www.paypal.com Open in urlscan Pro
151.101.129.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
Effective URL:
https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
Submission: On January 25 via manual (January 25th 2021, 6:00:41 pm UTC) from US

Summary HTTP 103 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 28 IPs in 7 countries across 23 domains to perform 103 HTTP transactions. The main IP is 151.101.129.21, located in United States and belongs to FASTLY, US. The main domain is www.paypal.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on January 12th 2021. Valid for: a year.

This is the only time www.paypal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3035::ac43:b8a1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	18.156.95.187 18.156.95.187	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:e0:... 2606:4700:e0::ac40:6e19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	172.217.22.2 172.217.22.2	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
1 16	151.101.129.21 151.101.129.21	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:817::2008	15169 (GOOGLE) (GOOGLE)
1 1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	185.33.220.241 185.33.220.241	29990 (ASN-APPNEX) (ASN-APPNEX)
3	52.28.38.201 52.28.38.201	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
5	52.17.137.119 52.17.137.119	16509 (AMAZON-02) (AMAZON-02)
1	107.21.52.49 107.21.52.49	14618 (AMAZON-AES) (AMAZON-AES)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
2	213.19.147.210 213.19.147.210	26120 (RHYTHMONE) (RHYTHMONE)
1	136.144.59.88 136.144.59.88	54825 (PACKET) (PACKET)
1	216.52.2.48 216.52.2.48	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
22	104.76.200.161 104.76.200.161	16625 (AKAMAI-AS) (AKAMAI-AS)
6	151.101.1.35 151.101.1.35	54113 (FASTLY) (FASTLY)
1 2	64.4.245.84 64.4.245.84	17012 (PAYPAL) (PAYPAL)
1	151.101.65.35 151.101.65.35	54113 (FASTLY) (FASTLY)
103	28

1 2606:4700:3035::ac43:b8a1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.faxzero.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 18.156.95.187 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com

faxzero.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e0::ac40:6e19 (United States)

ASN13335 (CLOUDFLARENET, US)

go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.22.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s14-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 151.101.129.21 (United States) 1 redirects

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.241 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.28.38.201 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-38-201.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1460 (Sweden)

ASN41041 (VCLK-EU-SE, US)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.17.137.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-137-119.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.21.52.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-52-49.compute-1.amazonaws.com

hb.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (Germany)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.38.181 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.210 (United Kingdom)

ASN26120 (RHYTHMONE, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.144.59.88 (United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.48 (United States)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 104.76.200.161 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-200-161.deploy.static.akamaitechnologies.com

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.1.35 (United States)

ASN54113 (FASTLY, US)

c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.245.84 (United States) 1 redirects

ASN17012 (PAYPAL, US)

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	paypal.com 2 redirects www.paypal.com c.paypal.com b.stats.paypal.com dub.stats.paypal.com c6.paypal.com t.paypal.com	102 KB
22	paypalobjects.com www.paypalobjects.com	714 KB
22	faxzero.com 1 redirects www.faxzero.com faxzero.com	87 KB
5	gumgum.com g2.gumgum.com	5 KB
3	advertising.com ads.adaptv.advertising.com	636 B
3	criteo.com 1 redirects gum.criteo.com mug.criteo.com bidder.criteo.com	1 KB
3	google-analytics.com ssl.google-analytics.com	17 KB
2	facebook.com www.facebook.com	666 B
2	adnxs.com ib.adnxs.com	1 KB
2	facebook.net connect.facebook.net	92 KB
2	doubleclick.net securepubads.g.doubleclick.net	116 KB
2	ezodn.com go.ezodn.com ezodn.com	175 KB
1	unrulymedia.com targeting.unrulymedia.com	268 B
1	lijit.com ap.lijit.com	752 B
1	a-mo.net prebid.a-mo.net	825 B
1	1rx.io tag.1rx.io	268 B
1	casalemedia.com htlb.casalemedia.com	368 B
1	pubmatic.com hbopenbid.pubmatic.com	113 B
1	onetag-sys.com onetag-sys.com	443 B
1	undertone.com hb.undertone.com	853 B
1	dotomi.com web.hb.ad.cpe.dotomi.com	636 B
1	googlesyndication.com pagead2.googlesyndication.com	46 KB
1	google.com adservice.google.com	169 B
103	23

	Domain	Requested by
22	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
21	faxzero.com	faxzero.com
16	www.paypal.com	1 redirects www.paypal.com www.paypalobjects.com
5	c.paypal.com	www.paypalobjects.com c.paypal.com
5	g2.gumgum.com	go.ezodn.com
3	ads.adaptv.advertising.com	go.ezodn.com
3	ssl.google-analytics.com	faxzero.com
2	www.facebook.com
2	ib.adnxs.com	go.ezodn.com
2	connect.facebook.net	faxzero.com connect.facebook.net
2	securepubads.g.doubleclick.net	faxzero.com securepubads.g.doubleclick.net
1	t.paypal.com
1	c6.paypal.com
1	dub.stats.paypal.com
1	b.stats.paypal.com	1 redirects
1	targeting.unrulymedia.com	go.ezodn.com
1	ap.lijit.com	go.ezodn.com
1	prebid.a-mo.net	go.ezodn.com
1	tag.1rx.io	go.ezodn.com
1	htlb.casalemedia.com	go.ezodn.com
1	hbopenbid.pubmatic.com	go.ezodn.com
1	onetag-sys.com	go.ezodn.com
1	bidder.criteo.com	go.ezodn.com
1	hb.undertone.com	go.ezodn.com
1	web.hb.ad.cpe.dotomi.com	go.ezodn.com
1	mug.criteo.com
1	gum.criteo.com	1 redirects
1	ezodn.com	faxzero.com
1	pagead2.googlesyndication.com	faxzero.com
1	go.ezodn.com	faxzero.com
1	adservice.google.com	faxzero.com
1	www.faxzero.com	1 redirects
103	32

This site contains links to these domains. Also see Links.

Domain
faxzero.com

Subject Issuer	Validity	Valid
faxzero.com R3	`2021-01-14` - `2021-04-14`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-05` - `2021-08-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2021-01-12` - `2022-02-12`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-17` - `2021-02-14`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-12-26` - `2021-06-22`	6 months	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2020-03-30` - `2022-06-25`	2 years	crt.sh
*.gumgum.com Amazon	`2020-07-03` - `2021-08-03`	a year	crt.sh
*.k8s-cluster-p-us-east-1.ramp-ut.io Amazon	`2020-11-18` - `2021-12-18`	a year	crt.sh
onetag-sys.com R3	`2021-01-02` - `2021-04-02`	3 months	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2019-06-28` - `2021-06-27`	2 years	crt.sh
*.a-mo.net R3	`2021-01-11` - `2021-04-11`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-16` - `2021-11-16`	a year	crt.sh
c.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-06-24` - `2022-06-29`	2 years	crt.sh
b.stats.paypal.com DigiCert SHA2 High Assurance Server CA	`2020-03-13` - `2022-06-03`	2 years	crt.sh
t.paypal.com DigiCert SHA2 High Assurance Server CA	`2020-07-15` - `2022-07-20`	2 years	crt.sh

This page contains 8 frames:

Primary Page: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
Frame ID: 0B83F9E695DA0C2CBEC201C1714C3F31
Requests: 92 HTTP requests in this frame

Frame: https://www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/grcenterprise_v3.html
Frame ID: 98099847CED7BE0348C6D7CBEDD64A45
Requests: 1 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: EB9E007C53913870F80F9F1D6355DA5E
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v1/counter2.cgi?r=cD0wOEQ1MTcyOVk3MzgxMjEwWCZpPTgyLjEwMi4xOS4xMzYmdD0xNjExNTk3NjI0LjgxNyZhPTIxJnM9VU5JRklFRF9MT0dJTqbtpFNIJff0g8d-m4kprHSAn5GD
Frame ID: E66455F3B95CA7997C3613D59C5074F5
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/recaptcha_v2.html?siteKey=6LeZ6egUAAAAAGwL8CjkDE8dcSw2DtvuVpdwTkwG&locale.x=en_US&country.x=US&checkConnectionTimeout=5000&reCaptchaEnterpriseEnabled=true
Frame ID: 833FEBFD78ED838E758BE50C9CBE93BE
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/recaptcha_v2.html?siteKey=6LeZ6egUAAAAAGwL8CjkDE8dcSw2DtvuVpdwTkwG&locale.x=en_US&country.x=US&checkConnectionTimeout=5000&reCaptchaEnterpriseEnabled=true
Frame ID: 8ACA66B35FE2B0593C88C98D5EAC5727
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/recaptcha_v2.html?siteKey=6LeZ6egUAAAAAGwL8CjkDE8dcSw2DtvuVpdwTkwG&locale.x=en_US&country.x=US&checkConnectionTimeout=5000&reCaptchaEnterpriseEnabled=true
Frame ID: DF41649D429BA74E9C48FD4EB3034CF7
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/recaptcha_v2.html?siteKey=6LeZ6egUAAAAAGwL8CjkDE8dcSw2DtvuVpdwTkwG&locale.x=en_US&country.x=US&checkConnectionTimeout=5000&reCaptchaEnterpriseEnabled=true
Frame ID: 7B45C19C51E6F3762C4E2A22F611DE5A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758 HTTP 301
https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758 Page URL
https://www.paypal.com/cgi-bin/webscr HTTP 302
https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

103
Requests

97 %
HTTPS

34 %
IPv6

23
Domains

32
Subdomains

28
IPs

7
Countries

1360 kB
Transfer

4831 kB
Size

12
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://faxzero.com/pay_failed.php?item_number=28463223
Title: Cancel and return to FaxZero.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758 HTTP 301
https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758 Page URL
https://www.paypal.com/cgi-bin/webscr HTTP 302
https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758 HTTP 301
https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758

Request Chain 29

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffaxzero.com%2F&domain=faxzero.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=uk685Hx4TEh1aERZcVp3TU5JVTYxU1RRYzQyRDd4WFlzb3htTmRkaVc3QVd1aXYyYXc4OXdNY2xpRWE3NWJ6MXEyQkV0bUtrUktnRERYaVBnS2xtclo5WUlESXFJbFB3bDNEOHREdmtCMVZ4NEF6WVoyVTl2WDkvZ3IrZ0svMm9aR2xTL3ZMV3JFYjVQc1ZZUzRwNHUybUtpNVFJbTIvT3Bhd2V1ODVMUDZnOUZUbUNqNGIrSjNTZk9qSGNlV0hyQUdiK21zNnNMREk0ZUdyZFBPNHQvVUZGME9tNFgwL1VsRHNqcllvUWFIS3BrUFJFPXw&cppv=2

Request Chain 82

https://b.stats.paypal.com/v1/counter.cgi?r=cD0wOEQ1MTcyOVk3MzgxMjEwWCZpPTgyLjEwMi4xOS4xMzYmdD0xNjExNTk3NjI0LjgxNyZhPTIxJnM9VU5JRklFRF9MT0dJTqbtpFNIJff0g8d-m4kprHSAn5GD HTTP 302
https://dub.stats.paypal.com/v1/counter2.cgi?r=cD0wOEQ1MTcyOVk3MzgxMjEwWCZpPTgyLjEwMi4xOS4xMzYmdD0xNjExNTk3NjI0LjgxNyZhPTIxJnM9VU5JRklFRF9MT0dJTqbtpFNIJff0g8d-m4kprHSAn5GD

103 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

97779310c4881267f67e0d1695c3987746153758 Show response
faxzero.com/upgrade/28444922/
Redirect Chain

https://www.faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758

146 KB
35 KB

865ms
801ms

Document
text/html

18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.156.95.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-95-187.eu-central-1.compute.amazonaws.com

Software

nginx/1.16.0 /

Resource Hash

c36643905534b67ba03cb047be0e321140e79c5a33aafe2cbbe1a9fca1e8b18b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: faxzero.com
:scheme: https
:path: /upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d682b98ff2131e99cb2af10f74f01be981611597621
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control: max-age=0, must-revalidate, no-cache, no-store
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 25 Jan 2021 18:00:22 GMT
display: pub_site_sol
expires: Sun, 24 Jan 2021 18:00:22 GMT
pagespeed: off
pragma: no-cache
response: 200
server: nginx/1.16.0
set-cookie: PHPSESSID=5450e40d67dbd139a68423ae60cb36ec; path=/ ezoadgid_181837=-1; Path=/; Domain=faxzero.com; Expires=Mon, 25 Jan 2021 18:30:21 UTC ezoref_181837=; Path=/; Domain=faxzero.com; Expires=Mon, 25 Jan 2021 20:00:21 UTC ezoab_181837=mod1; Path=/; Domain=faxzero.com; Expires=Mon, 25 Jan 2021 20:00:21 UTC active_template::181837=pub_site.1611597621; Path=/; Domain=faxzero.com; Expires=Wed, 27 Jan 2021 18:00:21 UTC ezopvc_181837=1; Path=/; Domain=faxzero.com; Expires=Mon, 25 Jan 2021 18:30:22 UTC ezepvv=0; Path=/; Domain=faxzero.com; Expires=Tue, 26 Jan 2021 18:00:22 UTC ezovid_181837=771301540; Path=/; Domain=faxzero.com; Expires=Mon, 25 Jan 2021 18:30:22 UTC ezovuuidtime_181837=1611597622; Path=/; Domain=faxzero.com; Expires=Wed, 27 Jan 2021 18:00:22 UTC ezovuuid_181837=8123f617-29d6-4607-4da0-8cc0b3b2fa27; Path=/; Domain=faxzero.com; Expires=Mon, 25 Jan 2021 18:30:22 UTC ezCMPCCS=false; Path=/; Domain=faxzero.com; Expires=Tue, 25 Jan 2022 18:00:22 GMT
strict-transport-security: max-age=31536000
vary: Accept-Encoding Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-middleton-display: pub_site_sol
x-middleton-response: 200
x-sol: pub_site
x-xss-protection: 1; mode=block

Redirect headers

date: Mon, 25 Jan 2021 18:00:21 GMT
content-type: text/html; charset=iso-8859-1
set-cookie: __cfduid=d682b98ff2131e99cb2af10f74f01be981611597621; expires=Wed, 24-Feb-21 18:00:21 GMT; path=/; domain=.faxzero.com; HttpOnly; SameSite=Lax
cache-control: max-age=0, must-revalidate, no-cache, no-store
display: staticcontent_sol
expires: Sun, 24 Jan 2021 18:00:21 GMT
location: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
pagespeed: off
response: 301
vary: Accept-Encoding Origin,Accept-Encoding
x-middleton-display: staticcontent_sol
x-middleton-response: 301
x-sol: pub_site
cf-cache-status: DYNAMIC
cf-request-id: 07dc4d40b70000dfe71daf2000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JIQWQ8LBb0kXyVF9S1JWYjHFAkJ2uh4aoKXkN%2FNLPKFCNEdGoxo7RTZYCL5Eyto4U11YzV7eZXB00KkADVBc2mRg2YKvp06g8vfSF7MS97TIrq5cJk3hBJtu9lY%3D"}],"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6173e4adf9a1dfe7-FRA

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 28ms
28ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=faxzero.com

Requested by

Host: faxzero.com
URL: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Jan 2021 18:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 dall.js Show response
go.ezodn.com/hb/ 282 KB
82 KB 65ms
42ms Script
application/javascript 2606:4700:e0::ac40:6e19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,conversant,criteo,gumgum,ix,oftmedia,oneVideo,onedisplay,onemobile,onetag,pubmatic,rhythmone,sovrn,undertone,unruly&cb=191-0-6
Requested by: Host: faxzero.com
URL: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6e19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1903e8e9996dbe3efd31243c2eca2ac3c0fec1ded780c1110eaf6f6a4bdd4867

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1446392
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RRY5F2MNFt2wQvKjR1lzGXIflwJ7%2FpZqhUFzOaac7nBpweFtC4TZQVYIpFxVod%2Ft19lDWzNXLivmJ4Ih34%2BQKJ9PS71aygA7gcoNtTAwBJKorSbIjh%2BP3uk%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 6173e4b629abdff7-FRA
cf-request-id: 07dc4d45dc0000dff7d10f8000000001

GET
H2 200 boise.js Show response
faxzero.com/detroitchicago/ 983 B
501 B 33ms
33ms Script
application/javascript 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://faxzero.com/detroitchicago/boise.js?gcb=191-0&cb=1
Requested by: Host: faxzero.com
URL: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 41eb9054d5d5527274926b32631be8eb22dd6254f15a4d9d14cfe2688ea4f538

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:22 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
content-length: 426

GET
H2 200 style_combined_min.css
faxzero.com/css/ 9 KB
2 KB 395ms
394ms Stylesheet
text/css 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://faxzero.com/css/style_combined_min.css

Requested by

Host: faxzero.com
URL: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.156.95.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-95-187.eu-central-1.compute.amazonaws.com

Software

nginx/1.16.0 /

Resource Hash

1141a400882e79e769e03c13246eb0fd583a7e9fd5f5aa4b3a2a04ceb662b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:23 GMT
content-encoding: br
x-content-type-options: nosniff
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-length: 2179
x-xss-protection: 1; mode=block
response: 200
last-modified: Wed, 20 Jan 2021 23:40:27 GMT
server: nginx/1.16.0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: max-age=604800, public, must-revalidate, public

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
46 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: faxzero.com
URL: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71674f16bc0443461156f1bcb86acbc3a5256c97c66cc412b9498972564e01ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47256
x-xss-protection: 0
server: cafe
etag: 10183075830532257014
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 25 Jan 2021 18:00:22 GMT

GET
H2 200 logo-outline.gif
faxzero.com/images/ 7 KB
7 KB 389ms
389ms Image
image/gif 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://faxzero.com/images/logo-outline.gif

Requested by

Host: faxzero.com
URL: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.156.95.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-95-187.eu-central-1.compute.amazonaws.com

Software

nginx/1.16.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:23 GMT
content-encoding: br
x-content-type-options: nosniff
response: 200
last-modified: Wed, 20 Jan 2021 23:40:27 GMT
server: nginx/1.16.0
display: staticcontent_sol, staticcontent_sol
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin,Accept-Encoding
content-type: image/gif
x-middleton-display: staticcontent_sol, staticcontent_sol
cache-control: max-age=1209600, public, public
strict-transport-security: max-age=31536000
x-middleton-response: 200
x-xss-protection: 1; mode=block

GET
H2 200 paypal.jpg
faxzero.com/images/ 3 KB
3 KB 401ms
401ms Image
image/jpeg 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://faxzero.com/images/paypal.jpg

Requested by

Host: faxzero.com
URL: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.156.95.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-95-187.eu-central-1.compute.amazonaws.com

Software

nginx/1.16.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:23 GMT
content-encoding: br
x-content-type-options: nosniff
display: staticcontent_sol, staticcontent_sol
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
vary: Accept-Encoding, Origin,Accept-Encoding
content-length: 2910
x-xss-protection: 1; mode=block
response: 200
last-modified: Wed, 20 Jan 2021 23:40:27 GMT
server: nginx/1.16.0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=1209600, public, public

GET
H2 200 altconsent.js Show response
ezodn.com/cmp/ 396 KB
93 KB 46ms
44ms Script
application/javascript 2606:4700:e0::ac40:6e19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezodn.com/cmp/altconsent.js?v=8
Requested by: Host: faxzero.com
URL: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6e19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2b92530616ddbefbed0e825e094cd914f17ae899b42152f17028a0073f5eb62

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 02 Dec 2020 23:21:46 GMT
server: cloudflare
age: 410364
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=N3MBdD1%2FRgkTwWWK6Vr%2B0JF5%2FugZnel6L%2B4GQbdI8WS2l60GjMRJLGerqBuYio9EsHUeCXZvvuqrTalVcXDb2cpC1BWuBbbx%2FS9rJNFoMxkfsuE9hC8%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6173e4b68a99dff7-FRA
cf-request-id: 07dc4d46150000dff74c384000000001

GET
H2 200 ezcl.webp
faxzero.com/utilcave_com/inc/ 1 KB
704 B 61ms
58ms Script
application/javascript 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://faxzero.com/utilcave_com/inc/ezcl.webp?cb=4
Requested by: Host: faxzero.com
URL: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:23 GMT
content-encoding: br
x-sol: middleton
server: nginx/1.16.0
display: staticcontent_sol
vary: Accept-Encoding, Accept-Encoding,Origin
content-type: application/javascript
x-middleton-display: staticcontent_sol
cache-control: max-age=86400
content-length: 605

GET
H2 200 houston.js
faxzero.com/detroitchicago/ 4 KB
1 KB 41ms
38ms Script
application/javascript 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://faxzero.com/detroitchicago/houston.js?gcb=0&cb=32
Requested by: Host: faxzero.com
URL: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:23 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
content-length: 1231

GET
H2 200 gpt.js
securepubads.g.doubleclick.net/tag/js/ 55 KB
19 KB 93ms
32ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: faxzero.com
URL: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "764 / 166 of 1000 / last-modified: 1611576836"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18841
x-xss-protection: 0
expires: Mon, 25 Jan 2021 18:00:23 GMT

GET
H2 200 banger.js
faxzero.com/porpoiseant/ 52 KB
11 KB 44ms
41ms Script
application/javascript 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://faxzero.com/porpoiseant/banger.js?cb=191-0&bv=96&v=39&PageSpeed=off
Requested by: Host: faxzero.com
URL: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:23 GMT
content-encoding: br
server: nginx/1.16.0
cache-control: max-age=31536000, public
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript

GET
H2 200 memphis.js
faxzero.com/detroitchicago/ 5 KB
1 KB 40ms
37ms Script
application/javascript 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://faxzero.com/detroitchicago/memphis.js?gcb=191-0&cb=2
Requested by: Host: faxzero.com
URL: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:23 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
content-length: 1463

GET
H2 200 minneapolis.js
faxzero.com/detroitchicago/ 845 B
451 B 39ms
36ms Script
application/javascript 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://faxzero.com/detroitchicago/minneapolis.js?gcb=191-0&cb=1
Requested by: Host: faxzero.com
URL: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:23 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
content-length: 419

GET
H2 200 raleigh.js
faxzero.com/detroitchicago/ 2 KB
814 B 43ms
40ms Script
application/javascript 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://faxzero.com/detroitchicago/raleigh.js?gcb=191-0&cb=2
Requested by: Host: faxzero.com
URL: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:23 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
content-length: 782

GET
H2 200 tampa.js
faxzero.com/detroitchicago/ 754 B
437 B 39ms
36ms Script
application/javascript 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://faxzero.com/detroitchicago/tampa.js?gcb=191-0&cb=1
Requested by: Host: faxzero.com
URL: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:23 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
content-length: 405

GET
H2 200 rochester.js
faxzero.com/detroitchicago/ 2 KB
760 B 39ms
37ms Script
application/javascript 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://faxzero.com/detroitchicago/rochester.js?dcb=191-0&cb=1&v=9
Requested by: Host: faxzero.com
URL: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:23 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
content-length: 728

GET
H2 200 fbevents.js
connect.facebook.net/en_US/ 91 KB
23 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: faxzero.com
URL: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: mD4784PcC1ZlThKuuNMpuM+9kk0uZGHFCZQ8nwADoAf8klmJyuC1Z5AhdI2isXPXQ5SZe9B1gE+VcvCUUTQ+tg==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Mon, 25 Jan 2021 18:00:23 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ga.js
ssl.google-analytics.com/ 45 KB
17 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: faxzero.com
URL: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 5265
date: Mon, 25 Jan 2021 16:32:38 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Mon, 25 Jan 2021 18:32:38 GMT

GET
H2 200 bottom.gif
faxzero.com/images/ 710 B
618 B 377ms
375ms Image
image/gif 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://faxzero.com/images/bottom.gif

Requested by

Host: faxzero.com
URL: https://faxzero.com/css/style_combined_min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.156.95.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-95-187.eu-central-1.compute.amazonaws.com

Software

nginx/1.16.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://faxzero.com/css/style_combined_min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:23 GMT
content-encoding: br
x-content-type-options: nosniff
display: staticcontent_sol, staticcontent_sol
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
vary: Accept-Encoding, Origin,Accept-Encoding
content-length: 578
x-xss-protection: 1; mode=block
response: 200
last-modified: Wed, 20 Jan 2021 23:40:27 GMT
server: nginx/1.16.0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=1209600, public, public

GET
H2 200 banner-bg.png
faxzero.com/images/ 378 B
430 B 434ms
432ms Image
image/png 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://faxzero.com/images/banner-bg.png

Requested by

Host: faxzero.com
URL: https://faxzero.com/css/style_combined_min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.156.95.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-95-187.eu-central-1.compute.amazonaws.com

Software

nginx/1.16.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://faxzero.com/css/style_combined_min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:23 GMT
content-encoding: br
x-content-type-options: nosniff
display: staticcontent_sol, staticcontent_sol
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
vary: Accept-Encoding, Origin,Accept-Encoding
content-length: 382
x-xss-protection: 1; mode=block
response: 200
last-modified: Wed, 20 Jan 2021 23:40:27 GMT
server: nginx/1.16.0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=1209600, public, public

GET
H2 200 banner-logos.jpg
faxzero.com/images/ 10 KB
10 KB 389ms
387ms Image
image/jpeg 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://faxzero.com/images/banner-logos.jpg

Requested by

Host: faxzero.com
URL: https://faxzero.com/css/style_combined_min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.156.95.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-95-187.eu-central-1.compute.amazonaws.com

Software

nginx/1.16.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://faxzero.com/css/style_combined_min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:23 GMT
content-encoding: br
x-content-type-options: nosniff
response: 200
last-modified: Wed, 20 Jan 2021 23:40:27 GMT
server: nginx/1.16.0
display: staticcontent_sol, staticcontent_sol
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin,Accept-Encoding
content-type: image/jpeg
x-middleton-display: staticcontent_sol, staticcontent_sol
cache-control: max-age=1209600, public, public
strict-transport-security: max-age=31536000
x-middleton-response: 200
x-xss-protection: 1; mode=block

GET
H2 200 l.svg
faxzero.com/utilcave_com/ 965 B
579 B 61ms
60ms Image
image/svg+xml 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://faxzero.com/utilcave_com/l.svg
Requested by: Host: faxzero.com
URL: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:23 GMT
content-encoding: br
last-modified: Wed, 20 Jan 2021 23:40:27 GMT
server: nginx/1.16.0
display: staticcontent_sol, staticcontent_sol
etag: "3c5-5ac9ecc7b5bc0-gzip-gzip"
vary: Accept-Encoding, Accept-Encoding,Origin
content-type: image/svg+xml
x-middleton-display: staticcontent_sol, staticcontent_sol
cache-control: max-age=604800
x-sol: middleton
content-length: 422
expires: Mon, 01 Feb 2021 18:00:23 GMT

GET
H2

200

Primary Request hermes Show response
www.paypal.com/webapps/
Redirect Chain

https://www.paypal.com/cgi-bin/webscr
https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d

34 KB
15 KB

905ms
905ms

Document
text/html

151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3800aa253a6140c299c7d8e842430e8d3c4a1634d02d92de64cb8085b2a2eb7e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-yd8o6dWDFWQjy/df576YS9yzh7xY4uCfxhRjFlIif6svIOoU' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://.googleusercontent.com/ https://.paypalobjects.com https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net https://.paypal.com data:; object-src 'none'; media-src 'self' https://.paypal.com https://.paypalobjects.com; font-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://192.55.233.1 'unsafe-inline'; frame-src 'self' https://.paypal.com https://smartlock.google.com https://.paypalobjects.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.paypal.com
:scheme: https
:path: /webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: LANG=en_US%3BUS; enforce_policy=ccpa; x-pp-s=eyJ0IjoiMTYxMTU5NzYyMzkzNSIsImwiOiIwIiwibSI6IjAifQ; tsrce=xorouternodeweb; nsid=s%3AAC_Kmu2-4Fnv6-OzUxpm2UsiGcaPeWnA.qNuAgaMhmrKRhlJmI5TQXFhV1gjF%2FySmvHtvYjb8hHI; l7_az=dcg15.slc; ts=vreXpYrS%3D1706205623%26vteXpYrS%3D1611599423%26vr%3D3ab430041770ad005ca9dd99ff40bfc6%26vt%3D3ab430041770ad005ca9dd99ff40bfc5%26vtyp%3Dnew; ts_c=vr%3D3ab430041770ad005ca9dd99ff40bfc6%26vt%3D3ab430041770ad005ca9dd99ff40bfc5; x-cdn=fastly:AMS
Upgrade-Insecure-Requests: 1
Origin: https://faxzero.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-yd8o6dWDFWQjy/df576YS9yzh7xY4uCfxhRjFlIif6svIOoU' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src 'self' https://*.googleusercontent.com/ https://*.paypalobjects.com https://ak1s.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com https://ak1.abmr.net https://*.paypal.com data:; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://192.55.233.1 'unsafe-inline'; frame-src 'self' https://*.paypal.com https://smartlock.google.com https://*.paypalobjects.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
etag: W/"8838-GTYc/0QOC8+FD09Ko5BgZJt8898"
paypal-debug-id: be923b02edb04
set-cookie: enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Tue, 25 Jan 2022 18:00:24 GMT; Secure; SameSite=None cookie_check=yes; Max-Age=315532799; Domain=.paypal.com; Path=/; Expires=Sat, 25 Jan 2031 18:00:23 GMT; HttpOnly; Secure; SameSite=None ui_experience=d_id%3Dac7626178fc844978b8eb6e1cce4a14e1611597624783; Max-Age=63113851; Domain=.paypal.com; Path=/; Expires=Thu, 26 Jan 2023 05:37:55 GMT; HttpOnly; Secure; SameSite=None LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Tue, 26 Jan 2021 02:46:20 GMT; HttpOnly; Secure; SameSite=None tsrce=unifiedloginnodeweb; Max-Age=259199; Domain=.paypal.com; Path=/; Expires=Thu, 28 Jan 2021 18:00:23 GMT; HttpOnly; Secure; SameSite=None HaC80bwXscjqZ7KM6VOxULOB534=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT; HttpOnly; Secure; SameSite=None x-pp-s=eyJ0IjoiMTYxMTU5NzYyNDg0MSIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure; SameSite=None l7_az=dcg15.slc; Path=/; Domain=paypal.com; Expires=Mon, 25 Jan 2021 18:30:24 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1706205624%26vteXpYrS%3D1611599424%26vr%3D3ab430041770ad005ca9dd99ff40bfc6%26vt%3D3ab430041770ad005ca9dd99ff40bfc5%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Thu, 25 Jan 2024 18:00:24 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3D3ab430041770ad005ca9dd99ff40bfc6%26vt%3D3ab430041770ad005ca9dd99ff40bfc5; Path=/; Domain=paypal.com; Expires=Thu, 25 Jan 2024 18:00:24 GMT; Secure; SameSite=None x-cdn=fastly:AMS; Domain=paypal.com; Path=/; Secure
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
date: Mon, 25 Jan 2021 18:00:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-lhr7377-LHR, cache-ams21021-AMS
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1611597624.036207,VS0,VE883
vary: Accept-Encoding
content-encoding: br

Redirect headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy: default-src 'self' https://*.paypal.com; script-src 'nonce-Q5Tn7SSW9DMkDChb4hCv9/spz4KrqEDJl5VJKnpI2gNmZrW3' 'self' https://*.paypal.com 'unsafe-inline' 'unsafe-eval'; img-src https://*.paypalobjects.com; object-src 'none'; font-src 'self' https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
location: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
paypal-debug-id: 30afd088b2e4d
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Tue, 26 Jan 2021 02:46:19 GMT; HttpOnly; Secure; SameSite=None enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Tue, 25 Jan 2022 18:00:23 GMT; Secure; SameSite=None x-pp-s=eyJ0IjoiMTYxMTU5NzYyMzkzNSIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure; SameSite=None tsrce=xorouternodeweb; Domain=.paypal.com; Path=/; Expires=Thu, 28 Jan 2021 18:00:23 GMT; HttpOnly; Secure; SameSite=None nsid=s%3AAC_Kmu2-4Fnv6-OzUxpm2UsiGcaPeWnA.qNuAgaMhmrKRhlJmI5TQXFhV1gjF%2FySmvHtvYjb8hHI; Path=/; HttpOnly; Secure l7_az=dcg15.slc; Path=/; Domain=paypal.com; Expires=Mon, 25 Jan 2021 18:30:23 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1706205623%26vteXpYrS%3D1611599423%26vr%3D3ab430041770ad005ca9dd99ff40bfc6%26vt%3D3ab430041770ad005ca9dd99ff40bfc5%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Thu, 25 Jan 2024 18:00:23 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3D3ab430041770ad005ca9dd99ff40bfc6%26vt%3D3ab430041770ad005ca9dd99ff40bfc5; Path=/; Domain=paypal.com; Expires=Thu, 25 Jan 2024 18:00:23 GMT; Secure; SameSite=None x-cdn=fastly:AMS; Domain=paypal.com; Path=/; Secure
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Mon, 25 Jan 2021 18:00:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-lhr7345-LHR, cache-ams21021-AMS
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1611597623.223166,VS0,VE790
content-length: 284

GET
H2 200 roundedbg.gif
faxzero.com/images/ 5 KB
5 KB 401ms
398ms Image
image/gif 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://faxzero.com/images/roundedbg.gif

Requested by

Host: faxzero.com
URL: https://faxzero.com/css/style_combined_min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.156.95.187 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-95-187.eu-central-1.compute.amazonaws.com

Software

nginx/1.16.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://faxzero.com/css/style_combined_min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:23 GMT
content-encoding: br
x-content-type-options: nosniff
response: 200
last-modified: Wed, 20 Jan 2021 23:40:27 GMT
server: nginx/1.16.0
display: staticcontent_sol, staticcontent_sol
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin,Accept-Encoding
content-type: image/gif
x-middleton-display: staticcontent_sol, staticcontent_sol
cache-control: max-age=1209600, public, public
strict-transport-security: max-age=31536000
x-middleton-response: 200
x-xss-protection: 1; mode=block

GET
H2 200 499478183580327
connect.facebook.net/signals/config/ 241 KB
69 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/499478183580327?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70527
x-fb-rlafr: 0
pragma: public
x-fb-debug: 0oy7XNbz+HbBkvZGpI92eNE1baSRRjn1OmkZb/sL8e2VFueu05NbX4CY0cmOqbMqxC6BUIiGhnoBSXxjA7LP0Q==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 25 Jan 2021 18:00:23 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 2111852233
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
378 B 43ms
28ms Image
image/gif 2a00:1450:4001:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=106862405&utmhn=faxzero.com&utme=8(template*t*rid*bra)9(pub_site*134*0*mod1)11(3!2)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Free%20Fax%20%E2%80%A2%20Free%20Internet%20Faxing&utmhid=42268718&utmr=-&utmp=%2Fupgrade%2F28444922%2F97779310c4881267f67e0d1695c3987746153758&utmht=1611597623210&utmac=UA-158838119-24&utmcc=__utma%3D84481678.115829964.1611597623.1611597623.1611597623.1%3B%2B__utmz%3D84481678.1611597623.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=648630863&utmredir=1&utmmt=1&utmu=iTAgAAAAACAAAAAAAAAAAABE~

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 18:00:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
57 B 43ms
29ms Image
image/gif 2a00:1450:4001:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=597768146&utmhn=faxzero.com&utme=8(template*domain)9(pub_site*faxzero.com)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Free%20Fax%20%E2%80%A2%20Free%20Internet%20Faxing&utmhid=42268718&utmr=-&utmp=%2Fupgrade%2F28444922%2F97779310c4881267f67e0d1695c3987746153758&utmht=1611597623213&utmac=UA-38339005-1&utmcc=__utma%3D84481678.115829964.1611597623.1611597623.1611597623.1%3B%2B__utmz%3D84481678.1611597623.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1285365976&utmredir=1&utmmt=1&utmu=iTAgAAAAACAAAAAAAAAAAABE~

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 18:00:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 imp.gif
faxzero.com/detroitchicago/ 43 B
141 B 31ms
31ms Image
image/gif 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://faxzero.com/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A1%2C%22ad_count_adjustment%22%3A1%2C%22ad_lazyload_version%22%3A3%2C%22ad_location_ids%22%3A%222%2C2%2C2%2C5%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A4%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A2%2C%22city%22%3A%22Brussels%22%2C%22country%22%3A%22BE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A1%2C%22domain_id%22%3A181837%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22iab_category_0%22%3A%22596%22%2C%22iab_category_1%22%3A%2257%22%2C%22iab_category_2%22%3A%22239%22%2C%22iab_category_3%22%3A%22255%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A2%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221100%2C1101%2C1101%2C1101%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%2290dbf7a4-8a16-4337-5bba-871c99a794a6%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%221930%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A8381%2C%22response_time_orig%22%3A397%2C%22serverid%22%3A%2235.158.132.7%3A6157%22%2C%22state%22%3A%22BRU%22%2C%22sub_page_ad_positions%22%3A%221100%2C1101%2C1101%2C1101%22%2C%22t_epoch%22%3A1611597621%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Ffaxzero.com%2Fupgrade%2F28444922%2F97779310c4881267f67e0d1695c3987746153758%22%2C%22user_id%22%3A0%2C%22word_count%22%3A98%2C%22worst_bad_word_level%22%3A0%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:23 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: imp_sol
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 47

GET
H2

200

sid
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffaxzero.com%2F&domain=faxzero.com&cw=1
https://mug.criteo.com/sid?cpp=uk685Hx4TEh1aERZcVp3TU5JVTYxU1RRYzQyRDd4WFlzb3htTmRkaVc3QVd1aXYyYXc4OXdNY2xpRWE3NWJ6MXEyQkV0bUtrUktnRERYaVBnS2xtclo5WUlESXFJbFB3bDNEOHREdmtCMVZ4NEF6WVoyVTl2WDkvZ3IrZ0...

355 B
631 B

59ms
19ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=uk685Hx4TEh1aERZcVp3TU5JVTYxU1RRYzQyRDd4WFlzb3htTmRkaVc3QVd1aXYyYXc4OXdNY2xpRWE3NWJ6MXEyQkV0bUtrUktnRERYaVBnS2xtclo5WUlESXFJbFB3bDNEOHREdmtCMVZ4NEF6WVoyVTl2WDkvZ3IrZ0svMm9aR2xTL3ZMV3JFYjVQc1ZZUzRwNHUybUtpNVFJbTIvT3Bhd2V1ODVMUDZnOUZUbUNqNGIrSjNTZk9qSGNlV0hyQUdiK21zNnNMREk0ZUdyZFBPNHQvVUZGME9tNFgwL1VsRHNqcllvUWFIS3BrUFJFPXw&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 25 Jan 2021 18:00:22 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2350
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 25 Jan 2021 18:00:23 GMT
location: https://mug.criteo.com/sid?cpp=uk685Hx4TEh1aERZcVp3TU5JVTYxU1RRYzQyRDd4WFlzb3htTmRkaVc3QVd1aXYyYXc4OXdNY2xpRWE3NWJ6MXEyQkV0bUtrUktnRERYaVBnS2xtclo5WUlESXFJbFB3bDNEOHREdmtCMVZ4NEF6WVoyVTl2WDkvZ3IrZ0svMm9aR2xTL3ZMV3JFYjVQc1ZZUzRwNHUybUtpNVFJbTIvT3Bhd2V1ODVMUDZnOUZUbUNqNGIrSjNTZk9qSGNlV0hyQUdiK21zNnNMREk0ZUdyZFBPNHQvVUZGME9tNFgwL1VsRHNqcllvUWFIS3BrUFJFPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://faxzero.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1729
content-length: 482
expires: 0

POST
H/1.1 200
OK prebid
ib.adnxs.com/ut/v3/ 19 B
706 B 60ms
20ms XHR
application/json 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,conversant,criteo,gumgum,ix,oftmedia,oneVideo,onedisplay,onemobile,onetag,pubmatic,rhythmone,sovrn,undertone,unruly&cb=191-0-6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 18:00:23 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 732.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.70:80
AN-X-Request-Uuid: 2c021ed7-c535-4f7a-94ad-465ce518a7ad
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://faxzero.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content openrtb
ads.adaptv.advertising.com/rtb/ 0
212 B 109ms
34ms XHR
application/json 52.28.38.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=EzoicInc
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,conversant,criteo,gumgum,ix,oftmedia,oneVideo,onedisplay,onemobile,onetag,pubmatic,rhythmone,sovrn,undertone,unruly&cb=191-0-6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.38.201 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-38-201.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://faxzero.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content openrtb
ads.adaptv.advertising.com/rtb/ 0
212 B 109ms
32ms XHR
application/json 52.28.38.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=EzoicInc
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,conversant,criteo,gumgum,ix,oftmedia,oneVideo,onedisplay,onemobile,onetag,pubmatic,rhythmone,sovrn,undertone,unruly&cb=191-0-6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.38.201 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-38-201.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://faxzero.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content openrtb
ads.adaptv.advertising.com/rtb/ 0
212 B 113ms
36ms XHR
application/json 52.28.38.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=EzoicInc
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,conversant,criteo,gumgum,ix,oftmedia,oneVideo,onedisplay,onemobile,onetag,pubmatic,rhythmone,sovrn,undertone,unruly&cb=191-0-6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.38.201 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-38-201.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://faxzero.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H2 200 25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 454 B
636 B 49ms
12ms XHR
application/json 2a02:fa8:8806:12::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,conversant,criteo,gumgum,ix,oftmedia,oneVideo,onedisplay,onemobile,onetag,pubmatic,rhythmone,sovrn,undertone,unruly&cb=191-0-6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:12::1460 , Sweden, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 18:00:23 GMT
server: nginx
content-type: application/json
access-control-allow-origin: https://faxzero.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 454
expires: 0

GET
H2 200 imp
g2.gumgum.com/hbid/ 477 B
976 B 121ms
47ms XHR
application/json 52.17.137.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=20833&pi=3&gdprApplies=0&schain=1.0%2C1!ezoic.ai%2Ccc98711583f5e8146d50c942f0aa173c%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Ffaxzero.com%2Fupgrade%2F28444922%2F97779310c4881267f67e0d1695c3987746153758&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%223.27.0%22%7D&ogu=null&ns=10240
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,conversant,criteo,gumgum,ix,oftmedia,oneVideo,onedisplay,onemobile,onetag,pubmatic,rhythmone,sovrn,undertone,unruly&cb=191-0-6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.137.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-137-119.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 18:00:23 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://faxzero.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

GET
H2 200 imp
g2.gumgum.com/hbid/ 477 B
974 B 123ms
49ms XHR
application/json 52.17.137.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=20833&pi=3&gdprApplies=0&schain=1.0%2C1!ezoic.ai%2Ccc98711583f5e8146d50c942f0aa173c%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Ffaxzero.com%2Fupgrade%2F28444922%2F97779310c4881267f67e0d1695c3987746153758&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%223.27.0%22%7D&ogu=null&ns=10240
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,conversant,criteo,gumgum,ix,oftmedia,oneVideo,onedisplay,onemobile,onetag,pubmatic,rhythmone,sovrn,undertone,unruly&cb=191-0-6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.137.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-137-119.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 18:00:23 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://faxzero.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

GET
H2 200 imp
g2.gumgum.com/hbid/ 477 B
974 B 120ms
46ms XHR
application/json 52.17.137.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=20833&pi=3&gdprApplies=0&schain=1.0%2C1!ezoic.ai%2Ccc98711583f5e8146d50c942f0aa173c%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Ffaxzero.com%2Fupgrade%2F28444922%2F97779310c4881267f67e0d1695c3987746153758&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%223.27.0%22%7D&ogu=null&ns=10240
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,conversant,criteo,gumgum,ix,oftmedia,oneVideo,onedisplay,onemobile,onetag,pubmatic,rhythmone,sovrn,undertone,unruly&cb=191-0-6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.137.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-137-119.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 18:00:23 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://faxzero.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

GET
H2 200 imp
g2.gumgum.com/hbid/ 477 B
977 B 115ms
43ms XHR
application/json 52.17.137.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=20890&pi=3&gdprApplies=0&schain=1.0%2C1!ezoic.ai%2Ccc98711583f5e8146d50c942f0aa173c%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Ffaxzero.com%2Fupgrade%2F28444922%2F97779310c4881267f67e0d1695c3987746153758&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%223.27.0%22%7D&ogu=null&ns=10240
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,conversant,criteo,gumgum,ix,oftmedia,oneVideo,onedisplay,onemobile,onetag,pubmatic,rhythmone,sovrn,undertone,unruly&cb=191-0-6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.137.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-137-119.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 18:00:23 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://faxzero.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

GET
H2 200 imp
g2.gumgum.com/hbid/ 477 B
974 B 118ms
46ms XHR
application/json 52.17.137.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=20890&pi=3&gdprApplies=0&schain=1.0%2C1!ezoic.ai%2Ccc98711583f5e8146d50c942f0aa173c%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Ffaxzero.com%2Fupgrade%2F28444922%2F97779310c4881267f67e0d1695c3987746153758&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%223.27.0%22%7D&ogu=null&ns=10240
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,conversant,criteo,gumgum,ix,oftmedia,oneVideo,onedisplay,onemobile,onetag,pubmatic,rhythmone,sovrn,undertone,unruly&cb=191-0-6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.137.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-137-119.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 18:00:23 GMT
content-encoding: gzip
server: nginx
timing-allow-origin: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://faxzero.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
expires: 0

POST
H/1.1 204
No Content hb
hb.undertone.com/ 0
853 B 426ms
109ms XHR
text/plain 107.21.52.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=4009&domain=faxzero.com&gdpr=0&gdprstr=
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,conversant,criteo,gumgum,ix,oftmedia,oneVideo,onedisplay,onemobile,onetag,pubmatic,rhythmone,sovrn,undertone,unruly&cb=191-0-6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.52.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-52-49.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 18:00:23 GMT
x-envoy-decorator-operation: external-canary-request-service.ramplift-v2-p-us-east-1.svc.cluster.local:80/*
server: istio-envoy
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://faxzero.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
Connection: keep-alive
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 cdb
bidder.criteo.com/ 0
141 B 67ms
20ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=3.27.0&cb=10176861522
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,conversant,criteo,gumgum,ix,oftmedia,oneVideo,onedisplay,onemobile,onetag,pubmatic,rhythmone,sovrn,undertone,unruly&cb=191-0-6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://faxzero.com
date: Mon, 25 Jan 2021 18:00:22 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 200 prebid-request
onetag-sys.com/ 15 B
443 B 74ms
27ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.9.251 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://faxzero.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

POST
H2 204 translator
hbopenbid.pubmatic.com/ 0
113 B 58ms
19ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,conversant,criteo,gumgum,ix,oftmedia,oneVideo,onedisplay,onemobile,onetag,pubmatic,rhythmone,sovrn,undertone,unruly&cb=191-0-6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://faxzero.com
date: Mon, 25 Jan 2021 18:00:21 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 cygnus
htlb.casalemedia.com/ 25 B
368 B 169ms
118ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=305138&v=7.2&r=%7B%22id%22%3A%225057f7babce58b3%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2251166c21b127ae9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305138%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%225263251c457d4f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305138%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2253715c46082a828%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305138%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22541163a60635ead%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305141%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2255aaa915952d8b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305141%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22541163a60635ead%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305141%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2255aaa915952d8b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305141%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ffaxzero.com%2Fupgrade%2F28444922%2F97779310c4881267f67e0d1695c3987746153758%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22ezoic.ai%22%2C%22sid%22%3A%22cc98711583f5e8146d50c942f0aa173c%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,conversant,criteo,gumgum,ix,oftmedia,oneVideo,onedisplay,onemobile,onetag,pubmatic,rhythmone,sovrn,undertone,unruly&cb=191-0-6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 18:00:23 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[BE], RC:[], CN:[EU], CIP:[82.102.19.136], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://faxzero.com
x-cs-client-geo: 28
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 45
x-ak-client-geo: 28
expires: Mon, 25 Jan 2021 18:00:23 GMT

POST
H/1.1 204
No Content mvo
tag.1rx.io/rmp/215626/0/ 0
268 B 164ms
89ms XHR
text/plain 213.19.147.210
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/215626/0/mvo?z=1r&hbv=3.27,2.1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,conversant,criteo,gumgum,ix,oftmedia,oneVideo,onedisplay,onemobile,onetag,pubmatic,rhythmone,sovrn,undertone,unruly&cb=191-0-6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://faxzero.com
Pragma: no-cache
Date: Mon, 25 Jan 2021 18:00:23 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: Tengine
Connection: keep-alive

POST
H2 200 c
prebid.a-mo.net/a/ 880 B
825 B 386ms
204ms XHR
application/json 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,conversant,criteo,gumgum,ix,oftmedia,oneVideo,onedisplay,onemobile,onetag,pubmatic,rhythmone,sovrn,undertone,unruly&cb=191-0-6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 , United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Jan 2021 18:00:23 GMT
content-encoding: gzip
server: envoy
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://faxzero.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 108
content-length: 400

POST
H/1.1 200
OK prebid
ib.adnxs.com/ut/v3/ 19 B
707 B 72ms
35ms XHR
application/json 185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 18:00:23 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 732.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.170:80
AN-X-Request-Uuid: ce0149ab-ca3a-413d-8bdc-e7a8fd3ac0a1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://faxzero.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid
ap.lijit.com/rtb/ 24 B
752 B 71ms
26ms XHR
application/json 216.52.2.48
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.27.0
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,conversant,criteo,gumgum,ix,oftmedia,oneVideo,onedisplay,onemobile,onetag,pubmatic,rhythmone,sovrn,undertone,unruly&cb=191-0-6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 25 Jan 2021 18:00:23 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://faxzero.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

POST
H/1.1 204
No Content prebid
targeting.unrulymedia.com/ 0
268 B 144ms
80ms XHR
text/plain 213.19.147.210
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/prebid
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,conversant,criteo,gumgum,ix,oftmedia,oneVideo,onedisplay,onemobile,onetag,pubmatic,rhythmone,sovrn,undertone,unruly&cb=191-0-6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.210 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://faxzero.com
Pragma: no-cache
Date: Mon, 25 Jan 2021 18:00:23 GMT
Cache-Control: private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Server: Tengine
Connection: keep-alive

GET
H2 200 anaheim.js
faxzero.com/detroitchicago/ 665 B
369 B 26ms
25ms Script
application/javascript 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://faxzero.com/detroitchicago/anaheim.js?gcb=0&cb=1
Requested by: Host: faxzero.com
URL: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:23 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
content-length: 337

GET
H2 200 nmash.js
faxzero.com/porpoiseant/ 23 KB
5 KB 29ms
29ms Other
application/javascript 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://faxzero.com/porpoiseant/nmash.js?v=96
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:23 GMT
content-encoding: br
last-modified: Wed, 20 Jan 2021 23:40:27 GMT
server: nginx/1.16.0
etag: "5cef-5b95d7ace70c0;5b95d7ace70c0-gzip"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 19ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=499478183580327&ev=PageView&dl=https%3A%2F%2Ffaxzero.com%2Fupgrade%2F28444922%2F97779310c4881267f67e0d1695c3987746153758&rl=&if=false&ts=1611597623280&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1611597623278.2024419247&it=1611597623190&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 25 Jan 2021 18:00:23 GMT

GET
H3-Q050 200 pubads_impl_2021011301.js
securepubads.g.doubleclick.net/gpt/ 274 KB
97 KB 75ms
45ms Script
text/javascript 172.217.22.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011301.js?21069858

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s14-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Jan 2021 09:43:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99060
x-xss-protection: 0
expires: Mon, 25 Jan 2021 18:00:23 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=499478183580327&ev=Microdata&dl=https%3A%2F%2Ffaxzero.com%2Fupgrade%2F28444922%2F97779310c4881267f67e0d1695c3987746153758&rl=&if=false&ts=1611597624783&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Free%20Fax%20%E2%80%A2%20Free%20Internet%20Faxing%22%2C%22meta%3Adescription%22%3A%22Free%20Internet%20Faxing%20-%20Send%20faxes%20to%20anywhere%20in%20the%20U.S.%20and%20Canada%20for%20free%22%2C%22meta%3Akeywords%22%3A%22Free%20fax%2C%20free%20Internet%20fax%2C%20faxing%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1611597624782.87952904&it=1611597623190&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://faxzero.com/upgrade/28444922/97779310c4881267f67e0d1695c3987746153758
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 25 Jan 2021 18:00:24 GMT

GET
H2 200 ngrlCaptcha.min.js Show response
www.paypalobjects.com/webcaptcha/ 21 KB
6 KB 105ms
48ms Script
application/javascript 104.76.200.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.76.200.161 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-200-161.deploy.static.akamaitechnologies.com

Software

Resource Hash

5396af5006928832517239a2145e9de4bfde558161bd68be9a4b57ea5f37acf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Oct 2020 22:15:31 GMT
etag: W/"5f765503-532f"
surrogate-control: max-age=31536000
vary: Accept-Encoding
content-type: application/javascript
paypal-debug-id: 907420a9c2132
cache-control: max-age=3600
strict-transport-security: max-age=31536000
dc: ccg11-origin-www-2.paypal.com
content-length: 6248
expires: Mon, 25 Jan 2021 19:00:25 GMT

GET
H2 200 contextualLogin.css
www.paypalobjects.com/web/res/eac/5ad34af28eb3c537069bd70a8f4d0/css/ 98 KB
17 KB 87ms
30ms Stylesheet
text/css 104.76.200.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/eac/5ad34af28eb3c537069bd70a8f4d0/css/contextualLogin.css

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.76.200.161 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-200-161.deploy.static.akamaitechnologies.com

Software

Resource Hash

6a195d93998c4659fd518229613a8a19c721d495c341db89d8e9cfd158df51c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
surrogate-control: max-age=31536000
paypal-debug-id: ddd3b405d64c4
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 17160
last-modified: Fri, 22 Jan 2021 01:32:59 GMT
etag: W/"600a2b4b-18919"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Tue, 25 Jan 2022 18:00:25 GMT

GET
H2 200 modernizr-2.6.1.js Show response
www.paypalobjects.com/web/res/eac/5ad34af28eb3c537069bd70a8f4d0/js/lib/ 4 KB
2 KB 106ms
49ms Script
application/javascript 104.76.200.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/eac/5ad34af28eb3c537069bd70a8f4d0/js/lib/modernizr-2.6.1.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.76.200.161 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-200-161.deploy.static.akamaitechnologies.com

Software

Resource Hash

a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
surrogate-control: max-age=31536000
paypal-debug-id: 57c5e3d02f32c
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 1788
last-modified: Fri, 22 Jan 2021 01:33:02 GMT
etag: W/"600a2b4e-edf"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-headers: x-csrf-token
expires: Tue, 25 Jan 2022 18:00:25 GMT

GET
H2 200 icon-PN-check.png
www.paypalobjects.com/images/shared/ 1 KB
1 KB 60ms
60ms Image
image/png 104.76.200.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/images/shared/icon-PN-check.png

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.76.200.161 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-200-161.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

d2847bea03b68a100caf41aca4d972b58368b4ee956ab13dde15963d905d7c24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:25 GMT
x-content-type-options: nosniff
last-modified: Fri, 01 Jan 2021 07:10:04 GMT
server: Akamai Image Manager
etag: "49vz/MoiBvXh6ILc659PTN8gH45nwBXy23o3w9v7cpc"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: private, no-transform, max-age=43200
content-length: 1238
expires: Tue, 26 Jan 2021 06:00:25 GMT

GET
H2 200 glyph_alert_critical_big-2x.png
www.paypalobjects.com/images/shared/ 2 KB
2 KB 70ms
69ms Image
image/png 104.76.200.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/images/shared/glyph_alert_critical_big-2x.png

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.76.200.161 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-200-161.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

04748dd9a27ac47177d01a763fd68b4ca09f5b9acb4208149f2de40251d07dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:25 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
x-serial: 2003
etag: "54130c54-16c4"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: private, no-transform, max-age=43200
last-modified: Fri, 13 Nov 2020 02:44:16 GMT
content-length: 1695
server: Akamai Image Manager
expires: Tue, 26 Jan 2021 06:00:25 GMT

GET
H2 200 fn-sync-telemetry-min.js Show response
www.paypalobjects.com/web/res/eac/5ad34af28eb3c537069bd70a8f4d0/js/lib/ 5 KB
3 KB 37ms
37ms Script
application/javascript 104.76.200.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/eac/5ad34af28eb3c537069bd70a8f4d0/js/lib/fn-sync-telemetry-min.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.76.200.161 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-200-161.deploy.static.akamaitechnologies.com

Software

Resource Hash

8b202d5bd55968ce4bfc21c063166eaebe62104275ce7ec362d78b64b2581c95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
surrogate-control: max-age=31536000
paypal-debug-id: 7decf2ee2f621
dc: slc-b-origin-www-3.paypal.com
vary: Accept-Encoding
content-length: 2303
last-modified: Fri, 22 Jan 2021 01:33:02 GMT
etag: W/"600a2b4e-159e"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-headers: x-csrf-token
expires: Tue, 25 Jan 2022 18:00:25 GMT

GET
H2 200 checkout-split.js Show response
www.paypalobjects.com/web/res/eac/5ad34af28eb3c537069bd70a8f4d0/js/ 161 KB
40 KB 38ms
37ms Script
application/javascript 104.76.200.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/eac/5ad34af28eb3c537069bd70a8f4d0/js/checkout-split.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.76.200.161 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-200-161.deploy.static.akamaitechnologies.com

Software

Resource Hash

6889a5210d42b37665e3b88084fc91333ba189ed50ddfa2431fa43e5952f049f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
surrogate-control: max-age=31536000
paypal-debug-id: 92af4562b5f89
dc: phx-origin-www-3.paypal.com
vary: Accept-Encoding
content-length: 40417
last-modified: Fri, 22 Jan 2021 01:33:02 GMT
etag: W/"600a2b4e-2832d"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-headers: x-csrf-token
expires: Tue, 25 Jan 2022 18:00:25 GMT

GET
H2 200 pa.js Show response
www.paypalobjects.com/pa/js/min/ 50 KB
19 KB 60ms
59ms Script
application/javascript 104.76.200.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/js/min/pa.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.76.200.161 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-200-161.deploy.static.akamaitechnologies.com

Software

Resource Hash

f6d353cac5b8fe07885f19a8309648c3efb79d635257cd67c57f6d73acbe8b5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
surrogate-control: max-age=31536000
paypal-debug-id: 1b158c13feaaa
dc: slc-b-origin-www-2.paypal.com
vary: Accept-Encoding
content-length: 19496
last-modified: Wed, 20 Jan 2021 23:16:04 GMT
etag: W/"6008b9b4-c956"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
access-control-allow-headers: x-csrf-token
expires: Mon, 25 Jan 2021 19:00:25 GMT

GET
H2 200 recaptchav3.js Show response
www.paypal.com/auth/createchallenge/06a39695b6ae7b2c/ 11 KB
7 KB 321ms
320ms Script
text/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/createchallenge/06a39695b6ae7b2c/recaptchav3.js?_sessionID=AC_Kmu2-4Fnv6-OzUxpm2UsiGcaPeWnA

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c72cc849bd96808278d04a1fd0db101ed6b46471197ef14157186dfd93e4ac21

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-YfUHwlhbR5YiRM3EjT1vkgUP0Kqz7sEpKMDQc555rdEPwcHD' 'self' https://.paypal.com https://.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://.paypalobjects.com https://.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypalobjects.com; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://www.google.com https://www.recaptcha.net https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-YfUHwlhbR5YiRM3EjT1vkgUP0Kqz7sEpKMDQc555rdEPwcHD' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: e206af6b45505
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-lhr7326-LHR, cache-ams21021-AMS
x-timer: S1611597625.073455,VS0,VE284
date: Mon, 25 Jan 2021 18:00:25 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: W/"2b81-MEO46LTcZyheeMq+SHFyrsWeaKI"
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 paypal-logo-129x32.svg
www.paypalobjects.com/images/shared/ 5 KB
2 KB 66ms
65ms Image
image/svg+xml 104.76.200.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/images/shared/paypal-logo-129x32.svg

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/eac/5ad34af28eb3c537069bd70a8f4d0/css/contextualLogin.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.76.200.161 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-200-161.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

b3cc50b9e94bbecaaeb1079b64b8ca50616d1732824964c1cc2c5422627a0ec5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/web/res/eac/5ad34af28eb3c537069bd70a8f4d0/css/contextualLogin.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Oct 2014 22:52:57 GMT
server: Apache
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=3600
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 1929
expires: Mon, 25 Jan 2021 19:00:25 GMT

GET
H2 200 hermes_window_sprite_v16.png
www.paypalobjects.com/images/checkout/hermes/ 15 KB
16 KB 67ms
67ms Image
image/webp 104.76.200.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/images/checkout/hermes/hermes_window_sprite_v16.png

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/eac/5ad34af28eb3c537069bd70a8f4d0/css/contextualLogin.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.76.200.161 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-200-161.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

70eef1ed9452841efc7d4431e939d1bddb703d6b0ac4a9d64c097a0f68d65414

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/web/res/eac/5ad34af28eb3c537069bd70a8f4d0/css/contextualLogin.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:25 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Jan 2021 02:07:31 GMT
server: Akamai Image Manager
etag: "nnzRlS9MBgJaF5KTitXTyIJxOe9T0imDmyJbBzcjo2U"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=43200
content-length: 15830
expires: Tue, 26 Jan 2021 06:00:25 GMT

GET
H2 200 miconfig.js Show response
www.paypalobjects.com/pa/mi/ 105 KB
20 KB 127ms
41ms Script
application/javascript 104.76.200.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/mi/miconfig.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.76.200.161 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-200-161.deploy.static.akamaitechnologies.com

Software

Resource Hash

96eeede1d9557b9ce7dffdf0822603c89a9fad2a392628122237a1f22a3edf57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.paypal.com
Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
surrogate-control: max-age=31536000
paypal-debug-id: 3fd1add1b35b4
dc: ccg11-origin-www-3.paypal.com
vary: Accept-Encoding
content-length: 19806
last-modified: Wed, 20 Jan 2021 23:16:04 GMT
etag: W/"6008b9b4-1a492"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
access-control-allow-headers: x-csrf-token
expires: Mon, 25 Jan 2021 19:00:25 GMT

GET
H2 200 patleaf.js Show response
www.paypalobjects.com/pa/3pjs/tl/5.6.1/ 122 KB
42 KB 47ms
47ms Script
application/javascript 104.76.200.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/tl/5.6.1/patleaf.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.76.200.161 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-200-161.deploy.static.akamaitechnologies.com

Software

Resource Hash

219fe3382fabdbb0444747aa0073d75f3815cc9aba97bed4fe3ceca97afc38e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.paypal.com
Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
paypal-debug-id: 65b2b007a5d9
dc: slc-b-origin-www-3.paypal.com
vary: Accept-Encoding
content-length: 42770
last-modified: Thu, 01 Oct 2020 22:15:19 GMT
etag: "5f7654f7-1e7b4"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
expires: Mon, 25 Jan 2021 19:00:25 GMT

GET
H2 200 patlcfg.js Show response
www.paypalobjects.com/pa/3pjs/tl/5.6.1/ 9 KB
3 KB 45ms
44ms Script
application/javascript 104.76.200.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/pa/3pjs/tl/5.6.1/patlcfg.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/js/min/pa.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.76.200.161 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-200-161.deploy.static.akamaitechnologies.com

Software

Resource Hash

61ce0ee4efd0b82c90eb9c78bc3c93cf9e6703ce670237bedd1f88a6af82e004

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.paypal.com
Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
paypal-debug-id: ec777c2d1251f
dc: phx-origin-www-2.paypal.com
vary: Accept-Encoding
content-length: 3212
last-modified: Thu, 01 Oct 2020 22:15:19 GMT
etag: "5f7654f7-235d"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
expires: Mon, 25 Jan 2021 19:00:25 GMT

GET
H2 200 grcenterprise_v3.html
www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/ Frame 9809 0
0 43ms
43ms Document
text/html 104.76.200.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/grcenterprise_v3.html

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/auth/createchallenge/06a39695b6ae7b2c/recaptchav3.js?_sessionID=AC_Kmu2-4Fnv6-OzUxpm2UsiGcaPeWnA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.76.200.161 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-200-161.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: www.paypalobjects.com
:scheme: https
:path: /web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/grcenterprise_v3.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d

Response headers

server: Apache
last-modified: Fri, 04 Sep 2020 17:40:56 GMT
accept-ranges: bytes
content-type: text/html
content-encoding: gzip
content-length: 1547
cache-control: max-age=31536000
expires: Tue, 25 Jan 2022 18:00:25 GMT
date: Mon, 25 Jan 2021 18:00:25 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31536000

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ 60 KB
21 KB 151ms
41ms Script
application/x-javascript 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.paypal.com/da/r/fb.js
Requested by: Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/eac/5ad34af28eb3c537069bd70a8f4d0/js/checkout-split.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 8a9922f726f64074cf4c1808503e514ff7b3e84ef82126a7529735c1866ca48f

Request headers

Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:25 GMT
via: 1.1 varnish
age: 318736
x-cache: HIT
content-encoding: gzip
content-length: 20966
x-served-by: cache-ams21051-AMS
last-modified: Tue, 10 Nov 2020 21:35:21 GMT
server: Apache
x-timer: S1611597626.574085,VS0,VE1
vary: Accept-Encoding
content-type: application/x-javascript
expires: Tue, 26 Jan 2021 18:00:25 GMT
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 44677

GET
H2 200 challenge.js Show response
www.paypal.com/auth/createchallenge/4346bdefd8332d2c/ 18 KB
7 KB 328ms
328ms XHR
text/plain 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/createchallenge/4346bdefd8332d2c/challenge.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

71fd4528dfb987cea55d5b2f98b202fe43526a029df199f1562b54f39fec1f40

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-04i8p+4OeCfwPcB0OPWS7Ws6ut5qkYAHsIbR5tM0G4Yl1E3z' 'self' https://.paypal.com https://.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://.paypalobjects.com https://.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypalobjects.com; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://www.google.com https://www.recaptcha.net https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-04i8p+4OeCfwPcB0OPWS7Ws6ut5qkYAHsIbR5tM0G4Yl1E3z' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: 457334b8b63dd
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-lhr7350-LHR, cache-ams21021-AMS
x-timer: S1611597625.464769,VS0,VE291
date: Mon, 25 Jan 2021 18:00:25 GMT
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: W/"470b-bDFX9JEC7X8eYDx7Kh3tv9ubt1o"
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 main.js Show response
www.paypalobjects.com/web/res/7cd/5fb347c476a766ea3d90ae62703e7/js/ 2 MB
405 KB 61ms
61ms XHR
application/javascript 104.76.200.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/7cd/5fb347c476a766ea3d90ae62703e7/js/main.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.76.200.161 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-200-161.deploy.static.akamaitechnologies.com

Software

Resource Hash

ef0f493fbd3c5b2b94c78413965efb5becfae5ab9dad00bda8a1f3f1daa010d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
surrogate-control: max-age=31536000
paypal-debug-id: 7a3ff25358610
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 413120
last-modified: Wed, 20 Jan 2021 14:05:32 GMT
etag: W/"600838ac-1cb607"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-headers: x-csrf-token
expires: Tue, 25 Jan 2022 18:00:25 GMT

GET
H2 200 framework.js Show response
www.paypalobjects.com/js/xo/hermes/1.9.0/ 353 KB
121 KB 94ms
94ms XHR
application/x-javascript 104.76.200.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/js/xo/hermes/1.9.0/framework.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.76.200.161 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-200-161.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d7360f2684a0399a30edd737e96f60e3dd9e7622c892a8421740efcc689bd7a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Oct 2018 18:02:25 GMT
server: Apache
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=3600
strict-transport-security: max-age=31536000
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
content-length: 122811
expires: Mon, 25 Jan 2021 19:00:25 GMT

POST
H2 200 client-log Show response
www.paypal.com/signin/ 3 KB
2 KB 283ms
283ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

79ebb87ccc628c99841a7e1fbd234a6db3c36e4a640d2e6048c9ce59029cfe05

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-lHnPE7xB/tDwhJcB9RiTrnxq0yp7wBZwI4Y57V2RtcUbOMoB' 'self' https://.paypal.com https://.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://.paypalobjects.com https://.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypalobjects.com; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://www.google.com https://www.recaptcha.net https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-lHnPE7xB/tDwhJcB9RiTrnxq0yp7wBZwI4Y57V2RtcUbOMoB' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: d7c455dc13568
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-lhr7369-LHR, cache-ams21021-AMS
x-timer: S1611597625.466523,VS0,VE242
date: Mon, 25 Jan 2021 18:00:25 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: W/"a17-ciYBNNdSkEfNYBZPueHJg7d1MyA"
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 cookie-banner Show response
www.paypal.com/signin/ 3 KB
3 KB 313ms
313ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/cookie-banner?flowId=08D51729Y7381210X

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

af0dead0571f72aaf799516308d3495333a8fae2faf5255e2a0c4827ef7344f4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-ynxVHODkQWd2Axku+sejGMNmlPcItVtLfPYOBHEaocJAPtP5' 'self' https://.paypal.com https://.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://.paypalobjects.com https://.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypalobjects.com; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://www.google.com https://www.recaptcha.net https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-ynxVHODkQWd2Axku+sejGMNmlPcItVtLfPYOBHEaocJAPtP5' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: 29807c2bf74ae
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-lhr7371-LHR, cache-ams21021-AMS
x-timer: S1611597625.466495,VS0,VE236
date: Mon, 25 Jan 2021 18:00:25 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: W/"a17-jfXn6jeaq3wtMy82OBXd6pKPgnk"
accept-ranges: none
x-cache-hits: 0, 0

POST
H2 200 load-resource Show response
www.paypal.com/signin/ 3 KB
2 KB 315ms
314ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/load-resource

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d1411c144181741667aad11f2624439a6361fd47241320ed0b13517b6fa7f493

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-Lh1vBSMhf//wyEthi2o394IQmx3FonZUuXsmxUX3WzsRTWBf' 'self' https://.paypal.com https://.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://.paypalobjects.com https://.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypalobjects.com; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://www.google.com https://www.recaptcha.net https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-Lh1vBSMhf//wyEthi2o394IQmx3FonZUuXsmxUX3WzsRTWBf' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: 59cb98610356e
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-lhr7333-LHR, cache-ams21021-AMS
x-timer: S1611597625.466974,VS0,VE274
date: Mon, 25 Jan 2021 18:00:25 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: W/"a17-X3e3+AsCUXuRYqyxapOKCJCJbLE"
accept-ranges: none
x-cache-hits: 0, 0

POST
H2 200 client-log Show response
www.paypal.com/signin/ 3 KB
3 KB 313ms
313ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/signin/client-log

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

141148e68135715ff02a8725be67b3ccab94b3ae87de8c998856d1454f84eebc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-/pcadqICTZtjslBXSQCeRBJ9jypQrwhoqKiEEw8aP23age+W' 'self' https://.paypal.com https://.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://.paypalobjects.com https://.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypalobjects.com; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://www.google.com https://www.recaptcha.net https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-/pcadqICTZtjslBXSQCeRBJ9jypQrwhoqKiEEw8aP23age+W' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: f33556fa0bdfb
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-lhr7383-LHR, cache-ams21021-AMS
x-timer: S1611597625.468945,VS0,VE270
date: Mon, 25 Jan 2021 18:00:25 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: W/"a17-W8EtHRR12jH1urc1SSeNsHTzZIg"
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 icon-PN-check.png
www.paypalobjects.com/images/shared/ 1 KB
1 KB 122ms
121ms Image
image/png 104.76.200.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/images/shared/icon-PN-check.png

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/tl/5.6.1/patleaf.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.76.200.161 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-200-161.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

d2847bea03b68a100caf41aca4d972b58368b4ee956ab13dde15963d905d7c24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:25 GMT
x-content-type-options: nosniff
last-modified: Fri, 01 Jan 2021 07:10:04 GMT
server: Akamai Image Manager
etag: "49vz/MoiBvXh6ILc659PTN8gH45nwBXy23o3w9v7cpc"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: private, no-transform, max-age=43200
content-length: 1238
expires: Tue, 26 Jan 2021 06:00:25 GMT

GET
H2 200 glyph_alert_critical_big-2x.png
www.paypalobjects.com/images/shared/ 2 KB
2 KB 122ms
122ms Image
image/png 104.76.200.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/images/shared/glyph_alert_critical_big-2x.png

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/pa/3pjs/tl/5.6.1/patleaf.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.76.200.161 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-200-161.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

04748dd9a27ac47177d01a763fd68b4ca09f5b9acb4208149f2de40251d07dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:25 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
x-serial: 2003
etag: "54130c54-16c4"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: private, no-transform, max-age=43200
last-modified: Fri, 13 Nov 2020 02:44:16 GMT
content-length: 1695
server: Akamai Image Manager
expires: Tue, 26 Jan 2021 06:00:25 GMT

POST
H2 200 tealeaftarget Show response
www.paypal.com/platform/ 40 B
581 B 201ms
201ms Fetch
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/platform/tealeaftarget

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4cedb0f93de27d2ff852b6c94b379145997c0171a7c8904679480a607f921417

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-eval'; img-src 'self' https:; object-src 'none'; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; font-src 'self' https://*.paypalobjects.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Content-Encoding: gzip
X-Tealeaf: device (UIC) Lib/5.6.0.1875
X-Tealeaf-SyncXHR: false
X-Tealeaf-MessageTypes: 1,2,5,12
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json
Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
X-PageId: P.PWTDRWM2UDHX4JM7A5J8MESBRZMY
X-Requested-With: fetch
X-TealeafType: GUI
X-TeaLeaf-Page-Url: /webapps/hermes

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-eval'; img-src 'self' https:; object-src 'none'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; font-src 'self' https://*.paypalobjects.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: 35b42732fee18
dc: phx-origin-www-2.paypal.com
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-served-by: cache-lhr7350-LHR, cache-ams21021-AMS
x-timer: S1611597626.631556,VS0,VE164
x-frame-options: SAMEORIGIN
date: Mon, 25 Jan 2021 18:00:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: W/"28-ldGMO3DFlUFS2rp/kdI/Buc+OS0"
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame EB9E 160 B
913 B 205ms
205ms Document
text/html 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: c.paypal.com
:scheme: https
:path: /v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: enforce_policy=ccpa; cookie_check=yes; ui_experience=d_id%3Dac7626178fc844978b8eb6e1cce4a14e1611597624783; LANG=en_US%3BUS; l7_az=dcg15.slc; ts_c=vr%3D3ab430041770ad005ca9dd99ff40bfc6%26vt%3D3ab430041770ad005ca9dd99ff40bfc5; x-cdn=fastly:AMS; tsrce=authchallengenodeweb; cookie_prefs=P%3D1%2CF%3D1%2Ctype%3Dimplicit; x-pp-s=eyJ0IjoiMTYxMTU5NzYyNTI3OSIsImwiOiIxIiwibSI6IjAifQ; ts=vreXpYrS%3D1706205625%26vteXpYrS%3D1611599425%26vr%3D3ab430041770ad005ca9dd99ff40bfc6%26vt%3D3ab430041770ad005ca9dd99ff40bfc5%26vtyp%3Dnew
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d

Response headers

correlation-id: 5611298c11050
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
paypal-debug-id: 5611298c11050
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
date: Mon, 25 Jan 2021 18:00:25 GMT
x-served-by: cache-lhr7345-LHR, cache-ams21051-AMS
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1611597626.712728,VS0,VE165
vary: Accept-Encoding
content-encoding: br

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/v1/ Frame E664
Redirect Chain

https://b.stats.paypal.com/v1/counter.cgi?r=cD0wOEQ1MTcyOVk3MzgxMjEwWCZpPTgyLjEwMi4xOS4xMzYmdD0xNjExNTk3NjI0LjgxNyZhPTIxJnM9VU5JRklFRF9MT0dJTqbtpFNIJff0g8d-m4kprHSAn5GD
https://dub.stats.paypal.com/v1/counter2.cgi?r=cD0wOEQ1MTcyOVk3MzgxMjEwWCZpPTgyLjEwMi4xOS4xMzYmdD0xNjExNTk3NjI0LjgxNyZhPTIxJnM9VU5JRklFRF9MT0dJTqbtpFNIJff0g8d-m4kprHSAn5GD

42 B
299 B

178ms
58ms

Image
image/jpeg

64.4.245.84
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/v1/counter2.cgi?r=cD0wOEQ1MTcyOVk3MzgxMjEwWCZpPTgyLjEwMi4xOS4xMzYmdD0xNjExNTk3NjI0LjgxNyZhPTIxJnM9VU5JRklFRF9MT0dJTqbtpFNIJff0g8d-m4kprHSAn5GD
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 18:00:26 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/v1/counter2.cgi?r=cD0wOEQ1MTcyOVk3MzgxMjEwWCZpPTgyLjEwMi4xOS4xMzYmdD0xNjExNTk3NjI0LjgxNyZhPTIxJnM9VU5JRklFRF9MT0dJTqbtpFNIJff0g8d-m4kprHSAn5GD
Date: Mon, 25 Jan 2021 18:00:25 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 appChallenge.css
www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/css/ 27 KB
5 KB 54ms
53ms Stylesheet
text/css 104.76.200.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/css/appChallenge.css

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.76.200.161 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-200-161.deploy.static.akamaitechnologies.com

Software

Resource Hash

b09a68ec1a3dfd23f4336a24d61e3c8fd3c0ba04aa12d3702f54e0fd86430d09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
surrogate-control: max-age=31536000
paypal-debug-id: b1c2f6e0589d0
dc: slc-b-origin-www-2.paypal.com
vary: Accept-Encoding
content-length: 4943
last-modified: Fri, 04 Sep 2020 17:40:33 GMT
etag: W/"5f527c11-6be6"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Tue, 25 Jan 2022 18:00:25 GMT

GET recaptcha_v2.html
www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/ Frame 833F 0
0

GET
H2 200 authchallenge.js Show response
www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/js/ 15 KB
5 KB 53ms
53ms Script
application/javascript 104.76.200.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/js/authchallenge.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.76.200.161 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-200-161.deploy.static.akamaitechnologies.com

Software

Resource Hash

1f758f186455381a56a7c9c67e6d03e155cbe2485fa4404fadc9e8960e525d53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
surrogate-control: max-age=31536000
paypal-debug-id: c6d69f0618c31
dc: ccg11-origin-www-3.paypal.com
vary: Accept-Encoding
content-length: 4534
last-modified: Fri, 04 Sep 2020 17:40:33 GMT
etag: W/"5f527c11-3bd5"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-headers: x-csrf-token
expires: Tue, 25 Jan 2022 18:00:25 GMT

GET recaptcha_v2.html
www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/ Frame 8ACA 0
0

GET recaptcha_v2.html
www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/ Frame DF41 0
0

GET
H2 200 recaptcha_v2.html
www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/ Frame 7B45 0
0 55ms
54ms Document
text/html 104.76.200.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/recaptcha_v2.html?siteKey=6LeZ6egUAAAAAGwL8CjkDE8dcSw2DtvuVpdwTkwG&locale.x=en_US&country.x=US&checkConnectionTimeout=5000&reCaptchaEnterpriseEnabled=true

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.76.200.161 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-200-161.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: www.paypalobjects.com
:scheme: https
:path: /web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/recaptcha_v2.html?siteKey=6LeZ6egUAAAAAGwL8CjkDE8dcSw2DtvuVpdwTkwG&locale.x=en_US&country.x=US&checkConnectionTimeout=5000&reCaptchaEnterpriseEnabled=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d

Response headers

server: Apache
last-modified: Fri, 04 Sep 2020 17:40:56 GMT
accept-ranges: bytes
content-type: text/html
content-encoding: gzip
content-length: 2082
cache-control: max-age=31536000
expires: Tue, 25 Jan 2022 18:00:25 GMT
date: Mon, 25 Jan 2021 18:00:25 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31536000

POST
H2 200 verifychallenge Show response
www.paypal.com/auth/ 2 B
1 KB 305ms
304ms XHR
text/plain 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/verifychallenge

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-fFILjmx7IOUATgGmsLf9Sdk/sJBUbluqXIO44/L2ZOebQ/Z1' 'self' https://.paypal.com https://.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://.paypalobjects.com https://.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypalobjects.com; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://www.google.com https://www.recaptcha.net https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-fFILjmx7IOUATgGmsLf9Sdk/sJBUbluqXIO44/L2ZOebQ/Z1' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: e371f97537e72
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: phx-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-lhr7350-LHR, cache-ams21021-AMS
x-timer: S1611597626.810831,VS0,VE263
date: Mon, 25 Jan 2021 18:00:26 GMT
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
accept-ranges: none
x-cache-hits: 0, 0

POST
H2 200 logclientdata Show response
www.paypal.com/auth/ 2 KB
3 KB 270ms
269ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/logclientdata

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

27f7a9bd2a211ab58cf0fb1bd9ba73fd60004b41ef8b176d9f18bc6f838e5515

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-hOw4zxjYHX3+KXj1Z1UPEIWogXk9KzB07vwHr6ol83k2QlE4' 'self' https://.paypal.com https://.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://.paypalobjects.com https://.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypalobjects.com; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://www.google.com https://www.recaptcha.net https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-hOw4zxjYHX3+KXj1Z1UPEIWogXk9KzB07vwHr6ol83k2QlE4' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: be71e0a666540
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: phx-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-lhr7352-LHR, cache-ams21021-AMS
x-timer: S1611597626.841157,VS0,VE234
date: Mon, 25 Jan 2021 18:00:26 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: W/"717-epLsAaT9ObJdRxkxprduaXgqWT4"
accept-ranges: none
x-cache-hits: 0, 0

POST
H2 200 logclientdata Show response
www.paypal.com/auth/ 2 KB
2 KB 269ms
268ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/logclientdata

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0b110a651e9f73bd1eeb3ab932049282560d98ee3bbcd5a5e68ae686cc78aee0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-9yq2xsl2MIgOg12864fRMVpbmCVLwopZf//lA5TDSnUIklSh' 'self' https://.paypal.com https://.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://.paypalobjects.com https://.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypalobjects.com; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://www.google.com https://www.recaptcha.net https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-9yq2xsl2MIgOg12864fRMVpbmCVLwopZf//lA5TDSnUIklSh' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: 3007d0115d468
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-lhr7337-LHR, cache-ams21021-AMS
x-timer: S1611597626.841906,VS0,VE234
date: Mon, 25 Jan 2021 18:00:26 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: W/"717-FZ+yG45i7COeIdflI3RX2PX2YoE"
accept-ranges: none
x-cache-hits: 0, 0

POST
H2 200 logclientdata Show response
www.paypal.com/auth/ 2 KB
3 KB 299ms
298ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/logclientdata

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cf82f0124d03a55b854d00ed040f750ab391697ff23ca4df8fe0054a125efdae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-Z/EjtjBTXybGBKxypIJ9HLXiKrVytnGB2j4z2mgLxyaqRL6P' 'self' https://.paypal.com https://.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://.paypalobjects.com https://.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypalobjects.com; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://www.google.com https://www.recaptcha.net https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-Z/EjtjBTXybGBKxypIJ9HLXiKrVytnGB2j4z2mgLxyaqRL6P' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: 223a96f82fae
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-lhr7357-LHR, cache-ams21021-AMS
x-timer: S1611597626.842692,VS0,VE264
date: Mon, 25 Jan 2021 18:00:26 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: W/"716-YOdLR9lLQepofeIh4nvQ6+wfNis"
accept-ranges: none
x-cache-hits: 0, 0

POST
H2 200 logclientdata Show response
www.paypal.com/auth/ 2 KB
3 KB 256ms
256ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/logclientdata

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d7ee62dc929ace791cdeba5d33e32ad82ae683114ff26f88804e1503c06c0aee

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-7Kx64wPJjjYskloq4Is6iOTdgbNjYuhxu2OIFvD2w9bhpKwq' 'self' https://.paypal.com https://.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://.paypalobjects.com https://.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypalobjects.com; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://www.google.com https://www.recaptcha.net https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-7Kx64wPJjjYskloq4Is6iOTdgbNjYuhxu2OIFvD2w9bhpKwq' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: 17785138cadb6
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-lhr7348-LHR, cache-ams21021-AMS
x-timer: S1611597626.843388,VS0,VE219
date: Mon, 25 Jan 2021 18:00:26 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: W/"717-pVVtad3o0pZi8P2+hRXdXqwok84"
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 momgram@2x.png
www.paypalobjects.com/images/shared/ 1 KB
2 KB 43ms
43ms Image
image/webp 104.76.200.161
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/images/shared/momgram@2x.png

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/css/appChallenge.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.76.200.161 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-76-200-161.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

f63be82448bb5f46eadfbda31e771fe3710f5cbdcaaab02c7a020c2a2bf3d5b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/css/appChallenge.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:25 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
x-serial: 1863
etag: "n1eiFwTHQZT8r7LMVF4RJSE9QNnoZS4jSUvEYSZDtgw"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=43200
last-modified: Wed, 06 Jan 2021 01:58:46 GMT
content-length: 1386
server: Akamai Image Manager
expires: Tue, 26 Jan 2021 06:00:25 GMT

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame EB9E 60 KB
21 KB 32ms
31ms Script
application/x-javascript 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.paypal.com/da/r/fb.js
Requested by: Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 8a9922f726f64074cf4c1808503e514ff7b3e84ef82126a7529735c1866ca48f

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:25 GMT
via: 1.1 varnish
age: 318736
x-cache: HIT
content-encoding: gzip
content-length: 20966
x-served-by: cache-ams21051-AMS
last-modified: Tue, 10 Nov 2020 21:35:21 GMT
server: Apache
x-timer: S1611597626.914272,VS0,VE1
vary: Accept-Encoding
content-type: application/x-javascript
expires: Tue, 26 Jan 2021 18:00:25 GMT
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 44678

POST
H2 200 logclientdata Show response
www.paypal.com/auth/ 2 KB
2 KB 351ms
351ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/logclientdata

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4d8971783d50c9e8cfa28c2288ed2bdad7da57c23f5bdb8afbf1b23e07d85887

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-28LSv7jgIqcgzJDg4acqfP86ekorjqDwdgt1bXovpru8rw/W' 'self' https://.paypal.com https://.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://.paypalobjects.com https://.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypalobjects.com; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://www.google.com https://www.recaptcha.net https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-28LSv7jgIqcgzJDg4acqfP86ekorjqDwdgt1bXovpru8rw/W' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: 81f315e3daed4
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: phx-origin-www-2.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-lhr7324-LHR, cache-ams21021-AMS
x-timer: S1611597626.936854,VS0,VE305
date: Mon, 25 Jan 2021 18:00:26 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: W/"717-WgrOZA+tP3wcRcMlNcquSzQCylM"
accept-ranges: none
x-cache-hits: 0, 0

POST
H2 200 verifygrcenterprise Show response
www.paypal.com/auth/ 0
2 KB 448ms
447ms XHR
text/plain 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/auth/verifygrcenterprise

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webcaptcha/ngrlCaptcha.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; script-src 'nonce-Hip7HTDlyQTYpfMsyRqUAompaDsGaZG3nZ4MWNs+N9mlW4Tj' 'self' https://.paypal.com https://.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://.paypalobjects.com https://.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://.paypal.com https://.paypalobjects.com; font-src 'self' https://.paypal.com https://.paypalobjects.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://www.google.com https://www.recaptcha.net https://.qualtrics.com; style-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
x-requested-with: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'nonce-Hip7HTDlyQTYpfMsyRqUAompaDsGaZG3nZ4MWNs+N9mlW4Tj' 'self' https://*.paypal.com https://*.paypalobjects.com https://www.recaptcha.net https://www.gstatic.com 'unsafe-inline'; img-src https://*.paypalobjects.com https://*.paypal.com https://ak1s.abmr.net https://ak1.abmr.net https://ak1s.mathtag.com https://akamai.mathtag.com; object-src 'none'; media-src 'self' https://*.paypal.com https://*.paypalobjects.com; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://www.google.com https://www.recaptcha.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: 1df7aae0fb4fb
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-lhr7322-LHR, cache-ams21021-AMS
x-timer: S1611597626.936810,VS0,VE417
date: Mon, 25 Jan 2021 18:00:26 GMT
vary: accept-encoding
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: none
x-cache-hits: 0, 0

POST
H2 200 e Show response
c.paypal.com/v1/r/d/b/ Frame EB9E 15 B
137 B 192ms
192ms XHR
application/json 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.paypal.com/v1/r/d/b/e
Requested by: Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Jan 2021 18:00:26 GMT
via: 1.1 varnish, 1.1 varnish
correlation-id: 31b44e4b1b75b
x-served-by: cache-lhr7326-LHR, cache-ams21051-AMS
x-cache: MISS, MISS
content-type: application/json
paypal-debug-id: 31b44e4b1b75b
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 15
x-cache-hits: 0, 0

POST
H2 200 p2 Show response
c.paypal.com/v1/r/d/b/ Frame EB9E 125 B
453 B 207ms
206ms XHR
application/json 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c.paypal.com/v1/r/d/b/p2
Requested by: Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2a5d86fa36daf41ad19b65e9acd0fc077827bd177e3a1e75390a76f3af7e3d31

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Jan 2021 18:00:26 GMT
via: 1.1 varnish, 1.1 varnish
correlation-id: 5f0e863a7e859
x-served-by: cache-lhr7369-LHR, cache-ams21051-AMS
x-cache: MISS, MISS
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: 5f0e863a7e859
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
content-type: application/json
content-length: 125
x-cache-hits: 0, 0

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame EB9E 0
110 B 215ms
206ms Image
text/plain 151.101.1.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c6.paypal.com/v1/r/d/b/p3?f=08D51729Y7381210X&s=UL_CHECKOUT_INPUT_EMAIL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 18:00:26 GMT
via: 1.1 varnish, 1.1 varnish
correlation-id: 5f5fa70043245
x-timer: S1611597626.996046,VS0,VE180
x-served-by: cache-lhr7353-LHR, cache-ams21051-AMS
x-cache: MISS, MISS
paypal-debug-id: 5f5fa70043245
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
x-cache-hits: 0, 0

GET
H2 200 ts
t.paypal.com/ 42 B
714 B 228ms
189ms Image
image/gif 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?v=1.4.27&t=1611597626174&g=-60&pgrp=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail&page=main%3Aunifiedlogin%3Asplitlogin%3A%3Aemail%3A%3A%3A&qual=input_email&pgst=1611597624758&calc=be923b02edb04&nsid=AC_Kmu2-4Fnv6-OzUxpm2UsiGcaPeWnA&rsta=en_US&pgtf=Nodejs&env=live&s=ci&ccpg=US&csci=ac7626178fc844978b8eb6e1cce4a14e&comp=unifiedloginnodeweb&tsrce=xorouternodeweb&cu=0&ef_policy=ccpa&xe=102557%2C101408%2C102390%2C101216%2C100942&xt=109630%2C104576%2C108797%2C103864%2C102731&transition_name=ss_prepare_email&fltk=08D51729Y7381210X&flid=08D51729Y7381210X&ctx_login_ot_content=0&obex=checkout&landing_page=login&state_name=begin_email&ctx_login_content_fetch=success&ctx_login_ctxid_fetch=success%7Cparse-success&ctx_login_lang_footer=shown&ctx_login_cancel_url=shown&ctx_login_onetouch=shown&forced_signup_offered=1&ctx_login_signup_btn=shown%7CcreateAccount&ctx_login_intent=checkout&ctx_login_flow=Express%20checkout&ctx_login_state_transition=login_loaded&post_login_redirect=returnUri&ret_url=%2Fwebapps%2Fhermes&e=im&cdn=fastly&c_prefs=P%3D1%2CF%3D1%2Ctype%3Dimplicit&imsrc=setup&view=%7B%22t10%22%3A860%2C%22t11%22%3A2777%2C%22tcp%22%3A1963%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A500%7D&pt=Log%20in%20to%20your%20PayPal%20account&ru=https%3A%2F%2Ffaxzero.com%2Fupgrade%2F28444922%2F97779310c4881267f67e0d1695c3987746153758&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=1&t1c=0&t1d=0&t1s=0&t2=904&t3=5&t4d=500&t4=510&t4e=3&tt=2278&rdc=1&res=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: akka-http/10.1.11 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://www.paypal.com/webapps/hermes?token=08D51729Y7381210X&useraction=commit&mfid=1611597623655_30afd088b2e4d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 18:00:26 GMT
via: 1.1 varnish, 1.1 varnish
server: akka-http/10.1.11
x-timer: S1611597626.217607,VS0,VE171
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
http_x_pp_az_locator: slca.slc
expires: Mon, 25 Jan 2021 18:00:26 GMT
cache-control: no-cache, no-store, max-age=0, no-transform
x-cache-hits: 0, 0
accept-ranges: bytes
content-type: image/gif
content-length: 42
x-served-by: cache-lhr7364-LHR, cache-ams21047-AMS

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/recaptcha_v2.html?siteKey=6LeZ6egUAAAAAGwL8CjkDE8dcSw2DtvuVpdwTkwG&locale.x=en_US&country.x=US&checkConnectionTimeout=5000&reCaptchaEnterpriseEnabled=true

Domain: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/recaptcha_v2.html?siteKey=6LeZ6egUAAAAAGwL8CjkDE8dcSw2DtvuVpdwTkwG&locale.x=en_US&country.x=US&checkConnectionTimeout=5000&reCaptchaEnterpriseEnabled=true

Domain: www.paypalobjects.com
URL: https://www.paypalobjects.com/web/res/dc9/99e63da7c23f04e84d0e82bce06b5/recaptcha/recaptcha_v2.html?siteKey=6LeZ6egUAAAAAGwL8CjkDE8dcSw2DtvuVpdwTkwG&locale.x=en_US&country.x=US&checkConnectionTimeout=5000&reCaptchaEnterpriseEnabled=true

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.paypal.com/	1970-01-20 17:56:45	Name: ts Value: vreXpYrS%3D1706205625%26vteXpYrS%3D1611599425%26vr%3D3ab430041770ad005ca9dd99ff40bfc6%26vt%3D3ab430041770ad005ca9dd99ff40bfc5%26vtyp%3Dnew
.paypal.com/	1970-01-19 15:44:16	Name: tsrce Value: authchallengenodeweb
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3AEvLSHoyWGhnI1NYz_bqQqa5mMCBJJG8I.RYwZoqGAQXup%2BgW%2FkDrfffKC0NB3HEaLbD3%2F4Kcn9Y4
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTYxMTU5NzYyNTI3OSIsImwiOiIxIiwibSI6IjAifQ
.paypal.com/	1970-01-19 15:40:29	Name: LANG Value: en_US%3BUS
.paypal.com/	1970-01-20 00:25:33	Name: cookie_prefs Value: P%3D1%2CF%3D1%2Ctype%3Dimplicit
.paypal.com/	1969-12-31 23:59:59	Name: x-cdn Value: fastly:AMS
.paypal.com/	1970-01-20 17:56:45	Name: ts_c Value: vr%3D3ab430041770ad005ca9dd99ff40bfc6%26vt%3D3ab430041770ad005ca9dd99ff40bfc5
.paypal.com/	1970-01-20 09:11:51	Name: ui_experience Value: d_id%3Dac7626178fc844978b8eb6e1cce4a14e1611597624783
.paypal.com/	1970-01-19 15:39:59	Name: l7_az Value: dcg15.slc
.paypal.com/	1970-01-23 07:18:50	Name: cookie_check Value: yes
.paypal.com/	1970-01-20 00:25:33	Name: enforce_policy Value: ccpa

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.adaptv.advertising.com
adservice.google.com
ap.lijit.com
b.stats.paypal.com
bidder.criteo.com
c.paypal.com
c6.paypal.com
connect.facebook.net
dub.stats.paypal.com
ezodn.com
faxzero.com
g2.gumgum.com
go.ezodn.com
gum.criteo.com
hb.undertone.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
prebid.a-mo.net
securepubads.g.doubleclick.net
ssl.google-analytics.com
t.paypal.com
tag.1rx.io
targeting.unrulymedia.com
web.hb.ad.cpe.dotomi.com
www.facebook.com
www.faxzero.com
www.paypal.com
www.paypalobjects.com
www.paypalobjects.com
104.76.200.161
107.21.52.49
136.144.59.88
151.101.1.35
151.101.129.21
151.101.65.35
172.217.22.2
178.250.0.165
178.250.2.146
18.156.95.187
185.33.220.241
185.64.189.112
213.19.147.210
216.52.2.48
23.37.38.181
2606:4700:3035::ac43:b8a1
2606:4700:e0::ac40:6e19
2a00:1450:4001:802::2008
2a00:1450:4001:809::2002
2a00:1450:4001:817::2008
2a00:1450:4001:82a::2002
2a02:2638::1c
2a02:fa8:8806:12::1460
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
51.89.9.251
52.17.137.119
52.28.38.201
64.4.245.84
04748dd9a27ac47177d01a763fd68b4ca09f5b9acb4208149f2de40251d07dd2
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0b110a651e9f73bd1eeb3ab932049282560d98ee3bbcd5a5e68ae686cc78aee0
1141a400882e79e769e03c13246eb0fd583a7e9fd5f5aa4b3a2a04ceb662b875
141148e68135715ff02a8725be67b3ccab94b3ae87de8c998856d1454f84eebc
1903e8e9996dbe3efd31243c2eca2ac3c0fec1ded780c1110eaf6f6a4bdd4867
1f758f186455381a56a7c9c67e6d03e155cbe2485fa4404fadc9e8960e525d53
219fe3382fabdbb0444747aa0073d75f3815cc9aba97bed4fe3ceca97afc38e8
27f7a9bd2a211ab58cf0fb1bd9ba73fd60004b41ef8b176d9f18bc6f838e5515
2a5d86fa36daf41ad19b65e9acd0fc077827bd177e3a1e75390a76f3af7e3d31
3800aa253a6140c299c7d8e842430e8d3c4a1634d02d92de64cb8085b2a2eb7e
41eb9054d5d5527274926b32631be8eb22dd6254f15a4d9d14cfe2688ea4f538
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4cedb0f93de27d2ff852b6c94b379145997c0171a7c8904679480a607f921417
4d8971783d50c9e8cfa28c2288ed2bdad7da57c23f5bdb8afbf1b23e07d85887
5396af5006928832517239a2145e9de4bfde558161bd68be9a4b57ea5f37acf5
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
61ce0ee4efd0b82c90eb9c78bc3c93cf9e6703ce670237bedd1f88a6af82e004
6889a5210d42b37665e3b88084fc91333ba189ed50ddfa2431fa43e5952f049f
6a195d93998c4659fd518229613a8a19c721d495c341db89d8e9cfd158df51c8
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
70eef1ed9452841efc7d4431e939d1bddb703d6b0ac4a9d64c097a0f68d65414
71674f16bc0443461156f1bcb86acbc3a5256c97c66cc412b9498972564e01ac
71fd4528dfb987cea55d5b2f98b202fe43526a029df199f1562b54f39fec1f40
79ebb87ccc628c99841a7e1fbd234a6db3c36e4a640d2e6048c9ce59029cfe05
8a9922f726f64074cf4c1808503e514ff7b3e84ef82126a7529735c1866ca48f
8b202d5bd55968ce4bfc21c063166eaebe62104275ce7ec362d78b64b2581c95
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
96eeede1d9557b9ce7dffdf0822603c89a9fad2a392628122237a1f22a3edf57
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44
af0dead0571f72aaf799516308d3495333a8fae2faf5255e2a0c4827ef7344f4
b09a68ec1a3dfd23f4336a24d61e3c8fd3c0ba04aa12d3702f54e0fd86430d09
b3cc50b9e94bbecaaeb1079b64b8ca50616d1732824964c1cc2c5422627a0ec5
c36643905534b67ba03cb047be0e321140e79c5a33aafe2cbbe1a9fca1e8b18b
c72cc849bd96808278d04a1fd0db101ed6b46471197ef14157186dfd93e4ac21
cf82f0124d03a55b854d00ed040f750ab391697ff23ca4df8fe0054a125efdae
d1411c144181741667aad11f2624439a6361fd47241320ed0b13517b6fa7f493
d2847bea03b68a100caf41aca4d972b58368b4ee956ab13dde15963d905d7c24
d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5
d7360f2684a0399a30edd737e96f60e3dd9e7622c892a8421740efcc689bd7a3
d7ee62dc929ace791cdeba5d33e32ad82ae683114ff26f88804e1503c06c0aee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef0f493fbd3c5b2b94c78413965efb5becfae5ab9dad00bda8a1f3f1daa010d2
f2b92530616ddbefbed0e825e094cd914f17ae899b42152f17028a0073f5eb62
f63be82448bb5f46eadfbda31e771fe3710f5cbdcaaab02c7a020c2a2bf3d5b9
f6d353cac5b8fe07885f19a8309648c3efb79d635257cd67c57f6d73acbe8b5f

www.paypal.com Open in urlscan Pro 151.101.129.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

103 Requests

97 %HTTPS

34 %IPv6

23 Domains

32 Subdomains

28 IPs

7 Countries

1360 kBTransfer

4831 kBSize

12 Cookies

1 Outgoing links

Page URL History

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.paypal.com Open in urlscan Pro
151.101.129.21 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

97 %
HTTPS

34 %
IPv6

23
Domains

32
Subdomains

28
IPs

7
Countries

1360 kB
Transfer

4831 kB
Size

12
Cookies

103 HTTP transactions
0 data transactions