e2233ab022e2d508992

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://laptop-payments.endlessos.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 16:04:13 GMT
via: 1.1 varnish
strict-transport-security: max-age=604800
x-amz-request-id: R6G1531N5W5SH3TQ
age: 0
x-cache: MISS
content-length: 33086
x-amz-id-2: 97R46m60EY8atXyCS8ZsX9NO1wq/3NUQZJZtDswBlFAtCxREUX+r4axdXDZWLvBVj2gnh0Voz8A=
x-served-by: cache-fra-eddf8230134-FRA
last-modified: Tue, 29 Nov 2022 15:32:45 GMT
server: AmazonS3
x-timer: S1680278653.175629,VS0,VE673
etag: "f369067c4c8ca3009aa3c10b55ec05f1"
content-type: text/javascript
cache-control: max-age=600, s-maxage=3600
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 gorgias-chat-bundle-loader.js Show response
config.gorgias.chat/ 1 KB
1 KB 181ms
147ms Script
application/javascript 2606:4700::6812:135f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://config.gorgias.chat/gorgias-chat-bundle-loader.js?applicationId=12673

Requested by

Host: laptop-payments.endlessos.org
URL: https://laptop-payments.endlessos.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:135f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

728b36c76c281fa4eb550f9a8aece19b7658851630ddae8f1270b9dffccaeef0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://laptop-payments.endlessos.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 16:04:13 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 google
x-permitted-cross-domain-policies: none
cf-cache-status: EXPIRED
content-encoding: br
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
etag: W/"5e3-3WRfFzE53MmY7+jYlGmeadGw9Vs"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
vary: Accept-Encoding
cf-ray: 7b09d3aedd293688-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
77 KB 48ms
25ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-39B13KBM76

Requested by

Host: laptop-payments.endlessos.org
URL: https://laptop-payments.endlessos.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e064b588ddfa22ce35b01637af7db1b06dff5f6257874e2dbcf9478d44c15250

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://laptop-payments.endlessos.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 16:04:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78646
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 31 Mar 2023 16:04:13 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 31ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://laptop-payments.endlessos.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 09:34:56 GMT
x-content-type-options: nosniff
age: 23357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Mar 2024 09:34:56 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 33ms
9ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://laptop-payments.endlessos.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:31:11 GMT
x-content-type-options: nosniff
age: 279182
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:31:11 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 34ms
13ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://laptop-payments.endlessos.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 28 Mar 2023 10:31:10 GMT
x-content-type-options: nosniff
age: 279183
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Mar 2024 10:31:10 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
263 B 36ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-39B13KBM76&gtm=45je33t0&_p=1218223980&cid=282543806.1680278653&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1680278653&sct=1&seg=0&dl=https%3A%2F%2Flaptop-payments.endlessos.org%2F&dt=Endless%20Laptop&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-39B13KBM76
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://laptop-payments.endlessos.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Mar 2023 16:04:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://laptop-payments.endlessos.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.paypal.com/sdk/ 269 KB
74 KB 864ms
823ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AatUUZsRYoULflftYxqAj3mHJHrfbj7L2casCJ7SzWi9ogpPPk5wY2QJipJpYhTubjtHLlxLsRB4Sg6N&vault=true&intent=subscription&disable-funding=credit

Requested by

Host: laptop-payments.endlessos.org
URL: https://laptop-payments.endlessos.org/paypal.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

34e0e44a97ac1a2301df2cb5e23588d6a8c98ab3492d0f009489659a388e7f85

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-c8wj9kB7howC82g0AaQjntPbUDPv1kzeaANZDLsmtCvM2qca' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-c8wj9kB7howC82g0AaQjntPbUDPv1kzeaANZDLsmtCvM2qca' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://laptop-payments.endlessos.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-c8wj9kB7howC82g0AaQjntPbUDPv1kzeaANZDLsmtCvM2qca' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-c8wj9kB7howC82g0AaQjntPbUDPv1kzeaANZDLsmtCvM2qca' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 31 Mar 2023 16:04:14 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 0
x-cache: MISS, MISS
p3p: true
paypal-debug-id: f538311423a13
server-timing: "traceparent;desc="00-0000000000000000000f538311423a13-56a743f3d8595cc7-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 74973
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220052-HHN, cache-fra-eddf8230055-FRA
traceparent: 00-0000000000000000000f538311423a13-00972a3124d7ca81-01
x-timer: S1680278654.905127,VS0,VE815
etag: W/"124dd-1Uow6z/vehgSgn6kGeMgcD9PfCM"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H3 200 flags.png
cdn.jsdelivr.net/npm/intl-tel-input@17.0.13/build/img/ 69 KB
70 KB 25ms
14ms Image
image/png 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/npm/intl-tel-input@17.0.13/build/img/flags.png

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/intl-tel-input@17.0.13/build/css/intlTelInput.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.jsdelivr.net/npm/intl-tel-input@17.0.13/build/css/intlTelInput.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 16:04:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 463667
x-jsd-version: 17.0.13
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 70857
x-served-by: cache-fra-eddf8230102-FRA, cache-jnb7023-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"114c9-IVcsl1Hlo9wgOVvvoPyzScMsSBE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4XvAXqlo4DiliJa3%2Bxc0ACbB3C6QRp%2F4IPXQGakeuwh6i8d7nsGiOqfSbyKl%2FcC64Yy1gd2ZYwOLUUpEz02ci2OnIBDYNZU52wYN%2BDY%2BAEVYs6UUGTrNXwEg1rudvq%2B5zZ3EunvFJKS%2FkpubVoA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7b09d3b2b945923d-FRA

GET
H2 200 gorgias-chat-bundle.js Show response
config.gorgias.chat/ 483 KB
152 KB 160ms
160ms Script
application/javascript 2606:4700::6812:135f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://config.gorgias.chat/gorgias-chat-bundle.js?rev=5f95866c&applicationId=12673

Requested by

Host: config.gorgias.chat
URL: https://config.gorgias.chat/gorgias-chat-bundle-loader.js?applicationId=12673

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:135f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3a3eaf1f5debd1751276a5de8754e9c0914598e9b7276a40988f2587ef9b9bd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://laptop-payments.endlessos.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 16:04:14 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 google
x-permitted-cross-domain-policies: none
cf-cache-status: MISS
content-encoding: br
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
etag: W/"78b16-OOhopxVVOofN7+rrTNvlZDVyFfk"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
cf-ray: 7b09d3b2ab573688-FRA

GET
H2 200 836.js
assets.gorgias.chat/0cfbe53edab90fefa7e42b4165bf439388759eb5/static/js/ 0
13 KB 36ms
16ms Other
application/javascript 2606:4700::6812:135f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.gorgias.chat/0cfbe53edab90fefa7e42b4165bf439388759eb5/static/js/836.js
Requested by: Host: config.gorgias.chat
URL: https://config.gorgias.chat/gorgias-chat-bundle.js?rev=5f95866c&applicationId=12673
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:135f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://laptop-payments.endlessos.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 16:04:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 15338
x-guploader-uploadid: ADPycdubevSj8rKOJ8Dnu_UP-DdSQ7rA7uw4EDZwD-gigGRXAlKFjI_O5N0ifCKIHJLRCLh9al0q6t91c0GmFYBi0tinXOtujfpO
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
last-modified: Fri, 31 Mar 2023 11:35:06 GMT
server: cloudflare
etag: W/"123e90f4b8961a06d3efe543e57b1e33"
vary: Accept-Encoding
x-goog-generation: 1680262506341982
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=hDC//A==, md5=Ej6Q9LiWGgbT7+VD5XseMw==
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-goog-stored-content-length: 13070
cf-ray: 7b09d3b42d933688-FRA
expires: Sat, 30 Mar 2024 11:39:29 GMT

GET
H2 200 gcmw.js
assets.gorgias.chat/0cfbe53edab90fefa7e42b4165bf439388759eb5/static/js/ 0
155 KB 48ms
28ms Other
application/javascript 2606:4700::6812:135f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.gorgias.chat/0cfbe53edab90fefa7e42b4165bf439388759eb5/static/js/gcmw.js
Requested by: Host: config.gorgias.chat
URL: https://config.gorgias.chat/gorgias-chat-bundle.js?rev=5f95866c&applicationId=12673
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:135f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://laptop-payments.endlessos.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 16:04:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 15338
x-guploader-uploadid: ADPycduzR5Y30wltXOsD5IPsgVOHDAIePD0j1YfZK1S4f4iNL5LMZEwB_qGli4LLMiwhkexKss5lyrk-USaPsvFYIixK2w
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
last-modified: Fri, 31 Mar 2023 11:35:05 GMT
server: cloudflare
etag: W/"c21e0743c0b53b4c405f51525cffe456"
vary: Accept-Encoding
x-goog-generation: 1680262505937693
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=STwi0Q==, md5=wh4HQ8C1O0xAX1FSXP/kVg==
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-goog-stored-content-length: 165180
cf-ray: 7b09d3b42d943688-FRA
expires: Sat, 30 Mar 2024 11:39:29 GMT

GET
H2 200 amplitude.js Show response
assets.gorgias.chat/0cfbe53edab90fefa7e42b4165bf439388759eb5/static/js/ 54 KB
18 KB 15ms
15ms Script
application/javascript 2606:4700::6812:135f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.gorgias.chat/0cfbe53edab90fefa7e42b4165bf439388759eb5/static/js/amplitude.js
Requested by: Host: config.gorgias.chat
URL: https://config.gorgias.chat/gorgias-chat-bundle.js?rev=5f95866c&applicationId=12673
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:135f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dc5400bb43079b9db752eec0944f9966e94c56a6af4a014ca05f7437b5ab212

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://laptop-payments.endlessos.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 16:04:14 GMT
content-encoding: br
cf-cache-status: HIT
age: 14949
x-guploader-uploadid: ADPycdvPPAX0b_vboVWFO5rKYhy-C8Vg9nq0--dmJwpCYDAkq6vXZGJurJ2OKZx5qCTnbubZwS2ZRlKvLVT9Enya-jrskw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
last-modified: Fri, 31 Mar 2023 11:35:07 GMT
server: cloudflare
etag: W/"bc2b5841b8f09037a0917de4fb5d0ebe"
vary: Accept-Encoding
x-goog-generation: 1680262507898577
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=CyHqHA==, md5=vCtYQbjwkDegkX3k+10Ovg==
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000
x-goog-stored-content-length: 17289
cf-ray: 7b09d3b47e173688-FRA
expires: Sat, 30 Mar 2024 11:39:29 GMT

GET
H2 200 agents Show response
config.gorgias.chat/applications/12673/ 195 B
725 B 148ms
130ms XHR
application/json 2606:4700::6812:135f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://config.gorgias.chat/applications/12673/agents

Requested by

Host: config.gorgias.chat
URL: https://config.gorgias.chat/gorgias-chat-bundle.js?rev=5f95866c&applicationId=12673

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:135f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3e60e9eaea453163bc0553d589af33420e755e6ec6ba307e7d32816922b2573

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://laptop-payments.endlessos.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 16:04:14 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
via: 1.1 google
x-permitted-cross-domain-policies: none
cf-cache-status: MISS
content-encoding: br
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
etag: W/"c3-chctYBFhj7DK+OhvIgHnTSptqO4"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
vary: Accept-Encoding
cf-ray: 7b09d3b49d7e5c3e-FRA

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 13 KB
6 KB 1101ms
1101ms Script
application/x-javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=laptop-payments.endlessos.org&t=xo&v=5.0.361&source=payments_sdk&client_id=AatUUZsRYoULflftYxqAj3mHJHrfbj7L2casCJ7SzWi9ogpPPk5wY2QJipJpYhTubjtHLlxLsRB4Sg6N&vault=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AatUUZsRYoULflftYxqAj3mHJHrfbj7L2casCJ7SzWi9ogpPPk5wY2QJipJpYhTubjtHLlxLsRB4Sg6N&vault=true&intent=subscription&disable-funding=credit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

29971c6124da625e584ea8124208c5f1b5e31520645a35ffd3ef54784a0b9755

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-EFLN08xBXFCZSTcxamqyX6q3LvfF+N1tKG3dh7+bY5tw+HlD' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://laptop-payments.endlessos.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-EFLN08xBXFCZSTcxamqyX6q3LvfF+N1tKG3dh7+bY5tw+HlD' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 31 Mar 2023 16:04:15 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 0
x-cache: MISS, MISS
paypal-debug-id: f841005ca1415
server-timing: "traceparent;desc="00-0000000000000000000f841005ca1415-51521893f86a4bcb-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4756
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220060-HHN, cache-fra-eddf8230055-FRA
traceparent: 00-0000000000000000000f841005ca1415-e692fa8f5aa0c8cf-01
x-timer: S1680278655.752946,VS0,VE1094
etag: W/"3558-N45F2EynqtmNrK8LCDOMAxJ0nbo"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame 21B8 385 KB
141 KB 408ms
408ms Document
text/html 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?style.label=pay&style.layout=vertical&style.color=gold&style.shape=pill&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.361&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWF0VVVac1JZb1VMZmxmdFl4cUFqM21ISkhyZmJqN0wyY2FzQ0o3U3pXaTlvZ3BQUGs1d1kyUUppcEpwWWhUdWJqdEhMbHhMc1JCNFNnNk4mdmF1bHQ9dHJ1ZSZpbnRlbnQ9c3Vic2NyaXB0aW9uJmRpc2FibGUtZnVuZGluZz1jcmVkaXQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9ocGhnZ2NpZmRtdWdpb3lpc21haWduaGlxZXdyZmkifX0&clientID=AatUUZsRYoULflftYxqAj3mHJHrfbj7L2casCJ7SzWi9ogpPPk5wY2QJipJpYhTubjtHLlxLsRB4Sg6N&sdkCorrelationID=f185647221122&storageID=uid_06032e0bac_mty6mdq6mtq&sessionID=uid_a66ce90ada_mty6mdq6mtq&buttonSessionID=uid_93980c9475_mty6mdq6mtq&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=subscription_setup&currency=USD&intent=subscription&commit=true&vault=true&disableFunding.0=credit&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe0227691745e45110e94bb14df412753f944d9097048142afeb9af30e2da768

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://laptop-payments.endlessos.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Full
accept-ranges: none
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: br
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Fri, 31 Mar 2023 16:04:15 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"6027e-apC7qX96yWuNRWUIcyV9UHyqIGY"
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p: true
paypal-debug-id: f841005871517
server-timing: "traceparent;desc="00-0000000000000000000f841005871517-8704f4e2349dca2f-01"";content-encoding;desc="br",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f841005871517-476341fdea180fd4-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-served-by: cache-hhn-etou8220067-HHN, cache-fra-eddf8230055-FRA
x-timer: S1680278655.797526,VS0,VE400
x-xss-protection: 1; mode=block

GET
H2 200 paypal-blue.svg
www.paypalobjects.com/js-sdk-logos/2.2.6/ Frame 256A 3 KB
2 KB 72ms
13ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.6/paypal-blue.svg

Requested by

Host: laptop-payments.endlessos.org
URL: https://laptop-payments.endlessos.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48EA) /

Resource Hash

25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 16:04:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 29bd88d728712
dc: ccg11-origin-www-1.paypal.com
content-length: 1217
last-modified: Tue, 07 Mar 2023 16:08:03 GMT
server: ECAcc (ama/48EA)
traceparent: 00-000000000000000000029bd88d728712-ece19032310d9b08-01
etag: W/"64076163-cc2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Fri, 31 Mar 2023 17:04:14 GMT

GET
H2 200 card-white.svg
www.paypalobjects.com/js-sdk-logos/2.2.6/ Frame 256A 1 KB
759 B 71ms
14ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.6/card-white.svg

Requested by

Host: laptop-payments.endlessos.org
URL: https://laptop-payments.endlessos.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48C6) /

Resource Hash

1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 16:04:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: b5a260aa415e2
dc: ccg11-origin-www-1.paypal.com
content-length: 637
last-modified: Tue, 07 Mar 2023 16:08:03 GMT
server: ECAcc (ama/48C6)
traceparent: 00-0000000000000000000b5a260aa415e2-4a5d12a276bd4948-01
etag: W/"64076163-54e"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Fri, 31 Mar 2023 17:04:14 GMT

GET
DATA 200
OK truncated
/ Frame 21B8 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 21B8 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 21B8 269 KB
74 KB 22ms
22ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AatUUZsRYoULflftYxqAj3mHJHrfbj7L2casCJ7SzWi9ogpPPk5wY2QJipJpYhTubjtHLlxLsRB4Sg6N&vault=true&intent=subscription&disable-funding=credit

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.label=pay&style.layout=vertical&style.color=gold&style.shape=pill&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.361&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWF0VVVac1JZb1VMZmxmdFl4cUFqM21ISkhyZmJqN0wyY2FzQ0o3U3pXaTlvZ3BQUGs1d1kyUUppcEpwWWhUdWJqdEhMbHhMc1JCNFNnNk4mdmF1bHQ9dHJ1ZSZpbnRlbnQ9c3Vic2NyaXB0aW9uJmRpc2FibGUtZnVuZGluZz1jcmVkaXQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9ocGhnZ2NpZmRtdWdpb3lpc21haWduaGlxZXdyZmkifX0&clientID=AatUUZsRYoULflftYxqAj3mHJHrfbj7L2casCJ7SzWi9ogpPPk5wY2QJipJpYhTubjtHLlxLsRB4Sg6N&sdkCorrelationID=f185647221122&storageID=uid_06032e0bac_mty6mdq6mtq&sessionID=uid_a66ce90ada_mty6mdq6mtq&buttonSessionID=uid_93980c9475_mty6mdq6mtq&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=subscription_setup&currency=USD&intent=subscription&commit=true&vault=true&disableFunding.0=credit&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

34e0e44a97ac1a2301df2cb5e23588d6a8c98ab3492d0f009489659a388e7f85

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-c8wj9kB7howC82g0AaQjntPbUDPv1kzeaANZDLsmtCvM2qca' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-c8wj9kB7howC82g0AaQjntPbUDPv1kzeaANZDLsmtCvM2qca' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/smart/buttons?style.label=pay&style.layout=vertical&style.color=gold&style.shape=pill&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.361&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWF0VVVac1JZb1VMZmxmdFl4cUFqM21ISkhyZmJqN0wyY2FzQ0o3U3pXaTlvZ3BQUGs1d1kyUUppcEpwWWhUdWJqdEhMbHhMc1JCNFNnNk4mdmF1bHQ9dHJ1ZSZpbnRlbnQ9c3Vic2NyaXB0aW9uJmRpc2FibGUtZnVuZGluZz1jcmVkaXQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9ocGhnZ2NpZmRtdWdpb3lpc21haWduaGlxZXdyZmkifX0&clientID=AatUUZsRYoULflftYxqAj3mHJHrfbj7L2casCJ7SzWi9ogpPPk5wY2QJipJpYhTubjtHLlxLsRB4Sg6N&sdkCorrelationID=f185647221122&storageID=uid_06032e0bac_mty6mdq6mtq&sessionID=uid_a66ce90ada_mty6mdq6mtq&buttonSessionID=uid_93980c9475_mty6mdq6mtq&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=subscription_setup&currency=USD&intent=subscription&commit=true&vault=true&disableFunding.0=credit&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-c8wj9kB7howC82g0AaQjntPbUDPv1kzeaANZDLsmtCvM2qca' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-c8wj9kB7howC82g0AaQjntPbUDPv1kzeaANZDLsmtCvM2qca' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 31 Mar 2023 16:04:15 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1
x-cache: MISS, HIT
p3p: true
paypal-debug-id: f538311423a13
server-timing: "traceparent;desc="00-0000000000000000000f538311423a13-56a743f3d8595cc7-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 74973
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220052-HHN, cache-fra-eddf8230055-FRA
traceparent: 00-0000000000000000000f538311423a13-00972a3124d7ca81-01
x-timer: S1680278655.358693,VS0,VE1
etag: W/"124dd-1Uow6z/vehgSgn6kGeMgcD9PfCM"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
16 KB 13ms
13ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=laptop-payments.endlessos.org&t=xo&v=5.0.361&source=payments_sdk&client_id=AatUUZsRYoULflftYxqAj3mHJHrfbj7L2casCJ7SzWi9ogpPPk5wY2QJipJpYhTubjtHLlxLsRB4Sg6N&vault=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48DA) /

Resource Hash

64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://laptop-payments.endlessos.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 16:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 36f92827c6313
dc: ccg11-origin-www-1.paypal.com
content-length: 16464
last-modified: Tue, 03 May 2022 17:28:29 GMT
server: ECAcc (ama/48DA)
traceparent: 00-000000000000000000036f92827c6313-797e7d8104881b3c-01
etag: "6271663d-da91"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Fri, 31 Mar 2023 17:04:15 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
655 B 194ms
182ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3A9FREBYJJBJUMY-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3A9FREBYJJBJUMY-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=b83bddfa-952c-4b01-897d-7a8e07451d23&fltp=analytics&mrid=9FREBYJJBJUMY&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Endless%20Laptop&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1680278655854&g=0&completeurl=https%3A%2F%2Flaptop-payments.endlessos.org%2F

Requested by

Host: laptop-payments.endlessos.org
URL: https://laptop-payments.endlessos.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/35A8) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://laptop-payments.endlessos.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Mar 2023 16:04:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (lhd/35A8)
traceparent: 00-0000000000000000000f84784d93eb8c-1551ae894040ff43-01
content-type: image/gif
paypal-debug-id: f84784d93eb8c
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 42
expires: Fri, 31 Mar 2023 16:04:15 GMT

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame E224 54 KB
17 KB 12ms
12ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/48B6) /

Resource Hash

8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://laptop-payments.endlessos.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16791
content-type: text/html
date: Fri, 31 Mar 2023 16:04:15 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "6271663d-d994"
expires: Fri, 31 Mar 2023 17:04:15 GMT
last-modified: Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id: d293bb9791823
server: ECAcc (ama/48B6)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000d293bb9791823-f77d7ec8a980a96d-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

GET
H2 200 ts
t.paypal.com/ 42 B
500 B 170ms
169ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A9FREBYJJBJUMY-1&page=muse%3Aoffer%3A%3A%3A9FREBYJJBJUMY-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=b83bddfa-952c-4b01-897d-7a8e07451d23&es=visitorInfoFlowStarted&mrid=9FREBYJJBJUMY&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Endless%20Laptop&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1680278655911&g=0&completeurl=https%3A%2F%2Flaptop-payments.endlessos.org%2F

Requested by

Host: laptop-payments.endlessos.org
URL: https://laptop-payments.endlessos.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/3591) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://laptop-payments.endlessos.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Mar 2023 16:04:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (lhd/3591)
traceparent: 00-0000000000000000000b0ea0345af1d4-8a33184751f28d51-01
content-type: image/gif
paypal-debug-id: b0ea0345af1d4
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 42
expires: Fri, 31 Mar 2023 16:04:16 GMT

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame E224 437 B
1 KB 407ms
407ms Fetch
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3e5f7150fafaaa6ee434513da7ec988a7883b1b4d71ee08de5b23576e5c6ebef

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-bvgfXFvv6nPzbo4i5ANsq9UTDvJIW4ylgMdBoDbIl/hemSk9' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-bvgfXFvv6nPzbo4i5ANsq9UTDvJIW4ylgMdBoDbIl/hemSk9' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish, 1.1 varnish
content-encoding: br
date: Fri, 31 Mar 2023 16:04:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f3730406dcbf9
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220036-HHN, cache-fra-eddf8230055-FRA
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f3730406dcbf9-10f58aeaee3354fe-01
x-timer: S1680278656.128373,VS0,VE399
etag: W/"1b5-3YuMfeGxb2/zSloeXiFxn9KsNEk"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 208ms
193ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Full
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Fri, 31 Mar 2023 16:04:16 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f37304064f832
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f37304064f832-b4a6022e4c1dcb35-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-served-by: cache-hhn-etou8220022-HHN, cache-fra-eddf8230127-FRA
x-timer: S1680278656.932590,VS0,VE186

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 21B8 59 KB
21 KB 81ms
8ms Script
application/javascript 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dcc49c76e2faccba32a3f6c2c419e8f6724a46f2ccd16c822be0bae10268294b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 4, 1, 2048516
date: Fri, 31 Mar 2023 16:04:16 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 5078182
x-cache: HIT, HIT, HIT
paypal-debug-id: 8d02b3197927f
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 20545
x-served-by: cache-sjc10074-SJC, cache-fra-eddf8230048-FRA, cache-fra-eddf8230072-FRA
last-modified: Tue, 31 Jan 2023 20:30:46 GMT
traceparent: 00-00000000000000000008d02b3197927f-a6cbabdc8c2b29e1-01
x-timer: S1680278656.103136,VS0,VE1
etag: W/"63d97a76-ecbf"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-credentials: false
access-control-max-age: 86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Apr 2023 16:04:16 GMT

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 21B8 1022 B
2 KB 206ms
205ms Ping
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2e6669d1c1e29a11560a2ea9bc78f0b0c75776c8af7cca699e6275f4d87c233f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?style.label=pay&style.layout=vertical&style.color=gold&style.shape=pill&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.361&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWF0VVVac1JZb1VMZmxmdFl4cUFqM21ISkhyZmJqN0wyY2FzQ0o3U3pXaTlvZ3BQUGs1d1kyUUppcEpwWWhUdWJqdEhMbHhMc1JCNFNnNk4mdmF1bHQ9dHJ1ZSZpbnRlbnQ9c3Vic2NyaXB0aW9uJmRpc2FibGUtZnVuZGluZz1jcmVkaXQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9ocGhnZ2NpZmRtdWdpb3lpc21haWduaGlxZXdyZmkifX0&clientID=AatUUZsRYoULflftYxqAj3mHJHrfbj7L2casCJ7SzWi9ogpPPk5wY2QJipJpYhTubjtHLlxLsRB4Sg6N&sdkCorrelationID=f185647221122&storageID=uid_06032e0bac_mty6mdq6mtq&sessionID=uid_a66ce90ada_mty6mdq6mtq&buttonSessionID=uid_93980c9475_mty6mdq6mtq&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=subscription_setup&currency=USD&intent=subscription&commit=true&vault=true&disableFunding.0=credit&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 31 Mar 2023 16:04:16 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f37304049edf9
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220071-HHN, cache-fra-eddf8230055-FRA
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f37304049edf9-64f9c9aeec3170bd-01
x-timer: S1680278656.092892,VS0,VE198
etag: W/"3fe-nNhRTFdMilv7HeZk5m3nn+NAiIY"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame F393 160 B
1 KB 154ms
154ms Document
text/html 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full
accept-ranges: none
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
correlation-id: a4a58472cd75e
date: Fri, 31 Mar 2023 16:04:16 GMT
origin-trial: A+THamRrv1ypMR6JeaJx7Wmo8rytLELMAeCL0XGhTihfUtp+dVqcCNYiWxOzySlH2Xk7lzRrFY3mxv6viKT1qggAAACKeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
paypal-debug-id: a4a58472cd75e
server-timing: "traceparent;desc="00-0000000000000000000a4a58472cd75e-5bbfb7e9f0ce3f85-01"";content-encoding;desc="br",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000a4a58472cd75e-def6433eb97c1ba6-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-hhn-etou8220044-HHN, cache-fra-eddf8230072-FRA
x-timer: S1680278656.131798,VS0,VE147
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/v2/ Frame F1E3
Redirect Chain

https://b.stats.paypal.com/v2/counter.cgi?p=uid_a66ce90ada_mty6mdq6mtq&s=SMART_PAYMENT_BUTTONS
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_a66ce90ada_mty6mdq6mtq&s=SMART_PAYMENT_BUTTONS

42 B
299 B

96ms
29ms

Image
image/jpeg

64.4.245.84
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_a66ce90ada_mty6mdq6mtq&s=SMART_PAYMENT_BUTTONS
Requested by: Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.label=pay&style.layout=vertical&style.color=gold&style.shape=pill&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.361&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWF0VVVac1JZb1VMZmxmdFl4cUFqM21ISkhyZmJqN0wyY2FzQ0o3U3pXaTlvZ3BQUGs1d1kyUUppcEpwWWhUdWJqdEhMbHhMc1JCNFNnNk4mdmF1bHQ9dHJ1ZSZpbnRlbnQ9c3Vic2NyaXB0aW9uJmRpc2FibGUtZnVuZGluZz1jcmVkaXQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9ocGhnZ2NpZmRtdWdpb3lpc21haWduaGlxZXdyZmkifX0&clientID=AatUUZsRYoULflftYxqAj3mHJHrfbj7L2casCJ7SzWi9ogpPPk5wY2QJipJpYhTubjtHLlxLsRB4Sg6N&sdkCorrelationID=f185647221122&storageID=uid_06032e0bac_mty6mdq6mtq&sessionID=uid_a66ce90ada_mty6mdq6mtq&buttonSessionID=uid_93980c9475_mty6mdq6mtq&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=subscription_setup&currency=USD&intent=subscription&commit=true&vault=true&disableFunding.0=credit&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Protocol: HTTP/1.1
Server: 64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Fri, 31 Mar 2023 16:04:16 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_a66ce90ada_mty6mdq6mtq&s=SMART_PAYMENT_BUTTONS
Date: Fri, 31 Mar 2023 16:04:16 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame F393 59 KB
21 KB 9ms
9ms Script
application/javascript 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dcc49c76e2faccba32a3f6c2c419e8f6724a46f2ccd16c822be0bae10268294b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits: 4, 1, 2048518
date: Fri, 31 Mar 2023 16:04:16 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 5078182
x-cache: HIT, HIT, HIT
paypal-debug-id: 8d02b3197927f
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 20545
x-served-by: cache-sjc10074-SJC, cache-fra-eddf8230048-FRA, cache-fra-eddf8230072-FRA
last-modified: Tue, 31 Jan 2023 20:30:46 GMT
traceparent: 00-00000000000000000008d02b3197927f-a6cbabdc8c2b29e1-01
x-timer: S1680278656.293166,VS0,VE1
etag: W/"63d97a76-ecbf"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-credentials: false
access-control-max-age: 86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Apr 2023 16:04:16 GMT

GET
H3 200 utils.js Show response
cdn.jsdelivr.net/npm/intl-tel-input@17.0.13/build/js/ 244 KB
58 KB 23ms
23ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/intl-tel-input@17.0.13/build/js/utils.js

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/intl-tel-input@17.0.13/build/js/intlTelInput.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d2990f81d698181eeb17af6f7272c33afb3d5d1c2af61cbdf1607fcb82e8c8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://laptop-payments.endlessos.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 16:04:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3179685
x-jsd-version: 17.0.13
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230082-FRA, cache-yyz4573-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"3cffb-yJshrDBj7lL1qtkGi7pI/CmwyQ8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gsUG8BjOIAxGSzGR3EIsAMPyjMYMB4fvwwRTcfnJi%2BdZnbI8UNpMs9WJiLkC5qiYAr7GXuBUrvbaLQEiJ7Cjma5ESIN%2BuY1x%2Fph2yjrzd1znv1UTPoewmcrWKZKugvGSWfNzwdnonn5DPSR6%2BHY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7b09d3c1e8e3923d-FRA

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame F393 125 B
941 B 192ms
192ms XHR
application/json 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

18b07879f4f97e00413d9094af892405982f8fddb54cfa9eb8934f07ec3cfa8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 31 Mar 2023 16:04:16 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: bffa9dea44f09
server-timing: "traceparent;desc="00-0000000000000000000bffa9dea44f09-d010fbd7787782a6-01"";content-encoding;desc="",x-cdn;desc="fastly"
content-length: 125
x-served-by: cache-hhn-etou8220061-HHN, cache-fra-eddf8230072-FRA
correlation-id: bffa9dea44f09
traceparent: 00-0000000000000000000bffa9dea44f09-443c068fb33598cc-01
content-type: application/json
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 0

POST
H2 204 e Show response
c.paypal.com/v1/r/d/b/ Frame F393 0
391 B 178ms
177ms XHR
text/plain 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 31 Mar 2023 16:04:16 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: 5a4438c8e877e
server-timing: "traceparent;desc="00-00000000000000000005a4438c8e877e-7b653b9972195ccb-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-hhn-etou8220037-HHN, cache-fra-eddf8230072-FRA
correlation-id: 5a4438c8e877e
traceparent: 00-00000000000000000005a4438c8e877e-b9ca6297669da8dc-01
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 0

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame F393 0
262 B 234ms
204ms Image
text/plain 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=uid_a66ce90ada_mty6mdq6mtq&s=SMART_PAYMENT_BUTTONS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 31 Mar 2023 16:04:16 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: 144981635fcfa
server-timing: "traceparent;desc="00-0000000000000000000144981635fcfa-68a5540eda129480-01"";content-encoding;desc="",x-cdn;desc="fastly"
content-length: 0
x-served-by: cache-hhn-etou8220059-HHN, cache-fra-eddf8230072-FRA
correlation-id: 144981635fcfa
traceparent: 00-0000000000000000000144981635fcfa-bc2362e78725904f-01
x-timer: S1680278656.347863,VS0,VE197
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame 21B8 1014 B
2 KB 220ms
220ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2ea89dedd0598226efbcf52c17f26fd1f5d4a8bf05243297759cd1f6c7e0ec4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?style.label=pay&style.layout=vertical&style.color=gold&style.shape=pill&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.361&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWF0VVVac1JZb1VMZmxmdFl4cUFqM21ISkhyZmJqN0wyY2FzQ0o3U3pXaTlvZ3BQUGs1d1kyUUppcEpwWWhUdWJqdEhMbHhMc1JCNFNnNk4mdmF1bHQ9dHJ1ZSZpbnRlbnQ9c3Vic2NyaXB0aW9uJmRpc2FibGUtZnVuZGluZz1jcmVkaXQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9ocGhnZ2NpZmRtdWdpb3lpc21haWduaGlxZXdyZmkifX0&clientID=AatUUZsRYoULflftYxqAj3mHJHrfbj7L2casCJ7SzWi9ogpPPk5wY2QJipJpYhTubjtHLlxLsRB4Sg6N&sdkCorrelationID=f185647221122&storageID=uid_06032e0bac_mty6mdq6mtq&sessionID=uid_a66ce90ada_mty6mdq6mtq&buttonSessionID=uid_93980c9475_mty6mdq6mtq&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=subscription_setup&currency=USD&intent=subscription&commit=true&vault=true&disableFunding.0=credit&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: application/json

Response headers

date: Fri, 31 Mar 2023 16:04:16 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f37304044c374
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220078-HHN, cache-fra-eddf8230055-FRA
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f37304044c374-ea26ffe89f44a528-01
x-timer: S1680278656.361306,VS0,VE212
etag: W/"3f6-ldT2YOgYfbisHTCsQFLON2vtNI4"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: none
x-cache-hits: 0, 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1016 B
2 KB 199ms
198ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

426fa5f714a873b688a267078dec37f7b05a80e0a462505a92ccba78540e8829

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://laptop-payments.endlessos.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: application/json

Response headers

date: Fri, 31 Mar 2023 16:04:16 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f6544222c2569
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220040-HHN, cache-fra-eddf8230127-FRA
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f6544222c2569-dcac49f4272e3f25-01
x-timer: S1680278657.549181,VS0,VE191
etag: W/"3f8-kdSFogmxZxyd2hBZ+X45iSVm6ZY"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://laptop-payments.endlessos.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 186ms
186ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://laptop-payments.endlessos.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Full
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://laptop-payments.endlessos.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Fri, 31 Mar 2023 16:04:16 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f3730400f6ac2
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f3730400f6ac2-bc33d9506a954736-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-hhn-etou8220036-HHN, cache-fra-eddf8230127-FRA
x-timer: S1680278656.362709,VS0,VE179

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.endlessos.org/	1970-01-20 20:20:38	Name: _ga Value: GA1.1.282543806.1680278653
.endlessos.org/	1970-01-20 20:20:38	Name: _ga_39B13KBM76 Value: GS1.1.1680278653.1.0.1680278653.0.0.0
laptop-payments.endlessos.org/	1970-01-20 19:30:14	Name: AMP_9bdc728a74 Value: {"deviceId":"e06e5001-3d07-472c-b027-8df951b860c2","sessionId":1680278654218,"optOut":false}
.paypal.com/	1970-01-20 10:44:40	Name: l7_az Value: dcg13.slc
.paypal.com/	1970-01-20 20:20:38	Name: ts_c Value: vr%3D38698fa51870ad04c50f4077fabd08d0%26vt%3D38698fa51870ad04c50f4077fabd08cf
.paypal.com/	1970-01-20 20:20:38	Name: ts Value: vreXpYrS%3D1774973056%26vteXpYrS%3D1680280456%26vr%3D38698fa51870ad04c50f4077fabd08d0%26vt%3D38698fa51870ad04c50f4077fabd08cf%26vtyp%3Dnew
.paypal.com/	1970-01-20 19:30:14	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1970-01-20 10:45:10	Name: LANG Value: de_DE%3BDE
.c.paypal.com/	1970-01-20 20:20:38	Name: sc_f Value: IeEtDQll-Vw7K1NfWbjWoU0V_4Oz5e_OGNdT1gnPpbF8skHo9r0tBPGDS7m44NaBNcbUn0LY5z9aH9lvY9fsqVRSrPweiHUlCoER2G
.paypal.com/	1970-01-20 20:20:38	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: _QP5FroqUCGy6294pNgXo-sTqlzQEJw9wgC31AEavG73wzz-aQlkhajMNy_kVJrqG9q1Q6QdFxAnjB-I
.paypal.com/	1970-01-20 10:48:57	Name: tsrce Value: targetingnodeweb
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3A2s3HWL6YX__icF5QSfvTsh_mz5-86ZKV.hus6Sy8ef%2FpR12%2FSYar05f1qAUPFM1wqEC8DLGs%2Fu%2BM
.paypalobjects.com/	1970-01-20 10:46:05	Name: paypal-offers--cust Value: null:null:null
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY4MDI3ODY1NjQ4OSIsImwiOiIwIiwibSI6IjAifQ

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=604800

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.gorgias.chat
b.stats.paypal.com
c.paypal.com
c6.paypal.com
cdn.jsdelivr.net
code.jquery.com
config.gorgias.chat
dub.stats.paypal.com
fonts.googleapis.com
fonts.gstatic.com
laptop-payments.endlessos.org
region1.google-analytics.com
static.wixstatic.com
t.paypal.com
www.googletagmanager.com
www.paypal.com
www.paypalobjects.com
151.101.193.21
151.101.194.132
151.101.65.35
192.229.221.25
2001:4860:4802:34::36
2001:4de0:ac18::1:a:2a
2606:4700::6810:5714
2606:4700::6812:135f
2a00:1450:4001:801::2003
2a00:1450:4001:808::200a
2a00:1450:4001:82f::2008
34.102.176.152
64.4.245.84
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
0d2990f81d698181eeb17af6f7272c33afb3d5d1c2af61cbdf1607fcb82e8c8e
18b07879f4f97e00413d9094af892405982f8fddb54cfa9eb8934f07ec3cfa8c
1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
29971c6124da625e584ea8124208c5f1b5e31520645a35ffd3ef54784a0b9755
2cd81e79f6ee2c45d9fadfde33d66aeea762136c8e01d27919f7732b1cc38c43
2e6669d1c1e29a11560a2ea9bc78f0b0c75776c8af7cca699e6275f4d87c233f
2ea89dedd0598226efbcf52c17f26fd1f5d4a8bf05243297759cd1f6c7e0ec4f
34e0e44a97ac1a2301df2cb5e23588d6a8c98ab3492d0f009489659a388e7f85
3e5f7150fafaaa6ee434513da7ec988a7883b1b4d71ee08de5b23576e5c6ebef
426fa5f714a873b688a267078dec37f7b05a80e0a462505a92ccba78540e8829
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
600242141879c14c058dfd0245202d184ed76a1b81c72e2233ab022e2d508992
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
728b36c76c281fa4eb550f9a8aece19b7658851630ddae8f1270b9dffccaeef0
7dc5400bb43079b9db752eec0944f9966e94c56a6af4a014ca05f7437b5ab212
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
8ae7f6b594f98002fea2c5fd7195635437851db5b0ca6e0df585321650f19f13
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
b3a3eaf1f5debd1751276a5de8754e9c0914598e9b7276a40988f2587ef9b9bd
b7cb85653649d42a266ed2324a1ad7178d965b30d9516225da813e615ccbc3fb
b8f6de98e9dfdcfe1e69e2c779b2f03c2ef56116eedd6341bcee226d87819c6b
bc36e175fef6cf8e701fa63a62f49720172953a6f7d539a7f34c7769dc701468
c6956e8710cf477f7014440385ae16ee4b8cc7ecfd02fddd4d2f0c6c7fd15845
ca00e9050ed6adef62cc61def53f61c9e985afa226c8230d4113e2beb89e10e3
d3e60e9eaea453163bc0553d589af33420e755e6ec6ba307e7d32816922b2573
dcc49c76e2faccba32a3f6c2c419e8f6724a46f2ccd16c822be0bae10268294b
e064b588ddfa22ce35b01637af7db1b06dff5f6257874e2dbcf9478d44c15250
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db
f307f00d628309d24e16f4c392a0c5ea81d196f38d65d8c97078783e9c4f1e0a
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fe0227691745e45110e94bb14df412753f944d9097048142afeb9af30e2da768

laptop-payments.endlessos.org Open in urlscan Pro 151.101.194.132 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

50 Requests

92 %HTTPS

54 %IPv6

11 Domains

17 Subdomains

14 IPs

3 Countries

1109 kBTransfer

2718 kBSize

14 Cookies

0 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

laptop-payments.endlessos.org Open in urlscan Pro
151.101.194.132 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

92 %
HTTPS

54 %
IPv6

11
Domains

17
Subdomains

14
IPs

3
Countries

1109 kB
Transfer

2718 kB
Size

14
Cookies

50 HTTP transactions
-1 data transactions