urlscan.io logo urlscan.io
SecurityTrails logo

medium-voyances.com Open in urlscan Pro
89.39.104.140  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://email.medium-astrologia.com/c/eJw1j19PgzAUxT_NeBu5pbS0D32YsqEm0-xPJPhiOmBQbSmWbnPf3s5ocpJ7cs7NLzmtQDRjmABPWdQIyuuEEh4pkUCCAQ...
Effective URL: https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcra...
Submission: On March 09 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 45 HTTP transactions. The main IP is 89.39.104.140, located in Naaldwijk, Netherlands and belongs to WORLDSTREAM, NL. The main domain is medium-voyances.com.
TLS certificate: Issued by R3 on January 7th 2023. Valid for: 3 months.
This is the only time medium-voyances.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.102.239.211 396982 (GOOGLE-CL...)
23 89.39.104.140 49981 (WORLDSTREAM)
1 2606:4700:e2:... 13335 (CLOUDFLAR...)
5 151.101.130.133 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
11 151.101.129.21 54113 (FASTLY)
1 5.161.49.133 213230 (HETZNER-C...)
3 151.101.193.35 54113 (FASTLY)
45 8
1    34.102.239.211 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 211.239.102.34.bc.googleusercontent.com
email.medium-astrologia.com
23    89.39.104.140 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 89-39-104-140.hosted-by-worldstream.net
medium-voyances.com
1    2606:4700:e2::ac40:850f (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
5    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
www.paypalobjects.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
11    151.101.129.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
1    5.161.49.133 (United States)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.133.49.161.5.clients.your-server.de
piwik.fullworkplace.com
3    151.101.193.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
Apex Domain
Subdomains		 Transfer
23 medium-voyances.com
medium-voyances.com
356 KB
14 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2345
t.paypal.com — Cisco Umbrella Rank: 3066
47 KB
5 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2245
579 KB
1 fullworkplace.com
piwik.fullworkplace.com
294 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 299
33 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 832
1 medium-astrologia.com
email.medium-astrologia.com
411 B
45 7
Domain Requested by
23 medium-voyances.com medium-voyances.com
11 www.paypal.com www.paypalobjects.com
5 www.paypalobjects.com medium-voyances.com
www.paypal.com
www.paypalobjects.com
3 t.paypal.com medium-voyances.com
1 piwik.fullworkplace.com medium-voyances.com
1 ajax.googleapis.com medium-voyances.com
1 use.fontawesome.com medium-voyances.com
1 email.medium-astrologia.com 1 redirects
45 8

This site contains no links.

Subject Issuer Validity Valid
medium-voyances.com
R3		 2023-01-07 -
2023-04-07		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
www.paypalobjects.com
DigiCert SHA2 Extended Validation Server CA		 2022-10-13 -
2023-11-13		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-11-10 -
2023-11-10		 a year crt.sh
piwik.fullworkplace.com
R3		 2023-02-14 -
2023-05-15		 3 months crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh

This page contains 4 frames:

Primary Page: https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
Frame ID: 5A1398C641057A2F09F7769696C64D69
Requests: 34 HTTP requests in this frame

Frame: https://www.paypal.com/smart/button?env=production&locale.x=en_US&style.layout=vertical&style.size=responsive&style.color=gold&style.shape=pill&style.label=paypal&commit=true&domain=medium-voyances.com&sessionID=uid_879c91e2f5_mta6mzm6mtu&buttonSessionID=uid_cabdc1a789_mta6mzm6mtu&renderedButtons=paypal%2Ccredit%2Ccard&storageID=uid_1020cac1e2_mta6mzm6mtu&funding.disallowed=venmo&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ&uid=22a5fc102d&version=4&xcomponent=1
Frame ID: 1F463527EDDB6FB289CCC578335D5B6D
Requests: 16 HTTP requests in this frame

Frame: data://truncated
Frame ID: B08C3F248FB7F06095C42016216E695B
Requests: 9 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 0BEFED5108F14A21F39315993ECC2952
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Deva

Page URL History Show full URLs

  1. http://email.medium-astrologia.com/c/eJw1j19PgzAUxT_NeBu5pbS0D32YsqEm0-xPJPhiOmBQbSmWbnPf3s5ocpJ7cs7NLzmtQDRjmA... HTTP 302
    https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlM... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • piwik\.js|piwik\.php
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

45
Requests

100 %
HTTPS

25 %
IPv6

7
Domains

8
Subdomains

8
IPs

3
Countries

1016 kB
Transfer

4081 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://email.medium-astrologia.com/c/eJw1j19PgzAUxT_NeBu5pbS0D32YsqEm0-xPJPhiOmBQbSmWbnPf3s5ocpJ7cs7NLzmtQDRjmABPWdQIyuuEEh4pkUCCAQOHUKYsRjFKUkRzjkLKGSxhloJpG3Uyczl5Z7XtlIxra6JeAD0yEsQzLBuCASiWCGWBQHEC6SEyglDEECMk0qL3fpxmeDFLVkF_zLO9yqFupxvxltpBhqOGpv2Ox34M_v8j2OqRXBq7zxZrn2P3tjxrW5XNiK5u0_l8rrN1QdXuE8uvffl0LFZ5odevGtWb-eJu2-fwsi-qsnZyfN663bC5fNS2vN-uHqrICW1Pajq49tS12shhCrN7641U-nesF64z7y79AerDZVg HTTP 302
    https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
medium-voyances.com/mona/index.php/voyances/
Redirect Chain
  • http://email.medium-astrologia.com/c/eJw1j19PgzAUxT_NeBu5pbS0D32YsqEm0-xPJPhiOmBQbSmWbnPf3s5ocpJ7cs7NLzmtQDRjmABPWdQIyuuEEh4pkUCCAQOHUKYsRjFKUkRzjkLKGSxhloJpG3Uyczl5Z7XtlIxra6JeAD0yEsQzLBuCASiWCGWB...
  • https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
34 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
89.39.104.140 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
89-39-104-140.hosted-by-worldstream.net
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1k / PHP/7.2.34
Resource Hash
73a4b5d1e527d77b49d488740213c0a51a539d53b79054726635c587acab6f12

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, private
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 09 Mar 2023 10:33:15 GMT
Keep-Alive
timeout=5, max=100
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1k
Transfer-Encoding
chunked
X-Powered-By
PHP/7.2.34

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store
Content-Length
632
Content-Type
text/html
Date
Thu, 09 Mar 2023 10:33:13 GMT
Location
https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
X-Robots-Tag
noindex
X-Xss-Protection
1; mode=block
bdc.css
medium-voyances.com/mona/deva_us/global/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medium-voyances.com/mona/deva_us/global/css/bdc.css
Requested by
Host: medium-voyances.com
URL: https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
89.39.104.140 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
89-39-104-140.hosted-by-worldstream.net
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1k /
Resource Hash
c1f3b5a4781cff05ac584fe7eee248caf35b70bfd5a05ac078ddecbec5767502

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 10:33:15 GMT
Last-Modified
Tue, 03 Jul 2018 14:31:45 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1k
ETag
"a72-570192c671640"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2674
bootstrap.min.css
medium-voyances.com/mona/deva_us/global/css/bootstrap/css/ 		138 KB
138 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medium-voyances.com/mona/deva_us/global/css/bootstrap/css/bootstrap.min.css
Requested by
Host: medium-voyances.com
URL: https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
89.39.104.140 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
89-39-104-140.hosted-by-worldstream.net
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1k /
Resource Hash
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 10:33:15 GMT
Last-Modified
Tue, 03 Jul 2018 14:31:45 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1k
ETag
"22682-570192c671640"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
140930
global.css
medium-voyances.com/mona/deva_us/global/css/ 		21 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medium-voyances.com/mona/deva_us/global/css/global.css
Requested by
Host: medium-voyances.com
URL: https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
89.39.104.140 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
89-39-104-140.hosted-by-worldstream.net
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1k /
Resource Hash
64b3211d7de9c7c5a6848bc07c45df7e35034cc5b05dd155716f77da89d8b92a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 10:33:15 GMT
Last-Modified
Sat, 17 Sep 2022 20:49:23 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1k
ETag
"54b1-5e8e59d041ac0"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
21681
porteur_min.css
medium-voyances.com/mona/deva_us/global/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medium-voyances.com/mona/deva_us/global/css/porteur_min.css
Requested by
Host: medium-voyances.com
URL: https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
89.39.104.140 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
89-39-104-140.hosted-by-worldstream.net
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1k /
Resource Hash
7e1e39076ef91d2bea1cb9aaebec927a53b7fe2092aaa69530d5b4e5a6597116

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 10:33:15 GMT
Last-Modified
Sat, 17 Sep 2022 20:49:23 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1k
ETag
"82a-5e8e59d041ac0"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2090
product.css
medium-voyances.com/mona/deva_us/rgm/assets/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://medium-voyances.com/mona/deva_us/rgm/assets/css/product.css
Requested by
Host: medium-voyances.com
URL: https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
89.39.104.140 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
89-39-104-140.hosted-by-worldstream.net
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1k /
Resource Hash
d6b10bcdf5cc60265cf90d34dca7373e6cd816723d2787bad17955c4551c00f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 10:33:15 GMT
Last-Modified
Sat, 17 Sep 2022 20:44:20 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1k
ETag
"a16-5e8e58af4b100"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2582
all.css')%7D%7D
use.fontawesome.com/releases/v5.0.10/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.10/css/all.css')%7D%7D
Requested by
Host: medium-voyances.com
URL: https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://medium-voyances.com/
Origin
https://medium-voyances.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 10:33:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
WVETX82ZY2HN9Z1A
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-max-age
3000
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2BXyc%2FH7OXknmA2V88%2B6vsRLU1ysM0R36M%2Bzf7IzYdPokaW%2BEL%2FtF95KzHgU%2BhXiWTm3dhYtmHgxy4B5m%2F83yOiads4XXMZXGw5hBLvWAf%2FiyAnVSdCE5kVL84WL0dzPo6pkRj5e5JwEpFl%2BdzXxWrRi"}],"group":"cf-nel","max_age":604800}
content-type
application/xml
cf-ray
7a52a8a06d9e695b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
6QI8qzsXnFJS+tmIXo1Ss9qzPaSoNVvHEB/7FFhnCcN/QO+bTk88SE8y33hPhLJMj4EMdRt09K8=
checkout.js
www.paypalobjects.com/api/ 		1 MB
235 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/api/checkout.js
Requested by
Host: medium-voyances.com
URL: https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
507b7a3d5ee5da4ca209424709b37980ea825978862a8913d048e8d6e652777d
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medium-voyances.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 10:33:15 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cache
HIT, HIT
paypal-debug-id
bb1ff039dfeb0
dc
ccg11-origin-www-1.paypal.com
content-length
239948
x-served-by
cache-sjc10020-SJC, cache-hhn-etou8220024-HHN
last-modified
Mon, 25 Apr 2022 17:04:48 GMT
traceparent
00-0000000000000000000bb1ff039dfeb0-368155a208608efa-01
x-timer
S1678357996.612083,VS0,VE0
etag
W/"6266d4b0-16d23e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
x-cache-hits
29490, 39
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Requested by
Host: medium-voyances.com
URL: https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medium-voyances.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Tue, 07 Mar 2023 12:30:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
165780
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33333
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Mar 2024 12:30:15 GMT
bdc.js
medium-voyances.com/mona/deva_us/global/js/ 		26 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medium-voyances.com/mona/deva_us/global/js/bdc.js
Requested by
Host: medium-voyances.com
URL: https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
89.39.104.140 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
89-39-104-140.hosted-by-worldstream.net
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1k /
Resource Hash
96b96b6590eb969cc0a9f6beb0f78568e514bbabd5447b72aa860ea1874a549b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 10:33:15 GMT
Last-Modified
Wed, 14 Apr 2021 14:44:25 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1k
ETag
"6993-5bfefc878c440"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
27027
porteur.js
medium-voyances.com/mona/deva_us/global/css/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://medium-voyances.com/mona/deva_us/global/css/porteur.js
Requested by
Host: medium-voyances.com
URL: https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
89.39.104.140 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
89-39-104-140.hosted-by-worldstream.net
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1k /
Resource Hash
8ca6c53eb4e73bcc94923c55bc0092b6527f28e5e68453abbd9ec8c5c77d5d29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 10:33:15 GMT
Last-Modified
Tue, 21 Jan 2020 15:09:04 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1k
ETag
"faf-59ca7c9e12400"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
4015
piwik.js
medium-voyances.com/mona/deva_us/global/css/ 		605 B
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://medium-voyances.com/mona/deva_us/global/css/piwik.js
Requested by
Host: medium-voyances.com
URL: https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
89.39.104.140 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
89-39-104-140.hosted-by-worldstream.net
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1k /
Resource Hash
609956d8f3f00247e3860552b532a4d4f494bdf60eb503d5105bf33e1c16452e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 10:33:15 GMT
Last-Modified
Tue, 21 Jan 2020 15:09:04 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1k
ETag
"25d-59ca7c9e12400"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
605
header.jpg
medium-voyances.com/mona/deva_us/rgm/assets/images/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medium-voyances.com/mona/deva_us/rgm/assets/images/header.jpg
Requested by
Host: medium-voyances.com
URL: https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
89.39.104.140 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
89-39-104-140.hosted-by-worldstream.net
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1k /
Resource Hash
9b12d57cf96244466e30f8df8f2bdb7c30852a1be6823188525c66d74abcc243

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 10:33:15 GMT
Last-Modified
Tue, 16 Mar 2021 12:46:04 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1k
ETag
"6650-5bda6bfd23b00"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
26192
img_fleche.png
medium-voyances.com/mona/deva_us/rgm/assets/images/ 		249 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medium-voyances.com/mona/deva_us/rgm/assets/images/img_fleche.png
Requested by
Host: medium-voyances.com
URL: https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
89.39.104.140 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
89-39-104-140.hosted-by-worldstream.net
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1k /
Resource Hash
1c2fddd0825f312ee2346815105cd8926f527fbbc54bf19a4c4491af2e2704da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 10:33:15 GMT
Last-Modified
Tue, 16 Mar 2021 12:46:06 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1k
ETag
"f9-5bda6bff0bf80"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
249
trait1.png
medium-voyances.com/mona/deva_us/rgm/assets/images/ 		359 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medium-voyances.com/mona/deva_us/rgm/assets/images/trait1.png
Requested by
Host: medium-voyances.com
URL: https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
89.39.104.140 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
89-39-104-140.hosted-by-worldstream.net
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1k /
Resource Hash
8d1580b661786d0fd023e3faa0d9e2e8daa389ae8922e0855859834782dc9faa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 10:33:15 GMT
Last-Modified
Tue, 16 Mar 2021 12:46:08 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1k
ETag
"167-5bda6c00f4400"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
359
invitation_perso_haut.gif
medium-voyances.com/mona/deva_us/rgm/assets/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medium-voyances.com/mona/deva_us/rgm/assets/images/invitation_perso_haut.gif
Requested by
Host: medium-voyances.com
URL: https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
89.39.104.140 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
89-39-104-140.hosted-by-worldstream.net
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1k /
Resource Hash
c6ebbe690cbc3a0f5e880fe7dbd4507847ef8261eebb15e6320c8b2415ea8323

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 10:33:15 GMT
Last-Modified
Tue, 16 Mar 2021 12:46:07 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1k
ETag
"2566-5bda6c00001c0"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
9574
invitation_perso_bas.gif
medium-voyances.com/mona/deva_us/rgm/assets/images/ 		967 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medium-voyances.com/mona/deva_us/rgm/assets/images/invitation_perso_bas.gif
Requested by
Host: medium-voyances.com
URL: https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
89.39.104.140 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
89-39-104-140.hosted-by-worldstream.net
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1k /
Resource Hash
847a0b91ce14fd555703d639acc347aec15c9b04c708f962c4906494b79926c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 10:33:15 GMT
Last-Modified
Tue, 16 Mar 2021 12:46:07 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1k
ETag
"3c7-5bda6c00001c0"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
967
case_valid.png
medium-voyances.com/mona/deva_us/rgm/assets/images/ 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medium-voyances.com/mona/deva_us/rgm/assets/images/case_valid.png
Requested by
Host: medium-voyances.com
URL: https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
89.39.104.140 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
89-39-104-140.hosted-by-worldstream.net
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1k /
Resource Hash
64108e1264f61cf8c84b37e3ef8c460f7f1a8102bf6ec349e1f089d9ab3bb58b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 10:33:15 GMT
Last-Modified
Tue, 16 Mar 2021 12:46:03 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1k
ETag
"327-5bda6bfc2f8c0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
807
fleche1.png
medium-voyances.com/mona/deva_us/rgm/assets/images/ 		289 B
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medium-voyances.com/mona/deva_us/rgm/assets/images/fleche1.png
Requested by
Host: medium-voyances.com
URL: https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
89.39.104.140 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
89-39-104-140.hosted-by-worldstream.net
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1k /
Resource Hash
f7df6ace85a20bc8faa1899da4964551c4d56ab60d046da2a25ccccf0362bff4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 10:33:15 GMT
Last-Modified
Tue, 16 Mar 2021 12:46:05 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1k
ETag
"121-5bda6bfe17d40"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
289
signature.jpg
medium-voyances.com/mona/deva_us/rgm/assets/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medium-voyances.com/mona/deva_us/rgm/assets/images/signature.jpg
Requested by
Host: medium-voyances.com
URL: https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
89.39.104.140 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
89-39-104-140.hosted-by-worldstream.net
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1k /
Resource Hash
20eae8aad1df5acfad344c9b4c6d66dc2d8cea3a548c2594875d57193f628f0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 10:33:15 GMT
Last-Modified
Tue, 16 Mar 2021 12:46:07 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1k
ETag
"5e7-5bda6c00001c0"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1511
BOUTON_accord_on.png
medium-voyances.com/mona/deva_us/rgm/assets/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medium-voyances.com/mona/deva_us/rgm/assets/images/BOUTON_accord_on.png
Requested by
Host: medium-voyances.com
URL: https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
89.39.104.140 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
89-39-104-140.hosted-by-worldstream.net
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1k /
Resource Hash
771ac00d1783669aea568f0b4a135e0006381a889afb6005d178bb8ec55f8c24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 10:33:15 GMT
Last-Modified
Tue, 16 Mar 2021 12:46:01 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1k
ETag
"c41-5bda6bfa47440"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
3137
BDC_ht.gif
medium-voyances.com/mona/deva_us/rgm/assets/images/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medium-voyances.com/mona/deva_us/rgm/assets/images/BDC_ht.gif
Requested by
Host: medium-voyances.com
URL: https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
89.39.104.140 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
89-39-104-140.hosted-by-worldstream.net
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1k /
Resource Hash
2493eb2a335c7c6b5b4a3c6ee27663239efca832c0bc562a1a60feb0f2b8883a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 10:33:15 GMT
Last-Modified
Tue, 16 Mar 2021 12:46:01 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1k
ETag
"8a65-5bda6bfa47440"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
35429
BDC_bas.gif
medium-voyances.com/mona/deva_us/rgm/assets/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medium-voyances.com/mona/deva_us/rgm/assets/images/BDC_bas.gif
Requested by
Host: medium-voyances.com
URL: https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
89.39.104.140 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
89-39-104-140.hosted-by-worldstream.net
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1k /
Resource Hash
c2889c132021f3c912bbbcd45bd6385ecc40b24e76817506fe4f16ec63040564

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 10:33:15 GMT
Last-Modified
Tue, 16 Mar 2021 12:46:00 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1k
ETag
"116d-5bda6bf953200"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
4461
BOUTON_Ascenseur.png
medium-voyances.com/mona/deva_us/rgm/assets/images/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medium-voyances.com/mona/deva_us/rgm/assets/images/BOUTON_Ascenseur.png
Requested by
Host: medium-voyances.com
URL: https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
89.39.104.140 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
89-39-104-140.hosted-by-worldstream.net
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1k /
Resource Hash
3ca9b3671484c1e58b247122cb079dac7830157403637668ce8dfa9e60d45453

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 10:33:15 GMT
Last-Modified
Tue, 16 Mar 2021 12:46:02 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1k
ETag
"73a5-5bda6bfb3b680"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
29605
footer.jpg
medium-voyances.com/mona/deva_us/rgm/assets/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medium-voyances.com/mona/deva_us/rgm/assets/images/footer.jpg
Requested by
Host: medium-voyances.com
URL: https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
89.39.104.140 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
89-39-104-140.hosted-by-worldstream.net
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1k /
Resource Hash
c2b383b1d33233a941a26573138514408bfdda395e22c42b91159124a238af2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 10:33:15 GMT
Last-Modified
Tue, 16 Mar 2021 12:46:03 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1k
ETag
"1791-5bda6bfc2f8c0"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
6033
pptm.js
www.paypal.com/tagmanager/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=medium-voyances.com&source=checkoutjs&t=xo&v=4.0.336
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-w+bMbDxh2lJFsuYDqBfg+NwklbjD0ORGL6WpwWAZJecBd6pZ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medium-voyances.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-w+bMbDxh2lJFsuYDqBfg+NwklbjD0ORGL6WpwWAZJecBd6pZ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 09 Mar 2023 10:33:15 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
1893
x-cache
HIT
paypal-debug-id
f263279d5fe89
server-timing
"traceparent;desc="00-0000000000000000000f263279d5fe89-4d1d7a02bbb57326-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4299
x-xss-protection
1; mode=block
x-served-by
cache-hhn-etou8220046-HHN
traceparent
00-0000000000000000000f263279d5fe89-8afb551fd8b52bfc-01
x-timer
S1678357996.903126,VS0,VE3
etag
W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600
accept-ranges
bytes
x-cache-hits
1
invitation_perso_fond.gif
medium-voyances.com/mona/deva_us/rgm/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medium-voyances.com/mona/deva_us/rgm/assets/images/invitation_perso_fond.gif
Requested by
Host: medium-voyances.com
URL: https://medium-voyances.com/mona/deva_us/rgm/assets/css/product.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
89.39.104.140 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
89-39-104-140.hosted-by-worldstream.net
Software
Apache/2.4.37 (centos) OpenSSL/1.1.1k /
Resource Hash
acd73e6cbd279344caf02e4431eb931888b62122a171fac16a6470082a2ce60e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medium-voyances.com/mona/deva_us/rgm/assets/css/product.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 10:33:15 GMT
Last-Modified
Tue, 16 Mar 2021 12:46:07 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1k
ETag
"7dc-5bda6c00001c0"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
2012
logger
www.paypal.com/xoplatform/logger/api/ 		1007 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cb4ff103b716ed0412e51ad57017b1ffa0c3daaf2ee9cf06cf4c72ed34c4dd41
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

x-app-name
checkoutjs
Referer
https://medium-voyances.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type
application/json

Response headers

date
Thu, 09 Mar 2023 10:33:16 GMT
via
1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS
paypal-debug-id
f831609c46b12
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-hhn-etou8220065-HHN
accept-ch
Sec-CH-UA-Full
traceparent
00-0000000000000000000f831609c46b12-e2d870e5862415d7-01
x-timer
S1678357996.167445,VS0,VE239
etag
W/W/"3ef-fzKJ00GJAaOZz1ASqcbPAOu1DnM"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://medium-voyances.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges
none
x-cache-hits
0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-app-name,x-requested-with
Access-Control-Request-Method
POST
Origin
https://medium-voyances.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Full
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-app-name,x-requested-with
access-control-allow-methods
POST
access-control-allow-origin
https://medium-voyances.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Thu, 09 Mar 2023 10:33:16 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f83160914f8d7
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f83160914f8d7-64ae73cb8afe9279-01
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-served-by
cache-hhn-etou8220065-HHN
x-timer
S1678357996.909747,VS0,VE236
button
www.paypal.com/smart/ Frame 1F46 		95 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/smart/button?env=production&locale.x=en_US&style.layout=vertical&style.size=responsive&style.color=gold&style.shape=pill&style.label=paypal&commit=true&domain=medium-voyances.com&sessionID=uid_879c91e2f5_mta6mzm6mtu&buttonSessionID=uid_cabdc1a789_mta6mzm6mtu&renderedButtons=paypal%2Ccredit%2Ccard&storageID=uid_1020cac1e2_mta6mzm6mtu&funding.disallowed=venmo&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ&uid=22a5fc102d&version=4&xcomponent=1
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
026d47cd35d611661d5dc1751bb27d519b82be04d20718fd4215a1ed4bdb76be
Security Headers
Name Value
Content-Security-Policy form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://medium-voyances.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Full
accept-ranges
bytes
access-control-expose-headers
Server-Timing
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
content-security-policy
form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html; charset=utf-8
date
Thu, 09 Mar 2023 10:33:16 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p
true
paypal-debug-id
f831609c2ba88
server-timing
"traceparent;desc="00-0000000000000000000f831609c2ba88-474099ab76b9f5b9-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f831609c2ba88-d5cb43b042704258-01
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-csrf-jwt
__blank__
x-served-by
cache-hhn-etou8220046-HHN
x-timer
S1678357996.903829,VS0,VE319
x-xss-protection
1; mode=block
truncated
/ Frame B08C 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
adf9b3c556710fac2e0f2ecf748a1f82afd023d7957336ef228db33f1deb83d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame B08C 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb91dfcb049d42c6a9b5b9798498ced5f618b7a5838c15468da7fe38745d4378

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame B08C 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c3551a75936077de738fa814761a357e4616685f20b8b4c7b80ca565eb6c7b3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame B08C 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
969120fcfbd39914a5e73208e24420bedd03238c32c53b0ed80a0558658133d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame B08C 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59f43716cabcb5cf8e918fe857f49e517e41b5eb608e92cb17a2b7e95579ad0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame B08C 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2d9e89921e539c095dbc100d8ba65ea7ac895a4c787a309b0173da830bee877

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame B08C 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d210e660c0522873895c55112efd3d0520e2a13beb505981a3fb9b33e4bf1c7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame B08C 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e7f00ab7d1f213d73f1a02133d2e6fb49a6f600d069e8d0aa5c3588a5b26ffb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame B08C 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
683a97afeed074b30133b8dcd92282469544a8c6512c3ccdeee81d9a34c1274d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
piwik.js
piwik.fullworkplace.com/ 		0
294 B 		Script
General
Check archive.org
Download Go to
Full URL
https://piwik.fullworkplace.com/piwik.js
Requested by
Host: medium-voyances.com
URL: https://medium-voyances.com/mona/deva_us/global/css/piwik.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.161.49.133 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.133.49.161.5.clients.your-server.de
Software
Apache/2.4.54 (Debian) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medium-voyances.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Thu, 09 Mar 2023 10:33:16 GMT
Last-Modified
Fri, 16 Dec 2022 10:45:27 GMT
Server
Apache/2.4.54 (Debian)
ETag
"0-5efefaaf31001"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
0
ts
t.paypal.com/ 		42 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Deva&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1678357995928&g=0&completeurl=https%3A%2F%2Fmedium-voyances.com%2Fmona%2Findex.php%2Fvoyances%2FYI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Requested by
Host: medium-voyances.com
URL: https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medium-voyances.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 09 Mar 2023 10:33:16 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
a882b56790989
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-length
42
x-served-by
cache-hhn-etou8220038-HHN
pragma
no-cache
traceparent
00-0000000000000000000a882b56790989-51e0724047ee984f-01
x-timer
S1678357996.057385,VS0,VE172
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Mar 2023 10:33:16 GMT
pptm.js
www.paypal.com/tagmanager/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?client_id=ATCE75dJOqtgPCeiicP7R_fDLSgwu4hh0HzqjDhNmgI-YavgmOCpg-e536-lQOBwnZd6yZ5Ld1Gh16ci&id=medium-voyances.com&source=checkoutjs&t=xo&v=4.0.336
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
518a4f70f0c3a8b8d2d7385e1751e06fe37fabea0ec6d1e2fdc511eb4d134016
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-vHAy1tM1R8aAq7DQpHG+uFftzKEChnAe304Xnx2M066IYHgD' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medium-voyances.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-vHAy1tM1R8aAq7DQpHG+uFftzKEChnAe304Xnx2M066IYHgD' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 09 Mar 2023 10:33:15 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
41126
x-cache
HIT
paypal-debug-id
f298192aad60a
server-timing
"traceparent;desc="00-0000000000000000000f298192aad60a-bb7a9200852df108-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4742
x-xss-protection
1; mode=block
x-served-by
cache-hhn-etou8220046-HHN
traceparent
00-0000000000000000000f298192aad60a-4c4c5665d1039392-01
x-timer
S1678357996.938795,VS0,VE3
etag
W/"3536-IlVe3KaCuiZHcypGspIZwmgWSsA"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600
accept-ranges
bytes
x-cache-hits
1
muse.js
www.paypalobjects.com/muse/ 		55 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?client_id=ATCE75dJOqtgPCeiicP7R_fDLSgwu4hh0HzqjDhNmgI-YavgmOCpg-e536-lQOBwnZd6yZ5Ld1Gh16ci&id=medium-voyances.com&source=checkoutjs&t=xo&v=4.0.336
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medium-voyances.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 10:33:15 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cache
HIT, HIT
paypal-debug-id
84840867de170
dc
ccg11-origin-www-1.paypal.com
content-length
16464
x-served-by
cache-sjc10081-SJC, cache-hhn-etou8220024-HHN
last-modified
Tue, 03 May 2022 17:28:29 GMT
x-timer
S1678357996.977222,VS0,VE0
etag
W/"6271663d-da91"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits
1004776, 27105
ts
t.paypal.com/ 		42 B
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3APG2JCXPNX3V7G-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3APG2JCXPNX3V7G-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=07a55d78-382d-4adc-9f18-ecff4770468d&fltp=analytics&mrid=PG2JCXPNX3V7G&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Deva&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1678357995959&g=0&completeurl=https%3A%2F%2Fmedium-voyances.com%2Fmona%2Findex.php%2Fvoyances%2FYI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
Requested by
Host: medium-voyances.com
URL: https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medium-voyances.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 09 Mar 2023 10:33:16 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
1f61724a0a387
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-length
42
x-served-by
cache-hhn-etou8220038-HHN
pragma
no-cache
traceparent
00-00000000000000000001f61724a0a387-fbea8370c0231382-01
x-timer
S1678357996.057379,VS0,VE157
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Mar 2023 10:33:16 GMT
index.html
www.paypalobjects.com/muse/analytics/ Frame 0BEF 		54 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Referer
https://medium-voyances.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
gzip
content-length
16791
content-type
text/html
date
Thu, 09 Mar 2023 10:33:16 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"6271663d-d994"
last-modified
Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id
50b39f10d2761
strict-transport-security
max-age=31557600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-cache-hits
935084, 30001
x-content-type-options
nosniff
x-served-by
cache-sjc10023-SJC, cache-hhn-etou8220024-HHN
x-timer
S1678357996.013257,VS0,VE0
ts
t.paypal.com/ 		42 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3APG2JCXPNX3V7G-1&page=muse%3Aoffer%3A%3A%3APG2JCXPNX3V7G-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=07a55d78-382d-4adc-9f18-ecff4770468d&es=visitorInfoFlowStarted&mrid=PG2JCXPNX3V7G&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Deva&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1678357996066&g=0&completeurl=https%3A%2F%2Fmedium-voyances.com%2Fmona%2Findex.php%2Fvoyances%2FYI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
Requested by
Host: medium-voyances.com
URL: https://medium-voyances.com/mona/index.php/voyances/YI5wdoT7AMtD3rZEvloYWdp1yrQgtD-l7MG6iSk3aqTWJfGFDGlMVl1cQ-ABRhD0OTGYWcrapNRrSnQwjcoWCRFHY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://medium-voyances.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 09 Mar 2023 10:33:16 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
72adb8372b703
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-length
42
x-served-by
cache-hhn-etou8220038-HHN
pragma
no-cache
traceparent
00-000000000000000000072adb8372b703-dbf20b7fe584f93a-01
x-timer
S1678357996.086280,VS0,VE173
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Mar 2023 10:33:16 GMT
graphql
www.paypal.com/targeting/ Frame 0BEF 		435 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
236f899c1527fca69389fcdc64cabcab8cb211e9e1ea66f5fc5a132fcd1df988
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-wo7bsEstyD3B7dSttNEFy6GICoVPr7sjQLKE6/6dEVd/9SKD' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypalobjects.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-wo7bsEstyD3B7dSttNEFy6GICoVPr7sjQLKE6/6dEVd/9SKD' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
date
Thu, 09 Mar 2023 10:33:16 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS
paypal-debug-id
f8316098e95a9
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-hhn-etou8220046-HHN
accept-ch
Sec-CH-UA-Full
traceparent
00-0000000000000000000f8316098e95a9-f96c87b5930ff080-01
x-timer
S1678357996.284402,VS0,VE242
etag
W/W/"1b3-6sgwatYFqPBqm+muLwyA0PzI5Ks"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges
none
x-cache-hits
0
graphql
www.paypal.com/targeting/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.paypalobjects.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Full
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Thu, 09 Mar 2023 10:33:16 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f8316090cdfe4
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f8316090cdfe4-e215762758de7c12-01
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn-etou8220065-HHN
x-timer
S1678357996.085558,VS0,VE173
truncated
/ Frame 1F46 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
adf9b3c556710fac2e0f2ecf748a1f82afd023d7957336ef228db33f1deb83d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 1F46 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb91dfcb049d42c6a9b5b9798498ced5f618b7a5838c15468da7fe38745d4378

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 1F46 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c3551a75936077de738fa814761a357e4616685f20b8b4c7b80ca565eb6c7b3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 1F46 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
969120fcfbd39914a5e73208e24420bedd03238c32c53b0ed80a0558658133d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 1F46 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59f43716cabcb5cf8e918fe857f49e517e41b5eb608e92cb17a2b7e95579ad0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 1F46 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2d9e89921e539c095dbc100d8ba65ea7ac895a4c787a309b0173da830bee877

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 1F46 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d210e660c0522873895c55112efd3d0520e2a13beb505981a3fb9b33e4bf1c7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 1F46 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e7f00ab7d1f213d73f1a02133d2e6fb49a6f600d069e8d0aa5c3588a5b26ffb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 1F46 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
683a97afeed074b30133b8dcd92282469544a8c6512c3ccdeee81d9a34c1274d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/svg+xml
checkout.js
www.paypalobjects.com/api/ Frame 1F46 		1 MB
235 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/api/checkout.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/button?env=production&locale.x=en_US&style.layout=vertical&style.size=responsive&style.color=gold&style.shape=pill&style.label=paypal&commit=true&domain=medium-voyances.com&sessionID=uid_879c91e2f5_mta6mzm6mtu&buttonSessionID=uid_cabdc1a789_mta6mzm6mtu&renderedButtons=paypal%2Ccredit%2Ccard&storageID=uid_1020cac1e2_mta6mzm6mtu&funding.disallowed=venmo&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ&uid=22a5fc102d&version=4&xcomponent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
507b7a3d5ee5da4ca209424709b37980ea825978862a8913d048e8d6e652777d
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 10:33:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cache
HIT, HIT
paypal-debug-id
bb1ff039dfeb0
dc
ccg11-origin-www-1.paypal.com
content-length
239948
x-served-by
cache-sjc10020-SJC, cache-hhn-etou8220024-HHN
last-modified
Mon, 25 Apr 2022 17:04:48 GMT
traceparent
00-0000000000000000000bb1ff039dfeb0-368155a208608efa-01
x-timer
S1678357996.284339,VS0,VE0
etag
W/"6266d4b0-16d23e"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
x-cache-hits
29490, 40
button.js
www.paypalobjects.com/api/xo/ Frame 1F46 		435 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/api/xo/button.js?date=2023-2-9
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/smart/button?env=production&locale.x=en_US&style.layout=vertical&style.size=responsive&style.color=gold&style.shape=pill&style.label=paypal&commit=true&domain=medium-voyances.com&sessionID=uid_879c91e2f5_mta6mzm6mtu&buttonSessionID=uid_cabdc1a789_mta6mzm6mtu&renderedButtons=paypal%2Ccredit%2Ccard&storageID=uid_1020cac1e2_mta6mzm6mtu&funding.disallowed=venmo&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ&uid=22a5fc102d&version=4&xcomponent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f713593c4439ecee953b14452b534b2e0d495a2e547a19dbe972a2bed57fe5e4
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 10:33:16 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cache
HIT, HIT
paypal-debug-id
e6086d1008f36
dc
ccg11-origin-www-1.paypal.com
content-length
77971
x-served-by
cache-sjc10054-SJC, cache-hhn-etou8220024-HHN
last-modified
Tue, 15 Feb 2022 20:45:55 GMT
x-timer
S1678357996.284330,VS0,VE1
etag
W/"620c1103-6cd65"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits
43616, 3607
token
www.paypal.com/v1/oauth2/ Frame 1F46 		456 B
1018 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/v1/oauth2/token
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/xo/button.js?date=2023-2-9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
480cef79d74f106a2545af97226c754064695ab2eb8a11ab188f8cbd6b975f04
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.paypal.com/smart/button?env=production&locale.x=en_US&style.layout=vertical&style.size=responsive&style.color=gold&style.shape=pill&style.label=paypal&commit=true&domain=medium-voyances.com&sessionID=uid_879c91e2f5_mta6mzm6mtu&buttonSessionID=uid_cabdc1a789_mta6mzm6mtu&renderedButtons=paypal%2Ccredit%2Ccard&storageID=uid_1020cac1e2_mta6mzm6mtu&funding.disallowed=venmo&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ&uid=22a5fc102d&version=4&xcomponent=1
accept-language
de-DE,de;q=0.9
authorization
Basic QVRDRTc1ZEpPcXRnUENlaWljUDdSX2ZETFNnd3U0aGgwSHpxakRoTm1nSS1ZYXZnbU9DcGctZTUzNi1sUU9Cd25aZDZ5WjVMZDFHaDE2Y2k6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 09 Mar 2023 10:33:16 GMT
via
1.1 varnish
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
paypal-debug-id
f831609c7ccd7
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-hhn-etou8220046-HHN
pragma
no-cache
accept-ch
Sec-CH-UA-Full
traceparent
00-0000000000000000000f831609c7ccd7-8b3a2bd906fbea75-01
x-timer
S1678357996.404025,VS0,VE178
x-paypal-token-service
IAAS
vary
Accept-Encoding
content-type
application/json
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges
none
x-cache-hits
0
logger
www.paypal.com/xoplatform/logger/api/ Frame 1F46 		1001 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f4705a964b02d4a07918dc5a90ede2cef9b50c919c941575eeb6702ca3ad979a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

x-app-name
checkoutjs
Referer
https://www.paypal.com/smart/button?env=production&locale.x=en_US&style.layout=vertical&style.size=responsive&style.color=gold&style.shape=pill&style.label=paypal&commit=true&domain=medium-voyances.com&sessionID=uid_879c91e2f5_mta6mzm6mtu&buttonSessionID=uid_cabdc1a789_mta6mzm6mtu&renderedButtons=paypal%2Ccredit%2Ccard&storageID=uid_1020cac1e2_mta6mzm6mtu&funding.disallowed=venmo&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ&uid=22a5fc102d&version=4&xcomponent=1
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type
application/json

Response headers

date
Thu, 09 Mar 2023 10:33:16 GMT
via
1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS
paypal-debug-id
f831609c98bf5
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-hhn-etou8220046-HHN
accept-ch
Sec-CH-UA-Full
traceparent
00-0000000000000000000f831609c98bf5-ccf8781a46577e23-01
x-timer
S1678357996.424500,VS0,VE299
etag
W/W/"3e9-tuL389G5zQkexRSzNi7UmxeVKfo"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges
none
x-cache-hits
0
graphql
www.paypal.com/ Frame 1F46 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/graphql?GetNativeEligibility
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/xo/button.js?date=2023-2-9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a98288401bd8d22714ce9a6b878d44de30aeb38bd448c9be65623468d1d2ebd8
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-Ygg16xN0TajbxcR/rK3ALFfEcWGjy5zvpTndSDDOZVQklefj' 'self' 'unsafe-inline' 'unsafe-eval' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data: https://c.paypal.com; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com; form-action 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

x-app-name
smart-payment-buttons
accept
application/json
Referer
https://www.paypal.com/smart/button?env=production&locale.x=en_US&style.layout=vertical&style.size=responsive&style.color=gold&style.shape=pill&style.label=paypal&commit=true&domain=medium-voyances.com&sessionID=uid_879c91e2f5_mta6mzm6mtu&buttonSessionID=uid_cabdc1a789_mta6mzm6mtu&renderedButtons=paypal%2Ccredit%2Ccard&storageID=uid_1020cac1e2_mta6mzm6mtu&funding.disallowed=venmo&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ&uid=22a5fc102d&version=4&xcomponent=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type
application/json

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-Ygg16xN0TajbxcR/rK3ALFfEcWGjy5zvpTndSDDOZVQklefj' 'self' 'unsafe-inline' 'unsafe-eval' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data: https://c.paypal.com; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; base-uri 'self' https://*.paypal.com; form-action 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
date
Thu, 09 Mar 2023 10:33:16 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
via
1.1 varnish
content-encoding
br
x-cache
MISS
paypal-debug-id
f507040a9d9bf
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-hhn-etou8220046-HHN
accept-ch
Sec-CH-UA-Full
traceparent
00-0000000000000000000f507040a9d9bf-b618de36923f91cf-01
x-timer
S1678357997.610024,VS0,VE253
etag
W/W/"66a-OFnzA9yAOCbANTsOZ+esVdQ5d+o"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges
none
x-cache-hits
0
logger
www.paypal.com/xoplatform/logger/api/ Frame 1F46 		1016 B
2 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/xo/button.js?date=2023-2-9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eef92d1360591c8836da00940eea2ff8b747dfe80a60dde4d210a2935ed4159a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paypal.com/smart/button?env=production&locale.x=en_US&style.layout=vertical&style.size=responsive&style.color=gold&style.shape=pill&style.label=paypal&commit=true&domain=medium-voyances.com&sessionID=uid_879c91e2f5_mta6mzm6mtu&buttonSessionID=uid_cabdc1a789_mta6mzm6mtu&renderedButtons=paypal%2Ccredit%2Ccard&storageID=uid_1020cac1e2_mta6mzm6mtu&funding.disallowed=venmo&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ&uid=22a5fc102d&version=4&xcomponent=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 09 Mar 2023 10:33:16 GMT
via
1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS
paypal-debug-id
f507040078032
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-hhn-etou8220046-HHN
accept-ch
Sec-CH-UA-Full
traceparent
00-0000000000000000000f507040078032-3319544644d178d0-01
x-timer
S1678357997.680111,VS0,VE194
etag
W/W/"3f8-R6YNyeu6G6KzE3oh/kTLPytb7iM"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypal.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges
none
x-cache-hits
0

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless string| baseUrl object| __postRobot__ object| __zoid__ function| onLegacyPaymentAuthorize function| watchForLegacyFallback function| onLegacyFallback string| LOG_LEVEL function| __pptmLoadedWithNoContent object| paypal object| PAYPAL object| ppxo object| paypalDDL function| $ function| jQuery object| btn number| mh object| scrollButton object| jQuery17104044054685327185 function| updateBdcClicks function| updateClickVgldv function| toggleFieldsBDC function| checkCountry function| checkBdcForm function| checkCPF function| bdc_mode_check function| IsGoodDate string| ALERT_TITLE string| ALERT_BUTTON_TEXT function| createCustomAlert function| removeCustomAlert object| _paq string| PaypalOffersObject function| ppq object| __post_robot_10_0_44__ object| __paypal_global__

10 Cookies

Domain/Path Name / Value
medium-voyances.com/ Name: laravel_session
Value: eyJpdiI6InNCcXNyWmJqSDRxdFhReWM5aEg1aXc9PSIsInZhbHVlIjoieXUxSm05MSs2bU5pRTUwd3B5a3NkVGtnemk0SnZuVEsxTVlZYWxRRWdhMEFSNTBVMytDYjQrSnBxY3JiNWhHQSIsIm1hYyI6IjMzMjNkNjI2MTRmYzEyZWVjNjA1NzU1ZDY3MjBjMjJiMDg0NWE5YThjMTM2NmQ5NzhhZTRlODkwY2QxOGY2NTYifQ%3D%3D
.paypal.com/ Name: l7_az
Value: dcg13.slc
.paypal.com/ Name: enforce_policy
Value: gdpr_v2.1
.paypal.com/ Name: LANG
Value: de_DE%3BDE
www.paypal.com/ Name: nsid
Value: s%3AJsFHJgNpvKA50S9QZWtXzFbIrfdL6Vl3.SiAgOxUXexse10BbuXQscsafld2rllIAHRWf%2B%2FO2Yvg
.paypalobjects.com/ Name: paypal-offers--cust
Value: null:null:null
.paypal.com/ Name: tsrce
Value: loggernodeweb
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTY3ODM1Nzk5Njc5NSIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/ Name: ts
Value: vreXpYrS%3D1773048796%26vteXpYrS%3D1678359796%26vr%3Dc5eea4da1860ad04b82e4065fed03d64%26vt%3Dc5eea4da1860ad04b82e4065fed03d63%26vtyp%3Dnew
.paypal.com/ Name: ts_c
Value: vr%3Dc5eea4da1860ad04b82e4065fed03d64%26vt%3Dc5eea4da1860ad04b82e4065fed03d63

1 Console Messages

Source Level URL
Text
network error URL: https://use.fontawesome.com/releases/v5.0.10/css/all.css')%7D%7D
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
email.medium-astrologia.com
medium-voyances.com
piwik.fullworkplace.com
t.paypal.com
use.fontawesome.com
www.paypal.com
www.paypalobjects.com
151.101.129.21
151.101.130.133
151.101.193.35
2606:4700:e2::ac40:850f
2a00:1450:4001:800::200a
34.102.239.211
5.161.49.133
89.39.104.140
026d47cd35d611661d5dc1751bb27d519b82be04d20718fd4215a1ed4bdb76be
1c2fddd0825f312ee2346815105cd8926f527fbbc54bf19a4c4491af2e2704da
20eae8aad1df5acfad344c9b4c6d66dc2d8cea3a548c2594875d57193f628f0b
236f899c1527fca69389fcdc64cabcab8cb211e9e1ea66f5fc5a132fcd1df988
2493eb2a335c7c6b5b4a3c6ee27663239efca832c0bc562a1a60feb0f2b8883a
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
3ca9b3671484c1e58b247122cb079dac7830157403637668ce8dfa9e60d45453
480cef79d74f106a2545af97226c754064695ab2eb8a11ab188f8cbd6b975f04
507b7a3d5ee5da4ca209424709b37980ea825978862a8913d048e8d6e652777d
518a4f70f0c3a8b8d2d7385e1751e06fe37fabea0ec6d1e2fdc511eb4d134016
59f43716cabcb5cf8e918fe857f49e517e41b5eb608e92cb17a2b7e95579ad0d
609956d8f3f00247e3860552b532a4d4f494bdf60eb503d5105bf33e1c16452e
64108e1264f61cf8c84b37e3ef8c460f7f1a8102bf6ec349e1f089d9ab3bb58b
64b3211d7de9c7c5a6848bc07c45df7e35034cc5b05dd155716f77da89d8b92a
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
683a97afeed074b30133b8dcd92282469544a8c6512c3ccdeee81d9a34c1274d
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
73a4b5d1e527d77b49d488740213c0a51a539d53b79054726635c587acab6f12
771ac00d1783669aea568f0b4a135e0006381a889afb6005d178bb8ec55f8c24
7e1e39076ef91d2bea1cb9aaebec927a53b7fe2092aaa69530d5b4e5a6597116
847a0b91ce14fd555703d639acc347aec15c9b04c708f962c4906494b79926c6
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
8ca6c53eb4e73bcc94923c55bc0092b6527f28e5e68453abbd9ec8c5c77d5d29
8d1580b661786d0fd023e3faa0d9e2e8daa389ae8922e0855859834782dc9faa
969120fcfbd39914a5e73208e24420bedd03238c32c53b0ed80a0558658133d4
96b96b6590eb969cc0a9f6beb0f78568e514bbabd5447b72aa860ea1874a549b
9b12d57cf96244466e30f8df8f2bdb7c30852a1be6823188525c66d74abcc243
a98288401bd8d22714ce9a6b878d44de30aeb38bd448c9be65623468d1d2ebd8
acd73e6cbd279344caf02e4431eb931888b62122a171fac16a6470082a2ce60e
adf9b3c556710fac2e0f2ecf748a1f82afd023d7957336ef228db33f1deb83d3
b2d9e89921e539c095dbc100d8ba65ea7ac895a4c787a309b0173da830bee877
c1f3b5a4781cff05ac584fe7eee248caf35b70bfd5a05ac078ddecbec5767502
c2889c132021f3c912bbbcd45bd6385ecc40b24e76817506fe4f16ec63040564
c2b383b1d33233a941a26573138514408bfdda395e22c42b91159124a238af2d
c3551a75936077de738fa814761a357e4616685f20b8b4c7b80ca565eb6c7b3a
c6ebbe690cbc3a0f5e880fe7dbd4507847ef8261eebb15e6320c8b2415ea8323
cb4ff103b716ed0412e51ad57017b1ffa0c3daaf2ee9cf06cf4c72ed34c4dd41
d210e660c0522873895c55112efd3d0520e2a13beb505981a3fb9b33e4bf1c7e
d6b10bcdf5cc60265cf90d34dca7373e6cd816723d2787bad17955c4551c00f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f00ab7d1f213d73f1a02133d2e6fb49a6f600d069e8d0aa5c3588a5b26ffb6
eef92d1360591c8836da00940eea2ff8b747dfe80a60dde4d210a2935ed4159a
f4705a964b02d4a07918dc5a90ede2cef9b50c919c941575eeb6702ca3ad979a
f713593c4439ecee953b14452b534b2e0d495a2e547a19dbe972a2bed57fe5e4
f7df6ace85a20bc8faa1899da4964551c4d56ab60d046da2a25ccccf0362bff4
fb91dfcb049d42c6a9b5b9798498ced5f618b7a5838c15468da7fe38745d4378