URL: https://www.tssperformance.com/payment/index.php?produit=3701146
Submission: On February 03 via manual from FR

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 31 HTTP transactions. The main IP is 2606:4700:3033::681b:8672, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.tssperformance.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on November 11th 2019. Valid for: a year.
This is the only time www.tssperformance.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 4 2606:4700:303... 13335 (CLOUDFLAR...)
2 77.104.163.36 32475 (SINGLEHOP...)
1 151.101.114.133 54113 (FASTLY)
2 141.226.142.181 394213 (BLUESNAP-AS)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 23.210.248.226 16625 (AKAMAI-AS)
4 4 107.162.161.151 55002 (DEFENSE-NET)
4 52.37.61.134 16509 (AMAZON-02)
6 141.226.140.63 394213 (BLUESNAP-AS)
31 11
Domain Requested by
6 www1.bluesnap.com ws.bluesnap.com
5 www.paypal.com www.paypalobjects.com
www.tssperformance.com
4 tst.kaptcha.com ws.bluesnap.com
www.tssperformance.com
4 sandbox.bluesnap.com 4 redirects
4 www.tssperformance.com 2 redirects www.tssperformance.com
2 t.paypal.com www.tssperformance.com
2 stackpath.bootstrapcdn.com www.tssperformance.com
2 code.jquery.com www.tssperformance.com
2 cdnjs.cloudflare.com www.tssperformance.com
2 ws.bluesnap.com www.tssperformance.com
2 tssperformance.com www.tssperformance.com
1 files.readme.io www.tssperformance.com
1 www.paypalobjects.com www.tssperformance.com
31 13

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2019-11-11 -
2020-10-09
a year crt.sh
*.tssperformance.com
AlphaSSL CA - SHA256 - G2
2019-09-08 -
2020-09-08
a year crt.sh
www.paypalobjects.com
DigiCert SHA2 Extended Validation Server CA
2019-12-09 -
2021-12-13
2 years crt.sh
*.bluesnap.com
COMODO RSA Organization Validation Secure Server CA
2016-12-01 -
2020-02-29
3 years crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2
2020-01-07 -
2020-10-09
9 months crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA
2018-10-17 -
2020-10-16
2 years crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA
2019-09-14 -
2020-10-13
a year crt.sh
ssl453070.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-09-17 -
2020-03-25
6 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA
2019-09-10 -
2020-08-18
a year crt.sh
tst.kaptcha.com
RapidSSL RSA CA 2018
2018-02-06 -
2021-05-06
3 years crt.sh

This page contains 11 frames:

Primary Page: https://www.tssperformance.com/payment/index.php?produit=3701146
Frame ID: 66FC63F6B4E96FD941E4E004ACB51BDF
Requests: 22 HTTP requests in this frame

Frame: https://www.paypal.com/smart/button?env=production&style.label=buynow&style.fundingicons=true&style.branding=true&commit=true&domain=www.tssperformance.com&sessionID=b06b8c5327_mdg6mju6mdu&buttonSessionID=ae56077d44_mdg6mju6mdu&funding.disallowed=venmo&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ%3D%3D&uid=72a647c90f&version=4&xcomponent=1
Frame ID: 2E588609068D7B09A6B08B244CA9E359
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 2FDFF03256B247574F3378A69D7DF4DF
Requests: 6 HTTP requests in this frame

Frame: https://tst.kaptcha.com/logo.htm?m=700000&s=20d8076f2b3017414047ea1a3f42833b
Frame ID: 530ABD82CD368CDC406E13EFB2026514
Requests: 1 HTTP requests in this frame

Frame: https://www1.bluesnap.com/web-sdk/4.1.1/hpfCcnInput.html
Frame ID: B05466361F844E9A1B93F31A291C763A
Requests: 1 HTTP requests in this frame

Frame: https://www1.bluesnap.com/web-sdk/4.1.1/hpfCvvInput.html
Frame ID: 1E083FA487CF3D5B5489A499A4B844D3
Requests: 1 HTTP requests in this frame

Frame: https://www1.bluesnap.com/web-sdk/4.1.1/hpfExpInput.html
Frame ID: 7BF242571741CDC6526019A4B507DFE0
Requests: 1 HTTP requests in this frame

Frame: https://tst.kaptcha.com/logo.htm?m=700000&s=f6ad9b31f2643e26a2ae797db47ae317
Frame ID: 56FDFF93876F2D9A543D176906037722
Requests: 1 HTTP requests in this frame

Frame: https://www1.bluesnap.com/web-sdk/4.1.1/hpfCcnInput.html
Frame ID: 3D92C3AFF035688EFA9FD94EC79648B3
Requests: 1 HTTP requests in this frame

Frame: https://www1.bluesnap.com/web-sdk/4.1.1/hpfCvvInput.html
Frame ID: 1AFCEB979FB40B86778412A6278A7B4E
Requests: 1 HTTP requests in this frame

Frame: https://www1.bluesnap.com/web-sdk/4.1.1/hpfExpInput.html
Frame ID: 5787CCC1F754DE0395BF8600DC47FA5D
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

31
Requests

100 %
HTTPS

36 %
IPv6

9
Domains

13
Subdomains

11
IPs

3
Countries

770 kB
Transfer

2623 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.tssperformance.com/js/lib/dummy.js HTTP 301
  • https://tssperformance.com/js/lib/dummy.js
Request Chain 3
  • https://www.tssperformance.com/css/result-light.css HTTP 301
  • https://tssperformance.com/css/result-light.css
Request Chain 21
  • https://sandbox.bluesnap.com/servlet/logo.htm?s=20d8076f2b3017414047ea1a3f42833b HTTP 302
  • https://tst.kaptcha.com/logo.htm?m=700000&s=20d8076f2b3017414047ea1a3f42833b
Request Chain 25
  • https://sandbox.bluesnap.com/servlet/logo.gif?s=20d8076f2b3017414047ea1a3f42833b HTTP 302
  • https://tst.kaptcha.com/logo.htm?m=700000&s=20d8076f2b3017414047ea1a3f42833b
Request Chain 31
  • https://sandbox.bluesnap.com/servlet/logo.htm?s=f6ad9b31f2643e26a2ae797db47ae317 HTTP 302
  • https://tst.kaptcha.com/logo.htm?m=700000&s=f6ad9b31f2643e26a2ae797db47ae317
Request Chain 35
  • https://sandbox.bluesnap.com/servlet/logo.gif?s=f6ad9b31f2643e26a2ae797db47ae317 HTTP 302
  • https://tst.kaptcha.com/logo.htm?m=700000&s=f6ad9b31f2643e26a2ae797db47ae317

31 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request index.php
www.tssperformance.com/payment/
55 KB
8 KB
Document
General
Full URL
https://www.tssperformance.com/payment/index.php?produit=3701146
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681b:8672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c63de8ce05e3f3e2023b67d149336302cdc318ab1b40ff1b4adcd049c9c49ad1

Request headers

:method
GET
:authority
www.tssperformance.com
:scheme
https
:path
/payment/index.php?produit=3701146
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
date
Mon, 03 Feb 2020 08:25:03 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d077f9b055a6dfbc13386a37dde8d195d1580718302; expires=Wed, 04-Mar-20 08:25:02 GMT; path=/; domain=.tssperformance.com; HttpOnly; SameSite=Lax
vary
Accept-Encoding
cache-control
max-age=0
expires
Mon, 03 Feb 2020 08:25:02 GMT
x-proxy-cache
MISS
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
55f3030beaa0d705-FRA
content-encoding
br
dummy.js
tssperformance.com/js/lib/
Redirect Chain
  • https://www.tssperformance.com/js/lib/dummy.js
  • https://tssperformance.com/js/lib/dummy.js
0
0
Script
General
Full URL
https://tssperformance.com/js/lib/dummy.js
Requested by
Host: www.tssperformance.com
URL: https://www.tssperformance.com/payment/index.php?produit=3701146
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.163.36 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
c24214.sgvps.net
Software
/
Resource Hash

Request headers

Referer
https://www.tssperformance.com/payment/index.php?produit=3701146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Mon, 03 Feb 2020 08:25:04 GMT
cf-cache-status
BYPASS
server
cloudflare
location
https://tssperformance.com/js/lib/dummy.js
x-redirect-by
WordPress
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
301
cache-control
no-cache, must-revalidate, max-age=0
cf-ray
55f3031458fed705-FRA
x-proxy-cache
MISS
expires
Wed, 11 Jan 1984 05:00:00 GMT
checkout.js
www.paypalobjects.com/api/
2 MB
427 KB
Script
General
Full URL
https://www.paypalobjects.com/api/checkout.js
Requested by
Host: www.tssperformance.com
URL: https://www.tssperformance.com/payment/index.php?produit=3701146
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
f9f48fc664b76a35ef88d9f596055a6c007286791c34c003c4bac42bbae9996b
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://www.tssperformance.com/payment/index.php?produit=3701146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 03 Feb 2020 08:25:03 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
1395479
x-cache
HIT, HIT
status
200
x-cache-hits
1, 257648
strict-transport-security
max-age=31557600
content-encoding
br
x-served-by
cache-sjc10033-SJC, cache-hhn4040-HHN
last-modified
Wed, 08 Jan 2020 22:53:37 GMT
server
Apache
x-timer
S1580718304.624344,VS0,VE0
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
none
expires
Tue, 04 Feb 2020 08:25:03 GMT
bluesnap.js
ws.bluesnap.com/web-sdk/4/
153 KB
43 KB
Script
General
Full URL
https://ws.bluesnap.com/web-sdk/4/bluesnap.js
Requested by
Host: www.tssperformance.com
URL: https://www.tssperformance.com/payment/index.php?produit=3701146
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.226.142.181 , United States, ASN394213 (BLUESNAP-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
d859eb43f5c0bfcbdd61ec02f50cc6c8607bf143985e528efde8661f36e8bdc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://www.tssperformance.com/payment/index.php?produit=3701146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 08:25:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Dec 2019 09:03:33 GMT
Server
Apache
ETag
"2629e-59a97a6dcc194-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=80
Content-Length
43530
result-light.css
tssperformance.com/css/
Redirect Chain
  • https://www.tssperformance.com/css/result-light.css
  • https://tssperformance.com/css/result-light.css
0
0
Stylesheet
General
Full URL
https://tssperformance.com/css/result-light.css
Requested by
Host: www.tssperformance.com
URL: https://www.tssperformance.com/payment/index.php?produit=3701146
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.104.163.36 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
c24214.sgvps.net
Software
/
Resource Hash

Request headers

Referer
https://www.tssperformance.com/payment/index.php?produit=3701146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Mon, 03 Feb 2020 08:25:04 GMT
cf-cache-status
BYPASS
server
cloudflare
location
https://tssperformance.com/css/result-light.css
x-redirect-by
WordPress
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
301
cache-control
no-cache, must-revalidate, max-age=0
cf-ray
55f3031458ffd705-FRA
x-proxy-cache
MISS
expires
Wed, 11 Jan 1984 05:00:00 GMT
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/css/
152 KB
21 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/css/bootstrap.min.css
Requested by
Host: www.tssperformance.com
URL: https://www.tssperformance.com/payment/index.php?produit=3701146
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.tssperformance.com/payment/index.php?produit=3701146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 03 Feb 2020 08:25:03 GMT
content-encoding
br
cf-cache-status
HIT
age
25352230
cf-ray
55f303146d2a6485-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Fri, 15 Feb 2019 18:45:50 GMT
server
cloudflare
etag
W/"5c6708de-2606e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Sat, 23 Jan 2021 08:25:03 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.081
jquery-3.3.1.slim.min.js
code.jquery.com/
68 KB
24 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by
Host: www.tssperformance.com
URL: https://www.tssperformance.com/payment/index.php?produit=3701146
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

Referer
https://www.tssperformance.com/payment/index.php?produit=3701146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 08:25:03 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 Jan 2018 17:26:44 GMT
Server
nginx
ETag
W/"5a637bd4-1111d"
Vary
Accept-Encoding
X-HW
1580718303.dop132.fr8.t,1580718303.cds062.fr8.shn,1580718303.cds062.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
24038
bootstrap.bundle.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/js/
77 KB
21 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/js/bootstrap.bundle.min.js
Requested by
Host: www.tssperformance.com
URL: https://www.tssperformance.com/payment/index.php?produit=3701146
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://www.tssperformance.com/payment/index.php?produit=3701146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 03 Feb 2020 08:25:03 GMT
content-encoding
br
cf-cache-status
HIT
age
22745045
cf-ray
55f303146d2c6485-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Fri, 15 Feb 2019 18:45:53 GMT
server
cloudflare
etag
W/"5c6708e1-1332b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 23 Jan 2021 08:25:03 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.002
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.tssperformance.com
URL: https://www.tssperformance.com/payment/index.php?produit=3701146
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
https://www.tssperformance.com/payment/index.php?produit=3701146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 03 Feb 2020 08:25:03 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
access-control-allow-origin
*
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
7050
bluesnap.js
ws.bluesnap.com/web-sdk/4.1.1/
141 KB
41 KB
Script
General
Full URL
https://ws.bluesnap.com/web-sdk/4.1.1/bluesnap.js
Requested by
Host: www.tssperformance.com
URL: https://www.tssperformance.com/payment/index.php?produit=3701146
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.226.142.181 , United States, ASN394213 (BLUESNAP-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
7ced77f8b839ec819f8641b2e5ebf7c22db3571594ed7556637a44799bac148e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Referer
https://www.tssperformance.com/payment/index.php?produit=3701146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 08:25:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Nov 2019 12:45:24 GMT
Server
Apache
ETag
"235fa-59739bd129960-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=80
Content-Length
41260
tss.png
www.tssperformance.com/payment/
12 KB
12 KB
Image
General
Full URL
https://www.tssperformance.com/payment/tss.png
Requested by
Host: www.tssperformance.com
URL: https://www.tssperformance.com/payment/index.php?produit=3701146
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681b:8672 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fbcc9961e1b8db0ed6bf84f0a40c6f9e7a7ab9aeefd5534c79d7093a3d7822d

Request headers

Referer
https://www.tssperformance.com/payment/index.php?produit=3701146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 03 Feb 2020 08:25:03 GMT
cf-cache-status
MISS
last-modified
Sun, 08 Sep 2019 15:36:47 GMT
server
cloudflare
etag
"3136-5920c706d6ace"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=2592000
x-proxy-cache
HIT
accept-ranges
bytes
cf-ray
55f303145900d705-FRA
content-length
12598
expires
Wed, 04 Mar 2020 08:25:03 GMT
d1a25b4-generic-card.png
files.readme.io/
840 B
1 KB
Image
General
Full URL
https://files.readme.io/d1a25b4-generic-card.png
Requested by
Host: www.tssperformance.com
URL: https://www.tssperformance.com/payment/index.php?produit=3701146
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:cc0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
026738fe3fdc08c00ade8228365f1e86e5c17d59d01235f351123a754b05cab8

Request headers

Referer
https://www.tssperformance.com/payment/index.php?produit=3701146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 03 Feb 2020 08:25:03 GMT
cf-cache-status
HIT
age
3149
status
200
content-type
application/octet-stream
content-length
840
x-amz-id-2
LOoUfOOWXx+dic6SBLL0XUvYmNldcNF5dxFjj/uuOTCcEE9e+WH/tvXKLj0pn6rbZMf9aABZ7kg=
last-modified
Mon, 22 Aug 2016 12:43:09 GMT
server
cloudflare
etag
"7acac21eeb66c814b726c718480d16c1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
3FF5D32749C3F158
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
55f30314a853d6e5-FRA
expires
Mon, 03 Feb 2020 12:25:03 GMT
jquery-2.2.4.js
code.jquery.com/
252 KB
75 KB
Script
General
Full URL
https://code.jquery.com/jquery-2.2.4.js
Requested by
Host: www.tssperformance.com
URL: https://www.tssperformance.com/payment/index.php?produit=3701146
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2

Request headers

Referer
https://www.tssperformance.com/payment/index.php?produit=3701146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 08:25:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 May 2016 17:24:41 GMT
Server
nginx
ETag
W/"573f4859-3ee0f"
Vary
Accept-Encoding
X-HW
1580718303.dop132.fr8.t,1580718303.cds062.fr8.shn,1580718303.dop132.fr8.t,1580718303.cds017.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
76245
pptm.js
www.paypal.com/tagmanager/
12 KB
6 KB
Script
General
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=www.tssperformance.com&source=checkoutjs&t=xo&v=4.0.309
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.210.248.226 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-226.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
85c7bf1c8bde86fff6851b90bf667a013072a5ed57f2942e44625aceb19c07ce
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-YtGXsBWGteQinyY4zOnooVCtkDb9EwMa6kb3YBclELR5R9ED' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tssperformance.com/payment/index.php?produit=3701146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
207
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-YtGXsBWGteQinyY4zOnooVCtkDb9EwMa6kb3YBclELR5R9ED' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
x-edgeconnect-midmile-rtt
0
status
200
paypal-debug-id
15692eb9223f3
strict-transport-security
max-age=63072000
dc
phx-origin-www-1.paypal.com
content-length
4435
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
date
Mon, 03 Feb 2020 08:25:05 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
etag
W/"3135-G8364tMjFUrQFeyfDyyJH30wPA0"
fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.tssperformance.com
URL: https://www.tssperformance.com/payment/index.php?produit=3701146
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://www.tssperformance.com

Response headers

date
Mon, 03 Feb 2020 08:25:05 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:36:18 GMT
access-control-allow-origin
*
etag
"1544639778"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
77171
button
www.paypal.com/smart/ Frame 2E58
0
0
Document
General
Full URL
https://www.paypal.com/smart/button?env=production&style.label=buynow&style.fundingicons=true&style.branding=true&commit=true&domain=www.tssperformance.com&sessionID=b06b8c5327_mdg6mju6mdu&buttonSessionID=ae56077d44_mdg6mju6mdu&funding.disallowed=venmo&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ%3D%3D&uid=72a647c90f&version=4&xcomponent=1
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.210.248.226 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-226.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com http://127.0.0.1:*; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.paypal.com
:scheme
https
:path
/smart/button?env=production&style.label=buynow&style.fundingicons=true&style.branding=true&commit=true&domain=www.tssperformance.com&sessionID=b06b8c5327_mdg6mju6mdu&buttonSessionID=ae56077d44_mdg6mju6mdu&funding.disallowed=venmo&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ%3D%3D&uid=72a647c90f&version=4&xcomponent=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.tssperformance.com/payment/index.php?produit=3701146
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.tssperformance.com/payment/index.php?produit=3701146

Response headers

status
200
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-security-policy
form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com http://127.0.0.1:*; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
p3p
true
paypal-debug-id
ee70ce15b450
x-content-type-options
nosniff
x-csrf-jwt
__blank__
x-xss-protection
1; mode=block
dc
phx-origin-www-2.paypal.com
content-length
23592
x-edgeconnect-midmile-rtt
147
x-edgeconnect-origin-mex-latency
163
date
Mon, 03 Feb 2020 08:25:05 GMT
vary
Accept-Encoding
set-cookie
LANG=en_US%3BUS; Path=/; Domain=paypal.com; Expires=Mon, 03 Feb 2020 17:11:01 GMT; HttpOnly; Secure; SameSite=None tsrce=smartcomponentnodeweb; Path=/; Domain=paypal.com; Expires=Thu, 06 Feb 2020 08:25:05 GMT; HttpOnly; Secure; SameSite=None ts=vr%3D0a2731741700a951167e8cc4fff7151e%26vreXpYrS%3D1675389082%26vteXpYrS%3D1580720105%26vt%3D0a2731781700a951167e8cc4fff7151d; Path=/; Domain=paypal.com; Expires=Fri, 03 Feb 2023 01:51:22 GMT; HttpOnly; Secure; SameSite=None X-PP-SILOVER=name%3DLIVE3.WEB.1%26silo_version%3D880%26app%3Dsmartcomponentnodeweb%26TIME%3D1580718305%26HTTP_X_PP_AZ_LOCATOR%3Ddcg12.slc; Path=/; Domain=paypal.com; Expires=Mon, 03 Feb 2020 08:55:05 GMT; HttpOnly; Secure; SameSite=None X-PP-L7=1; Path=/; Domain=paypal.com; Secure; SameSite=None akavpau_ppsd=1580718905~id=083e45cf05bdbc15b0980c29435bf17e; Domain=www.paypal.com; Path=/; HttpOnly; Secure; SameSite=None
strict-transport-security
max-age=63072000
truncated
/ Frame 2FDF
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
adf9b3c556710fac2e0f2ecf748a1f82afd023d7957336ef228db33f1deb83d3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2FDF
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb91dfcb049d42c6a9b5b9798498ced5f618b7a5838c15468da7fe38745d4378

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2FDF
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2d9e89921e539c095dbc100d8ba65ea7ac895a4c787a309b0173da830bee877

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2FDF
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d210e660c0522873895c55112efd3d0520e2a13beb505981a3fb9b33e4bf1c7e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2FDF
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e7f00ab7d1f213d73f1a02133d2e6fb49a6f600d069e8d0aa5c3588a5b26ffb6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2FDF
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
683a97afeed074b30133b8dcd92282469544a8c6512c3ccdeee81d9a34c1274d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
Cookie set logo.htm
tst.kaptcha.com/ Frame 530A
Redirect Chain
  • https://sandbox.bluesnap.com/servlet/logo.htm?s=20d8076f2b3017414047ea1a3f42833b
  • https://tst.kaptcha.com/logo.htm?m=700000&s=20d8076f2b3017414047ea1a3f42833b
0
0
Document
General
Full URL
https://tst.kaptcha.com/logo.htm?m=700000&s=20d8076f2b3017414047ea1a3f42833b
Requested by
Host: ws.bluesnap.com
URL: https://ws.bluesnap.com/web-sdk/4.1.1/bluesnap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.37.61.134 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-61-134.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Host
tst.kaptcha.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.tssperformance.com/payment/index.php?produit=3701146
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.tssperformance.com/payment/index.php?produit=3701146

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache no-store must-revalidate private
Content-Type
text/html
Expires
0
Pragma
no-cache
Set-Cookie
k=485cecf8c62a4aff9461ec146b4d7a6f; Path=/; Expires=Sun, 03 May 2020 08:25:07 GMT
Date
Mon, 03 Feb 2020 08:25:07 GMT
Transfer-Encoding
chunked

Redirect headers

Date
Mon, 03 Feb 2020 08:25:06 GMT
Set-Cookie
JSESSIONID=29D57B111D3F20DAFBA84780196D8C76; Path=/; Secure; HttpOnly TS017057c4=018b1f380b62380603ef8af3ec96d4b92e7f10d76a5eb3b65f85769d300c2fa4ef419055539f0687a18c6ecd87baa9f826f8970dfdb8985410793e13b908f2ede02e7a5945; Path=/
Location
https://tst.kaptcha.com/logo.htm?m=700000&s=20d8076f2b3017414047ea1a3f42833b
Content-Length
0
Keep-Alive
timeout=2, max=80
Connection
Keep-Alive
Content-Type
text/html
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Via
1.1 fra1-bit24
hpfCcnInput.html
www1.bluesnap.com/web-sdk/4.1.1/ Frame B054
0
0
Document
General
Full URL
https://www1.bluesnap.com/web-sdk/4.1.1/hpfCcnInput.html
Requested by
Host: ws.bluesnap.com
URL: https://ws.bluesnap.com/web-sdk/4.1.1/bluesnap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.226.140.63 , United States, ASN394213 (BLUESNAP-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Host
www1.bluesnap.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.tssperformance.com/payment/index.php?produit=3701146
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.tssperformance.com/payment/index.php?produit=3701146

Response headers

Date
Mon, 03 Feb 2020 08:25:06 GMT
Server
Apache
Last-Modified
Wed, 16 Oct 2019 11:45:30 GMT
ETag
"23b-59505a347e88f"
Accept-Ranges
bytes
Content-Length
571
Keep-Alive
timeout=2, max=80
Connection
Keep-Alive
Content-Type
text/html
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
hpfCvvInput.html
www1.bluesnap.com/web-sdk/4.1.1/ Frame 1E08
0
0
Document
General
Full URL
https://www1.bluesnap.com/web-sdk/4.1.1/hpfCvvInput.html
Requested by
Host: ws.bluesnap.com
URL: https://ws.bluesnap.com/web-sdk/4.1.1/bluesnap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.226.140.63 , United States, ASN394213 (BLUESNAP-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Host
www1.bluesnap.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.tssperformance.com/payment/index.php?produit=3701146
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.tssperformance.com/payment/index.php?produit=3701146

Response headers

Date
Mon, 03 Feb 2020 08:25:06 GMT
Server
Apache
Last-Modified
Wed, 16 Oct 2019 11:45:30 GMT
ETag
"235-59505a348f61d"
Accept-Ranges
bytes
Content-Length
565
Keep-Alive
timeout=2, max=80
Connection
Keep-Alive
Content-Type
text/html
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
hpfExpInput.html
www1.bluesnap.com/web-sdk/4.1.1/ Frame 7BF2
0
0
Document
General
Full URL
https://www1.bluesnap.com/web-sdk/4.1.1/hpfExpInput.html
Requested by
Host: ws.bluesnap.com
URL: https://ws.bluesnap.com/web-sdk/4.1.1/bluesnap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.226.140.63 , United States, ASN394213 (BLUESNAP-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Host
www1.bluesnap.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.tssperformance.com/payment/index.php?produit=3701146
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.tssperformance.com/payment/index.php?produit=3701146

Response headers

Date
Mon, 03 Feb 2020 08:25:06 GMT
Server
Apache
Last-Modified
Wed, 16 Oct 2019 11:45:30 GMT
ETag
"23b-59505a349d0e2"
Accept-Ranges
bytes
Content-Length
571
Keep-Alive
timeout=2, max=80
Connection
Keep-Alive
Content-Type
text/html
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
logo.htm
tst.kaptcha.com/
Redirect Chain
  • https://sandbox.bluesnap.com/servlet/logo.gif?s=20d8076f2b3017414047ea1a3f42833b
  • https://tst.kaptcha.com/logo.htm?m=700000&s=20d8076f2b3017414047ea1a3f42833b
0
0
Image
General
Full URL
https://tst.kaptcha.com/logo.htm?m=700000&s=20d8076f2b3017414047ea1a3f42833b
Requested by
Host: www.tssperformance.com
URL: https://www.tssperformance.com/payment/index.php?produit=3701146
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.37.61.134 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-61-134.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tssperformance.com/payment/index.php?produit=3701146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
*

Redirect headers

Date
Mon, 03 Feb 2020 08:25:06 GMT
Via
1.1 fra1-bit24
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Type
image/gif
Location
https://tst.kaptcha.com/logo.htm?m=700000&s=20d8076f2b3017414047ea1a3f42833b
Connection
Keep-Alive
Keep-Alive
timeout=2, max=80
Content-Length
0
logger
www.paypal.com/xoplatform/logger/api/
2 B
1 KB
XHR
General
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.210.248.226 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-226.deploy.static.akamaitechnologies.com
Software
/ Express
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

Access-Control-Request-Method
POST
Origin
https://www.tssperformance.com
Referer
https://www.tssperformance.com/payment/index.php?produit=3701146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Access-Control-Request-Headers
content-type,x-app-name,x-requested-with

Response headers

x-edgeconnect-origin-mex-latency
29
date
Mon, 03 Feb 2020 08:25:05 GMT
x-content-type-options
nosniff
x-edgeconnect-midmile-rtt
143
x-powered-by
Express
status
200
paypal-debug-id
d82d71680b99d
dc
phx-origin-www-2.paypal.com
content-length
2
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
strict-transport-security
max-age=63072000
access-control-allow-methods
POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.tssperformance.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-headers
content-type,x-app-name,x-requested-with
ts
t.paypal.com/
42 B
583 B
Image
General
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=VERMEIL%20Mensuel&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1580718305806&g=-60&completeurl=https%3A%2F%2Fwww.tssperformance.com%2Fpayment%2Findex.php%3Fproduit%3D3701146&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Requested by
Host: www.tssperformance.com
URL: https://www.tssperformance.com/payment/index.php?produit=3701146
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.210.248.226 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-226.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.7 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://www.tssperformance.com/payment/index.php?produit=3701146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Feb 2020 08:25:06 GMT
server
akka-http/10.1.7
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
status
200
http_x_pp_az_locator
slcb.slc
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
42
expires
Mon, 03 Feb 2020 08:25:06 GMT
pptm.js
www.paypal.com/tagmanager/
12 KB
6 KB
Script
General
Full URL
https://www.paypal.com/tagmanager/pptm.js?client_id=Afy2YLB1Bs-5rVJCri7fSMzGpzxQJXwoVfpzfBDqUwnqYi_V8vjIom-d39X4m8jYmP4qhdZy-q_Tcs1D&id=www.tssperformance.com&source=checkoutjs&t=xo&v=4.0.309
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.210.248.226 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-226.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
85c7bf1c8bde86fff6851b90bf667a013072a5ed57f2942e44625aceb19c07ce
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-yc3WY5xLoSJI/OjGIwDXeQ9HiT8QOU9PD30PK3OorRsr0/kE' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tssperformance.com/payment/index.php?produit=3701146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
520
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-yc3WY5xLoSJI/OjGIwDXeQ9HiT8QOU9PD30PK3OorRsr0/kE' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
x-edgeconnect-midmile-rtt
0
status
200
paypal-debug-id
143a0944ff0a3
strict-transport-security
max-age=63072000
dc
phx-origin-www-1.paypal.com
content-length
4435
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
date
Mon, 03 Feb 2020 08:25:06 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
etag
W/"3135-G8364tMjFUrQFeyfDyyJH30wPA0"
logger
www.paypal.com/xoplatform/logger/api/
2 B
992 B
XHR
General
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.tssperformance.com
URL: https://www.tssperformance.com/payment/index.php?produit=3701146
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.210.248.226 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-226.deploy.static.akamaitechnologies.com
Software
/ Express
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff

Request headers

x-app-name
checkoutjs
Referer
https://www.tssperformance.com/payment/index.php?produit=3701146
Origin
https://www.tssperformance.com
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-type
application/json

Response headers

x-edgeconnect-origin-mex-latency
47
date
Mon, 03 Feb 2020 08:25:06 GMT
x-content-type-options
nosniff
status
200
x-powered-by
Express
strict-transport-security
max-age=63072000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.tssperformance.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-edgeconnect-midmile-rtt
141
paypal-debug-id
ad711c7617d20
dc
phx-origin-www-2.paypal.com
content-length
2
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
ts
t.paypal.com/
42 B
559 B
Image
General
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=VERMEIL%20Mensuel&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1580718306420&g=-60&completeurl=https%3A%2F%2Fwww.tssperformance.com%2Fpayment%2Findex.php%3Fproduit%3D3701146&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Requested by
Host: www.tssperformance.com
URL: https://www.tssperformance.com/payment/index.php?produit=3701146
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.210.248.226 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-226.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.7 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://www.tssperformance.com/payment/index.php?produit=3701146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Feb 2020 08:25:06 GMT
server
akka-http/10.1.7
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
status
200
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
42
expires
Mon, 03 Feb 2020 08:25:06 GMT
Cookie set logo.htm
tst.kaptcha.com/ Frame 56FD
Redirect Chain
  • https://sandbox.bluesnap.com/servlet/logo.htm?s=f6ad9b31f2643e26a2ae797db47ae317
  • https://tst.kaptcha.com/logo.htm?m=700000&s=f6ad9b31f2643e26a2ae797db47ae317
0
0
Document
General
Full URL
https://tst.kaptcha.com/logo.htm?m=700000&s=f6ad9b31f2643e26a2ae797db47ae317
Requested by
Host: ws.bluesnap.com
URL: https://ws.bluesnap.com/web-sdk/4.1.1/bluesnap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.37.61.134 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-61-134.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Host
tst.kaptcha.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.tssperformance.com/payment/index.php?produit=3701146
Accept-Encoding
gzip, deflate, br
Cookie
k=4d7382fe5dc1486da6d788a96c85fb52
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.tssperformance.com/payment/index.php?produit=3701146

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache no-store must-revalidate private
Content-Type
text/html
Expires
0
Pragma
no-cache
Set-Cookie
k=4d7382fe5dc1486da6d788a96c85fb52; Path=/; Expires=Sun, 03 May 2020 08:25:09 GMT
Date
Mon, 03 Feb 2020 08:25:09 GMT
Transfer-Encoding
chunked

Redirect headers

Date
Mon, 03 Feb 2020 08:25:07 GMT
Location
https://tst.kaptcha.com/logo.htm?m=700000&s=f6ad9b31f2643e26a2ae797db47ae317
Content-Length
0
Keep-Alive
timeout=2, max=79
Connection
Keep-Alive
Content-Type
text/html
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Via
1.1 fra1-bit24
hpfCcnInput.html
www1.bluesnap.com/web-sdk/4.1.1/ Frame 3D92
0
0
Document
General
Full URL
https://www1.bluesnap.com/web-sdk/4.1.1/hpfCcnInput.html
Requested by
Host: ws.bluesnap.com
URL: https://ws.bluesnap.com/web-sdk/4.1.1/bluesnap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.226.140.63 , United States, ASN394213 (BLUESNAP-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Host
www1.bluesnap.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.tssperformance.com/payment/index.php?produit=3701146
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.tssperformance.com/payment/index.php?produit=3701146

Response headers

Date
Mon, 03 Feb 2020 08:25:07 GMT
Server
Apache
Last-Modified
Wed, 16 Oct 2019 11:45:30 GMT
ETag
"23b-59505a347e88f"
Accept-Ranges
bytes
Content-Length
571
Keep-Alive
timeout=2, max=78
Connection
Keep-Alive
Content-Type
text/html
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
hpfCvvInput.html
www1.bluesnap.com/web-sdk/4.1.1/ Frame 1AFC
0
0
Document
General
Full URL
https://www1.bluesnap.com/web-sdk/4.1.1/hpfCvvInput.html
Requested by
Host: ws.bluesnap.com
URL: https://ws.bluesnap.com/web-sdk/4.1.1/bluesnap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.226.140.63 , United States, ASN394213 (BLUESNAP-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Host
www1.bluesnap.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.tssperformance.com/payment/index.php?produit=3701146
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.tssperformance.com/payment/index.php?produit=3701146

Response headers

Date
Mon, 03 Feb 2020 08:25:07 GMT
Server
Apache
Last-Modified
Wed, 16 Oct 2019 11:45:30 GMT
ETag
"235-59505a348f61d"
Accept-Ranges
bytes
Content-Length
565
Keep-Alive
timeout=2, max=77
Connection
Keep-Alive
Content-Type
text/html
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
hpfExpInput.html
www1.bluesnap.com/web-sdk/4.1.1/ Frame 5787
0
0
Document
General
Full URL
https://www1.bluesnap.com/web-sdk/4.1.1/hpfExpInput.html
Requested by
Host: ws.bluesnap.com
URL: https://ws.bluesnap.com/web-sdk/4.1.1/bluesnap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.226.140.63 , United States, ASN394213 (BLUESNAP-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

Host
www1.bluesnap.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://www.tssperformance.com/payment/index.php?produit=3701146
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://www.tssperformance.com/payment/index.php?produit=3701146

Response headers

Date
Mon, 03 Feb 2020 08:25:07 GMT
Server
Apache
Last-Modified
Wed, 16 Oct 2019 11:45:30 GMT
ETag
"23b-59505a349d0e2"
Accept-Ranges
bytes
Content-Length
571
Keep-Alive
timeout=2, max=77
Connection
Keep-Alive
Content-Type
text/html
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
logo.htm
tst.kaptcha.com/
Redirect Chain
  • https://sandbox.bluesnap.com/servlet/logo.gif?s=f6ad9b31f2643e26a2ae797db47ae317
  • https://tst.kaptcha.com/logo.htm?m=700000&s=f6ad9b31f2643e26a2ae797db47ae317
0
0
Image
General
Full URL
https://tst.kaptcha.com/logo.htm?m=700000&s=f6ad9b31f2643e26a2ae797db47ae317
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.37.61.134 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-61-134.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.tssperformance.com/payment/index.php?produit=3701146
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
*

Redirect headers

Date
Mon, 03 Feb 2020 08:25:07 GMT
Via
1.1 fra1-bit24
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Type
image/gif
Location
https://tst.kaptcha.com/logo.htm?m=700000&s=f6ad9b31f2643e26a2ae797db47ae317
Connection
Keep-Alive
Keep-Alive
timeout=2, max=79
Content-Length
0

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| __postRobot__ object| __zoid__ function| onLegacyPaymentAuthorize function| watchForLegacyFallback function| onLegacyFallback string| LOG_LEVEL function| __pptmLoadedWithNoContent object| __paypal_storage__ object| paypal object| PAYPAL object| ppxo object| __core-js_shared__ object| bluesnap function| $ function| jQuery object| bootstrap object| paypalDDL function| changeImpactedElement object| cardUrl object| bsObj function| do_when_clicking_submit_button object| __paypal_global__

10 Cookies

Domain/Path Name / Value
.paypal.com/ Name: X-PP-SILOVER
Value: name%3DLIVE3.WEB.1%26silo_version%3D880%26app%3Dgraphqlnodeweb%26TIME%3D1580718306%26HTTP_X_PP_AZ_LOCATOR%3Ddcg12.slc
.paypal.com/ Name: tsrce
Value: graphqlnodeweb
www.paypal.com/ Name: connect.sid
Value: s%3AZz27Y4Jo7fT4zbhUdD4F0tMOI9VWKiYo.6dO6sER2df4eD5j0w8Utd3AmW06ONSx%2FR8w3v97pPHE
.paypal.com/ Name: ts_c
Value: vr%3D0a2731711700a5a020f5028afffcabfe%26vt%3D0a2731801700a5a020f5028afffcabfd
.www.paypal.com/ Name: akavpau_ppsd
Value: 1580718906~id=91048d4096ba16cf0b1d7967ec70b507
.paypal.com/ Name: X-PP-L7
Value: 1
www.paypal.com/ Name: nsid
Value: s%3AHw8t6UkLXpCQsjCZsgUUDtmE4kN_HhYx.CoUqwruMjVEl17OssMfwfiUCS5yPHdPuAzm4yR4rpV0
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTU4MDcxODMwNjI1MiIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/ Name: ts
Value: vreXpYrS%3D1675412706%26vteXpYrS%3D1580720106%26vr%3D0a2731711700a5a020f5028afffcabfe%26vt%3D0a2731801700a5a020f5028afffcabfd
.paypal.com/ Name: LANG
Value: en_US%3BUS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.jquery.com
files.readme.io
sandbox.bluesnap.com
stackpath.bootstrapcdn.com
t.paypal.com
tssperformance.com
tst.kaptcha.com
ws.bluesnap.com
www.paypal.com
www.paypalobjects.com
www.tssperformance.com
www1.bluesnap.com
107.162.161.151
141.226.140.63
141.226.142.181
151.101.114.133
2001:4de0:ac19::1:b:2a
23.210.248.226
2606:4700:3033::681b:8672
2606:4700::6810:cc0b
2606:4700::6811:4104
52.37.61.134
77.104.163.36
026738fe3fdc08c00ade8228365f1e86e5c17d59d01235f351123a754b05cab8
1fbcc9961e1b8db0ed6bf84f0a40c6f9e7a7ab9aeefd5534c79d7093a3d7822d
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
683a97afeed074b30133b8dcd92282469544a8c6512c3ccdeee81d9a34c1274d
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ced77f8b839ec819f8641b2e5ebf7c22db3571594ed7556637a44799bac148e
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
85c7bf1c8bde86fff6851b90bf667a013072a5ed57f2942e44625aceb19c07ce
893e90f6230962e42231635df650f20544ad22affc3ee396df768eaa6bc5a6a2
adf9b3c556710fac2e0f2ecf748a1f82afd023d7957336ef228db33f1deb83d3
b2d9e89921e539c095dbc100d8ba65ea7ac895a4c787a309b0173da830bee877
c63de8ce05e3f3e2023b67d149336302cdc318ab1b40ff1b4adcd049c9c49ad1
d210e660c0522873895c55112efd3d0520e2a13beb505981a3fb9b33e4bf1c7e
d859eb43f5c0bfcbdd61ec02f50cc6c8607bf143985e528efde8661f36e8bdc9
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f00ab7d1f213d73f1a02133d2e6fb49a6f600d069e8d0aa5c3588a5b26ffb6
f9f48fc664b76a35ef88d9f596055a6c007286791c34c003c4bac42bbae9996b
fb91dfcb049d42c6a9b5b9798498ced5f618b7a5838c15468da7fe38745d4378