citizenask.com Open in urlscan Pro
103.160.204.21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://citizenask.com/
Submission: On February 12 via automatic, source certstream-suspicious (February 12th 2023, 3:25:06 am UTC) — Scanned from DE

Summary HTTP 57 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 57 HTTP transactions. The main IP is 103.160.204.21, located in Hong Kong and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is citizenask.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 12th 2023. Valid for: a year.

This is the only time citizenask.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	103.160.204.21 103.160.204.21	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
27	103.160.204.4 103.160.204.4	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
12	151.101.193.21 151.101.193.21	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	163.181.56.193 163.181.56.193	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
1	103.160.204.10 103.160.204.10	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
57	10

6 103.160.204.21 (Hong Kong)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

citizenask.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 103.160.204.4 (Hong Kong)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

static-theme.cdncloud.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.cdncloud.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.193.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.181.56.193 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

at.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.160.204.10 (Hong Kong)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www.itaboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	cdncloud.top static-theme.cdncloud.top — Cisco Umbrella Rank: 277519 img.cdncloud.top — Cisco Umbrella Rank: 246782	2 MB
14	paypal.com www.paypal.com — Cisco Umbrella Rank: 2470 t.paypal.com — Cisco Umbrella Rank: 3198	268 KB
6	citizenask.com citizenask.com	12 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	156 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	256 B
1	itaboola.com www.itaboola.com — Cisco Umbrella Rank: 456366	378 B
1	alicdn.com at.alicdn.com — Cisco Umbrella Rank: 10369	43 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 917	6 KB
57	8

	Domain	Requested by
21	static-theme.cdncloud.top	citizenask.com static-theme.cdncloud.top
12	www.paypal.com	citizenask.com www.paypal.com
6	img.cdncloud.top	citizenask.com
6	citizenask.com	static-theme.cdncloud.top static.cloudflareinsights.com
3	connect.facebook.net	citizenask.com connect.facebook.net
2	www.facebook.com	citizenask.com
2	t.paypal.com	citizenask.com
1	www.itaboola.com	static-theme.cdncloud.top
1	at.alicdn.com	static-theme.cdncloud.top
1	static.cloudflareinsights.com	citizenask.com
57	10

This site contains no links.

Subject Issuer	Validity	Valid
citizenask.com Cloudflare Inc ECC CA-3	`2023-02-12` - `2024-02-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-30` - `2023-05-30`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-11-10` - `2023-11-10`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-21` - `2023-02-19`	3 months	crt.sh
*.tbcdn.cn GlobalSign Organization Validation CA - SHA256 - G2	`2022-07-22` - `2023-08-06`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://citizenask.com/
Frame ID: 7DA8FAD0CC3C209BE7FBA2289A610A29
Requests: 50 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_rdkwiezrycigrzcyyesuftjrzlasvd&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVY0UnQ0TGJybXhYV2I0Wll3M25mLW5RMHk1NktqTkpMYlZ3d09xWDdRU1g0QWEtWUZyaU94UDdsSklTeXpTX3VuQ2N0aDNPUm5vV3lVazUmY29tcG9uZW50cz1tZXNzYWdlcyIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX3Jka3dpZXpyeWNpZ3J6Y3l5ZXN1ZnRqcnpsYXN2ZCJ9fQ&env=production&scriptUID=uid_rdkwiezrycigrzcyyesuftjrzlasvd&version=1.40.1&integrationType=SDK
Frame ID: 40ABE78640B76D1F3B67EFD0F3A9A75B
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 15F19E7521222DC728F3F8430C3925FC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

shoppttt

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

FingerprintJS (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

fingerprint(\d)?(?:\.min)?\.js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

57
Requests

96 %
HTTPS

33 %
IPv6

8
Domains

10
Subdomains

10
IPs

3
Countries

2547 kB
Transfer

5049 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
citizenask.com/ 46 KB
11 KB 838ms
765ms Document
text/html 103.160.204.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://citizenask.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 103.160.204.21 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 057edddd3ebf849f22da0f39f6ab57880d7ea235cf63bb032e05e6f96d3426eb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 798236cdb9cd35ed-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 12 Feb 2023 03:24:56 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 styles.min.css
static-theme.cdncloud.top/liquid/buyer/public/css/ 318 KB
50 KB 753ms
37ms Stylesheet
text/css 103.160.204.4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-theme.cdncloud.top/liquid/buyer/public/css/styles.min.css?t=20230203163352
Requested by: Host: citizenask.com
URL: https://citizenask.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdd24aba037a21e1db532c692af56c0a35922d4729179d9f5166cab038aafe32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:24:56 GMT
x-amz-version-id: 04AVDw84p7NmAzGw7th9FRNiMN.2qMYV
content-encoding: br
cf-cache-status: HIT
age: 758708
x-amz-request-id: VGVDGTYW67DRPP1V
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: lF6OGgjoNkOSMEIdVTjm1uPw3Xtjt42lJ6pVC6PI+MP1/Ya/LQaxdpLmHSk8q/Otcza1g0hnO94=
last-modified: Fri, 03 Feb 2023 08:31:57 GMT
server: cloudflare
etag: W/"9e9ae5b72cde2f07a036d6c1af762e88"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD, PUT, DELETE
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-max-age: 3600
cf-ray: 798236d70c0739c4-FRA
expires: Sun, 12 Feb 2023 07:24:56 GMT

GET
H2 200 shopify001.comm.min.css
static-theme.cdncloud.top/s/files/public/css/ 36 KB
8 KB 772ms
57ms Stylesheet
text/css 103.160.204.4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-theme.cdncloud.top/s/files/public/css/shopify001.comm.min.css?t=20230203163352
Requested by: Host: citizenask.com
URL: https://citizenask.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cbb42250b714aef4425623057f51fb770a6e800f9a601a7d8e13ede953a9288

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:24:56 GMT
x-amz-version-id: I72lVl0eVaQWNtEmfkgq94nBkrqn3Mg1
content-encoding: br
cf-cache-status: HIT
age: 758471
x-amz-request-id: SY772P44HNZB0SE2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: mAnWXBfx3YF1OjcklsydHSHV4MnVa6+irY7OwE6a6gAoOiXeHic2KzZ0GltIwT64xRjD/makWLI=
last-modified: Fri, 03 Feb 2023 08:31:56 GMT
server: cloudflare
etag: W/"c61f5d8ef2bda8f252bf05b9c2e1fedb"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 798236d70c0939c4-FRA
expires: Sun, 12 Feb 2023 07:24:56 GMT

GET
H2 200 init.js Show response
static-theme.cdncloud.top/liquid/buyer/public/js/ 1 KB
1 KB 750ms
36ms Script
application/javascript 103.160.204.4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-theme.cdncloud.top/liquid/buyer/public/js/init.js
Requested by: Host: citizenask.com
URL: https://citizenask.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b937c77a3a9fda104fa3a1cd772c90bbe7a897251f22986d28f14ffcbf80fade

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:24:56 GMT
x-amz-version-id: CvdTN5.kcMm3QqH_P.ZsSvTJOc5cN9mM
content-encoding: br
cf-cache-status: HIT
age: 949116
x-amz-request-id: 80MTF8PG38M50TVD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: uXiiRN2wBUQ2WZPUbEGWaWV3YNmLXxGSe2UlhplSO3gYEG00AdbDulJwSz5zL2zh/Un4QpdI0rI=
last-modified: Mon, 30 Jan 2023 09:09:48 GMT
cf-bgj: minify
server: cloudflare
etag: W/"4bee4977c2da6cd1e2a55df8b38d45b5"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-max-age: 3600
cf-ray: 798236d70c0a39c4-FRA
expires: Sun, 12 Feb 2023 07:24:56 GMT

GET
H2 200 jquery.js Show response
static-theme.cdncloud.top/liquid/buyer/public/js/plug/ 91 KB
33 KB 753ms
38ms Script
application/javascript 103.160.204.4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-theme.cdncloud.top/liquid/buyer/public/js/plug/jquery.js
Requested by: Host: citizenask.com
URL: https://citizenask.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 998ae34a160741a985581eb3576e47e03f3119d4ae3fa17280090a7f0cfa38b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:24:56 GMT
x-amz-version-id: q5qDTjcBqoijqeidWTnQZd_ssIEaO7lE
content-encoding: br
cf-cache-status: HIT
age: 948829
x-amz-request-id: DD5MSFSD97N74HEH
cf-polished: origSize=93099
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: pw4i0ESitB7Xw/CJC1BhY2yjwTrwUhDaqcA4iTbFwUKzoB8cVHkCqF2/QzYQab33GAl6lDArabg=
last-modified: Mon, 30 Jan 2023 09:09:49 GMT
cf-bgj: minify
server: cloudflare
etag: W/"e3f24f23b859cf718282e3806ed5ce38"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-max-age: 3600
cf-ray: 798236d70c0b39c4-FRA
expires: Sun, 12 Feb 2023 07:24:56 GMT

GET
H3 200 spark-md5.min.js Show response
static-theme.cdncloud.top/liquid/buyer/public/js/plug/ 10 KB
3 KB 38ms
38ms Script
application/javascript 103.160.204.4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-theme.cdncloud.top/liquid/buyer/public/js/plug/spark-md5.min.js
Requested by: Host: citizenask.com
URL: https://citizenask.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d80e84c820cc5587a0ba3c8a20652099ea3fa7fc43944e812e56d449c1d9f1c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:24:57 GMT
x-amz-version-id: IyZzIdGWIsCxOxmdNPw7dEkBPNXd.cVq
content-encoding: br
cf-cache-status: HIT
age: 1794514
x-amz-request-id: ZBTWXARGGVRS9E71
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: HUOR6w7InANd4TiBZJCacqv//CU5LZSlGBUO2SoefEwssKU6uZ+HABNUIfX5re5Pq/auGGeLKog=
last-modified: Thu, 08 Dec 2022 08:38:14 GMT
server: cloudflare
etag: W/"86e75ba615bbdd2ec44f0f15d3ca2e85"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-max-age: 3600
cf-ray: 798236d9e9a82ba8-FRA
expires: Sun, 12 Feb 2023 07:24:57 GMT

GET
H3 200 aliyun-oss-sdk.min.js Show response
static-theme.cdncloud.top/liquid/buyer/public/js/plug/ 509 KB
133 KB 37ms
37ms Script
application/javascript 103.160.204.4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-theme.cdncloud.top/liquid/buyer/public/js/plug/aliyun-oss-sdk.min.js
Requested by: Host: citizenask.com
URL: https://citizenask.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 545691b06c6a4b473f11e7492d15c007c5e3433270283b5a0740200e3a364aeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:24:57 GMT
x-amz-version-id: jaUIPnYE1pCf43cv._mq0jGlaJQtoyQf
content-encoding: br
cf-cache-status: HIT
age: 1794514
x-amz-request-id: ZBTY5C6S3AKJEY08
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: zFh80TIxhqVkLz2i1xJfGDekqrUQw0JtMnzgP2YHCHpXye/sL6kv8ibl7DC4KD6s9e23QS9Sp2o=
last-modified: Thu, 08 Dec 2022 08:38:14 GMT
server: cloudflare
etag: W/"b63771a9fe6f0f6f5bbd43accba92bdc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-max-age: 3600
cf-ray: 798236da29bd2ba8-FRA
expires: Sun, 12 Feb 2023 07:24:57 GMT

GET
H2 200 js Show response
www.paypal.com/sdk/ 314 KB
93 KB 1241ms
1128ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AV4Rt4LbrmxXWb4ZYw3nf-nQ0y56KjNJLbVwwOqX7QSX4Aa-YFriOxP7lJISyzS_unCcth3ORnoWyUk5&merchant-id=7EACDJUSPL62J&currency=USD&disable-funding=bancontact,blik,eps,giropay,ideal,mercadopago,mybank,p24,sepa,sofort,venmo&enable-funding=card,credit,paylater&components=buttons

Requested by

Host: citizenask.com
URL: https://citizenask.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

70402553904dbafd4dfb0b5b3b1065ce6d0b47e83a5a2796a955f523a11ac7a7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-Vpkmw77kbFsHpk8VhHGq/yd+o1/667VLPVR0bym8OVALmARg' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-Vpkmw77kbFsHpk8VhHGq/yd+o1/667VLPVR0bym8OVALmARg' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-Vpkmw77kbFsHpk8VhHGq/yd+o1/667VLPVR0bym8OVALmARg' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-Vpkmw77kbFsHpk8VhHGq/yd+o1/667VLPVR0bym8OVALmARg' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 12 Feb 2023 03:24:57 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 0
x-cache: MISS
p3p: true
paypal-debug-id: f344625874147
server-timing: "traceparent;desc="00-0000000000000000000f344625874147-45b4e0e285593b4a-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 94417
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220023-HHN
traceparent: 00-0000000000000000000f344625874147-93f6ddd5a1578671-01
x-timer: S1676172296.203719,VS0,VE1105
etag: W/"170d1-mmGzDiTQzLZHtJErJpSUVu4SrPQ"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 js Show response
www.paypal.com/sdk/ 259 KB
77 KB 138ms
25ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AV4Rt4LbrmxXWb4ZYw3nf-nQ0y56KjNJLbVwwOqX7QSX4Aa-YFriOxP7lJISyzS_unCcth3ORnoWyUk5&components=messages

Requested by

Host: citizenask.com
URL: https://citizenask.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

172aa87aec21f971f5b6a0cd09df89b59fa8914f899e4e658a3d7b28bc350535

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-nOx4F9fpdG7+TR7mLGz5KTSGjmWUcpJXuOWb9/gHV6Azk0vk' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-nOx4F9fpdG7+TR7mLGz5KTSGjmWUcpJXuOWb9/gHV6Azk0vk' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-nOx4F9fpdG7+TR7mLGz5KTSGjmWUcpJXuOWb9/gHV6Azk0vk' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-nOx4F9fpdG7+TR7mLGz5KTSGjmWUcpJXuOWb9/gHV6Azk0vk' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 12 Feb 2023 03:24:56 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 960
x-cache: HIT
p3p: true
paypal-debug-id: f95289569b1e9
server-timing: "traceparent;desc="00-0000000000000000000f95289569b1e9-8134ee732bbdd429-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 77505
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220023-HHN
traceparent: 00-0000000000000000000f95289569b1e9-23ac165009ea1a30-01
x-timer: S1676172296.204054,VS0,VE2
etag: W/"12ec1-ArP8QSNkuBA3Pusll1YmuAUkKYQ"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 Swiper.js Show response
static-theme.cdncloud.top/liquid/buyer/public/js/plug/ 121 KB
33 KB 756ms
42ms Script
application/javascript 103.160.204.4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-theme.cdncloud.top/liquid/buyer/public/js/plug/Swiper.js
Requested by: Host: citizenask.com
URL: https://citizenask.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65f7b749418c56e4fbd8d35b43902f95b43d8ae84ab3703c078b9dbb122c0aa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:24:56 GMT
x-amz-version-id: hiFF4xlwZtD5kxGy_f1sg9OefN1To6jQ
content-encoding: br
cf-cache-status: HIT
age: 948476
x-amz-request-id: 94SC3A53P45VJ9D1
cf-polished: origSize=124671
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: J2U11c6JudeEuV0Ta8T3sDsUxkTSmH+926sr6AIySAEOKj5npkkCSr3OKCZMJ+rrZUAfGl63LJg=
last-modified: Mon, 30 Jan 2023 09:09:49 GMT
cf-bgj: minify
server: cloudflare
etag: W/"d4ff815d60c83028c87324f6fce8e634"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-max-age: 3600
cf-ray: 798236d70c0e39c4-FRA
expires: Sun, 12 Feb 2023 07:24:56 GMT

GET
H2 200 fingerprint2.min.js Show response
static-theme.cdncloud.top/liquid/buyer/public/js/plug/ 29 KB
11 KB 773ms
59ms Script
application/javascript 103.160.204.4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-theme.cdncloud.top/liquid/buyer/public/js/plug/fingerprint2.min.js
Requested by: Host: citizenask.com
URL: https://citizenask.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:24:56 GMT
x-amz-version-id: Z0g4DpnHmSYhdi8fJtt1q8FqM2OMGKQQ
content-encoding: br
cf-cache-status: HIT
age: 949269
x-amz-request-id: 1GDJ7SBPANCW9KDK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: +Ux1z2G2R8/ogYX4osaZWO6wjgh5fnUi4xzR3o4V2l5qOpXiLkxA5mD2yXfQiQel/HLcPmSDSzg=
last-modified: Mon, 30 Jan 2023 09:09:49 GMT
server: cloudflare
etag: W/"90aa11f39700c7d82563b7ed3f011856"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-max-age: 3600
cf-ray: 798236d70c0d39c4-FRA
expires: Sun, 12 Feb 2023 07:24:56 GMT

GET
H2 200 vendor.min.js Show response
static-theme.cdncloud.top/liquid/buyer/public/js/plug/ 61 KB
18 KB 750ms
37ms Script
application/javascript 103.160.204.4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-theme.cdncloud.top/liquid/buyer/public/js/plug/vendor.min.js?t=20230203163352
Requested by: Host: citizenask.com
URL: https://citizenask.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a212bb4c14dd4282c6a51c15967b68acc113827b8a439deb6dd2e57cb7d9009

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:24:56 GMT
x-amz-version-id: 7gBNocbQzz.xmKrrMGk0HRTHcaBAmEoY
content-encoding: br
cf-cache-status: HIT
age: 758948
x-amz-request-id: 0J284V1WM6P2D4HT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: vm0JJD1W+seRTJqWILLBHLEnxFuWIS6fZdZVoOfeAMS9xf/TZhyYJgPwUJNY26yCWrLdUrrhT2s=
last-modified: Fri, 03 Feb 2023 08:32:08 GMT
server: cloudflare
etag: W/"fc330be3e8a2732e6e333c0cda3838b2"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-max-age: 3600
cf-ray: 798236d70c0c39c4-FRA
expires: Sun, 12 Feb 2023 07:24:56 GMT

GET
H2 200 604a0888291926f88088c14bc2e215c1.png
img.cdncloud.top/uploader/ 189 KB
190 KB 2474ms
2136ms Image
image/png 103.160.204.4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.cdncloud.top/uploader/604a0888291926f88088c14bc2e215c1.png?x-oss-process=image/blur,r_10,s_10
Requested by: Host: citizenask.com
URL: https://citizenask.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2db5838c414481de4360d637003dfdbb32d137c277e3a735dbc58d3b845191f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:24:59 GMT
cf-cache-status: MISS
x-oss-request-id: 63E85C0AB69A8C3631AFFE47
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 193788
x-oss-object-type: Multipart
last-modified: Mon, 21 Mar 2022 06:39:24 GMT
server: cloudflare
etag: "5772BEC99948D96C3B9CFE0840D02C3F-1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD, PUT, DELETE
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-max-age: 3600
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 798236dc8c1bbb47-FRA
x-oss-hash-crc64ecma: 15158547710412588449
x-oss-server-time: 270
expires: Sun, 12 Feb 2023 07:24:59 GMT

GET
H2 200 604a0888291926f88088c14bc2e215c1.png
img.cdncloud.top/uploader/ 391 KB
391 KB 3165ms
2863ms Image
image/png 103.160.204.4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.cdncloud.top/uploader/604a0888291926f88088c14bc2e215c1.png
Requested by: Host: citizenask.com
URL: https://citizenask.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70341cef3886fc99f4003cc69d758ce29c9aff7bb278ace5bf520e91d1c419c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:25:00 GMT
cf-cache-status: MISS
x-oss-request-id: 63E85C0BF25E283932801389
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 399890
x-oss-object-type: Multipart
last-modified: Mon, 21 Mar 2022 06:39:24 GMT
server: cloudflare
etag: "5772BEC99948D96C3B9CFE0840D02C3F-1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD, PUT, DELETE
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-max-age: 3600
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 798236dc8c11bb47-FRA
x-oss-hash-crc64ecma: 7089492500590655903
x-oss-server-time: 28
expires: Sun, 12 Feb 2023 07:24:59 GMT

GET
H3 200 default.png
static-theme.cdncloud.top/buyer/public/img/ 56 B
585 B 39ms
36ms Image
image/webp 103.160.204.4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-theme.cdncloud.top/buyer/public/img/default.png
Requested by: Host: citizenask.com
URL: https://citizenask.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80aa3fe5432df59b7abab02e52151e388ee927734221eb102e6d44f6cf89f650

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:24:57 GMT
x-amz-version-id: HeIYKlT8qOiZWPOX.SL1Ufr702u8SXwn
cf-cache-status: HIT
age: 707559
x-amz-request-id: 3QPRV2C0K5XWQJP6
cf-polished: origFmt=png, origSize=6788
content-disposition: inline; filename="default.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56
x-amz-id-2: plF73FYv387Ok8EbGj07a9XosEclkXW2OU0FLaKjv1D+Zn6O8ChmBoUW9VPowanJTgw/1nD17iE=
last-modified: Sat, 24 Oct 2020 07:52:36 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "4cebe560ed4ee509dbb64d1972403039"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, POST, HEAD, PUT, DELETE
content-type: image/webp
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 798236daaa052ba8-FRA
expires: Sun, 12 Feb 2023 07:24:57 GMT

GET
H3 200 pic-4.png
static-theme.cdncloud.top/theme/faker/ 3 KB
3 KB 40ms
37ms Image
image/webp 103.160.204.4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-theme.cdncloud.top/theme/faker/pic-4.png
Requested by: Host: citizenask.com
URL: https://citizenask.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d768adf4a687b16abe9aa36a0c482694a66aebd218495b8d48689a75d4919e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:24:57 GMT
x-amz-version-id: WJDJa6nC2bEfg71Db90znPWe_02HxYlo
cf-cache-status: HIT
age: 200442
x-amz-request-id: Z673XFBKES9F96KB
cf-polished: origFmt=png, origSize=11001
content-disposition: inline; filename="pic-4.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2870
x-amz-id-2: RG0zHc3vxc8mktiCGByvLImFQVF2fcxeCSMasfha3y5aRyNuuHJxIpIpi0EIPAvyQ5Tr8gWdxl8=
last-modified: Tue, 08 Dec 2020 07:00:27 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "3dff14d4a76118edbc16346fe2fa0046"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, POST, HEAD, PUT, DELETE
content-type: image/webp
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 798236daaa062ba8-FRA
expires: Sun, 12 Feb 2023 07:24:57 GMT

GET
H2 200 remembered Show response
www.paypal.com/checkoutnow/ 66 B
3 KB 225ms
225ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/checkoutnow/remembered?callback=paypalisrememberedcallback

Requested by

Host: citizenask.com
URL: https://citizenask.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

/ Express

Resource Hash

47f1bf737f83f0054b66bf51c560205588a69a8e65d0c00961046d699d0e1afc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; connect-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://nexus.ensighten.com https://connect.facebook.net https://www.facebook.com https://m.facebook.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn https://.cardinalcommerce.com https://staticxx.facebook.com https://www.facebook.com https://m.facebook.com https://.baidu.com https://.baifubao.com https://.qualtrics.com; script-src 'self' https://.paypal.com https://.paypal.cn https://.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src https: data:; base-uri 'self' https://.paypal.com https://*.paypal.cn; object-src 'none'; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline'; connect-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://nexus.ensighten.com https://connect.facebook.net https://www.facebook.com https://m.facebook.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn https://*.cardinalcommerce.com https://staticxx.facebook.com https://www.facebook.com https://m.facebook.com https://*.baidu.com https://*.baifubao.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com https://*.paypal.cn https://*.paypalobjects.com https://objects.paypal.cn 'unsafe-inline' 'unsafe-eval'; img-src https: data:; base-uri 'self' https://*.paypal.com https://*.paypal.cn; object-src 'none'; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
date: Sun, 12 Feb 2023 03:24:57 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish
content-encoding: br
x-powered-by: Express
x-cache: MISS
paypal-debug-id: f451068a4995e
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-csrf-jwt-hash: 40c805f8be0af5477f1183af6b37e49841b276881301b761b09fa066b35eb1b0
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220023-HHN
traceparent: 00-0000000000000000000f451068a4995e-6347b717b2f3f718-01
x-timer: S1676172297.898023,VS0,VE202
etag: W/W/"42-4SbENl3yIM7WtFI51AQmuKOWROQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-csrf-jwt: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbiI6IlhtNVJKN2ZoM2ZEeW1lSWF3YUhhSVU4RUhWbmpLVjFaWHpKWkhvTXZCSVpOTnAtTk9QdnM1cFA0cjRnUFl3NS1hQkZGM09PaTB3eFJkSF85U193SGlxU3Fib3M1NGJMbDB1Y0hydUo2bGh4akNEdWJXdlVxeXVkUFNxOWw2cHRhbm1xd1dtd3JWQkhGWTZQYmtHTDMyRmVtM3RkOHYxZ3E3SjZiYTFWY3lDM1ZSZWFKQVFxaDZTX3FIMVciLCJpYXQiOjE2NzYxNzIyOTcsImV4cCI6MTY3NjE3NTg5N30.xigbY3wmkiRYC7zl3bxBQQliIYphXuEtvz9OusUogg4
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: none
x-cache-hits: 0

GET
H3 200 paypal.png
static-theme.cdncloud.top/buyer/public/img/ 2 KB
3 KB 42ms
39ms Image
image/webp 103.160.204.4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-theme.cdncloud.top/buyer/public/img/paypal.png
Requested by: Host: citizenask.com
URL: https://citizenask.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9158c942ad899cdee196355e6792afadd33e0b10f77c4a09c5fd2911fce61d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:24:57 GMT
x-amz-version-id: PxW.xSQNe2yxYE0gVygadZ38_bX97i8r
cf-cache-status: HIT
age: 207573
x-amz-request-id: XN1NW3MM924NF8K9
cf-polished: origFmt=png, origSize=2738
content-disposition: inline; filename="paypal.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2034
x-amz-id-2: f6W0Wgl2SEai/HjY+Zg8wBgjeMfURmZ+fYgBQRqpzdLiWv3wtAsG75R/DWyk/UdDRR4gkYCvq/Y=
last-modified: Sat, 24 Oct 2020 07:52:37 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "00b29082e7463919e82a52632f106263"
vary: Accept, Accept-Encoding
access-control-allow-methods: GET, POST, HEAD, PUT, DELETE
content-type: image/webp
access-control-allow-origin: *
access-control-max-age: 3600
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 798236daaa082ba8-FRA
expires: Sun, 12 Feb 2023 07:24:57 GMT

GET
H3 200 paypal.svg
static-theme.cdncloud.top/liquid/buyer/public/img/payment/ 8 KB
3 KB 40ms
37ms Image
image/svg+xml 103.160.204.4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-theme.cdncloud.top/liquid/buyer/public/img/payment/paypal.svg
Requested by: Host: citizenask.com
URL: https://citizenask.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbbe5813f53cf337acc360952a5bc1c623f42abc4160fd0304eb230cad45a55b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:24:57 GMT
x-amz-version-id: 9xI9T9JtU0JGUKd7S97f9KF7iLSvfHHO
content-encoding: br
cf-cache-status: HIT
age: 1794490
x-amz-request-id: ZBTR8JFGA0QWMEFZ
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 5AAj2XlCs46QdfOUzEpmLrtJ7WtG7TTyI53hvsXT7Iv2b2s9KTLF/lGH3f3ptUf/bSWEniYYV7w=
last-modified: Thu, 08 Dec 2022 08:38:12 GMT
server: cloudflare
etag: W/"07f7d3ec656e55353c7a7046196a250d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-max-age: 3600
cf-ray: 798236daaa092ba8-FRA
expires: Sun, 12 Feb 2023 07:24:57 GMT

GET
H3 200 visa1.svg
static-theme.cdncloud.top/liquid/buyer/public/img/payment/ 4 KB
2 KB 41ms
37ms Image
image/svg+xml 103.160.204.4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-theme.cdncloud.top/liquid/buyer/public/img/payment/visa1.svg
Requested by: Host: citizenask.com
URL: https://citizenask.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a91ec4e3e40185e8c894b5c158532373333331219b55f31b232895becd8e55ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:24:57 GMT
x-amz-version-id: xKhbI5XCMMx9jNOKZ6ngjMz8gXvCiBX9
content-encoding: br
cf-cache-status: HIT
age: 1794490
x-amz-request-id: ZBTYRYW1SV30V8E1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: CssD5BIu7isSNkXOzvx8msrivtfbqd9vqztciMUcMIQq7tomEa5/ZVgdi1qFa1LWSBKdlxYPcgs=
last-modified: Thu, 08 Dec 2022 08:38:13 GMT
server: cloudflare
etag: W/"ce1d012126ce25c72e3a731060e8fe2c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-max-age: 3600
cf-ray: 798236daaa0a2ba8-FRA
expires: Sun, 12 Feb 2023 07:24:57 GMT

GET
H3 200 mastercard.svg
static-theme.cdncloud.top/liquid/buyer/public/img/payment/ 12 KB
5 KB 41ms
38ms Image
image/svg+xml 103.160.204.4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-theme.cdncloud.top/liquid/buyer/public/img/payment/mastercard.svg
Requested by: Host: citizenask.com
URL: https://citizenask.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d18c859b3b60b5e1f77185d440a61af49502a178edaaca66dd076d98af11890

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:24:57 GMT
x-amz-version-id: PmJV1G7x9oZATRO.3tZr1HQYAzdTa6pW
content-encoding: br
cf-cache-status: HIT
age: 693155
x-amz-request-id: 9E22VXQ5QJ599N6P
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Slc1+V7iUSz3WG3I1DBXaMKT/eRSKAhtmEuS8zed394uSaJXSkng0W1mZVLhjnb+aDQ2bXaqj3E=
last-modified: Fri, 03 Feb 2023 08:32:07 GMT
server: cloudflare
etag: W/"9ad047015966e1288b080a07fd2d7ebc"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-max-age: 3600
cf-ray: 798236daaa0b2ba8-FRA
expires: Sun, 12 Feb 2023 07:24:57 GMT

GET
H3 200 maestro.svg
static-theme.cdncloud.top/liquid/buyer/public/img/payment/ 8 KB
4 KB 41ms
38ms Image
image/svg+xml 103.160.204.4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-theme.cdncloud.top/liquid/buyer/public/img/payment/maestro.svg
Requested by: Host: citizenask.com
URL: https://citizenask.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dacdee596e1bb252d671f8f0afb51c46981e37240c9d4b2377bb66129d4beec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:24:57 GMT
x-amz-version-id: 8KJzLB4Rh1e1tOsowqWB5c6s2kaDe_6R
content-encoding: br
cf-cache-status: HIT
age: 1794490
x-amz-request-id: ZBTW279R5ZQPZNKY
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: /8vtC2uOXiz/A0GsofcXWQxbzMR/Mimci5wofLFhjsOEWYfAR6BZC1f+F+A6INc/6rRHomtmTLg=
last-modified: Thu, 08 Dec 2022 08:38:12 GMT
server: cloudflare
etag: W/"c4350bd99ddc853d49568cbe8a7ba0b7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-max-age: 3600
cf-ray: 798236daaa0d2ba8-FRA
expires: Sun, 12 Feb 2023 07:24:57 GMT

GET
H3 200 AmericanExpress.svg
static-theme.cdncloud.top/liquid/buyer/public/img/payment/ 10 KB
4 KB 43ms
40ms Image
image/svg+xml 103.160.204.4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-theme.cdncloud.top/liquid/buyer/public/img/payment/AmericanExpress.svg
Requested by: Host: citizenask.com
URL: https://citizenask.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43d0a062df3eccf50cf81f80ee88b7d37d7ccd3953a06e3b000e888ca11d2194

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:24:57 GMT
x-amz-version-id: UjxJL5FEKGn_CBBDERbWtgrXUlwhmM7I
content-encoding: br
cf-cache-status: HIT
age: 1794490
x-amz-request-id: ZBTQ684VCC8MN7F2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: e8v9vahi3cPIw8Gcz2Kuyryprys+iaWC8HAN0fQAqYNIwp1BQIIZ32ebb+zjlBKy1KFrTm1BwM8=
last-modified: Thu, 08 Dec 2022 08:38:11 GMT
server: cloudflare
etag: W/"3a8b0094025fcc75887ba44fa896a347"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD, PUT, DELETE
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-max-age: 3600
cf-ray: 798236daaa0e2ba8-FRA
expires: Sun, 12 Feb 2023 07:24:57 GMT

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ 17 KB
6 KB 100ms
52ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: citizenask.com
URL: https://citizenask.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://citizenask.com/
Origin: https://citizenask.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:24:57 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 798236daecf82c7b-FRA

GET
H2 200 event.js Show response
static-theme.cdncloud.top/liquid/buyer/public/js/lib/ 4 KB
2 KB 35ms
35ms Script
application/javascript 103.160.204.4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-theme.cdncloud.top/liquid/buyer/public/js/lib/event.js?t=20230203163352
Requested by: Host: citizenask.com
URL: https://citizenask.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1d6472fd4dcc93eaea518a42d7286441d4d4240a0b3a74ba218ace0f3eefff5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:24:57 GMT
x-amz-version-id: DxHMabtq.DDh2lrI1qIH.b44tt3RRMQS
content-encoding: br
cf-cache-status: HIT
age: 758949
x-amz-request-id: 0J24WHG6RR5503BD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: PbL1rwQtc2usCEAUeg/JP6UTERs9ag/YtySqSXaJnduAGDBvFUc7gIfKM+D6sDh+cB0MCEGqBvI=
last-modified: Fri, 03 Feb 2023 08:32:08 GMT
cf-bgj: minify
server: cloudflare
etag: W/"ae0d5634e4394f0ac6e6a1ba5973a342"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-max-age: 3600
cf-ray: 798236d90d9639c4-FRA
expires: Sun, 12 Feb 2023 07:24:57 GMT

GET
H3 200 index.js Show response
static-theme.cdncloud.top/liquid/buyer/public/js/lib/ 681 KB
117 KB 37ms
37ms Script
application/javascript 103.160.204.4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-theme.cdncloud.top/liquid/buyer/public/js/lib/index.js?t=20230203163352
Requested by: Host: citizenask.com
URL: https://citizenask.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 907b690725f588abd4aef3016484c675dc068ad63e0a3529758d3912dc100683

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:24:57 GMT
x-amz-version-id: 9XhgGGy.WHv6002JjiTRSYIVMDQuydjL
content-encoding: br
cf-cache-status: HIT
age: 758633
x-amz-request-id: TVXGW8KQQP8WJMT9
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: U5eEd49exnklQsuVq9oGDBn7gbV3FIviyda0zMgE9u2QWHsp3Sdz6ZBiOdNU0RHTZcXwk1qGC74=
last-modified: Fri, 03 Feb 2023 08:32:08 GMT
cf-bgj: minify
server: cloudflare
etag: W/"2af1aa047765d198881e60ced682edd8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD, PUT, DELETE
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-max-age: 3600
cf-ray: 798236d939402ba8-FRA
expires: Sun, 12 Feb 2023 07:24:57 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
5 KB 319ms
316ms Script
application/x-javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=citizenask.com&t=xo&v=5.0.352&source=payments_sdk&mrid=7EACDJUSPL62J&client_id=AV4Rt4LbrmxXWb4ZYw3nf-nQ0y56KjNJLbVwwOqX7QSX4Aa-YFriOxP7lJISyzS_unCcth3ORnoWyUk5&comp=buttons&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AV4Rt4LbrmxXWb4ZYw3nf-nQ0y56KjNJLbVwwOqX7QSX4Aa-YFriOxP7lJISyzS_unCcth3ORnoWyUk5&merchant-id=7EACDJUSPL62J&currency=USD&disable-funding=bancontact,blik,eps,giropay,ideal,mercadopago,mybank,p24,sepa,sofort,venmo&enable-funding=card,credit,paylater&components=buttons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-trLwzPuc8bmqAmzDrFJv7r41AshXOBSqU97RKds54hZFjysW' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-trLwzPuc8bmqAmzDrFJv7r41AshXOBSqU97RKds54hZFjysW' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 12 Feb 2023 03:24:57 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 0
x-cache: MISS
paypal-debug-id: f45106830e701
server-timing: "traceparent;desc="00-0000000000000000000f45106830e701-d16762018c0aed75-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4299
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220023-HHN
traceparent: 00-0000000000000000000f45106830e701-dcd50351a64ba0f2-01
x-timer: S1676172297.391522,VS0,VE285
etag: W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
5 KB 324ms
321ms Script
application/x-javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=citizenask.com&t=xo&v=5.0.352&source=payments_sdk&client_id=AV4Rt4LbrmxXWb4ZYw3nf-nQ0y56KjNJLbVwwOqX7QSX4Aa-YFriOxP7lJISyzS_unCcth3ORnoWyUk5&comp=messages&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AV4Rt4LbrmxXWb4ZYw3nf-nQ0y56KjNJLbVwwOqX7QSX4Aa-YFriOxP7lJISyzS_unCcth3ORnoWyUk5&components=messages

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-6yh9etQqNv725fTRFCkaxja4xQDeoKne6B3wsMxWNZu/CipB' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-6yh9etQqNv725fTRFCkaxja4xQDeoKne6B3wsMxWNZu/CipB' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 12 Feb 2023 03:24:57 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 0
x-cache: MISS
paypal-debug-id: f4510688ea328
server-timing: "traceparent;desc="00-0000000000000000000f4510688ea328-4efe0becf4cec0f4-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4299
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220023-HHN
traceparent: 00-0000000000000000000f4510688ea328-98b6ca5392f09078-01
x-timer: S1676172297.391508,VS0,VE293
etag: W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 70ms
23ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: citizenask.com
URL: https://citizenask.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 12 Feb 2023 03:24:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: G2LB5uzJS1MQDZaT60gVXy/PAiKnjzsNQpmDMoKOulO3mG0NeUL58Z6NDjvnj/5SZEUX65kLq8o9GQVWA1HuZQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 font_871426_ou7555ftk8o.woff2
at.alicdn.com/t/ 42 KB
43 KB 204ms
148ms Font
font/woff2 163.181.56.193
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://at.alicdn.com/t/font_871426_ou7555ftk8o.woff2?t=1631848450369
Requested by: Host: static-theme.cdncloud.top
URL: https://static-theme.cdncloud.top/liquid/buyer/public/css/styles.min.css?t=20230203163352
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.56.193 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 7d81f3c3e1c65379bfdec8620a41bd87581d45677316e57becc16692b8737d3a

Request headers

Referer: https://static-theme.cdncloud.top/
Origin: https://citizenask.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:04:22 GMT
via: cache35.l2us1[0,14,200-0,H], cache37.l2us1[15,0], ens-cache4.de4[103,102,200-0,M], ens-cache2.de4[105,0]
x-oss-request-id: 639815E6FC091B3538A42F6D
content-md5: rgWHwHbPVaCTap787BYoqg==
age: 5260835
x-swift-cachetime: 25843165
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Sun, 12 Feb 2023 03:24:57 GMT
content-length: 43280
x-oss-object-type: Normal
last-modified: Sat, 25 Dec 2021 04:51:23 GMT
server: Tengine
etag: "AE0587C076CF55A0936A9EFCEC1628AA"
vary: Origin
ali-swift-global-savetime: 1670911462
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=63072000
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 16904730654307218689
eagleid: 2ff62b1a16761722974072929e
x-oss-server-time: 2

GET
H3 200 Lato-Regular.ttf
static-theme.cdncloud.top/s/files/public/css/font/ 117 KB
118 KB 193ms
168ms Font
binary/octet-stream 103.160.204.4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-theme.cdncloud.top/s/files/public/css/font/Lato-Regular.ttf
Requested by: Host: static-theme.cdncloud.top
URL: https://static-theme.cdncloud.top/s/files/public/css/shopify001.comm.min.css?t=20230203163352
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ae714b63c2c8b940bdd211a0cc678f01168a34eea8aa13c0df25364f29238a7

Request headers

Referer: https://static-theme.cdncloud.top/s/files/public/css/shopify001.comm.min.css?t=20230203163352
Origin: https://citizenask.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:24:57 GMT
x-amz-version-id: dpVC2kxXye_NKsoDzy0E6qsBWFwClMSQ
cf-cache-status: HIT
age: 455474
x-amz-request-id: A1D4SDG5JV285HV9
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 120196
x-amz-id-2: y7nsipklwjvRLaZusOwwGqAHRw5rq5giDrbs3hQKrBRc8fgHRIZHsb0/cAMu/Dba6s9OQDh15Ew=
last-modified: Thu, 26 Aug 2021 10:20:22 GMT
server: cloudflare
etag: "7f690e503a254e0b8349aec0177e07aa"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 798236db2dabbb61-FRA
expires: Sun, 12 Feb 2023 07:24:57 GMT

GET
H3 200 OpenSans-Regular.ttf
static-theme.cdncloud.top/s/files/public/css/font/ 212 KB
213 KB 130ms
105ms Font
binary/octet-stream 103.160.204.4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://static-theme.cdncloud.top/s/files/public/css/font/OpenSans-Regular.ttf
Requested by: Host: static-theme.cdncloud.top
URL: https://static-theme.cdncloud.top/s/files/public/css/shopify001.comm.min.css?t=20230203163352
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13c03e22a633919beb2847c58c8285fb8a735ee97097d7c48fd403f8294b05f8

Request headers

Referer: https://static-theme.cdncloud.top/s/files/public/css/shopify001.comm.min.css?t=20230203163352
Origin: https://citizenask.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:24:57 GMT
x-amz-version-id: pV_FH3mVpvewEk.snjhhBL6L4xO2xwL.
cf-cache-status: HIT
age: 455474
x-amz-request-id: A1DADQVCMSNNAB1Y
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 217276
x-amz-id-2: BAEIuib4bScbVBL+mmpG/rO6BKwiZkQQPOXYL76D5xSVj0k5lAS4L0HtqD+g6+iiME84AwvGGhg=
last-modified: Thu, 26 Aug 2021 10:20:33 GMT
server: cloudflare
etag: "d7d5d4588a9f50c99264bc12e4892a7c"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 798236db2da9bb61-FRA
expires: Sun, 12 Feb 2023 07:24:57 GMT

GET AvenirNext-Regular.ttf
static-theme.cdncloud.top/s/files/public/css/font/ 0
0

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 24ms
22ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.95

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 12 Feb 2023 03:24:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: xcqy+JnuExED0DbWOQc7HKz/gT79uIvPdP9IofQwmh1R7cJpz9XpdMEF3/jXzwpo7tXaN05xxCgR2L60JuwDrw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1002985910311177 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 255ms
255ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1002985910311177?v=2.9.95&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

98dc8218aeacd93192d248e7c31fbae395fdd48679356e2dd1a0b26a7e0351ac

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 12 Feb 2023 03:24:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: +wXL2uwhWjG7vSujM6G9YNdMrj/StCWEhpNjqM5CDjZ8uFzIBXjE8kd8v4HA8Zamr+JJLDPWyJQ5S2a+XCcX8w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 user-capi Show response
citizenask.com/buyer/user/ 79 B
245 B 709ms
709ms XHR
application/json 103.160.204.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://citizenask.com/buyer/user/user-capi
Requested by: Host: static-theme.cdncloud.top
URL: https://static-theme.cdncloud.top/liquid/buyer/public/js/plug/jquery.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 103.160.204.21 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9dfde497b95a29045169d8c6df8cb326b623afd89d9535575bb60b75bcf0b80

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://citizenask.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 12 Feb 2023 03:24:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
cf-ray: 798236db7b1935ed-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 select-coupon Show response
citizenask.com/buyer/user/ 64 B
345 B 684ms
683ms XHR
application/json 103.160.204.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://citizenask.com/buyer/user/select-coupon
Requested by: Host: static-theme.cdncloud.top
URL: https://static-theme.cdncloud.top/liquid/buyer/public/js/plug/jquery.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.160.204.21 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a96950a544c861ee02f4c4c8115ec9e79813a67ed018eaa81fc09cf7fb1a0c93

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://citizenask.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 12 Feb 2023 03:24:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
cf-ray: 798236dba9c639da-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 swiper.js Show response
www.itaboola.com/ 0
378 B 1898ms
1268ms XHR
application/javascript 103.160.204.10
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.itaboola.com/swiper.js?ul=https%3A%2F%2Fcitizenask.com%2F&ht=citizenask.com&ua=mozilla%2F5.0+(windows+nt+10.0%3B+win64%3B+x64)+applewebkit%2F537.36+(khtml%2C+like+gecko)+chrome%2F110.0.5481.77+safari%2F537.36&lp=true&sr=direct&rl=&s=70719&u=4179143005&ev=PageView&fu=1a299be77f32b1d7f38749f0ca4ad133&p=index&ts=1676172297509&cd=%257B%257D&utmso=&utmmd=&utmcp=&utmct=&utmtm=&lib=JS&latest_ref=&latest_url=https%3A%2F%2Fcitizenask.com%2F&customer_id=&is_login=false&session_id=s.1.1676172297509.22542b541c188
Requested by: Host: static-theme.cdncloud.top
URL: https://static-theme.cdncloud.top/liquid/buyer/public/js/plug/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.160.204.10 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://citizenask.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:24:59 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sun, 12 Feb 2023 03:24:59 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 798236dfac4830e4-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 12 Feb 2023 07:24:59 GMT

GET
H2 200 local Show response
www.paypal.com/credit-presentment/experiments/ Frame 40AB 5 KB
2 KB 24ms
24ms Document
text/html 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/credit-presentment/experiments/local?uid=uid_rdkwiezrycigrzcyyesuftjrzlasvd&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVY0UnQ0TGJybXhYV2I0Wll3M25mLW5RMHk1NktqTkpMYlZ3d09xWDdRU1g0QWEtWUZyaU94UDdsSklTeXpTX3VuQ2N0aDNPUm5vV3lVazUmY29tcG9uZW50cz1tZXNzYWdlcyIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX3Jka3dpZXpyeWNpZ3J6Y3l5ZXN1ZnRqcnpsYXN2ZCJ9fQ&env=production&scriptUID=uid_rdkwiezrycigrzcyyesuftjrzlasvd&version=1.40.1&integrationType=SDK

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AV4Rt4LbrmxXWb4ZYw3nf-nQ0y56KjNJLbVwwOqX7QSX4Aa-YFriOxP7lJISyzS_unCcth3ORnoWyUk5&components=messages

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

83dc82ea46945b58a41fcebd1fab5cb0cc69d9d92c80651c4fb1af1ed5195d41

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'sha256-sGD8lvmhqrWwzXWxhS84kJKBE5np85jyWGNliwp1kZE=' 'sha256-ZL64LMmEtYdJXMbgJbo72F5LvIiHxpMLEzWudUMmbgI=' 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com https:; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Referer: https://citizenask.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-expose-headers: Server-Timing
age: 34923
cache-control: s-maxage=86400, max-age=0
content-encoding: gzip
content-length: 1468
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-sGD8lvmhqrWwzXWxhS84kJKBE5np85jyWGNliwp1kZE=' 'sha256-ZL64LMmEtYdJXMbgJbo72F5LvIiHxpMLEzWudUMmbgI=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type: text/html; charset=utf-8
date: Sun, 12 Feb 2023 03:24:57 GMT
dc: ccg11-origin-www-1.paypal.com
edge-cache-tag: up-treatments-zoid
etag: W/"143e-G0mTVbLISbkupym4uoc3uie1MYc"
paypal-debug-id: f209195c1ae7f
server-timing: "traceparent;desc="00-0000000000000000000f209195c1ae7f-3f4469131f370a25-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f209195c1ae7f-ff9732c389bcfabc-01
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 15268
x-served-by: cache-hhn-etou8220023-HHN
x-timer: S1676172298.595026,VS0,VE1
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 40AB 259 KB
77 KB 23ms
23ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AV4Rt4LbrmxXWb4ZYw3nf-nQ0y56KjNJLbVwwOqX7QSX4Aa-YFriOxP7lJISyzS_unCcth3ORnoWyUk5&components=messages

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_rdkwiezrycigrzcyyesuftjrzlasvd&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVY0UnQ0TGJybXhYV2I0Wll3M25mLW5RMHk1NktqTkpMYlZ3d09xWDdRU1g0QWEtWUZyaU94UDdsSklTeXpTX3VuQ2N0aDNPUm5vV3lVazUmY29tcG9uZW50cz1tZXNzYWdlcyIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX3Jka3dpZXpyeWNpZ3J6Y3l5ZXN1ZnRqcnpsYXN2ZCJ9fQ&env=production&scriptUID=uid_rdkwiezrycigrzcyyesuftjrzlasvd&version=1.40.1&integrationType=SDK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

172aa87aec21f971f5b6a0cd09df89b59fa8914f899e4e658a3d7b28bc350535

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-nOx4F9fpdG7+TR7mLGz5KTSGjmWUcpJXuOWb9/gHV6Azk0vk' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-nOx4F9fpdG7+TR7mLGz5KTSGjmWUcpJXuOWb9/gHV6Azk0vk' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_rdkwiezrycigrzcyyesuftjrzlasvd&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVY0UnQ0TGJybXhYV2I0Wll3M25mLW5RMHk1NktqTkpMYlZ3d09xWDdRU1g0QWEtWUZyaU94UDdsSklTeXpTX3VuQ2N0aDNPUm5vV3lVazUmY29tcG9uZW50cz1tZXNzYWdlcyIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX3Jka3dpZXpyeWNpZ3J6Y3l5ZXN1ZnRqcnpsYXN2ZCJ9fQ&env=production&scriptUID=uid_rdkwiezrycigrzcyyesuftjrzlasvd&version=1.40.1&integrationType=SDK
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-nOx4F9fpdG7+TR7mLGz5KTSGjmWUcpJXuOWb9/gHV6Azk0vk' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-nOx4F9fpdG7+TR7mLGz5KTSGjmWUcpJXuOWb9/gHV6Azk0vk' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 12 Feb 2023 03:24:57 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 961
x-cache: HIT
p3p: true
paypal-debug-id: f95289569b1e9
server-timing: "traceparent;desc="00-0000000000000000000f95289569b1e9-8134ee732bbdd429-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 77505
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220023-HHN
traceparent: 00-0000000000000000000f95289569b1e9-23ac165009ea1a30-01
x-timer: S1676172298.670456,VS0,VE1
etag: W/"12ec1-ArP8QSNkuBA3Pusll1YmuAUkKYQ"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 ts
t.paypal.com/ 42 B
457 B 291ms
177ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=shoppttt&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1676172297698&g=0&completeurl=https%3A%2F%2Fcitizenask.com%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

Requested by

Host: citizenask.com
URL: https://citizenask.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CF6) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:24:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (frc/4CF6)
traceparent: 00-0000000000000000000a2590a6139845-f8c45f5628fc4401-01
content-type: image/gif
paypal-debug-id: a2590a6139845
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 42
expires: Sun, 12 Feb 2023 03:24:57 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
747 B 276ms
165ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=shoppttt&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1676172297703&g=0&completeurl=https%3A%2F%2Fcitizenask.com%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

Requested by

Host: citizenask.com
URL: https://citizenask.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CF8) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Feb 2023 03:24:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (frc/4CF8)
traceparent: 00-0000000000000000000626823cb601b9-e155086635eaba01-01
content-type: image/gif
paypal-debug-id: 626823cb601b9
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 42
expires: Sun, 12 Feb 2023 03:24:57 GMT

GET
H2 200 hash Show response
www.paypal.com/credit-presentment/experiments/ Frame 40AB 40 B
890 B 23ms
23ms Fetch
text/html 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/credit-presentment/experiments/hash?device_id=undefined

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

07e23ede2756aa3f5f7cc9759117c4910875e032c27b8556a1e20626224f10ec

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com https:; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_rdkwiezrycigrzcyyesuftjrzlasvd&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVY0UnQ0TGJybXhYV2I0Wll3M25mLW5RMHk1NktqTkpMYlZ3d09xWDdRU1g0QWEtWUZyaU94UDdsSklTeXpTX3VuQ2N0aDNPUm5vV3lVazUmY29tcG9uZW50cz1tZXNzYWdlcyIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX3Jka3dpZXpyeWNpZ3J6Y3l5ZXN1ZnRqcnpsYXN2ZCJ9fQ&env=production&scriptUID=uid_rdkwiezrycigrzcyyesuftjrzlasvd&version=1.40.1&integrationType=SDK
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-encoding: gzip
via: 1.1 varnish
date: Sun, 12 Feb 2023 03:24:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 34922
edge-cache-tag: up-treatments-hash
x-cache: HIT
paypal-debug-id: f116338b95651
server-timing: "traceparent;desc="00-0000000000000000000f116338b95651-191f81125ca6b102-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 57
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220023-HHN
traceparent: 00-0000000000000000000f116338b95651-0d831eee958ea66f-01
x-timer: S1676172298.735299,VS0,VE1
etag: W/"28-EKNGN61mHZi6M0Rxdlb8x2IJwvg"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: s-maxage=86400, max-age=0
accept-ranges: bytes
x-cache-hits: 3734

POST logger
www.paypal.com/xoplatform/logger/api/ Frame 40AB 0
0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 84ms
23ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1002985910311177&ev=PageView&dl=https%3A%2F%2Fcitizenask.com%2F&rl=&if=false&ts=1676172297819&sw=1600&sh=1200&ud[country]=959a45d44e6fcf58361ed004681556fe50129f2109e817dec098c00c9e5d2578&ud[client_ip_address]=307e96a454b6964316da1a1728b181c41d83a82d503f7b0f100da4385b9e44c3&ud[client_user_agent]=3b23c0f2ee8cf20cfb607ec5605dbfc001adbea43e793f52a2c46337a2260360&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1676172297818.936432545&it=1676172297501&coo=false&eid=j7k3aca7uuPageView1676172297373&rqm=GET

Requested by

Host: citizenask.com
URL: https://citizenask.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 12 Feb 2023 03:24:57 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 9b257586fb55a09785ca4232fbb6e6f0.jpg
img.cdncloud.top/uploader/ 45 KB
45 KB 1881ms
1880ms Image
image/jpeg 103.160.204.4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.cdncloud.top/uploader/9b257586fb55a09785ca4232fbb6e6f0.jpg
Requested by: Host: citizenask.com
URL: https://citizenask.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e55ad6f4f8b6afe18079f0b539bd1cd1cdb6212ce2c57940377b9adb1e20fb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:24:59 GMT
cf-cache-status: MISS
x-oss-request-id: 63E85C0A93B0133635F230D8
content-md5: 2RY+n3vYSn1AQe8Cizn1Ww==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46060
x-oss-object-type: Normal
last-modified: Fri, 22 Oct 2021 08:42:01 GMT
server: cloudflare
etag: "D9163E9F7BD84A7D4041EF028B39F55B"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-max-age: 3600
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 798236ddccc7bb47-FRA
x-oss-hash-crc64ecma: 15239841404489503899
x-oss-server-time: 85
expires: Sun, 12 Feb 2023 07:24:59 GMT

GET
H2 200 310941842976adaecfdb3ea0abc2bec5.jpg
img.cdncloud.top/uploader/ 47 KB
47 KB 1747ms
1746ms Image
image/jpeg 103.160.204.4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.cdncloud.top/uploader/310941842976adaecfdb3ea0abc2bec5.jpg
Requested by: Host: citizenask.com
URL: https://citizenask.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be5beb6c7722e694930ba0a2b2d967157f203612508d408c5492fdf2dbbe739

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:24:59 GMT
cf-cache-status: MISS
x-oss-request-id: 63E85C0A63F09435394B2836
content-md5: xGpGkPOwpUkAmJgmptYLZQ==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47835
x-oss-object-type: Normal
last-modified: Fri, 22 Oct 2021 08:37:05 GMT
server: cloudflare
etag: "C46A4690F3B0A54900989826A6D60B65"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-max-age: 3600
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 798236ddccc8bb47-FRA
x-oss-hash-crc64ecma: 14043177629395200649
x-oss-server-time: 130
expires: Sun, 12 Feb 2023 07:24:59 GMT

GET
H2 200 279f05f0ceb5ac700bb442158f60198e.jpg
img.cdncloud.top/uploader/ 49 KB
49 KB 1830ms
1830ms Image
image/jpeg 103.160.204.4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.cdncloud.top/uploader/279f05f0ceb5ac700bb442158f60198e.jpg
Requested by: Host: citizenask.com
URL: https://citizenask.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2db92e2b664f3a8e7aa943e97d4f8f348e27b5222b3d190141ad9ac2dc15640b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:24:59 GMT
cf-cache-status: MISS
x-oss-request-id: 63E85C0ADDACE034328C4DC2
content-md5: EJX9bVfer5BJQjjzWAcDIw==
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50085
x-oss-object-type: Normal
last-modified: Tue, 28 Dec 2021 11:03:31 GMT
server: cloudflare
etag: "1095FD6D57DEAF90494238F358070323"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-max-age: 3600
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 798236ddccc9bb47-FRA
x-oss-hash-crc64ecma: 10041421673171840575
x-oss-server-time: 104
expires: Sun, 12 Feb 2023 07:24:59 GMT

GET
H2 200 1b8c1e77c13753889a2ab64358de133e.png
img.cdncloud.top/uploader/ 576 KB
576 KB 2061ms
2060ms Image
image/png 103.160.204.4
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.cdncloud.top/uploader/1b8c1e77c13753889a2ab64358de133e.png
Requested by: Host: citizenask.com
URL: https://citizenask.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.160.204.4 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcdacf0f8b321f3046f773116eaa75846c50f17eca7af0b75fe1cb4865c70d50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://citizenask.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 12 Feb 2023 03:24:59 GMT
cf-cache-status: MISS
x-oss-request-id: 63E85C0AFC90F33537067458
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 589326
x-oss-object-type: Multipart
last-modified: Tue, 19 Oct 2021 08:03:16 GMT
server: cloudflare
etag: "F7092DFD583A15270946AECE10E14485-1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, HEAD, PUT, DELETE
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
access-control-max-age: 3600
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 798236ddcccabb47-FRA
x-oss-hash-crc64ecma: 12433614886203679635
x-oss-server-time: 233
expires: Sun, 12 Feb 2023 07:24:59 GMT

POST
H3 200 cart Show response
citizenask.com/buyer/ 938 B
647 B 235ms
235ms XHR
application/json 103.160.204.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://citizenask.com/buyer/cart
Requested by: Host: static-theme.cdncloud.top
URL: https://static-theme.cdncloud.top/liquid/buyer/public/js/plug/jquery.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.160.204.21 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f871dc670a22270abcb72d9b1c426a579ed8601ffaad1956292e1f3c1f9a7b1c

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://citizenask.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 12 Feb 2023 03:24:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
cf-ray: 798236dffcf739da-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 15F1 0
71 B 22ms
21ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: citizenask.com
URL: https://citizenask.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://citizenask.com
Referer: https://citizenask.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://citizenask.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 12 Feb 2023 03:24:58 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 free-express Show response
citizenask.com/buyer/express/ 71 B
313 B 220ms
219ms XHR
application/json 103.160.204.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://citizenask.com/buyer/express/free-express
Requested by: Host: static-theme.cdncloud.top
URL: https://static-theme.cdncloud.top/liquid/buyer/public/js/plug/jquery.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 103.160.204.21 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b18ba48b29cab29840e9025697f1baff6bfdc0c56f6ca7c9416ccef2444dea4

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://citizenask.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 12 Feb 2023 03:24:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
cf-ray: 798236e17dfd39da-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 204 rum Show response
citizenask.com/cdn-cgi/ 0
140 B 27ms
27ms XHR
text/plain 103.160.204.21
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://citizenask.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

QUIC, , AES_128_GCM

Server

103.160.204.21 , Hong Kong, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://citizenask.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
content-type: application/json

Response headers

date: Sun, 12 Feb 2023 03:25:01 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://citizenask.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 798236f208fa39da-FRA

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1016 B
2 KB 201ms
201ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

23f4e58ec44e7b1e73b9b94597ae4172f7e776a97d949090af6586e6b143bd99

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://citizenask.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
content-type: application/json

Response headers

date: Sun, 12 Feb 2023 03:25:01 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f504173c97a2c
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220028-HHN
traceparent: 00-0000000000000000000f504173c97a2c-c3d649596389059b-01
x-timer: S1676172301.459055,VS0,VE179
etag: W/W/"3f8-y+a4cMnM8+YjKy5SUBYsSCsJDrE"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://citizenask.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 294ms
249ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://citizenask.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://citizenask.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Sun, 12 Feb 2023 03:25:01 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f5041732508dd
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f5041732508dd-ccf095fd39efa578-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn-etou8220028-HHN
x-timer: S1676172301.208980,VS0,VE227

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1016 B
2 KB 202ms
202ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AV4Rt4LbrmxXWb4ZYw3nf-nQ0y56KjNJLbVwwOqX7QSX4Aa-YFriOxP7lJISyzS_unCcth3ORnoWyUk5&components=messages

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

def05d3e71799115ffd10ebba37ecabdad3fc064bd81180b9b4c5e17f3279a73

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://citizenask.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
content-type: application/json

Response headers

date: Sun, 12 Feb 2023 03:25:01 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f504173a543f8
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220028-HHN
traceparent: 00-0000000000000000000f504173a543f8-9d4226fbd0a0d46c-01
x-timer: S1676172301.431075,VS0,VE180
etag: W/W/"3f8-fnal3LNF9mNGx3ljR3XyB1ubwQw"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://citizenask.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 265ms
221ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://citizenask.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://citizenask.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Sun, 12 Feb 2023 03:25:01 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f504173a06edc
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f504173a06edc-89dbf4e609f1d5b1-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn-etou8220028-HHN
x-timer: S1676172301.208950,VS0,VE199

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static-theme.cdncloud.top
URL: https://static-theme.cdncloud.top/s/files/public/css/font/AvenirNext-Regular.ttf

Domain: www.paypal.com
URL: https://www.paypal.com/xoplatform/logger/api/logger

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.citizenask.com/	1970-01-20 09:37:38	Name: ssid Value: 70719
.citizenask.com/	1970-01-20 10:19:24	Name: utuni Value: 263e397d674dbc86d2a75e105b093a87d399b4e49d32bf23fa5ccc3a58265a01a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22utuni%22%3Bi%3A1%3Bi%3A4179143005%3B%7D
.citizenask.com/	1969-12-31 23:59:59	Name: __cfruid Value: 11acbcb7f2430452d38ddbc4149c325e2c2b81f7-1676172296
.paypal.com/	1970-01-20 09:36:43	Name: LANG Value: de_DE%3BDE
.paypal.com/	1970-01-20 18:21:48	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY3NjE3MjI5NzAxNSIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/	1970-01-20 09:40:31	Name: tsrce Value: hermesnodeweb
.paypal.com/	1970-01-20 09:46:17	Name: x-csrf-jwt Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbiI6IjJEMHVJOWtpcnRNN1F2R3JGSFRtQzE4TDBVcFh4VlNKcTBVUnFpQlgxckdZWmhQLXJCNnVoY0kydGFRQU9fSEZNc3VnNTZOSmlnQTVMRE05Y2tXU0haYjFnOTVDdllmYVNXOVM0TGRFUjJjTzdCNGpsT0dQdTUtbnlQVFFOa3lGSUxXZUFETE5yTVN2WmVHN1J3b2Q4UjZIZ1F6YWU3azZuMWVjUC16Q0Nrcnk2cHF4UHptclk4Yk5lWkMiLCJpYXQiOjE2NzYxNzIyOTcsImV4cCI6MTY3NjE3NTg5N30.ayeDS16yizGFaVcbtPSIzCQuBfA6SChDIQiQuWlBT48
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3AgXZ-Hf3WUVGDoL1FarIwiQ7dWMJNMFYZ.y3oyzqiyuTiDb8he8rScikIbrAVMvkqtDF0CDxIttEk
.paypal.com/	1970-01-20 09:36:14	Name: l7_az Value: dcg02.phx
.paypal.com/	1970-01-20 19:12:12	Name: ts_c Value: vr%3D43a783091860ad04b566febbfb7ae228%26vt%3D43a783091860ad04b566febbfb7ae227
.citizenask.com/	1970-01-20 18:21:48	Name: client_id Value: 1676172297372348
citizenask.com/	1970-01-20 09:46:17	Name: ga_utm Value: {}
.citizenask.com/	1970-01-20 11:45:48	Name: _fbp Value: fb.1.1676172297818.936432545
.paypal.com/	1970-01-20 19:12:12	Name: ts Value: vreXpYrS%3D1770866697%26vteXpYrS%3D1676174097%26vr%3D43a783091860ad04b566febbfb7ae228%26vt%3D43a783091860ad04b566febbfb7ae227%26vtyp%3Dnew

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://citizenask.com/ Message: Access to font at 'https://static-theme.cdncloud.top/s/files/public/css/font/AvenirNext-Regular.ttf' from origin 'https://citizenask.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://static-theme.cdncloud.top/s/files/public/css/font/AvenirNext-Regular.ttf Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

at.alicdn.com
citizenask.com
connect.facebook.net
img.cdncloud.top
static-theme.cdncloud.top
static.cloudflareinsights.com
t.paypal.com
www.facebook.com
www.itaboola.com
www.paypal.com
static-theme.cdncloud.top
www.paypal.com
103.160.204.10
103.160.204.21
103.160.204.4
151.101.193.21
163.181.56.193
192.229.221.25
2606:4700::6810:3865
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
057edddd3ebf849f22da0f39f6ab57880d7ea235cf63bb032e05e6f96d3426eb
07e23ede2756aa3f5f7cc9759117c4910875e032c27b8556a1e20626224f10ec
0d18c859b3b60b5e1f77185d440a61af49502a178edaaca66dd076d98af11890
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
13c03e22a633919beb2847c58c8285fb8a735ee97097d7c48fd403f8294b05f8
172aa87aec21f971f5b6a0cd09df89b59fa8914f899e4e658a3d7b28bc350535
1be5beb6c7722e694930ba0a2b2d967157f203612508d408c5492fdf2dbbe739
23f4e58ec44e7b1e73b9b94597ae4172f7e776a97d949090af6586e6b143bd99
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
2db5838c414481de4360d637003dfdbb32d137c277e3a735dbc58d3b845191f7
2db92e2b664f3a8e7aa943e97d4f8f348e27b5222b3d190141ad9ac2dc15640b
3a212bb4c14dd4282c6a51c15967b68acc113827b8a439deb6dd2e57cb7d9009
3dacdee596e1bb252d671f8f0afb51c46981e37240c9d4b2377bb66129d4beec
43d0a062df3eccf50cf81f80ee88b7d37d7ccd3953a06e3b000e888ca11d2194
47f1bf737f83f0054b66bf51c560205588a69a8e65d0c00961046d699d0e1afc
4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f
4cbb42250b714aef4425623057f51fb770a6e800f9a601a7d8e13ede953a9288
4e55ad6f4f8b6afe18079f0b539bd1cd1cdb6212ce2c57940377b9adb1e20fb4
545691b06c6a4b473f11e7492d15c007c5e3433270283b5a0740200e3a364aeb
65f7b749418c56e4fbd8d35b43902f95b43d8ae84ab3703c078b9dbb122c0aa5
6b18ba48b29cab29840e9025697f1baff6bfdc0c56f6ca7c9416ccef2444dea4
6d768adf4a687b16abe9aa36a0c482694a66aebd218495b8d48689a75d4919e3
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
70341cef3886fc99f4003cc69d758ce29c9aff7bb278ace5bf520e91d1c419c4
70402553904dbafd4dfb0b5b3b1065ce6d0b47e83a5a2796a955f523a11ac7a7
7ae714b63c2c8b940bdd211a0cc678f01168a34eea8aa13c0df25364f29238a7
7d81f3c3e1c65379bfdec8620a41bd87581d45677316e57becc16692b8737d3a
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
80aa3fe5432df59b7abab02e52151e388ee927734221eb102e6d44f6cf89f650
83dc82ea46945b58a41fcebd1fab5cb0cc69d9d92c80651c4fb1af1ed5195d41
907b690725f588abd4aef3016484c675dc068ad63e0a3529758d3912dc100683
9158c942ad899cdee196355e6792afadd33e0b10f77c4a09c5fd2911fce61d04
98dc8218aeacd93192d248e7c31fbae395fdd48679356e2dd1a0b26a7e0351ac
998ae34a160741a985581eb3576e47e03f3119d4ae3fa17280090a7f0cfa38b4
a1d6472fd4dcc93eaea518a42d7286441d4d4240a0b3a74ba218ace0f3eefff5
a91ec4e3e40185e8c894b5c158532373333331219b55f31b232895becd8e55ee
a96950a544c861ee02f4c4c8115ec9e79813a67ed018eaa81fc09cf7fb1a0c93
b937c77a3a9fda104fa3a1cd772c90bbe7a897251f22986d28f14ffcbf80fade
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
cbbe5813f53cf337acc360952a5bc1c623f42abc4160fd0304eb230cad45a55b
cdd24aba037a21e1db532c692af56c0a35922d4729179d9f5166cab038aafe32
d80e84c820cc5587a0ba3c8a20652099ea3fa7fc43944e812e56d449c1d9f1c9
def05d3e71799115ffd10ebba37ecabdad3fc064bd81180b9b4c5e17f3279a73
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f871dc670a22270abcb72d9b1c426a579ed8601ffaad1956292e1f3c1f9a7b1c
f9dfde497b95a29045169d8c6df8cb326b623afd89d9535575bb60b75bcf0b80
fcdacf0f8b321f3046f773116eaa75846c50f17eca7af0b75fe1cb4865c70d50

citizenask.com Open in urlscan Pro 103.160.204.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

57 Requests

96 %HTTPS

33 %IPv6

8 Domains

10 Subdomains

10 IPs

3 Countries

2547 kBTransfer

5049 kBSize

15 Cookies

0 Outgoing links

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

citizenask.com Open in urlscan Pro
103.160.204.21 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

96 %
HTTPS

33 %
IPv6

8
Domains

10
Subdomains

10
IPs

3
Countries

2547 kB
Transfer

5049 kB
Size

15
Cookies

57 HTTP transactions
0 data transactions