killmexacademy.com Open in urlscan Pro
34.235.126.203 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://killmexacademy.com/checkout/7
Submission: On July 18 via api (July 18th 2023, 7:46:40 pm UTC) from US — Scanned from DE

Summary HTTP 42 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 8 domains to perform 42 HTTP transactions. The main IP is 34.235.126.203, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is killmexacademy.com.
TLS certificate: Issued by R3 on June 14th 2023. Valid for: 3 months.

This is the only time killmexacademy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	34.235.126.203 34.235.126.203	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:261... 2600:9000:2611:6c00:a:2d4:90c0:93a1	16509 (AMAZON-02) (AMAZON-02)
18	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a05:d014:221... 2a05:d014:221:9e01:14eb:c506:c6a9:99ad	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223d:5400:6:a43e:6740:93a1	16509 (AMAZON-02) (AMAZON-02)
2	151.101.129.35 151.101.129.35	54113 (FASTLY) (FASTLY)
1	2600:9000:225... 2600:9000:2250:3000:6:c1db:2b80:21	() ()
5	151.101.129.21 151.101.129.21	54113 (FASTLY) (FASTLY)
1 2	64.4.245.84 64.4.245.84	17012 (PAYPAL) (PAYPAL)
42	12

8 34.235.126.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-126-203.compute-1.amazonaws.com

killmexacademy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2611:6c00:a:2d4:90c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

player.vdocipher.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d014:221:9e01:14eb:c506:c6a9:99ad (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

clipstat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223d:5400:6:a43e:6740:93a1 (United States)

ASN16509 (AMAZON-02, US)

dev.vdocipher.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:3000:6:c1db:2b80:21 (United States)

ASN- ()

dmf9cnjua2s32.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.129.21 (United States)

ASN54113 (FASTLY, US)

c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.245.84 (United States) 1 redirects

ASN17012 (PAYPAL, US)

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	paypal.com 1 redirects www.paypal.com — Cisco Umbrella Rank: 2380 t.paypal.com — Cisco Umbrella Rank: 3125 c.paypal.com — Cisco Umbrella Rank: 5528 b.stats.paypal.com — Cisco Umbrella Rank: 4987 dub.stats.paypal.com — Cisco Umbrella Rank: 19488 c6.paypal.com — Cisco Umbrella Rank: 6614	332 KB
8	killmexacademy.com killmexacademy.com	464 KB
7	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2178	41 KB
3	vdocipher.com player.vdocipher.com — Cisco Umbrella Rank: 364995 dev.vdocipher.com — Cisco Umbrella Rank: 446992	66 KB
2	clipstat.com clipstat.com — Cisco Umbrella Rank: 302726	252 B
1	cloudfront.net dmf9cnjua2s32.cloudfront.net	44 KB
1	gstatic.com fonts.gstatic.com	38 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	1 KB
42	8

	Domain	Requested by
10	www.paypal.com	killmexacademy.com www.paypal.com www.paypalobjects.com
8	killmexacademy.com	killmexacademy.com
7	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
5	c.paypal.com	www.paypal.com c.paypal.com
2	t.paypal.com
2	clipstat.com	player.vdocipher.com
2	player.vdocipher.com	killmexacademy.com player.vdocipher.com
1	c6.paypal.com
1	dub.stats.paypal.com	www.paypal.com
1	b.stats.paypal.com	1 redirects
1	dmf9cnjua2s32.cloudfront.net
1	dev.vdocipher.com	player.vdocipher.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	killmexacademy.com
42	14

This site contains no links.

Subject Issuer	Validity	Valid
killmexacademy.com R3	`2023-06-14` - `2023-09-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.vdocipher.com Amazon RSA 2048 M01	`2023-03-21` - `2024-01-25`	10 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-11-09` - `2023-12-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
clipstat.com Amazon RSA 2048 M02	`2023-04-03` - `2024-05-01`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://killmexacademy.com/checkout/7
Frame ID: 5B62934593C0F566A778CE2E45501A10
Requests: 16 HTTP requests in this frame

Frame: https://player.vdocipher.com/v2/?otp=20160313versUSE323AyFjDxAS9hJikK8nRZeOefUr3c3Dlo3vWBjALHXquLWena&playbackInfo=eyJ2aWRlb0lkIjoiMGIyMTllNzZhMTk5NGFhZjlhZjU4MTc4ZDAyMDUyM2QifQ==
Frame ID: C8EC45227DD53FA549848127C5CA605A
Requests: 5 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?sdkVersion=5.0.386&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJSOXRQT2R6UGxMajRuUFpTZnljdGI0UGEzZ3JjMjUxUTNIU1VWckFuaHFnaEtnRFJyRlF5Z2JWZkk3WFBBT3FhamR3QlR1cmoydW5jcU4mY3VycmVuY3k9VVNEIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfcWVyZnFrcmRqcnJibnJ5aXNlamxqZnJkY2NscHpmIn19&clientID=AbR9tPOdzPlLj4nPZSfyctb4Pa3grc251Q3HSUVrAnhqghKgDRrFQygbVfI7XPAOqajdwBTurj2uncqN&sdkCorrelationID=f3867539b262f&storageID=uid_6122aa5a55_mtk6ndy6mzu&sessionID=uid_3b4725fb4b_mtk6ndy6mzu&buttonSessionID=uid_7a855a4c99_mtk6ndy6mzu&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=giropay&renderedButtons.3=sofort&renderedButtons.4=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=false
Frame ID: 64C44AE132399565425CCA5E6CEED31D
Requests: 10 HTTP requests in this frame

Frame: https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg
Frame ID: 38A7F469C52523745CBA830A5FFDE542
Requests: 5 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 0736D36CC94C37B20BFC763E35019F81
Requests: 2 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: A9F2DC6FC86FA8AFC520C02CD35526CB
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_3b4725fb4b_mtk6ndy6mzu&s=SMART_PAYMENT_BUTTONS
Frame ID: 499A09091FC6FB0D516BE578A05542A6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Killmex-Academy

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Page Statistics

42
Requests

98 %
HTTPS

55 %
IPv6

8
Domains

14
Subdomains

12
IPs

2
Countries

986 kB
Transfer

2120 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://b.stats.paypal.com/v2/counter.cgi?p=uid_3b4725fb4b_mtk6ndy6mzu&s=SMART_PAYMENT_BUTTONS HTTP 302
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_3b4725fb4b_mtk6ndy6mzu&s=SMART_PAYMENT_BUTTONS

42 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 7 Show response
killmexacademy.com/checkout/ 40 KB
12 KB 480ms
232ms Document
text/html 34.235.126.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://killmexacademy.com/checkout/7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.235.126.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-126-203.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 11097a656528bf4a2cca0cebc9009bf4e1cd59c73fb13200218ad9e8d6f2c9cc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 18 Jul 2023 19:46:33 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H/1.1 200
OK app.5cf702aa.css
killmexacademy.com/build/assets/ 62 KB
62 KB 117ms
117ms Stylesheet
text/css 34.235.126.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://killmexacademy.com/build/assets/app.5cf702aa.css
Requested by: Host: killmexacademy.com
URL: https://killmexacademy.com/checkout/7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.235.126.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-126-203.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 75a955e3d49bb85b12fc7e18d01ec899682a3a50dfb79f4cfbe3d58212842599

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://killmexacademy.com/checkout/7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 19:46:33 GMT
Last-Modified: Thu, 11 May 2023 20:19:40 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "645d4ddc-f7c8"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63432

GET
H/1.1 200
OK app.35f3ca45.js Show response
killmexacademy.com/build/assets/ 320 KB
320 KB 466ms
233ms Script
application/javascript 34.235.126.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://killmexacademy.com/build/assets/app.35f3ca45.js
Requested by: Host: killmexacademy.com
URL: https://killmexacademy.com/checkout/7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.235.126.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-126-203.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d238ba5c68d316fb22f71244e81f48106ca4241d6e4fcfe12488dda6088a9aca

Request headers

Referer: https://killmexacademy.com/checkout/7
Origin: https://killmexacademy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 19:46:34 GMT
Last-Modified: Thu, 11 May 2023 20:19:40 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "645d4ddc-4fecf"
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 327375

GET
H2 200 css2
fonts.googleapis.com/ 16 KB
1 KB 90ms
36ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Edu+VIC+WA+NT+Beginner:wght@400;700&family=Inter:wght@300;400;600;700;800&family=Poppins:wght@100;400;700&display=swap

Requested by

Host: killmexacademy.com
URL: https://killmexacademy.com/build/assets/app.5cf702aa.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c99471fa1b96e8f59fe52a6752566d787aca2762c302f62b2b91957571799c13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://killmexacademy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 18 Jul 2023 19:46:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 19:46:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Jul 2023 19:46:34 GMT

GET
H/1.1 200
OK CheckoutPage.7e818654.js Show response
killmexacademy.com/build/assets/ 8 KB
8 KB 118ms
118ms Script
application/javascript 34.235.126.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://killmexacademy.com/build/assets/CheckoutPage.7e818654.js
Requested by: Host: killmexacademy.com
URL: https://killmexacademy.com/build/assets/app.35f3ca45.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.235.126.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-126-203.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 642afd4c9cc10fcf58909d11bbcc331100a0f0dc6dda38d1e180050734237205

Request headers

Referer
Origin: https://killmexacademy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 19:46:34 GMT
Last-Modified: Thu, 11 May 2023 20:19:40 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "645d4ddc-1f37"
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7991

GET
H/1.1 200
OK Course.model.694acde7.js Show response
killmexacademy.com/build/assets/ 449 B
724 B 117ms
117ms Script
application/javascript 34.235.126.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://killmexacademy.com/build/assets/Course.model.694acde7.js
Requested by: Host: killmexacademy.com
URL: https://killmexacademy.com/build/assets/app.35f3ca45.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.235.126.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-126-203.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 96f28806733a81eb2628f9521879efe1c5a641d3de4fafc45d25a539fbbfd260

Request headers

Referer
Origin: https://killmexacademy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 19:46:34 GMT
Last-Modified: Thu, 11 May 2023 20:19:40 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "645d4ddc-1c1"
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 449

GET
H/1.1 200
OK CryptoApi.b8ff472f.js Show response
killmexacademy.com/build/assets/ 453 B
728 B 236ms
117ms Script
application/javascript 34.235.126.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://killmexacademy.com/build/assets/CryptoApi.b8ff472f.js
Requested by: Host: killmexacademy.com
URL: https://killmexacademy.com/build/assets/app.35f3ca45.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.235.126.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-126-203.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1cbc1f4bdbbf805eaba642743150044460ed13f36950a37b2558c3ba27a66672

Request headers

Referer
Origin: https://killmexacademy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 19:46:34 GMT
Last-Modified: Thu, 11 May 2023 20:19:40 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "645d4ddc-1c5"
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 453

GET
H2 200 / Show response
player.vdocipher.com/v2/ Frame C8EC 452 B
951 B 196ms
96ms Document
text/html 2600:9000:2611:6c00:a:2d4:90c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vdocipher.com/v2/?otp=20160313versUSE323AyFjDxAS9hJikK8nRZeOefUr3c3Dlo3vWBjALHXquLWena&playbackInfo=eyJ2aWRlb0lkIjoiMGIyMTllNzZhMTk5NGFhZjlhZjU4MTc4ZDAyMDUyM2QifQ==

Requested by

Host: killmexacademy.com
URL: https://killmexacademy.com/build/assets/app.35f3ca45.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2611:6c00:a:2d4:90c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

787a8e176263b59d08779a4ef241255f52cbd2363c99879c1e17d2dcbf4a8243

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://killmexacademy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 439
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=1200, must-revalidate
content-length: 452
content-type: text/html
date: Tue, 18 Jul 2023 19:42:46 GMT
etag: "e191355cd355cf6fa1dc002730117d32"
last-modified: Tue, 11 Jul 2023 09:47:14 GMT
permissions-policy: autoplay=*,encrypted-media=*,picture-in-picture=()
server: AmazonS3
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 5f82887d0f9036523f9f0366dd9a549a.cloudfront.net (CloudFront)
x-amz-cf-id: 8Zc8c_WAfS5UPwapUwO4-So03WuT5lRri84vMi0r13zdLxqIhre82g==
x-amz-cf-pop: VIE50-P2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 js Show response
www.paypal.com/sdk/ 273 KB
77 KB 476ms
386ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AbR9tPOdzPlLj4nPZSfyctb4Pa3grc251Q3HSUVrAnhqghKgDRrFQygbVfI7XPAOqajdwBTurj2uncqN&currency=USD

Requested by

Host: killmexacademy.com
URL: https://killmexacademy.com/build/assets/CheckoutPage.7e818654.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CC1) /

Resource Hash

4094d3ab7125b937548d79cffd050f852ab400470d627768b88399f2a241967c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-corywj1ctRs23UpusUdByzzGUVCq2j9xrXsuzFuP+r7M74TD' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-corywj1ctRs23UpusUdByzzGUVCq2j9xrXsuzFuP+r7M74TD' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://killmexacademy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-corywj1ctRs23UpusUdByzzGUVCq2j9xrXsuzFuP+r7M74TD' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-corywj1ctRs23UpusUdByzzGUVCq2j9xrXsuzFuP+r7M74TD' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Jul 2023 19:46:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: true
paypal-debug-id: 02b9a21769399
server-timing: traceparent;desc="00-000000000000000000002b9a21769399-612a2c73bf16a8f4-01", content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 76665
x-xss-protection: 1; mode=block
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server: ECAcc (frc/4CC1)
traceparent: 00-000000000000000000002b9a21769399-0defeb74f0fdb4e9-01
etag: W/"12b79-4F301bs1luDGc1rJP1D71flIYaQ"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin: *

GET
H/1.1 200
OK logo_academy.png
killmexacademy.com/img/ 2 KB
2 KB 117ms
117ms Image
image/png 34.235.126.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://killmexacademy.com/img/logo_academy.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.235.126.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-126-203.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: cc27a68b799b540bf033358fdf628bac590ae9ddb1fb921e04403461564d9486

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://killmexacademy.com/checkout/7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 19:46:34 GMT
Last-Modified: Sat, 06 Aug 2022 00:01:28 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "62edaf58-8b5"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2229

GET
H/1.1 200
OK SmazripLDQiJPxWiw5PwS77QLBn0n6KFgXwujqlB.png
killmexacademy.com/storage/courses/ 58 KB
58 KB 118ms
117ms Image
image/png 34.235.126.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://killmexacademy.com/storage/courses/SmazripLDQiJPxWiw5PwS77QLBn0n6KFgXwujqlB.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.235.126.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-126-203.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b483287b1a828dd957c203e726a36ab8950e8c1925f83973d8ed5b86f0164908

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://killmexacademy.com/checkout/7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 19:46:34 GMT
Last-Modified: Thu, 04 May 2023 03:15:50 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "64532366-e79a"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 59290

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
38 KB 79ms
24ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Edu+VIC+WA+NT+Beginner:wght@400;700&family=Inter:wght@300;400;600;700;800&family=Poppins:wght@100;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://killmexacademy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 08:10:17 GMT
x-content-type-options: nosniff
age: 560177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jul 2024 08:10:17 GMT

GET
H2 200 index.js Show response
player.vdocipher.com/v2/ Frame C8EC 273 KB
63 KB 41ms
41ms Script
application/javascript 2600:9000:2611:6c00:a:2d4:90c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://player.vdocipher.com/v2/index.js

Requested by

Host: player.vdocipher.com
URL: https://player.vdocipher.com/v2/?otp=20160313versUSE323AyFjDxAS9hJikK8nRZeOefUr3c3Dlo3vWBjALHXquLWena&playbackInfo=eyJ2aWRlb0lkIjoiMGIyMTllNzZhMTk5NGFhZjlhZjU4MTc4ZDAyMDUyM2QifQ==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2611:6c00:a:2d4:90c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

151566ab58b92afe5d2c50f5ec04666ab654187130791c84052d1baa4d64776f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vdocipher.com/v2/?otp=20160313versUSE323AyFjDxAS9hJikK8nRZeOefUr3c3Dlo3vWBjALHXquLWena&playbackInfo=eyJ2aWRlb0lkIjoiMGIyMTllNzZhMTk5NGFhZjlhZjU4MTc4ZDAyMDUyM2QifQ==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:44:03 GMT
content-encoding: br
via: 1.1 5f82887d0f9036523f9f0366dd9a549a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 763
x-amz-cf-pop: VIE50-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 11 Jul 2023 09:47:14 GMT
server: AmazonS3
etag: W/"93c385eafcf5e9a9ba687ca5d1bb77e9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1200, must-revalidate
permissions-policy: autoplay=*,encrypted-media=*,picture-in-picture=()
x-amz-cf-id: j9eUmLGJDKbs0Qt-Ayop7FpYzoig3lGBZGtb1ibXDfUpqIyS_Ppajg==

OPTIONS
H2 204 /
clipstat.com/api/v2/ Frame 0
0 86ms
23ms Preflight 2a05:d014:221:9e01:14eb:c506:c6a9:99ad
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://clipstat.com/api/v2/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d014:221:9e01:14eb:c506:c6a9:99ad Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: PUT
Origin: https://player.vdocipher.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST,PUT
access-control-allow-origin: *
access-control-max-age: 86400
date: Tue, 18 Jul 2023 19:46:35 GMT
server: nginx/1.18.0
vary: Access-Control-Request-Headers
x-powered-by: Express

PUT
H2 200 / Show response
clipstat.com/api/v2/ Frame C8EC 46 B
252 B 432ms
430ms Fetch
application/json 2a05:d014:221:9e01:14eb:c506:c6a9:99ad
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://clipstat.com/api/v2/
Requested by: Host: player.vdocipher.com
URL: https://player.vdocipher.com/v2/index.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d014:221:9e01:14eb:c506:c6a9:99ad Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 / Express
Resource Hash: 8a353796f69f14c469ecdcc0f7d6a73fca0053e6de2ae5e164d00bd037516feb

Request headers

Referer: https://player.vdocipher.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 18 Jul 2023 19:46:35 GMT
content-encoding: gzip
server: nginx/1.18.0
x-powered-by: Express
etag: W/"2e-gSsVlyu1U6Kq5sziNzKKvb561wQ"
content-type: application/json; charset=utf-8

GET
H2 200 0b219e76a1994aaf9af58178d020523d Show response
dev.vdocipher.com/api/meta/ Frame C8EC 2 KB
2 KB 277ms
208ms Fetch
application/json 2600:9000:223d:5400:6:a43e:6740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.vdocipher.com/api/meta/0b219e76a1994aaf9af58178d020523d
Requested by: Host: player.vdocipher.com
URL: https://player.vdocipher.com/v2/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:5400:6:a43e:6740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 5d1d5c6a3e23d7927cfba1c6e8582a079f5bfea36594a3d254684faba6bb8e7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://player.vdocipher.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:46:35 GMT
via: 1.1 740769d10d5ef217a54d33b1ec64faf4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-powered-by: Express
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 1782
x-amz-cf-id: OzRKhmyDTfpJbAFT9l7SQuj4sDBbIjKs7VVxhcgZ-AtN5LaBDCJshQ==

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 13 KB
14 KB 26ms
26ms Script
application/x-javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=killmexacademy.com&t=xo&v=5.0.386&source=payments_sdk&client_id=AbR9tPOdzPlLj4nPZSfyctb4Pa3grc251Q3HSUVrAnhqghKgDRrFQygbVfI7XPAOqajdwBTurj2uncqN&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbR9tPOdzPlLj4nPZSfyctb4Pa3grc251Q3HSUVrAnhqghKgDRrFQygbVfI7XPAOqajdwBTurj2uncqN&currency=USD

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C8C) /

Resource Hash

8012493c8a381e965bc167f973117b20d531630b86e83c2db5c750e775ad5a5e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-HnKSzCAkVd7mtu24fif56PLt0g07cwgyCQ8MRnzPLrtC3SWQ' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://killmexacademy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-HnKSzCAkVd7mtu24fif56PLt0g07cwgyCQ8MRnzPLrtC3SWQ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
date: Tue, 18 Jul 2023 19:46:35 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 83800
x-cache: HIT
paypal-debug-id: 0b0a08a18b34b
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 13635
x-xss-protection: 1; mode=block
last-modified: Mon, 17 Jul 2023 20:29:56 GMT
accept-ch: Sec-CH-UA-Full
server: ECAcc (frc/4C8C)
traceparent: 00-00000000000000000000b0a08a18b34b-603ad7cb0ac377c1-01
etag: W/"3543-mbFjXDe12mSnFdf0+2+9j+khmlg"
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame 64C4 421 KB
108 KB 536ms
535ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?sdkVersion=5.0.386&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJSOXRQT2R6UGxMajRuUFpTZnljdGI0UGEzZ3JjMjUxUTNIU1VWckFuaHFnaEtnRFJyRlF5Z2JWZkk3WFBBT3FhamR3QlR1cmoydW5jcU4mY3VycmVuY3k9VVNEIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfcWVyZnFrcmRqcnJibnJ5aXNlamxqZnJkY2NscHpmIn19&clientID=AbR9tPOdzPlLj4nPZSfyctb4Pa3grc251Q3HSUVrAnhqghKgDRrFQygbVfI7XPAOqajdwBTurj2uncqN&sdkCorrelationID=f3867539b262f&storageID=uid_6122aa5a55_mtk6ndy6mzu&sessionID=uid_3b4725fb4b_mtk6ndy6mzu&buttonSessionID=uid_7a855a4c99_mtk6ndy6mzu&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=giropay&renderedButtons.3=sofort&renderedButtons.4=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbR9tPOdzPlLj4nPZSfyctb4Pa3grc251Q3HSUVrAnhqghKgDRrFQygbVfI7XPAOqajdwBTurj2uncqN&currency=USD

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CF2) /

Resource Hash

9f25a74afe79e2b72ec9b906dba0aaf2162f2826e4e7942d95e8e002c5aa7c47

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://killmexacademy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: gzip
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Tue, 18 Jul 2023 19:46:35 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"692de-bAIjNhaxPDPEOVKOdspGOt6/SYQ"
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p: true
paypal-debug-id: 076a29b760146
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server: ECAcc (frc/4CF2)
server-timing: traceparent;desc="00-0000000000000000000076a29b760146-0a9b04fefb000710-01" content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000076a29b760146-4ecb67161d7f79ce-01
vary: Accept-Encoding
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-xss-protection: 1; mode=block

GET
H2 200 paypal-blue.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 38A7 3 KB
1 KB 40ms
26ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CC8) /

Resource Hash

25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 1867a673a7a0f
dc: ccg11-origin-www-1.paypal.com
content-length: 1217
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
server: ECAcc (frc/4CC8)
traceparent: 00-00000000000000000001867a673a7a0f-f3dfb61d7baab926-01
etag: W/"642c9aab-cc2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 18 Jul 2023 20:46:35 GMT

GET
H2 200 sepa-default.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 38A7 9 KB
3 KB 40ms
26ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/sepa-default.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CCC) /

Resource Hash

e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: ccadaf6ad818a
dc: ccg11-origin-www-1.paypal.com
content-length: 3268
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
server: ECAcc (frc/4CCC)
traceparent: 00-0000000000000000000ccadaf6ad818a-2ed6971948ed8d3f-01
etag: W/"642c9aab-2204"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 18 Jul 2023 20:46:35 GMT

GET
H2 200 giropay-default.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 38A7 4 KB
2 KB 42ms
28ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/giropay-default.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CC5) /

Resource Hash

07f6b880cfa8dfe89bf94553045a063a4d0204282b27f793a6b9af1d084881c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: f122f43d44cf0
dc: ccg11-origin-www-1.paypal.com
content-length: 1577
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
server: ECAcc (frc/4CC5)
traceparent: 00-0000000000000000000f122f43d44cf0-6736339704aca154-01
etag: W/"642c9aab-ed4"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 18 Jul 2023 20:46:35 GMT

GET
H2 200 sofort-default.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 38A7 2 KB
1 KB 41ms
27ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/sofort-default.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CDC) /

Resource Hash

aa36dc4164bef3a7b5007ecad5fed164b0c85feb478890782c6cb59bc56d6afa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: c62586d7b48aa
dc: ccg11-origin-www-1.paypal.com
content-length: 1109
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
server: ECAcc (frc/4CDC)
traceparent: 00-0000000000000000000c62586d7b48aa-fe6bf4094a1d06f5-01
etag: W/"642c9aab-9d6"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 18 Jul 2023 20:46:35 GMT

GET
H2 200 card-white.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 38A7 1 KB
908 B 38ms
25ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/card-white.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CA3) /

Resource Hash

1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 1d478ed69fe51
dc: ccg11-origin-www-1.paypal.com
content-length: 637
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
server: ECAcc (frc/4CA3)
traceparent: 00-00000000000000000001d478ed69fe51-f4a949f38f31de5d-01
etag: W/"642c9aab-54e"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 18 Jul 2023 20:46:35 GMT

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 790ms
715ms Preflight 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CAF) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://killmexacademy.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://killmexacademy.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Tue, 18 Jul 2023 19:46:36 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: 09bb0aa3133a3
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server: ECAcc (frc/4CAF)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-000000000000000000009bb0aa3133a3-65e8c849cafe1055-01
x-content-type-options: nosniff

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 993 B
2 KB 631ms
630ms XHR
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbR9tPOdzPlLj4nPZSfyctb4Pa3grc251Q3HSUVrAnhqghKgDRrFQygbVfI7XPAOqajdwBTurj2uncqN&currency=USD

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CEB) /

Resource Hash

f66597774b7fb57672e037fc2d7259ffb0080a21c395e6d1783cef5bdd007a00

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://killmexacademy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type: application/json

Response headers

date: Tue, 18 Jul 2023 19:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: 071a782604992
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 589
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server: ECAcc (frc/4CEB)
traceparent: 00-0000000000000000000071a782604992-ca7e566a32783b66-01
etag: W/"3e1-Joqubzy1zn/iPtI5JtTbye/DcnQ"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://killmexacademy.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin: *

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
16 KB 24ms
24ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=killmexacademy.com&t=xo&v=5.0.386&source=payments_sdk&client_id=AbR9tPOdzPlLj4nPZSfyctb4Pa3grc251Q3HSUVrAnhqghKgDRrFQygbVfI7XPAOqajdwBTurj2uncqN&vault=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CA9) /

Resource Hash

64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://killmexacademy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 7ec02bba91a91
dc: ccg11-origin-www-1.paypal.com
content-length: 16464
last-modified: Tue, 03 May 2022 17:28:29 GMT
server: ECAcc (frc/4CA9)
traceparent: 00-00000000000000000007ec02bba91a91-63b141fcc404358e-01
etag: "6271663d-da91"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 18 Jul 2023 20:46:35 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
205 B 309ms
219ms Image
image/gif 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AJZQYG9WJNEJJA-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AJZQYG9WJNEJJA-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=bfcf09f7-20fa-4017-8065-7b5b19106954&fltp=analytics&mrid=JZQYG9WJNEJJA&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Killmex-Academy&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1689709595609&g=0&completeurl=https%3A%2F%2Fkillmexacademy.com%2Fcheckout%2F7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://killmexacademy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Tue, 18 Jul 2023 19:46:35 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 19eaf3648565d
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230047-FRA, cache-cph2320051-CPH
pragma: no-cache
correlation-id: 19eaf3648565d
traceparent: 00-000000000000000000019eaf3648565d-9e8273ce8d4e6be6-01
x-timer: S1689709596.713550,VS0,VE187
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 19:46:35 GMT

GET
H2 200 23yJS2GSz5ODo.720.jpeg
dmf9cnjua2s32.cloudfront.net/poster/ Frame C8EC 43 KB
44 KB 105ms
39ms Image
image/jpeg 2600:9000:2250:3000:6:c1db:2b80:21

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmf9cnjua2s32.cloudfront.net/poster/23yJS2GSz5ODo.720.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:3000:6:c1db:2b80:21 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5a3b131761594988077a9c607f2f8bfb46bd851709016d3fac02eff278ca7c12

Request headers

Referer: https://player.vdocipher.com/
Origin: https://player.vdocipher.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 08:20:23 GMT
via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 127573
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 44451
last-modified: Fri, 10 Feb 2023 13:21:38 GMT
server: AmazonS3
etag: "cdca1fdcb59d659d43096d38c444ac9e"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, HEAD, PUT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: donpoCuNKkOip6pGiEimj41YyXUXDkrThpBBqM0i82xEo6AQvopBGA==

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame 0736 54 KB
17 KB 24ms
24ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBF) /

Resource Hash

8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://killmexacademy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16791
content-type: text/html
date: Tue, 18 Jul 2023 19:46:35 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "6271663d-d994"
expires: Tue, 18 Jul 2023 20:46:35 GMT
last-modified: Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id: c91ebae1ff5db
server: ECAcc (frc/4CBF)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000c91ebae1ff5db-1a2786f1648b7074-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

GET
H2 200 ts
t.paypal.com/ 42 B
835 B 198ms
196ms Image
image/gif 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AJZQYG9WJNEJJA-1&page=muse%3Aoffer%3A%3A%3AJZQYG9WJNEJJA-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=bfcf09f7-20fa-4017-8065-7b5b19106954&es=visitorInfoFlowStarted&mrid=JZQYG9WJNEJJA&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Killmex-Academy&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1689709595697&g=0&completeurl=https%3A%2F%2Fkillmexacademy.com%2Fcheckout%2F7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://killmexacademy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Tue, 18 Jul 2023 19:46:35 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 50aee1d0a82c9
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-etou8220029-FRA, cache-cph2320051-CPH
pragma: no-cache
correlation-id: 50aee1d0a82c9
traceparent: 00-000000000000000000050aee1d0a82c9-d6c77561b577aed3-01
x-timer: S1689709596.713499,VS0,VE164
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 19:46:35 GMT

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame 0736 435 B
2 KB 296ms
295ms Fetch
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CFA) /

Resource Hash

223debb9369f67f289632029c7853c87a149ea83276a6a44e77a63721228a858

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-DAWRaK2SDX8lM1MHO0GoHHf4lDk142JeXMx88B6ePJdbrtHj' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-DAWRaK2SDX8lM1MHO0GoHHf4lDk142JeXMx88B6ePJdbrtHj' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding: gzip
date: Tue, 18 Jul 2023 19:46:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: 018072358bbaa
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 290
x-xss-protection: 1; mode=block
accept-ch: Sec-CH-UA-Full
server: ECAcc (frc/4CFA)
traceparent: 00-0000000000000000000018072358bbaa-7a6bd924095c5269-01
etag: W/"1b3-PUVB10WMsH65+/K/hZAzaska0mg"
vary: Origin,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
timing-allow-origin: *

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 193ms
193ms Preflight 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CC8) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Full
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Tue, 18 Jul 2023 19:46:35 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: 09aa200b69448
server: ECAcc (frc/4CC8)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-000000000000000000009aa200b69448-5e7c2307f9787b1c-01
vary: Origin, Access-Control-Request-Headers

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 64C4 273 KB
77 KB 487ms
487ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AbR9tPOdzPlLj4nPZSfyctb4Pa3grc251Q3HSUVrAnhqghKgDRrFQygbVfI7XPAOqajdwBTurj2uncqN&currency=USD

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?sdkVersion=5.0.386&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJSOXRQT2R6UGxMajRuUFpTZnljdGI0UGEzZ3JjMjUxUTNIU1VWckFuaHFnaEtnRFJyRlF5Z2JWZkk3WFBBT3FhamR3QlR1cmoydW5jcU4mY3VycmVuY3k9VVNEIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfcWVyZnFrcmRqcnJibnJ5aXNlamxqZnJkY2NscHpmIn19&clientID=AbR9tPOdzPlLj4nPZSfyctb4Pa3grc251Q3HSUVrAnhqghKgDRrFQygbVfI7XPAOqajdwBTurj2uncqN&sdkCorrelationID=f3867539b262f&storageID=uid_6122aa5a55_mtk6ndy6mzu&sessionID=uid_3b4725fb4b_mtk6ndy6mzu&buttonSessionID=uid_7a855a4c99_mtk6ndy6mzu&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=giropay&renderedButtons.3=sofort&renderedButtons.4=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CC1) /

Resource Hash

4094d3ab7125b937548d79cffd050f852ab400470d627768b88399f2a241967c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-dPctpwjuA+cAswDci90AKknQnSlleWnAD75Ak+ecFtd6fUeK' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-dPctpwjuA+cAswDci90AKknQnSlleWnAD75Ak+ecFtd6fUeK' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/smart/buttons?sdkVersion=5.0.386&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJSOXRQT2R6UGxMajRuUFpTZnljdGI0UGEzZ3JjMjUxUTNIU1VWckFuaHFnaEtnRFJyRlF5Z2JWZkk3WFBBT3FhamR3QlR1cmoydW5jcU4mY3VycmVuY3k9VVNEIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfcWVyZnFrcmRqcnJibnJ5aXNlamxqZnJkY2NscHpmIn19&clientID=AbR9tPOdzPlLj4nPZSfyctb4Pa3grc251Q3HSUVrAnhqghKgDRrFQygbVfI7XPAOqajdwBTurj2uncqN&sdkCorrelationID=f3867539b262f&storageID=uid_6122aa5a55_mtk6ndy6mzu&sessionID=uid_3b4725fb4b_mtk6ndy6mzu&buttonSessionID=uid_7a855a4c99_mtk6ndy6mzu&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=giropay&renderedButtons.3=sofort&renderedButtons.4=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-dPctpwjuA+cAswDci90AKknQnSlleWnAD75Ak+ecFtd6fUeK' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-dPctpwjuA+cAswDci90AKknQnSlleWnAD75Ak+ecFtd6fUeK' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Jul 2023 19:46:36 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: true
paypal-debug-id: 0867b73557229
server-timing: traceparent;desc="00-00000000000000000000867b73557229-11255da9f229407d-01", content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 76665
x-xss-protection: 1; mode=block
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server: ECAcc (frc/4CC1)
traceparent: 00-00000000000000000000867b73557229-37d20ae22373aa94-01
etag: W/"12b79-4F301bs1luDGc1rJP1D71flIYaQ"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin: *

GET
DATA 200
OK truncated
/ Frame 64C4 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 64C4 9 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 64C4 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07f6b880cfa8dfe89bf94553045a063a4d0204282b27f793a6b9af1d084881c6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 64C4 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa36dc4164bef3a7b5007ecad5fed164b0c85feb478890782c6cb59bc56d6afa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 64C4 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 64C4 63 KB
22 KB 261ms
41ms Script
application/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ECAcc (ska/F73F) /

Resource Hash

2608781d6f4c43426e950104278a33ce4619f2995b1edb09769ac4fb3125c0fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 60922
date: Tue, 18 Jul 2023 19:46:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish
age: 1010326
x-cache: HIT, HIT
paypal-debug-id: 58257b98ee65b
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 21865
x-served-by: cache-cph2320050-CPH
last-modified: Fri, 07 Jul 2023 00:59:03 GMT
server: ECAcc (ska/F73F)
traceparent: 00-000000000000000000058257b98ee65b-f00485961d478a7f-01
x-timer: S1689709597.098491,VS0,VE1
etag: W/"64a76357-fbd3"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-credentials: false
access-control-max-age: 86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 19:46:37 GMT

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 64C4 1006 B
2 KB 275ms
274ms Ping
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CB1) /

Resource Hash

2f6e844e74aea787fde2c0041b3f2821d1c9c5c1d3bd09680be2f1b064277110

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?sdkVersion=5.0.386&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJSOXRQT2R6UGxMajRuUFpTZnljdGI0UGEzZ3JjMjUxUTNIU1VWckFuaHFnaEtnRFJyRlF5Z2JWZkk3WFBBT3FhamR3QlR1cmoydW5jcU4mY3VycmVuY3k9VVNEIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfcWVyZnFrcmRqcnJibnJ5aXNlamxqZnJkY2NscHpmIn19&clientID=AbR9tPOdzPlLj4nPZSfyctb4Pa3grc251Q3HSUVrAnhqghKgDRrFQygbVfI7XPAOqajdwBTurj2uncqN&sdkCorrelationID=f3867539b262f&storageID=uid_6122aa5a55_mtk6ndy6mzu&sessionID=uid_3b4725fb4b_mtk6ndy6mzu&buttonSessionID=uid_7a855a4c99_mtk6ndy6mzu&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=giropay&renderedButtons.3=sofort&renderedButtons.4=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 18 Jul 2023 19:46:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: 026b0836081a1
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 602
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server: ECAcc (frc/4CB1)
traceparent: 00-0000000000000000000026b0836081a1-2a23ccca4013383d-01
etag: W/"3ee-Y9/ryzCPlxb9RU6SXuIrooZK/uE"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin: *

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame A9F2 160 B
1 KB 207ms
205ms Document
text/html 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: sec-ch-ua, sec-ch-ua-mobile, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-platform, sec-ch-ua-platform-version, sec-ch-ua-arch, sec-ch-ua-wow64, sec-ch-ua-bitness, sec-ch-ua-model, sec-ch-ua-full
accept-ranges: none
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
correlation-id: e80c600a15ae2
date: Tue, 18 Jul 2023 19:46:37 GMT
origin-trial: A0A/uBW0ogQIica1KkPCeSOoHfvTATXdyRg8F/Ka8gjK4pCprEDwF3d3wTxNzSPn1ASb5ncpd46h7RQiSqGYpA8AAACMeyJvcmlnaW4iOiJodHRwczovL2MucGF5cGFsLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY5NTUxMzU5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
paypal-debug-id: e80c600a15ae2
server-timing: "traceparent;desc="00-0000000000000000000e80c600a15ae2-dde5adbf34a93656-01"";content-encoding;desc="br",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000e80c600a15ae2-722b30fec9f867fb-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-fra-etou8220107-FRA, cache-cph2320050-CPH
x-timer: S1689709597.176195,VS0,VE164
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/v2/ Frame 499A
Redirect Chain

https://b.stats.paypal.com/v2/counter.cgi?p=uid_3b4725fb4b_mtk6ndy6mzu&s=SMART_PAYMENT_BUTTONS
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_3b4725fb4b_mtk6ndy6mzu&s=SMART_PAYMENT_BUTTONS

42 B
299 B

143ms
46ms

Image
image/jpeg

64.4.245.84
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_3b4725fb4b_mtk6ndy6mzu&s=SMART_PAYMENT_BUTTONS
Requested by: Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?sdkVersion=5.0.386&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJSOXRQT2R6UGxMajRuUFpTZnljdGI0UGEzZ3JjMjUxUTNIU1VWckFuaHFnaEtnRFJyRlF5Z2JWZkk3WFBBT3FhamR3QlR1cmoydW5jcU4mY3VycmVuY3k9VVNEIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfcWVyZnFrcmRqcnJibnJ5aXNlamxqZnJkY2NscHpmIn19&clientID=AbR9tPOdzPlLj4nPZSfyctb4Pa3grc251Q3HSUVrAnhqghKgDRrFQygbVfI7XPAOqajdwBTurj2uncqN&sdkCorrelationID=f3867539b262f&storageID=uid_6122aa5a55_mtk6ndy6mzu&sessionID=uid_3b4725fb4b_mtk6ndy6mzu&buttonSessionID=uid_7a855a4c99_mtk6ndy6mzu&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=giropay&renderedButtons.3=sofort&renderedButtons.4=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=false
Protocol: HTTP/1.1
Server: 64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 19:46:37 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_3b4725fb4b_mtk6ndy6mzu&s=SMART_PAYMENT_BUTTONS
Date: Tue, 18 Jul 2023 19:46:37 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame A9F2 63 KB
22 KB 42ms
42ms Script
application/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ECAcc (ska/F73F) /

Resource Hash

2608781d6f4c43426e950104278a33ce4619f2995b1edb09769ac4fb3125c0fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 60923
date: Tue, 18 Jul 2023 19:46:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish
age: 1010326
x-cache: HIT, HIT
paypal-debug-id: 58257b98ee65b
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 21865
x-served-by: cache-cph2320050-CPH
last-modified: Fri, 07 Jul 2023 00:59:03 GMT
server: ECAcc (ska/F73F)
traceparent: 00-000000000000000000058257b98ee65b-f00485961d478a7f-01
x-timer: S1689709597.384740,VS0,VE1
etag: W/"64a76357-fbd3"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-credentials: false
access-control-max-age: 86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 19:46:37 GMT

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame A9F2 125 B
956 B 255ms
255ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e355eecf166dca1eeb45d0973e883a238a8594ac0b1a9a021fafb8d8c9d3a8bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 18 Jul 2023 19:46:37 GMT
via: 1.1 varnish, 1.1 varnish
disable-set-cookie: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: 3599c541a4099
server-timing: "traceparent;desc="00-00000000000000000003599c541a4099-44c0661235b058ca-01"";content-encoding;desc="",x-cdn;desc="fastly"
content-length: 125
x-served-by: cache-fra-eddf8230120-FRA, cache-cph2320050-CPH
correlation-id: 3599c541a4099
traceparent: 00-00000000000000000003599c541a4099-f51a64f156e2ff3f-01
content-type: application/json
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 0

POST
H2 204 e Show response
c.paypal.com/v1/r/d/b/ Frame A9F2 0
386 B 231ms
231ms XHR
text/plain 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 18 Jul 2023 19:46:37 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: 8d5231f057a5d
server-timing: "traceparent;desc="00-00000000000000000008d5231f057a5d-518b0f651c703297-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-etou8220025-FRA, cache-cph2320050-CPH
correlation-id: 8d5231f057a5d
traceparent: 00-00000000000000000008d5231f057a5d-01307ae7e96611c9-01
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 0

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame A9F2 0
199 B 217ms
190ms Image
text/plain 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=uid_3b4725fb4b_mtk6ndy6mzu&s=SMART_PAYMENT_BUTTONS

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CB2) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:46:36 GMT
content-encoding: gzip
correlation-id: c87a09499dc35
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (frc/4CB2)
traceparent: 00-0000000000000000000c87a09499dc35-38f286a689f9342f-01
vary: Accept-Encoding
paypal-debug-id: c87a09499dc35
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: traceparent;desc="00-0000000000000000000c87a09499dc35-fefe00f9b58307e6-01", content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 20

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame 64C4 1005 B
1 KB 213ms
212ms XHR
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AbR9tPOdzPlLj4nPZSfyctb4Pa3grc251Q3HSUVrAnhqghKgDRrFQygbVfI7XPAOqajdwBTurj2uncqN&currency=USD

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CB1) /

Resource Hash

1804ba9975594cea12ebd59a92a2213f18a3db5130824b65d21157075312ea73

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?sdkVersion=5.0.386&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWJSOXRQT2R6UGxMajRuUFpTZnljdGI0UGEzZ3JjMjUxUTNIU1VWckFuaHFnaEtnRFJyRlF5Z2JWZkk3WFBBT3FhamR3QlR1cmoydW5jcU4mY3VycmVuY3k9VVNEIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfcWVyZnFrcmRqcnJibnJ5aXNlamxqZnJkY2NscHpmIn19&clientID=AbR9tPOdzPlLj4nPZSfyctb4Pa3grc251Q3HSUVrAnhqghKgDRrFQygbVfI7XPAOqajdwBTurj2uncqN&sdkCorrelationID=f3867539b262f&storageID=uid_6122aa5a55_mtk6ndy6mzu&sessionID=uid_3b4725fb4b_mtk6ndy6mzu&buttonSessionID=uid_7a855a4c99_mtk6ndy6mzu&env=production&buttonSize=large&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjp0cnVlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjp0cnVlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6dHJ1ZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGFpZHkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=giropay&renderedButtons.3=sofort&renderedButtons.4=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type: application/json

Response headers

date: Tue, 18 Jul 2023 19:46:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: 0581b17871735
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 599
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
server: ECAcc (frc/4CB1)
traceparent: 00-00000000000000000000581b17871735-3beba7d0429a5550-01
etag: W/"3ed-nBvy1Sec+EVULPTHke5sP1yfIYM"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
timing-allow-origin: *

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
killmexacademy.com/	1970-01-20 13:21:56	Name: XSRF-TOKEN Value: eyJpdiI6ImVCYk9oVEtlNk1Ea2wzMGxEcGRPQkE9PSIsInZhbHVlIjoiSG5RWjFjY1N3R0hhN2JSS2N3SUtvckVtUkk5QTNwN2FYNDlQR3l0VCtvdXNEdUhPNDVPb1NiMmV6TTJWQzFsYWdEOEZrczg5blJnbFN6Zncrcm0xazNnV2N0Q2JuUjBXdmsranZHTkg0Q05VMURDY2dycnc2Mk9Xd0JLSkxLQW4iLCJtYWMiOiIwOTM3ZTk5NzVmNWE0OTEwMjdhOTNkNGFiY2E5OGRhN2MyZTc3NjkwZGFmMjlmMzc1YjdjMzMzNWU5ZjNiYjJmIiwidGFnIjoiIn0%3D
killmexacademy.com/	1970-01-20 13:21:56	Name: killmex_academy_session Value: eyJpdiI6InN6VTNMbzlRcU5QWFNBd3MxZUQrV3c9PSIsInZhbHVlIjoiaHRZbzB1eTd5VmEvZ2RtaEM5NCt1a0J1bkZHdCt4OEN6ZEpiS3RHKzhMZW1XNHVmdmdQZ1NZd2k5NVJyMU5VcmFmcHcxRXNyQkg2Z0s1eTJDaWVwU3pmbU15NFBzZFBueTFMRGZFb1BvWWlWMDdMTytWV09zbGg1Yms5Y3JQT2MiLCJtYWMiOiI3YjJlOTc2YjAxNzg3NmE1ZGQ2YTg5ZDRhZjQ1MTg3ODVjMmMwMWQwZWIxY2NlOWY3NjM5NGRiMWIxNmUxOTg1IiwidGFnIjoiIn0%3D
.paypal.com/	1970-01-20 13:21:51	Name: l7_az Value: dcg14.slc
.paypal.com/	1970-01-20 22:57:49	Name: ts_c Value: vr%3D6a8a49c01890a7a0648359e2fea636d9%26vt%3D6a8a49c01890a7a0648359e2fea636d8
.paypal.com/	1970-01-20 13:22:21	Name: LANG Value: de_DE%3BDE
.paypal.com/	1970-01-20 22:07:25	Name: enforce_policy Value: gdpr_v2.1
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3AQRSLChGgiDru_nZmkV83l958GT-ch2Ma.hADvSob31Pd13YSnPdhgvhcU4MXL6sJkxgCVAh3YOCg
.paypalobjects.com/	1970-01-20 13:23:15	Name: paypal-offers--cust Value: null:null:null
.paypal.com/	1970-01-20 13:26:08	Name: tsrce Value: loggernodeweb
.paypal.com/	1970-01-20 22:57:49	Name: ts Value: vreXpYrS%3D1784403997%26vteXpYrS%3D1689711397%26vr%3D6a8a49c01890a7a0648359e2fea636d9%26vt%3D6a8a49c01890a7a0648359e2fea636d8%26vtyp%3Dnew
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY4OTcwOTU5NzU5NiIsImwiOiIwIiwibSI6IjAifQ
.c.paypal.com/	1970-01-20 22:57:49	Name: sc_f Value: EBUPcVlS2AWA4nqzN9x_x_l7VUPe0BC0-u7D2FH3AtM2Sa7ca8sngKMC_b2nWyDr-gF9-FhPUX4l6gpyMwfcOYBT0s6o68eHRn7WDm
.paypal.com/	1970-01-20 22:57:49	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: GyUfti4uexFKkGtM7LOfukE4av8OTWvSlsaIrRkF6qAidl391MP-jMh7HUVWda0-pSJxIrBJ7AFXmGqI

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://player.vdocipher.com/v2/index.js(Line 1) Message: It is recommended that a robustness level be specified. Not specifying the robustness level could result in unexpected behavior.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.stats.paypal.com
c.paypal.com
c6.paypal.com
clipstat.com
dev.vdocipher.com
dmf9cnjua2s32.cloudfront.net
dub.stats.paypal.com
fonts.googleapis.com
fonts.gstatic.com
killmexacademy.com
player.vdocipher.com
t.paypal.com
www.paypal.com
www.paypalobjects.com
151.101.129.21
151.101.129.35
192.229.221.25
2600:9000:223d:5400:6:a43e:6740:93a1
2600:9000:2250:3000:6:c1db:2b80:21
2600:9000:2611:6c00:a:2d4:90c0:93a1
2a00:1450:4001:811::2003
2a00:1450:4001:827::200a
2a05:d014:221:9e01:14eb:c506:c6a9:99ad
34.235.126.203
64.4.245.84
07f6b880cfa8dfe89bf94553045a063a4d0204282b27f793a6b9af1d084881c6
11097a656528bf4a2cca0cebc9009bf4e1cd59c73fb13200218ad9e8d6f2c9cc
151566ab58b92afe5d2c50f5ec04666ab654187130791c84052d1baa4d64776f
1804ba9975594cea12ebd59a92a2213f18a3db5130824b65d21157075312ea73
1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b
1cbc1f4bdbbf805eaba642743150044460ed13f36950a37b2558c3ba27a66672
223debb9369f67f289632029c7853c87a149ea83276a6a44e77a63721228a858
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
2608781d6f4c43426e950104278a33ce4619f2995b1edb09769ac4fb3125c0fc
2f6e844e74aea787fde2c0041b3f2821d1c9c5c1d3bd09680be2f1b064277110
4094d3ab7125b937548d79cffd050f852ab400470d627768b88399f2a241967c
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
5a3b131761594988077a9c607f2f8bfb46bd851709016d3fac02eff278ca7c12
5d1d5c6a3e23d7927cfba1c6e8582a079f5bfea36594a3d254684faba6bb8e7e
642afd4c9cc10fcf58909d11bbcc331100a0f0dc6dda38d1e180050734237205
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
75a955e3d49bb85b12fc7e18d01ec899682a3a50dfb79f4cfbe3d58212842599
787a8e176263b59d08779a4ef241255f52cbd2363c99879c1e17d2dcbf4a8243
8012493c8a381e965bc167f973117b20d531630b86e83c2db5c750e775ad5a5e
8a353796f69f14c469ecdcc0f7d6a73fca0053e6de2ae5e164d00bd037516feb
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
96f28806733a81eb2628f9521879efe1c5a641d3de4fafc45d25a539fbbfd260
9f25a74afe79e2b72ec9b906dba0aaf2162f2826e4e7942d95e8e002c5aa7c47
aa36dc4164bef3a7b5007ecad5fed164b0c85feb478890782c6cb59bc56d6afa
b483287b1a828dd957c203e726a36ab8950e8c1925f83973d8ed5b86f0164908
c99471fa1b96e8f59fe52a6752566d787aca2762c302f62b2b91957571799c13
cc27a68b799b540bf033358fdf628bac590ae9ddb1fb921e04403461564d9486
d238ba5c68d316fb22f71244e81f48106ca4241d6e4fcfe12488dda6088a9aca
e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6
e355eecf166dca1eeb45d0973e883a238a8594ac0b1a9a021fafb8d8c9d3a8bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f66597774b7fb57672e037fc2d7259ffb0080a21c395e6d1783cef5bdd007a00

killmexacademy.com Open in urlscan Pro 34.235.126.203 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

42 Requests

98 %HTTPS

55 %IPv6

8 Domains

14 Subdomains

12 IPs

2 Countries

986 kBTransfer

2120 kBSize

13 Cookies

0 Outgoing links

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

killmexacademy.com Open in urlscan Pro
34.235.126.203 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

98 %
HTTPS

55 %
IPv6

8
Domains

14
Subdomains

12
IPs

2
Countries

986 kB
Transfer

2120 kB
Size

13
Cookies

42 HTTP transactions
5 data transactions