abuserefuge.org Open in urlscan Pro
192.185.129.69 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://aroemails.com/?nltr=NTU7NjkxO2h0dHBzOi8vYWJ1c2VyZWZ1Z2Uub3JnL3Byb2R1Y3QvZG9uYXRlLWFueS1hbW91bnQ7OzhhMjcwMTc1YT...
Effective URL:
https://abuserefuge.org/product/donate-any-amount
Submission: On July 08 via manual (July 8th 2021, 9:25:36 pm UTC) from SA

Summary HTTP 119 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 10 domains to perform 119 HTTP transactions. The main IP is 192.185.129.69, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is abuserefuge.org.
TLS certificate: Issued by R3 on May 13th 2021. Valid for: 3 months.

This is the only time abuserefuge.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	192.185.129.112 192.185.129.112	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
49	192.185.129.69 192.185.129.69	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
4	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:6ea0:c70... 2a02:6ea0:c700::11	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
40	104.111.228.123 104.111.228.123	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c70... 2a02:6ea0:c700::4	60068 (CDN77 ^_^) (CDN77 ^_^)
4	151.101.65.35 151.101.65.35	54113 (FASTLY) (FASTLY)
119	16

1 192.185.129.112 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-185-129-112.unifiedlayer.com

aroemails.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 192.185.129.69 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: bh-ht-10.webhostbox.net

abuserefuge.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.printfriendly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 104.111.228.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::4 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

key-cdn.printfriendly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.65.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	abuserefuge.org abuserefuge.org	1 MB
32	paypal.com www.paypal.com t.paypal.com	884 KB
12	paypalobjects.com www.paypalobjects.com	290 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	219 KB
5	googleapis.com fonts.googleapis.com translate.googleapis.com	98 KB
4	googletagmanager.com www.googletagmanager.com	162 KB
3	printfriendly.com cdn.printfriendly.com key-cdn.printfriendly.com	18 KB
3	google-analytics.com www.google-analytics.com	19 KB
2	google.com www.google.com translate.google.com	5 KB
1	aroemails.com 1 redirects aroemails.com	278 B
119	10

	Domain	Requested by
49	abuserefuge.org	abuserefuge.org
28	www.paypal.com	abuserefuge.org www.paypal.com www.paypalobjects.com
12	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
5	fonts.gstatic.com	fonts.googleapis.com
4	t.paypal.com	abuserefuge.org
4	translate.googleapis.com	translate.google.com translate.googleapis.com srcdoc
4	www.gstatic.com	www.google.com abuserefuge.org translate.googleapis.com
4	www.googletagmanager.com	abuserefuge.org www.googletagmanager.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cdn.printfriendly.com	abuserefuge.org
1	key-cdn.printfriendly.com	cdn.printfriendly.com
1	translate.google.com	abuserefuge.org
1	www.google.com	abuserefuge.org
1	fonts.googleapis.com	abuserefuge.org
1	aroemails.com	1 redirects
119	15

This site contains links to these domains. Also see Links.

Domain
fb.me
www.linkedin.com
twitter.com
www.instagram.com
www.pinterest.com
www.youtube.com
www.tiktok.com
donorbox.org
www.facebook.com
pinterest.com
tumblr.com
www.reddit.com
www.rainn.org
www.independent.co.uk
www.forbes.com
www.medicalnewstoday.com
www.northpointrecovery.com
www.psychologytoday.com
translate.google.com

Subject Issuer	Validity	Valid
*.abuserefuge.org R3	`2021-05-13` - `2021-08-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
1937640834.rsc.cdn77.org R3	`2021-07-08` - `2021-10-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2021-06-21` - `2022-01-11`	7 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
1639039923.rsc.cdn77.org R3	`2021-07-03` - `2021-10-01`	3 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-11-17` - `2021-11-21`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://abuserefuge.org/product/donate-any-amount
Frame ID: 1344C6FA49E8358EDF3735AE3D8E7E98
Requests: 88 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&components.0=buttons&components.1=funding-eligibility&components.2=messages&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVFiZ2hZZC03bVJQeWltRXJpWVNjSWdUbllVc0xucjV3Vm5Qbm1mUGFTendLclVlM3FOemZFYzVoWHI5VWNmX0pHX0hGQVpwSk1KWVhNdWsmbWVyY2hhbnQtaWQ9QlhZRkI1TEE2MzVEMiZpbnRlbnQ9Y2FwdHVyZSZsb2NhbGU9ZW5fVVMmY29tcG9uZW50cz1idXR0b25zLGZ1bmRpbmctZWxpZ2liaWxpdHksbWVzc2FnZXMmY29tbWl0PWZhbHNlJmN1cnJlbmN5PVVTRCIsImF0dHJzIjp7ImRhdGEtcGFydG5lci1hdHRyaWJ1dGlvbi1pZCI6Ildvb1RoZW1lc19FQyIsImRhdGEtdWlkIjoidWlkX2d3YWtlc21kaGZ2YWt3eWxudWN6cmJwbHpkdGh4ZSJ9fQ&clientID=AQbghYd-7mRPyimEriYScIgTnYUsLnr5wVnPnmfPaSzwKrUe3qNzfEc5hXr9Ucf_JG_HFAZpJMJYXMuk&sdkCorrelationID=f36b4632abd62&storageID=uid_fb500c8ef8_mje6mju6mtg&sessionID=uid_7133086101_mje6mju6mtg&buttonSessionID=uid_be3f28a8a0_mje6mju6mtg&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOmZhbHNlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX19LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&merchantID.0=BXYFB5LA635D2&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
Frame ID: C16F67396AC989CB65DAB11C1B88F5ED
Requests: 5 HTTP requests in this frame

Frame: data://truncated
Frame ID: 3D0F80BC076B37F1B239FA9DC2581050
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: FE4AFB11368520C6A7445EEB7F9DA0E1
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 3633995F600B17EAE8D7DC8FA63249EE
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=true&components.0=buttons&components.1=messages&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWU1ZjFnQ01zVlFkR0hnVy05a1ZWaHlsUGRrajNETFRPd01NaFRGZEc4STlMTkg4VlFmd0hvcE5ZVWV6Wmx5WEdxQ01Pc2dHS01vd3VNQVQmY3VycmVuY3k9VVNEJmludGVncmF0aW9uLWRhdGU9MjAyMC0xMC0xNSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMmdmF1bHQ9ZmFsc2UmY29tbWl0PWZhbHNlJmludGVudD1jYXB0dXJlJm1lcmNoYW50LWlkPUJYWUZCNUxBNjM1RDImZGlzYWJsZS1mdW5kaW5nPWNhcmQiLCJhdHRycyI6eyJkYXRhLXBhcnRuZXItYXR0cmlidXRpb24taWQiOiJXb29fUFBDUCIsImRhdGEtdWlkIjoidWlkX3pmbHZha2h2enB6YnVpdW1hbXhoZG5zeXB0d2VoaiJ9fQ&clientID=Ae5f1gCMsVQdGHgW-9kVVhylPdkj3DLTOwMMhTFdG8I9LNH8VQfwHopNYUezZlyXGqCMOsgGKMowuMAT&sdkCorrelationID=69d4e9edb3bb7&storageID=uid_73224920f7_mje6mju6mtk&sessionID=uid_516a2a7c55_mje6mju6mtk&buttonSessionID=uid_bdbf5430ff_mje6mju6mtk&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjpmYWxzZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19fSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&disableFunding.0=card&merchantID.0=BXYFB5LA635D2&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
Frame ID: 0599741F4F93D40377FC0D7AB830AC67
Requests: 5 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/smart/message?merchant_id=BXYFB5LA635D2&currency=USD&amount=0&placement=product&style=%7B%22layout%22%3A%22text%22%2C%22logo%22%3A%7B%22type%22%3A%22primary%22%2C%22position%22%3A%22left%22%7D%2C%22text%22%3A%7B%22color%22%3A%22black%22%7D%2C%22color%22%3A%22blue%22%2C%22ratio%22%3A%221x1%22%7D&client_id=Ae5f1gCMsVQdGHgW-9kVVhylPdkj3DLTOwMMhTFdG8I9LNH8VQfwHopNYUezZlyXGqCMOsgGKMowuMAT&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVFiZ2hZZC03bVJQeWltRXJpWVNjSWdUbllVc0xucjV3Vm5Qbm1mUGFTendLclVlM3FOemZFYzVoWHI5VWNmX0pHX0hGQVpwSk1KWVhNdWsmbWVyY2hhbnQtaWQ9QlhZRkI1TEE2MzVEMiZpbnRlbnQ9Y2FwdHVyZSZsb2NhbGU9ZW5fVVMmY29tcG9uZW50cz1idXR0b25zLGZ1bmRpbmctZWxpZ2liaWxpdHksbWVzc2FnZXMmY29tbWl0PWZhbHNlJmN1cnJlbmN5PVVTRCIsImF0dHJzIjp7ImRhdGEtcGFydG5lci1hdHRyaWJ1dGlvbi1pZCI6Ildvb1RoZW1lc19FQyIsImRhdGEtdWlkIjoidWlkX2d3YWtlc21kaGZ2YWt3eWxudWN6cmJwbHpkdGh4ZSJ9fQ&env=production&version=1.24.1&deviceID=uid_fb500c8ef8_mje6mju6mtg&sessionID=uid_7133086101_mje6mju6mtg&scriptUID=uid_gwakesmdhfvakwylnuczrbplzdthxe&pp_debug=false
Frame ID: 9C3F473C04E978A2B1FC778A62C28351
Requests: 9 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 08991A536049C429D3BC39746B80ADEB
Requests: 4 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/smart/modal?merchant_id=BXYFB5LA635D2&currency=USD&amount=0&client_id=Ae5f1gCMsVQdGHgW-9kVVhylPdkj3DLTOwMMhTFdG8I9LNH8VQfwHopNYUezZlyXGqCMOsgGKMowuMAT&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVFiZ2hZZC03bVJQeWltRXJpWVNjSWdUbllVc0xucjV3Vm5Qbm1mUGFTendLclVlM3FOemZFYzVoWHI5VWNmX0pHX0hGQVpwSk1KWVhNdWsmbWVyY2hhbnQtaWQ9QlhZRkI1TEE2MzVEMiZpbnRlbnQ9Y2FwdHVyZSZsb2NhbGU9ZW5fVVMmY29tcG9uZW50cz1idXR0b25zLGZ1bmRpbmctZWxpZ2liaWxpdHksbWVzc2FnZXMmY29tbWl0PWZhbHNlJmN1cnJlbmN5PVVTRCIsImF0dHJzIjp7ImRhdGEtcGFydG5lci1hdHRyaWJ1dGlvbi1pZCI6Ildvb1RoZW1lc19FQyIsImRhdGEtdWlkIjoidWlkX2d3YWtlc21kaGZ2YWt3eWxudWN6cmJwbHpkdGh4ZSJ9fQ&env=production&version=1.24.1&deviceID=uid_fb500c8ef8_mje6mju6mtg&sessionID=uid_7133086101_mje6mju6mtg&scriptUID=uid_gwakesmdhfvakwylnuczrbplzdthxe&pp_debug=false
Frame ID: 7C6719605C82512B2098F4DF4D603665
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://aroemails.com/?nltr=NTU7NjkxO2h0dHBzOi8vYWJ1c2VyZWZ1Z2Uub3JnL3Byb2R1Y3QvZG9uYXRlLWFueS1hbW... HTTP 302
https://abuserefuge.org/product/donate-any-amount Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

119
Requests

100 %
HTTPS

75 %
IPv6

10
Domains

15
Subdomains

16
IPs

2
Countries

2894 kB
Transfer

9272 kB
Size

19
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://fb.me/AbuseRefugeOrg

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/abuser-refuge-org/about/?viewAsMember=true

Search URL Search Domain Scan URL

URL: https://twitter.com/abuseorg

Search URL Search Domain Scan URL

URL: https://www.instagram.com/abuserefugeorg/

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/Abuse_Refuge/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC0v0bX1Kwlg49H7-9oDjFMQ?view_as=subscriber

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@abuserefugeorg?lang=en

Search URL Search Domain Scan URL

URL: https://donorbox.org/abuse-refuge-org-ongoing-donations
Title: Donate Now!

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fabuserefuge.org%2Fproduct%2Fdonate-any-amount%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Donate+Any+Amount&url=https%3A%2F%2Fabuserefuge.org%2Fproduct%2Fdonate-any-amount%2F

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https%3A%2F%2Fabuserefuge.org%2Fproduct%2Fdonate-any-amount%2F&description=Donate+Any+Amount&media=https%3A%2F%2Fabuserefuge.org%2Fwp-content%2Fuploads%2F2021%2F03%2FLotus_Breathe_Shadow%402x-thegem-blog-timeline-large.png

Search URL Search Domain Scan URL

URL: http://tumblr.com/widgets/share/tool?canonicalUrl=https%3A%2F%2Fabuserefuge.org%2Fproduct%2Fdonate-any-amount%2F

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fabuserefuge.org%2Fproduct%2Fdonate-any-amount%2F&title=Donate+Any+Amount&summary=We+are+a+non-profit+organization.+Our+charitable+and+life-saving+activities+are+taking+place+around+the+country.%C2%A0%3Cstrong%3EDonate%3C%2Fstrong%3E%C2%A0and+contribute+to+help+us+to+provide+better+lives+and+resources+for+the+many%C2%A0%3Cstrong%3E%E2%80%9CAbused+Survivors%E2%80%9D%3C%2Fstrong%3E.

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https%3A%2F%2Fabuserefuge.org%2Fproduct%2Fdonate-any-amount%2F&title=Donate+Any+Amount

Search URL Search Domain Scan URL

URL: https://www.rainn.org/statistics/victims-sexual-violence
Title: Sexual Abuse Facts

Search URL Search Domain Scan URL

URL: https://www.independent.co.uk/news/science/narcissism-the-science-behind-the-rise-of-a-modern-epidemic-a6925606.html
Title: Narcissism On The Rise?

Search URL Search Domain Scan URL

URL: https://www.forbes.com/sites/jenniferwang/2020/01/20/from-buffett-to-bloomberg-the-25-philanthropists-in-america-making-the-biggest-donations/#5970a6c4e8f5
Title: The Biggest Donors in America

Search URL Search Domain Scan URL

URL: https://www.medicalnewstoday.com/articles/327080#signs
Title: Everyday Psychological Abuse

Search URL Search Domain Scan URL

URL: https://www.northpointrecovery.com/blog/7-tips-deal-stop-intrusive-thoughts/
Title: Intrusive Thoughts- The Good, The Bad and the Ugly

Search URL Search Domain Scan URL

URL: https://www.northpointrecovery.com/blog/gaslighting-examples-effects-confront-abuse/
Title: What is Gaslighting and It’s Effects?

Search URL Search Domain Scan URL

URL: https://www.psychologytoday.com/us/blog/invisible-chains/201902/how-domestic-abusers-groom-and-isolate-their-victims
Title: How Domestic Abusers Groom Their Victims

Search URL Search Domain Scan URL

URL: https://translate.google.com/
Title: Translate

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://aroemails.com/?nltr=NTU7NjkxO2h0dHBzOi8vYWJ1c2VyZWZ1Z2Uub3JnL3Byb2R1Y3QvZG9uYXRlLWFueS1hbW91bnQ7OzhhMjcwMTc1YTdjMWQ3YjRjYWE0YTNkMTYzM2ZiMDA2 HTTP 302
https://abuserefuge.org/product/donate-any-amount Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

119 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request donate-any-amount Show response
abuserefuge.org/product/
Redirect Chain

https://aroemails.com/?nltr=NTU7NjkxO2h0dHBzOi8vYWJ1c2VyZWZ1Z2Uub3JnL3Byb2R1Y3QvZG9uYXRlLWFueS1hbW91bnQ7OzhhMjcwMTc1YTdjMWQ3YjRjYWE0YTNkMTYzM2ZiMDA2
https://abuserefuge.org/product/donate-any-amount

90 KB
22 KB

798ms
488ms

Document
text/html

192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: 88189ed5390901d5ad68d7b0882db0be715f7411a572a57d0a404eab491f96f5

Request headers

:method: GET
:authority: abuserefuge.org
:scheme: https
:path: /product/donate-any-amount
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:17 GMT
server: nginx/1.19.10
content-type: text/html; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding,User-Agent
last-modified: Thu, 08 Jul 2021 21:25:17 GMT
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
x-server-cache: false

Redirect headers

date: Thu, 08 Jul 2021 21:25:15 GMT
server: Apache
set-cookie: newsletter=691-cb719bedb7; expires=Fri, 08-Jul-2022 21:25:16 GMT; Max-Age=31536000; path=/ tnpe=55-1f1cbd9c3c; expires=Fri, 08-Jul-2022 21:25:16 GMT; Max-Age=31536000; path=/
location: https://abuserefuge.org/product/donate-any-amount
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
36 KB 27ms
18ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-199649804-1

Requested by

Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eea7e479b4f717ccac449438640ca8bfb1fdc1c2b01083d3ab9ac688a1ea0e30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36879
x-xss-protection: 0
last-modified: Thu, 08 Jul 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 08 Jul 2021 21:25:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 125 KB
48 KB 33ms
22ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2ZJB24TRF4

Requested by

Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

456d17e807599620215b9ae289e7ac28d91b6571e947d8506b9f91d7d4da2682

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:17 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49278
x-xss-protection: 0
expires: Thu, 08 Jul 2021 21:25:17 GMT

GET
H2 200 85489.js Show response
abuserefuge.org/wp-content/cache/minify/1/ 15 KB
5 KB 212ms
209ms Script
application/x-javascript 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/cache/minify/1/85489.js
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: 71f85d8adf38bc2c0cd0c6cd81aba1af76c4e0e06906ca65adae770b41e7a346

Request headers

:path: /wp-content/cache/minify/1/85489.js
pragma: no-cache
cookie: _ga_2ZJB24TRF4=GS1.1.1625779517.1.0.1625779517.0; _ga=GA1.1.1593935874.1625779517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:18 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jul 2021 11:34:30 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4738
expires: Fri, 08 Jul 2022 21:25:18 GMT

GET
H2 200 0ee75.css
abuserefuge.org/wp-content/cache/minify/1/ 107 KB
22 KB 386ms
376ms Stylesheet
text/css 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/cache/minify/1/0ee75.css
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: 34e93dc322f9f0ddfaa4b464cd8f0219d8f0a63ed250d032aadf26729b508980

Request headers

:path: /wp-content/cache/minify/1/0ee75.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:17 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jul 2021 11:34:14 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 22362
expires: Fri, 08 Jul 2022 21:25:17 GMT

GET
H2 200 78504.css
abuserefuge.org/wp-content/cache/minify/1/ 407 KB
54 KB 394ms
386ms Stylesheet
text/css 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/cache/minify/1/78504.css
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: f90741069b67e8c04f266a9521c99399792e2af9abb3ef84934cf4c680f7e723

Request headers

:path: /wp-content/cache/minify/1/78504.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:17 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jul 2021 11:34:14 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 54432
expires: Fri, 08 Jul 2022 21:25:17 GMT

GET
H2 200 css
fonts.googleapis.com/ 55 KB
2 KB 22ms
13ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C600%2C600italic%2C700%2C700italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=cyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin%2Clatin-ext%2Cvietnamese&ver=5.7.2

Requested by

Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fdc75f041e1a3d3d6d3b1d0a632ca0bc76d33d28edb2d8272e33050d0ac6f42f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 08 Jul 2021 21:03:37 GMT
server: ESF
date: Thu, 08 Jul 2021 21:25:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Jul 2021 21:25:17 GMT

GET
H2 200 21cda.css
abuserefuge.org/wp-content/cache/minify/1/ 197 KB
23 KB 249ms
241ms Stylesheet
text/css 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/cache/minify/1/21cda.css
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: 6e3452aef46a76d744bfbe2c7460237cd30bd5ef4c3e60229d001650f8355ed9

Request headers

:path: /wp-content/cache/minify/1/21cda.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:17 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jul 2021 11:34:14 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 23366
expires: Fri, 08 Jul 2022 21:25:17 GMT

GET
H2 200 c7e08.css
abuserefuge.org/wp-content/cache/minify/1/ 1 MB
159 KB 492ms
485ms Stylesheet
text/css 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/cache/minify/1/c7e08.css
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: 9dce46f67ab708db59c1dcdf3e94cdba5b615f19577cee8054e9851f870e9b20

Request headers

:path: /wp-content/cache/minify/1/c7e08.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:17 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jul 2021 11:34:18 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 161874
expires: Fri, 08 Jul 2022 21:25:17 GMT

GET
H2 200 ddede.css
abuserefuge.org/wp-content/cache/minify/1/ 337 KB
138 KB 492ms
485ms Stylesheet
text/css 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/cache/minify/1/ddede.css
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: 70443b824fa8e71c4b5f20c495e457ecd648fbe781001f0b688bd7a7c4374fbf

Request headers

:path: /wp-content/cache/minify/1/ddede.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:17 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jul 2021 17:27:47 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 139859
expires: Fri, 08 Jul 2022 21:25:17 GMT

GET
H2 200 f70c2.css
abuserefuge.org/wp-content/cache/minify/1/ 67 KB
7 KB 228ms
222ms Stylesheet
text/css 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/cache/minify/1/f70c2.css
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: e7ddee2594b0f462ef608bbd385a3ab7557b4133780369bb19c675135ec7330f

Request headers

:path: /wp-content/cache/minify/1/f70c2.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:17 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jul 2021 11:34:11 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 6645
expires: Fri, 08 Jul 2022 21:25:17 GMT

GET
H2 200 a08fb.js Show response
abuserefuge.org/wp-content/cache/minify/1/ 143 KB
45 KB 360ms
353ms Script
application/x-javascript 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/cache/minify/1/a08fb.js
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: d4cd5cee9a33e69e4d2be7ae8cae8c89e5542db931f487e504bfb2ca206d2df8

Request headers

:path: /wp-content/cache/minify/1/a08fb.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:17 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jul 2021 11:34:11 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 46065
expires: Fri, 08 Jul 2022 21:25:17 GMT

GET
H2 200 3852f.js Show response
abuserefuge.org/wp-content/cache/minify/1/ 2 KB
779 B 219ms
213ms Script
application/x-javascript 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/cache/minify/1/3852f.js
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: 1b08ca4940fbafeb0605ebc2ad8162e6518985408ca24f971ccfa01f6e0456fc

Request headers

:path: /wp-content/cache/minify/1/3852f.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:17 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jul 2021 11:34:11 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 648
expires: Fri, 08 Jul 2022 21:25:17 GMT

GET
H2 200 4aa0d.js Show response
abuserefuge.org/wp-content/cache/minify/1/ 282 KB
97 KB 490ms
485ms Script
application/x-javascript 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/cache/minify/1/4aa0d.js
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: a135225095f7cd0044cd2f6d3abb0637519f4dcbe398109753e0b9cbd7ea5cd7

Request headers

:path: /wp-content/cache/minify/1/4aa0d.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:17 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jul 2021 11:34:12 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 98546
expires: Fri, 08 Jul 2022 21:25:17 GMT

GET
H2 200 a6c57.js Show response
abuserefuge.org/wp-content/cache/minify/1/ 28 KB
7 KB 377ms
372ms Script
application/x-javascript 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/cache/minify/1/a6c57.js
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: 516db4728157c5dea9626143c7ccb01beb5036003bdb99bb1a59aa07400ec6fe

Request headers

:path: /wp-content/cache/minify/1/a6c57.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:17 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jul 2021 11:34:13 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 6935
expires: Fri, 08 Jul 2022 21:25:17 GMT

GET
H2 200 1de0a.js Show response
abuserefuge.org/wp-content/cache/minify/1/ 2 KB
878 B 356ms
351ms Script
application/x-javascript 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/cache/minify/1/1de0a.js
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: c6e89e204412eff05c5c0976a8e91604c20cb7a8c12e6d521e910fcac2d8c739

Request headers

:path: /wp-content/cache/minify/1/1de0a.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:17 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jul 2021 11:34:11 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 841
expires: Fri, 08 Jul 2022 21:25:17 GMT

GET
H2 200 5b9bd.js Show response
abuserefuge.org/wp-content/cache/minify/1/ 2 KB
865 B 382ms
378ms Script
application/x-javascript 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/cache/minify/1/5b9bd.js
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: 082b22757dbad8589ea6d4be0c71542a418b59436098fed7b31334b04e155ef0

Request headers

:path: /wp-content/cache/minify/1/5b9bd.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:17 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jul 2021 11:34:13 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 828
expires: Fri, 08 Jul 2022 21:25:17 GMT

GET
H2 200 2510b.js Show response
abuserefuge.org/wp-content/cache/minify/1/ 205 B
198 B 488ms
484ms Script
application/x-javascript 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/cache/minify/1/2510b.js
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: 6c291877cf5d038d0c0add310d75c6962837353a596c7be8611eba0cbd6baff8

Request headers

:path: /wp-content/cache/minify/1/2510b.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:17 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jul 2021 11:34:27 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 162
expires: Fri, 08 Jul 2022 21:25:17 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 908 B
692 B 18ms
14ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en_US&onload=sdm_reCaptcha&render=explicit&ver=5.7.2

Requested by

Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7311c5381c93b369e9314c203406e8f90038e1b4ba8c61f53d489c9ee9828862

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 581
x-xss-protection: 1; mode=block
expires: Thu, 08 Jul 2021 21:25:17 GMT

GET
H2 200 6d18f.js Show response
abuserefuge.org/wp-content/cache/minify/1/ 9 KB
3 KB 487ms
484ms Script
application/x-javascript 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/cache/minify/1/6d18f.js
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: b49498d1142de7f2e16afc2cd4250d2ba30c5df4de5d291f51d7cf69727efdbe

Request headers

:path: /wp-content/cache/minify/1/6d18f.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:17 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jul 2021 11:34:27 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3489
expires: Fri, 08 Jul 2022 21:25:17 GMT

GET
H2 200 fc9b6.js Show response
abuserefuge.org/wp-content/cache/minify/1/ 3 KB
1 KB 486ms
483ms Script
application/x-javascript 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/cache/minify/1/fc9b6.js
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: 8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8

Request headers

:path: /wp-content/cache/minify/1/fc9b6.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:17 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jul 2021 11:34:27 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1085
expires: Fri, 08 Jul 2022 21:25:17 GMT

GET
H2 200 9c62a.js Show response
abuserefuge.org/wp-content/cache/minify/1/ 1 KB
655 B 382ms
379ms Script
application/x-javascript 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/cache/minify/1/9c62a.js
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: ff307fcf1e1f8721e4f8e54fa3cf51d28ef46ed27371becf5f394545ab6e5157

Request headers

:path: /wp-content/cache/minify/1/9c62a.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:17 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jul 2021 11:34:27 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 595
expires: Fri, 08 Jul 2022 21:25:17 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 76 KB
30 KB 26ms
24ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K94SKM6

Requested by

Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

86b95e988bb3d188e92c433b0a30989ecf104d6d3369cf541a4ec7bc0f2b636c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31039
x-xss-protection: 0
last-modified: Thu, 08 Jul 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 08 Jul 2021 21:25:18 GMT

GET
H2 200 wp-emoji-release.min.js Show response
abuserefuge.org/wp-includes/js/ 14 KB
5 KB 218ms
215ms Script
application/x-javascript 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
pragma: no-cache
cookie: _ga_2ZJB24TRF4=GS1.1.1625779517.1.0.1625779517.0; _ga=GA1.1.1593935874.1625779517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:18 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 04 Feb 2021 05:36:46 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding,User-Agent
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4942
expires: Fri, 08 Jul 2022 21:25:18 GMT

GET
H2 200 print.css
abuserefuge.org/wp-content/plugins/paid-memberships-pro/css/ 86 B
156 B 216ms
215ms Stylesheet
text/css 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/plugins/paid-memberships-pro/css/print.css?ver=2.5.10.1
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: 914cb6fe13efdf97379c1a2910d677144821201ff3f41b67a5a6ddb367e1a27b

Request headers

:path: /wp-content/plugins/paid-memberships-pro/css/print.css?ver=2.5.10.1
pragma: no-cache
cookie: _ga_2ZJB24TRF4=GS1.1.1625779517.1.0.1625779517.0; _ga=GA1.1.1593935874.1625779517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:18 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 06 Jul 2021 05:36:55 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 97
expires: Fri, 08 Jul 2022 21:25:18 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-199649804-1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 7173
date: Thu, 08 Jul 2021 19:25:45 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Thu, 08 Jul 2021 21:25:45 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 122 KB
47 KB 30ms
28ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2ZJB24TRF4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-199649804-1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2bcffeae4901dd7c6b50296bd0d2d192088e66b1f2463117687b8ccbd805f45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:18 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48409
x-xss-protection: 0
expires: Thu, 08 Jul 2021 21:25:18 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
72 B 13ms
13ms Ping
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-2ZJB24TRF4&gtm=2oe770&_p=515878572&sr=1600x1200&ul=en-us&cid=1593935874.1625779517&_s=1&dl=https%3A%2F%2Fabuserefuge.org%2Fproduct%2Fdonate-any-amount&dt=Donate%20Any%20Amount%20%E2%80%93%20Abuse%20Refuge%20Org&sid=1625779517&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2ZJB24TRF4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 21:25:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://abuserefuge.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 printfriendly.js Show response
cdn.printfriendly.com/ 52 KB
15 KB 45ms
10ms Script
application/javascript 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.printfriendly.com/printfriendly.js
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 358df2f955233a32a72afde6caa20a2fdaddf382241548ba588e2909f181bb9b

Request headers

Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 08 Jul 2021 21:25:18 GMT
content-encoding: br
etag: W/"7090219ca8c53b9faabc2b7954ceac68"
x-guploader-response-body-transformations: gunzipped
age: 143
x-guploader-uploadid: ADPycdu2xOvvRh0XNNx6ZIYrXh4RbxahGGHAiV1-J29oHmk66NejkYz13cl5BbGdsbAVnU-5FeAFQAEn32vZf_Qbsc19i6n7Mw
x-77-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-cache: HIT
x-age: 109
x-77-nzt: AcO1rgVFf4DvbQAAAA==
x-accel-expires: @1625779709
last-modified: Thu, 08 Jul 2021 20:09:02 GMT
server: CDN77-Turbo
x-77-nzt-ray: zN1vUY6fs14=
vary: Accept-Encoding
x-goog-hash: crc32c=ZtRY0A==, md5=cJAhnKjFO5+qvCt5VM6saA==
x-goog-generation: 1625774941952991
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 14764
content-type: application/javascript
warning: 214 UploadServer gunzipped
expires: Thu, 08 Jul 2021 20:15:50 GMT

GET
H2 200 fc116.css
abuserefuge.org/wp-content/cache/minify/1/ 334 KB
26 KB 543ms
541ms Stylesheet
text/css 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/cache/minify/1/fc116.css
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: 3cdb6cd71514f6416ddd88c9307df1f0b2c4e62257f155ba0ca135d677f2618b

Request headers

:path: /wp-content/cache/minify/1/fc116.css
pragma: no-cache
cookie: _ga_2ZJB24TRF4=GS1.1.1625779517.1.0.1625779517.0; _ga=GA1.1.1593935874.1625779517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:17 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jul 2021 17:28:13 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 26388
expires: Fri, 08 Jul 2022 21:25:17 GMT

GET
H2 200 57fad.js Show response
abuserefuge.org/wp-content/cache/minify/1/ 31 KB
9 KB 544ms
541ms Script
application/x-javascript 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/cache/minify/1/57fad.js
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: 86f5dfb35dd62df1e9bb5c9f3fefa314b63d1fda7a5a905cce87b200299a13eb

Request headers

:path: /wp-content/cache/minify/1/57fad.js
pragma: no-cache
cookie: _ga_2ZJB24TRF4=GS1.1.1625779517.1.0.1625779517.0; _ga=GA1.1.1593935874.1625779517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:17 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jul 2021 11:34:27 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 9138
expires: Fri, 08 Jul 2022 21:25:17 GMT

GET
H2 200 24828.js Show response
abuserefuge.org/wp-content/cache/minify/1/ 141 KB
41 KB 544ms
540ms Script
application/x-javascript 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/cache/minify/1/24828.js
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: 4ba148c397102bdc2398a9e47819cae62aad84dd278afb5b7c8f4ab5bdbadb75

Request headers

:path: /wp-content/cache/minify/1/24828.js
pragma: no-cache
cookie: _ga_2ZJB24TRF4=GS1.1.1625779517.1.0.1625779517.0; _ga=GA1.1.1593935874.1625779517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:17 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jul 2021 11:34:26 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 41489
expires: Fri, 08 Jul 2022 21:25:17 GMT

GET
H2 200 fcbab.js Show response
abuserefuge.org/wp-content/cache/minify/1/ 1 KB
554 B 543ms
540ms Script
application/x-javascript 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/cache/minify/1/fcbab.js
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: 32325245023daef823fa545ba29fa3eb352aebf5292940e86d676b1b7308ac7e

Request headers

:path: /wp-content/cache/minify/1/fcbab.js
pragma: no-cache
cookie: _ga_2ZJB24TRF4=GS1.1.1625779517.1.0.1625779517.0; _ga=GA1.1.1593935874.1625779517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:17 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jul 2021 11:34:26 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 517
expires: Fri, 08 Jul 2022 21:25:17 GMT

GET
H2 200 bffa8.js Show response
abuserefuge.org/wp-content/cache/minify/1/ 118 KB
40 KB 543ms
540ms Script
application/x-javascript 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/cache/minify/1/bffa8.js
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: 5f6e30edc55236c54bc309922cbd8f95a9d41447200eaf167f25e30bf6021f98

Request headers

:path: /wp-content/cache/minify/1/bffa8.js
pragma: no-cache
cookie: _ga_2ZJB24TRF4=GS1.1.1625779517.1.0.1625779517.0; _ga=GA1.1.1593935874.1625779517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:17 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jul 2021 11:34:30 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 40757
expires: Fri, 08 Jul 2022 21:25:17 GMT

GET
H2 200 867b4.js Show response
abuserefuge.org/wp-content/cache/minify/1/ 21 KB
6 KB 543ms
540ms Script
application/x-javascript 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/cache/minify/1/867b4.js
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: c3d695753f39bbe0a7cee3939cedf5fbe15e5818b377a51fc0f95246c9f12a01

Request headers

:path: /wp-content/cache/minify/1/867b4.js
pragma: no-cache
cookie: _ga_2ZJB24TRF4=GS1.1.1625779517.1.0.1625779517.0; _ga=GA1.1.1593935874.1625779517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:17 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jul 2021 11:34:26 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 6221
expires: Fri, 08 Jul 2022 21:25:17 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 10 KB
4 KB 36ms
15ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit

Requested by

Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

dc19e10410939a9e7e64b94f0af97320aee7e9ac2a657655f4240f83fec908f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 21:25:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: en
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3855
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1d4f5.js Show response
abuserefuge.org/wp-content/cache/minify/1/ 8 KB
3 KB 542ms
539ms Script
application/x-javascript 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/cache/minify/1/1d4f5.js
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: 047c021588391a63990bc9fff83fb33bd10e01280a8638b6ee93b0b6b91ec448

Request headers

:path: /wp-content/cache/minify/1/1d4f5.js
pragma: no-cache
cookie: _ga_2ZJB24TRF4=GS1.1.1625779517.1.0.1625779517.0; _ga=GA1.1.1593935874.1625779517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:17 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jul 2021 13:21:53 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2792
expires: Fri, 08 Jul 2022 21:25:17 GMT

GET
H2 200 63a69.js Show response
abuserefuge.org/wp-content/cache/minify/1/ 2 KB
854 B 541ms
539ms Script
application/x-javascript 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/cache/minify/1/63a69.js
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8

Request headers

:path: /wp-content/cache/minify/1/63a69.js
pragma: no-cache
cookie: _ga_2ZJB24TRF4=GS1.1.1625779517.1.0.1625779517.0; _ga=GA1.1.1593935874.1625779517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:17 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jul 2021 11:34:26 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 794
expires: Fri, 08 Jul 2022 21:25:17 GMT

GET
H2 200 b4041.js Show response
abuserefuge.org/wp-content/cache/minify/1/ 3 KB
1 KB 543ms
540ms Script
application/x-javascript 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/cache/minify/1/b4041.js
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: 9c7c023f91428234ca0ea4df1199758686f4dcd04da96ba63571788fb3389c0b

Request headers

:path: /wp-content/cache/minify/1/b4041.js
pragma: no-cache
cookie: _ga_2ZJB24TRF4=GS1.1.1625779517.1.0.1625779517.0; _ga=GA1.1.1593935874.1625779517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:17 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jul 2021 11:34:26 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1035
expires: Fri, 08 Jul 2022 21:25:17 GMT

GET
H2 200 8888b.js Show response
abuserefuge.org/wp-content/cache/minify/1/ 21 KB
5 KB 543ms
541ms Script
application/x-javascript 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/cache/minify/1/8888b.js
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: c4bb27e2f2c620b22cda6faab8219f75b4c62c8abc1bedc0b804e082da92b8dd

Request headers

:path: /wp-content/cache/minify/1/8888b.js
pragma: no-cache
cookie: _ga_2ZJB24TRF4=GS1.1.1625779517.1.0.1625779517.0; _ga=GA1.1.1593935874.1625779517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:17 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jul 2021 11:34:26 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5046
expires: Fri, 08 Jul 2022 21:25:17 GMT

GET
H2 200 89066.js Show response
abuserefuge.org/wp-content/cache/minify/1/ 7 KB
2 KB 541ms
538ms Script
application/x-javascript 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/cache/minify/1/89066.js
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: 232051e7a880eb275df831758140387a45a60b5a3abe686d9c855059ffa1e8fb

Request headers

:path: /wp-content/cache/minify/1/89066.js
pragma: no-cache
cookie: _ga_2ZJB24TRF4=GS1.1.1625779517.1.0.1625779517.0; _ga=GA1.1.1593935874.1625779517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:17 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jul 2021 13:22:11 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1950
expires: Fri, 08 Jul 2022 21:25:17 GMT

GET
H2 200 79709.js Show response
abuserefuge.org/wp-content/cache/minify/1/ 510 KB
149 KB 216ms
215ms Script
application/x-javascript 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/cache/minify/1/79709.js
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: 27ed77182f4c71f25b824a8b93c88671882425b1f1a144f4fa5ac6e79cf56f4b

Request headers

:path: /wp-content/cache/minify/1/79709.js
pragma: no-cache
cookie: _ga_2ZJB24TRF4=GS1.1.1625779517.1.0.1625779517.0; _ga=GA1.1.1593935874.1625779517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:18 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jul 2021 11:34:30 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 151489
expires: Fri, 08 Jul 2022 21:25:18 GMT

GET
H2 200 5f771.js Show response
abuserefuge.org/wp-content/cache/minify/1/ 160 B
202 B 666ms
664ms Script
text/html 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/cache/minify/1/5f771.js
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: dae75abe452c089207a0148f5c27cd95ce4df37ba6a3f3ceec67d0f32346bb60

Request headers

:path: /wp-content/cache/minify/1/5f771.js
pragma: no-cache
cookie: _ga_2ZJB24TRF4=GS1.1.1625779517.1.0.1625779517.0; _ga=GA1.1.1593935874.1625779517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:18 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jul 2021 21:25:18 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
access-control-allow-origin: *

GET
H2 200 0630d.js Show response
abuserefuge.org/wp-content/cache/minify/1/ 11 KB
3 KB 542ms
540ms Script
application/x-javascript 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/cache/minify/1/0630d.js
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: 35f911bfa7bd459fdb4c46cdc9509bbffebdd1a17cfcc3bbe4858295d413c3a7

Request headers

:path: /wp-content/cache/minify/1/0630d.js
pragma: no-cache
cookie: _ga_2ZJB24TRF4=GS1.1.1625779517.1.0.1625779517.0; _ga=GA1.1.1593935874.1625779517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:17 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jul 2021 20:58:28 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3054
expires: Fri, 08 Jul 2022 21:25:17 GMT

GET
H2 200 js Show response
www.paypal.com/sdk/ 362 KB
112 KB 685ms
571ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AQbghYd-7mRPyimEriYScIgTnYUsLnr5wVnPnmfPaSzwKrUe3qNzfEc5hXr9Ucf_JG_HFAZpJMJYXMuk&merchant-id=BXYFB5LA635D2&intent=capture&locale=en_US&components=buttons,funding-eligibility,messages&commit=false&currency=USD

Requested by

Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

cf7d86d0ef74d75c9803f1d1c8728467a9417d0eef000564083c3334572bea79

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-gcoQ5KjrfT0x/nBFhNCIKXh4TPLvdKOOBh5/d4uUDZoEOA0a' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-gcoQ5KjrfT0x/nBFhNCIKXh4TPLvdKOOBh5/d4uUDZoEOA0a' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 368, 368
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-gcoQ5KjrfT0x/nBFhNCIKXh4TPLvdKOOBh5/d4uUDZoEOA0a' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-gcoQ5KjrfT0x/nBFhNCIKXh4TPLvdKOOBh5/d4uUDZoEOA0a' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0, 0
p3p: true
paypal-debug-id: 8ee7b6e07178e
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 112702
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Thu, 08 Jul 2021 21:25:18 GMT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"1b83e-ey0BfGTBWc9ThNqCboc/rod1x8Y"
expires: Thu, 08 Jul 2021 22:25:17 GMT

GET
H2 200 81ad9.js Show response
abuserefuge.org/wp-content/cache/minify/1/ 7 KB
2 KB 540ms
538ms Script
application/x-javascript 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/cache/minify/1/81ad9.js
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: c808f514cd0d2027f5cfaa288c4d63f432308d29fb7b949462770f7ed43b30e6

Request headers

:path: /wp-content/cache/minify/1/81ad9.js
pragma: no-cache
cookie: _ga_2ZJB24TRF4=GS1.1.1625779517.1.0.1625779517.0; _ga=GA1.1.1593935874.1625779517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:17 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jul 2021 17:28:02 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2252
expires: Fri, 08 Jul 2022 21:25:17 GMT

GET
H2 200 c2004.js Show response
abuserefuge.org/wp-content/cache/minify/1/ 80 KB
20 KB 541ms
539ms Script
application/x-javascript 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/cache/minify/1/c2004.js
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: ba3d37e1c1e284d68692dac4561b57f509bc6fb6b06ab1d631a590d451e067f2

Request headers

:path: /wp-content/cache/minify/1/c2004.js
pragma: no-cache
cookie: _ga_2ZJB24TRF4=GS1.1.1625779517.1.0.1625779517.0; _ga=GA1.1.1593935874.1625779517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:17 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 08 Jul 2021 17:28:07 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 20421
expires: Fri, 08 Jul 2022 21:25:17 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/ 341 KB
133 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/TbD3vPFlUWKZD-9L4ZxB0HJI/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en_US&onload=sdm_reCaptcha&render=explicit&ver=5.7.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://abuserefuge.org
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:04:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135961
x-xss-protection: 0
last-modified: Mon, 28 Jun 2021 04:05:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Jul 2022 21:04:52 GMT

GET
H2 200 thegem-icons.woff
abuserefuge.org/wp-content/themes/thegem/fonts/ 20 KB
20 KB 196ms
196ms Font
font/x-woff 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/themes/thegem/fonts/thegem-icons.woff
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/wp-content/cache/minify/1/78504.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: ddca113f7af1d5d99296bfe6edf61177c152087983a42e0f045ee47e3391721e

Request headers

sec-fetch-mode: cors
origin: https://abuserefuge.org
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _ga_2ZJB24TRF4=GS1.1.1625779517.1.0.1625779517.0; _ga=GA1.1.1593935874.1625779517
:path: /wp-content/themes/thegem/fonts/thegem-icons.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: abuserefuge.org
referer: https://abuserefuge.org/wp-content/cache/minify/1/78504.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://abuserefuge.org
Referer: https://abuserefuge.org/wp-content/cache/minify/1/78504.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:18 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx/1.19.10
x-server-cache: false
vary: User-Agent
content-type: font/x-woff
access-control-allow-origin: *
accept-ranges: bytes
content-length: 20328

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C600%2C600italic%2C700%2C700italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=cyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin%2Clatin-ext%2Cvietnamese&ver=5.7.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://abuserefuge.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 21:40:42 GMT
x-content-type-options: nosniff
age: 258276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16112
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Jul 2022 21:40:42 GMT

GET
H2 200 thegem-socials.woff
abuserefuge.org/wp-content/themes/thegem/fonts/ 36 KB
36 KB 207ms
206ms Font
font/x-woff 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/themes/thegem/fonts/thegem-socials.woff
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/wp-content/cache/minify/1/78504.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: 7604e2c8e1abda7673ee2c62855e5a95c200207e29e52dd4a8c4712e5399f792

Request headers

sec-fetch-mode: cors
origin: https://abuserefuge.org
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _ga_2ZJB24TRF4=GS1.1.1625779517.1.0.1625779517.0; _ga=GA1.1.1593935874.1625779517
:path: /wp-content/themes/thegem/fonts/thegem-socials.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: abuserefuge.org
referer: https://abuserefuge.org/wp-content/cache/minify/1/78504.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://abuserefuge.org
Referer: https://abuserefuge.org/wp-content/cache/minify/1/78504.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:18 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx/1.19.10
x-server-cache: false
vary: User-Agent
content-type: font/x-woff
access-control-allow-origin: *
accept-ranges: bytes
content-length: 36664

GET
H2 200 preloader-2.gif
abuserefuge.org/wp-content/themes/thegem/images/ 6 KB
6 KB 198ms
198ms Image
image/gif 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abuserefuge.org/wp-content/themes/thegem/images/preloader-2.gif
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/wp-content/cache/minify/1/21cda.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: b972ea301334176cbfb61bff2075a920b4c8c66bc49c408918cb3033f3a927f9

Request headers

:path: /wp-content/themes/thegem/images/preloader-2.gif
pragma: no-cache
cookie: _ga_2ZJB24TRF4=GS1.1.1625779517.1.0.1625779517.0; _ga=GA1.1.1593935874.1625779517
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: abuserefuge.org
referer: https://abuserefuge.org/wp-content/cache/minify/1/21cda.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/wp-content/cache/minify/1/21cda.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:18 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 Jun 2021 12:24:31 GMT
server: nginx/1.19.10
x-server-cache: false
vary: User-Agent
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5690
expires: Fri, 08 Jul 2022 21:25:18 GMT

GET
H3-29 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://abuserefuge.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 06:09:28 GMT
x-content-type-options: nosniff
age: 227750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19480
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 06:09:28 GMT

GET
H3-29 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://abuserefuge.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 08:57:43 GMT
x-content-type-options: nosniff
age: 217655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15764
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:17 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 08:57:43 GMT

GET
H2 200 montserrat-ultralight.woff
abuserefuge.org/wp-content/themes/thegem/fonts/ 53 KB
53 KB 195ms
194ms Font
font/x-woff 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/themes/thegem/fonts/montserrat-ultralight.woff
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/wp-content/cache/minify/1/21cda.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: 9956843e6bcd1ca47a15a97ccabeb09d5255c051829af54ad6d3c14bbc096fa2

Request headers

sec-fetch-mode: cors
origin: https://abuserefuge.org
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _ga_2ZJB24TRF4=GS1.1.1625779517.1.0.1625779517.0; _ga=GA1.1.1593935874.1625779517
:path: /wp-content/themes/thegem/fonts/montserrat-ultralight.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: abuserefuge.org
referer: https://abuserefuge.org/wp-content/cache/minify/1/21cda.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://abuserefuge.org
Referer: https://abuserefuge.org/wp-content/cache/minify/1/21cda.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:18 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx/1.19.10
x-server-cache: false
vary: User-Agent
content-type: font/x-woff
access-control-allow-origin: *
accept-ranges: bytes
content-length: 54036

GET
H3-29 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3d7092e6eb6f3aa0c572e52e061a59cc88a3e9eff581c95c4bd7456800904d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://abuserefuge.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 20:00:29 GMT
x-content-type-options: nosniff
age: 264289
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16064
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:09:56 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Jul 2022 20:00:29 GMT

GET
H3-29 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://abuserefuge.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 21:40:42 GMT
x-content-type-options: nosniff
age: 258276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15948
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:32 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Jul 2022 21:40:42 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=515878572&t=pageview&_s=1&dl=https%3A%2F%2Fabuserefuge.org%2Fproduct%2Fdonate-any-amount&ul=en-us&de=UTF-8&dt=Donate%20Any%20Amount%20%E2%80%93%20Abuse%20Refuge%20Org&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=743873521&gjid=1257835858&cid=1593935874.1625779517&tid=UA-199649804-1&_gid=1093094348.1625779518&_r=1&gtm=2ou770&z=841207280

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 21:25:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://abuserefuge.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 26ms
6ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 20:30:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 08 Jul 2021 21:30:17 GMT

GET
H2 200 main.js Show response
translate.googleapis.com/translate_static/js/element/ 6 KB
2 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/js/element/main.js

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=GoogleLanguageTranslatorInit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

251c607557e1302862934faeb35d7c9c20cbb64b4abb6a4faed721b71db501f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 20:30:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2154
x-xss-protection: 0
last-modified: Mon, 24 May 2021 18:08:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 08 Jul 2021 21:30:16 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 13 KB
7 KB 639ms
639ms Script
application/x-javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=abuserefuge.org&t=xo&v=5.0.237&source=payments_sdk&mrid=BXYFB5LA635D2&client_id=AQbghYd-7mRPyimEriYScIgTnYUsLnr5wVnPnmfPaSzwKrUe3qNzfEc5hXr9Ucf_JG_HFAZpJMJYXMuk&comp=buttons,funding-eligibility,messages&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AQbghYd-7mRPyimEriYScIgTnYUsLnr5wVnPnmfPaSzwKrUe3qNzfEc5hXr9Ucf_JG_HFAZpJMJYXMuk&merchant-id=BXYFB5LA635D2&intent=capture&locale=en_US&components=buttons,funding-eligibility,messages&commit=false&currency=USD

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

15f40b0c47fd35aaa995d60bae6327bb25a0e72f4061fbdcc8f1e9504a5fe77b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-3GbnnrS5jJQ7+I0kENr4zSYjxkrQg1L0Cxnzh4ZIMwOwIGpd' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 591
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-3GbnnrS5jJQ7+I0kENr4zSYjxkrQg1L0Cxnzh4ZIMwOwIGpd' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0
paypal-debug-id: 8f61c847578cd
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 4760
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Thu, 08 Jul 2021 21:25:19 GMT
strict-transport-security: max-age=63072000
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
etag: W/"3514-HJgZVF//xGnKllTko4AyNNyL2ks"

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame C16F 260 KB
85 KB 339ms
339ms Document
text/html 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&components.0=buttons&components.1=funding-eligibility&components.2=messages&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVFiZ2hZZC03bVJQeWltRXJpWVNjSWdUbllVc0xucjV3Vm5Qbm1mUGFTendLclVlM3FOemZFYzVoWHI5VWNmX0pHX0hGQVpwSk1KWVhNdWsmbWVyY2hhbnQtaWQ9QlhZRkI1TEE2MzVEMiZpbnRlbnQ9Y2FwdHVyZSZsb2NhbGU9ZW5fVVMmY29tcG9uZW50cz1idXR0b25zLGZ1bmRpbmctZWxpZ2liaWxpdHksbWVzc2FnZXMmY29tbWl0PWZhbHNlJmN1cnJlbmN5PVVTRCIsImF0dHJzIjp7ImRhdGEtcGFydG5lci1hdHRyaWJ1dGlvbi1pZCI6Ildvb1RoZW1lc19FQyIsImRhdGEtdWlkIjoidWlkX2d3YWtlc21kaGZ2YWt3eWxudWN6cmJwbHpkdGh4ZSJ9fQ&clientID=AQbghYd-7mRPyimEriYScIgTnYUsLnr5wVnPnmfPaSzwKrUe3qNzfEc5hXr9Ucf_JG_HFAZpJMJYXMuk&sdkCorrelationID=f36b4632abd62&storageID=uid_fb500c8ef8_mje6mju6mtg&sessionID=uid_7133086101_mje6mju6mtg&buttonSessionID=uid_be3f28a8a0_mje6mju6mtg&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOmZhbHNlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX19LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&merchantID.0=BXYFB5LA635D2&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

096c1f5532d651385837c267922db0e4c92724583fed08231f632aa25b9c044c

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.paypal.com
:scheme: https
:path: /smart/buttons?style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&components.0=buttons&components.1=funding-eligibility&components.2=messages&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVFiZ2hZZC03bVJQeWltRXJpWVNjSWdUbllVc0xucjV3Vm5Qbm1mUGFTendLclVlM3FOemZFYzVoWHI5VWNmX0pHX0hGQVpwSk1KWVhNdWsmbWVyY2hhbnQtaWQ9QlhZRkI1TEE2MzVEMiZpbnRlbnQ9Y2FwdHVyZSZsb2NhbGU9ZW5fVVMmY29tcG9uZW50cz1idXR0b25zLGZ1bmRpbmctZWxpZ2liaWxpdHksbWVzc2FnZXMmY29tbWl0PWZhbHNlJmN1cnJlbmN5PVVTRCIsImF0dHJzIjp7ImRhdGEtcGFydG5lci1hdHRyaWJ1dGlvbi1pZCI6Ildvb1RoZW1lc19FQyIsImRhdGEtdWlkIjoidWlkX2d3YWtlc21kaGZ2YWt3eWxudWN6cmJwbHpkdGh4ZSJ9fQ&clientID=AQbghYd-7mRPyimEriYScIgTnYUsLnr5wVnPnmfPaSzwKrUe3qNzfEc5hXr9Ucf_JG_HFAZpJMJYXMuk&sdkCorrelationID=f36b4632abd62&storageID=uid_fb500c8ef8_mje6mju6mtg&sessionID=uid_7133086101_mje6mju6mtg&buttonSessionID=uid_be3f28a8a0_mje6mju6mtg&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOmZhbHNlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX19LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&merchantID.0=BXYFB5LA635D2&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://abuserefuge.org/product/donate-any-amount
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: tsrce=clientsdknodeweb; l7_az=dcg14.slc; ts=vreXpYrS%3D1720473917%26vteXpYrS%3D1625781317%26vr%3D8802b93017a0a78868b82696fe139485%26vt%3D8802b93017a0a78868b82696fe139484%26vtyp%3Dnew; ts_c=vr%3D8802b93017a0a78868b82696fe139485%26vt%3D8802b93017a0a78868b82696fe139484; akavpau_ppsd=1625780118~id=b434dd377ecb3e3379e7460a446e2542
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://abuserefuge.org/product/donate-any-amount

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
etag: W/"41025-2OxgKHBkLkFKxrmyzLzHij9aHpQ"
p3p: true
paypal-debug-id: 1e8617145d431
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
x-edgeconnect-midmile-rtt: 149
x-edgeconnect-origin-mex-latency: 105
vary: Accept-Encoding
content-encoding: gzip
date: Thu, 08 Jul 2021 21:25:18 GMT
set-cookie: tsrce=smartcomponentnodeweb; Domain=.paypal.com; Path=/; Expires=Sun, 11 Jul 2021 21:25:18 GMT; HttpOnly; Secure; SameSite=None l7_az=dcg14.slc; Path=/; Domain=paypal.com; Expires=Thu, 08 Jul 2021 21:55:18 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1720473918%26vteXpYrS%3D1625781318%26vr%3D8802b93017a0a78868b82696fe139485%26vt%3D8802b93017a0a78868b82696fe139484%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Sun, 07 Jul 2024 21:25:18 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3D8802b93017a0a78868b82696fe139485%26vt%3D8802b93017a0a78868b82696fe139484; Path=/; Domain=paypal.com; Expires=Sun, 07 Jul 2024 21:25:18 GMT; Secure; SameSite=None x-cdn=akamai; path=/; domain=.paypal.com; secure akavpau_ppsd=1625780118~id=b434dd377ecb3e3379e7460a446e2542; Domain=www.paypal.com; Path=/; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=63072000

GET
DATA 200
OK truncated
/ Frame 3D0F 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 icons-elegant.css
abuserefuge.org/wp-content/themes/thegem/css/ 18 KB
3 KB 249ms
248ms Stylesheet
text/css 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/themes/thegem/css/icons-elegant.css?ver=5.7.2
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: fbda7e2fdbe7a1c1ec0f84af57d9fb56b7e3821fe401d8a905c86776c44356d1

Request headers

:path: /wp-content/themes/thegem/css/icons-elegant.css?ver=5.7.2
pragma: no-cache
cookie: _ga_2ZJB24TRF4=GS1.1.1625779517.1.0.1625779517.0; _ga=GA1.2.1593935874.1625779517; _gid=GA1.2.1093094348.1625779518; _gat_gtag_UA_199649804_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:18 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 Jun 2021 12:24:31 GMT
server: nginx/1.19.10
x-server-cache: false
vary: Accept-Encoding,User-Agent
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3063
expires: Fri, 08 Jul 2022 21:25:18 GMT

GET
H2 200 a Show response
key-cdn.printfriendly.com/api/v3/domain_settings/ 167 B
544 B 22ms
6ms Script
text/javascript 2a02:6ea0:c700::4
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://key-cdn.printfriendly.com/api/v3/domain_settings/a?callback=pfMod.saveAdSettings&hostname=abuserefuge.org&client_version=client
Requested by: Host: cdn.printfriendly.com
URL: https://cdn.printfriendly.com/printfriendly.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::4 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 6d1db00322f48a2951b7e176aa34dbb5513682d1d3d4759241cb375d665065c0

Request headers

Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 08 Jul 2021 21:25:18 GMT
via: 1.1 google
x-77-nzt-ray: KKtQMXhy1UU=
x-77-cache: HIT
x-cache: HIT
x-age: 5
content-encoding: br
alt-svc: quic="195.181.175.53:443"; ma=2592000; v="44,43,39", clear
x-request-id: 8fe1405c-c287-4e17-a6fb-b5df21cae7b4
x-77-nzt: AcO1rzWzJ/bvBQAAAA==
x-runtime: 0.016264
server: CDN77-Turbo
etag: W/"6d1db00322f48a2951b7e176aa34dbb5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, public
x-accel-expires: @1625783113

GET
H2 200 js Show response
www.paypal.com/sdk/ 353 KB
109 KB 497ms
496ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=Ae5f1gCMsVQdGHgW-9kVVhylPdkj3DLTOwMMhTFdG8I9LNH8VQfwHopNYUezZlyXGqCMOsgGKMowuMAT&currency=USD&integration-date=2020-10-15&components=buttons,messages&vault=false&commit=false&intent=capture&merchant-id=BXYFB5LA635D2&disable-funding=card

Requested by

Host: abuserefuge.org
URL: https://abuserefuge.org/wp-content/cache/minify/1/8888b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

4ca96972c992bed579159cc88beee996344ff45b75635979254997ac8bc9d884

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-ozIwKQRFHs+37meKMRfZWvGvu+++1UqBxEJKcI7lDqC0q8pE' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-ozIwKQRFHs+37meKMRfZWvGvu+++1UqBxEJKcI7lDqC0q8pE' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 287, 287, 287
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-ozIwKQRFHs+37meKMRfZWvGvu+++1UqBxEJKcI7lDqC0q8pE' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-ozIwKQRFHs+37meKMRfZWvGvu+++1UqBxEJKcI7lDqC0q8pE' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0, 0, 0
p3p: true
paypal-debug-id: 171bbcb584479
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 109369
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Thu, 08 Jul 2021 21:25:19 GMT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"1ab39-ajMAVKEi5o9ctk4NMInaHvhtt8Y"
expires: Thu, 08 Jul 2021 22:25:18 GMT

GET
H2 200 logo_d648157277c78956da968533d37e4bd4_1x.png
abuserefuge.org/wp-content/uploads/thegem-logos/ 21 KB
21 KB 239ms
238ms Image
image/png 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abuserefuge.org/wp-content/uploads/thegem-logos/logo_d648157277c78956da968533d37e4bd4_1x.png
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: 8acfd07239c4ddc91c090d0a1fc3eb03e4a16b9e21d93de05d361540f09e7905

Request headers

:path: /wp-content/uploads/thegem-logos/logo_d648157277c78956da968533d37e4bd4_1x.png
pragma: no-cache
cookie: _ga_2ZJB24TRF4=GS1.1.1625779517.1.0.1625779517.0; _ga=GA1.2.1593935874.1625779517; _gid=GA1.2.1093094348.1625779518; _gat_gtag_UA_199649804_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:18 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 06 Mar 2021 09:09:07 GMT
server: nginx/1.19.10
x-server-cache: false
vary: User-Agent
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 21176
expires: Fri, 08 Jul 2022 21:25:18 GMT

GET
H2 200 logo_33eb8aafb19eebfa47d30ad38485dc85_1x.png
abuserefuge.org/wp-content/uploads/thegem-logos/ 11 KB
11 KB 267ms
266ms Image
image/png 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abuserefuge.org/wp-content/uploads/thegem-logos/logo_33eb8aafb19eebfa47d30ad38485dc85_1x.png
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: b90b56764fde20e9445b9abb5a859d6c1409c948e44c348ecf98dd3384a1d59e

Request headers

:path: /wp-content/uploads/thegem-logos/logo_33eb8aafb19eebfa47d30ad38485dc85_1x.png
pragma: no-cache
cookie: _ga_2ZJB24TRF4=GS1.1.1625779517.1.0.1625779517.0; _ga=GA1.2.1593935874.1625779517; _gid=GA1.2.1093094348.1625779518; _gat_gtag_UA_199649804_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:18 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Mar 2021 22:26:30 GMT
server: nginx/1.19.10
x-server-cache: false
vary: User-Agent
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 11505
expires: Fri, 08 Jul 2022 21:25:18 GMT

GET
H2 200 Lotus_Breathe_Shadow@2x-100x100.png
abuserefuge.org/wp-content/uploads/2021/03/ 13 KB
13 KB 240ms
239ms Image
image/png 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abuserefuge.org/wp-content/uploads/2021/03/Lotus_Breathe_Shadow@2x-100x100.png
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: 87b896abde095f0c70c99b4a4135179e53ba8a95400363fe44bb6c9a3c041d4c

Request headers

:path: /wp-content/uploads/2021/03/Lotus_Breathe_Shadow@2x-100x100.png
pragma: no-cache
cookie: _ga_2ZJB24TRF4=GS1.1.1625779517.1.0.1625779517.0; _ga=GA1.2.1593935874.1625779517; _gid=GA1.2.1093094348.1625779518; _gat_gtag_UA_199649804_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:18 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 05 Mar 2021 20:34:33 GMT
server: nginx/1.19.10
x-server-cache: false
vary: User-Agent
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 13678
expires: Fri, 08 Jul 2022 21:25:18 GMT

GET
H2 200 ARO_Dark_Logo_Provide-Help-150x150.png
abuserefuge.org/wp-content/uploads/2021/03/ 12 KB
12 KB 238ms
237ms Image
image/png 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abuserefuge.org/wp-content/uploads/2021/03/ARO_Dark_Logo_Provide-Help-150x150.png
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: 47ab84e9fcd7fb12bfc8b7895cecc1dbb81d110f5e3bbd4737cb74d28824643a

Request headers

:path: /wp-content/uploads/2021/03/ARO_Dark_Logo_Provide-Help-150x150.png
pragma: no-cache
cookie: _ga_2ZJB24TRF4=GS1.1.1625779517.1.0.1625779517.0; _ga=GA1.2.1593935874.1625779517; _gid=GA1.2.1093094348.1625779518; _gat_gtag_UA_199649804_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:18 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Mar 2021 15:23:33 GMT
server: nginx/1.19.10
x-server-cache: false
vary: User-Agent
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 11904
expires: Fri, 08 Jul 2022 21:25:18 GMT

GET
H2 200 printfriendly-pdf-button.png
cdn.printfriendly.com/buttons/ 2 KB
3 KB 7ms
6ms Image
image/png 2a02:6ea0:c700::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.printfriendly.com/buttons/printfriendly-pdf-button.png
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 832a17ab5d70f4677a719bc750dc796792efc0b70d847dbbbbc167f849568543

Request headers

Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 08 Jul 2021 21:25:18 GMT
etag: "244c473a95a245125ca7ef6bfffbad70"
age: 136
x-guploader-uploadid: ABg5-UxHvAXxU9KP7M3I04bgbOwhB9lfYv0WSWy6dWRsYNdw8Y80vCPG4D06x54d9qyGNTPODJqMF28IO1C9yOD5afpIagPBJA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-age: 3138
content-length: 2465
x-77-nzt: AcO1rgW9ZZfvQgwAAA==
x-accel-expires: @1625779980
last-modified: Wed, 04 Oct 2017 08:48:29 GMT
server: CDN77-Turbo
x-77-nzt-ray: lNgNdePovNY=
x-77-cache: HIT
x-goog-hash: crc32c=a5+FMQ==, md5=JExHOpWiRRJcp+9r//utcA==
x-goog-generation: 1507106909612126
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 2465
accept-ranges: bytes
content-type: image/png
expires: Thu, 03 Jun 2021 13:59:05 GMT

GET
H2 200 White-Logo-Abuse-Refuge-Org-300x62.png
abuserefuge.org/wp-content/uploads/2020/02/ 6 KB
7 KB 239ms
239ms Image
image/png 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abuserefuge.org/wp-content/uploads/2020/02/White-Logo-Abuse-Refuge-Org-300x62.png
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: b51ea3eba3512f266245bea0678024c9bceb100cb612bcf69c3ff1fdcd5d66d0

Request headers

:path: /wp-content/uploads/2020/02/White-Logo-Abuse-Refuge-Org-300x62.png
pragma: no-cache
cookie: _ga_2ZJB24TRF4=GS1.1.1625779517.1.0.1625779517.0; _ga=GA1.2.1593935874.1625779517; _gid=GA1.2.1093094348.1625779518; _gat_gtag_UA_199649804_1=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:18 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 16 Feb 2020 09:13:41 GMT
server: nginx/1.19.10
x-server-cache: false
vary: User-Agent
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 6602
expires: Fri, 08 Jul 2022 21:25:18 GMT

GET
H3-29 200 element_main.js Show response
translate.googleapis.com/element/TE_20210503_00/e/js/element/ 252 KB
90 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/TE_20210503_00/e/js/element/element_main.js

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09363cc7c668ce12683214a9877ae9c068a82dfb8f64111355933c24e7193a98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91906
x-xss-protection: 0
last-modified: Mon, 03 May 2021 09:56:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Jul 2022 15:43:49 GMT

GET
DATA 200
OK truncated
/ 475 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b8774ee42aac08bc5a2e690896b80dc20953e86dc152dc5b344b589df74273e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 flags.png
abuserefuge.org/wp-content/plugins/google-language-translator/images/ 54 KB
54 KB 212ms
212ms Image
image/png 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://abuserefuge.org/wp-content/plugins/google-language-translator/images/flags.png
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/wp-content/cache/minify/1/c7e08.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: d64c12a76a61096f3a14aa795d12c3fc0de8e5781ef2e1af3b66517e65d7f00e

Request headers

:path: /wp-content/plugins/google-language-translator/images/flags.png
pragma: no-cache
cookie: _ga_2ZJB24TRF4=GS1.1.1625779517.1.0.1625779517.0; _ga=GA1.2.1593935874.1625779517; _gid=GA1.2.1093094348.1625779518; _gat_gtag_UA_199649804_1=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-functional=no; cookielawinfo-checkbox-performance=no; cookielawinfo-checkbox-analytics=no; cookielawinfo-checkbox-advertisement=no; cookielawinfo-checkbox-others=no
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: abuserefuge.org
referer: https://abuserefuge.org/wp-content/cache/minify/1/c7e08.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://abuserefuge.org/wp-content/cache/minify/1/c7e08.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:18 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 20 Jun 2021 05:37:38 GMT
server: nginx/1.19.10
x-server-cache: false
vary: User-Agent
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 54996
expires: Fri, 08 Jul 2022 21:25:18 GMT

POST
H2 200 / Show response
abuserefuge.org/ 669 B
730 B 2190ms
2190ms XHR
application/json 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL

https://abuserefuge.org/?wc-ajax=get_refreshed_fragments

Requested by

Host: abuserefuge.org
URL: https://abuserefuge.org/wp-content/cache/minify/1/a08fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),

Reverse DNS

bh-ht-10.webhostbox.net

Software

Apache /

Resource Hash

be7a965349a1143e4f274564a3fa4e340d82dea21f3a06eae9d74b4292a55858

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://abuserefuge.org
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: _ga_2ZJB24TRF4=GS1.1.1625779517.1.0.1625779517.0; _ga=GA1.2.1593935874.1625779517; _gid=GA1.2.1093094348.1625779518; _gat_gtag_UA_199649804_1=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-functional=no; cookielawinfo-checkbox-performance=no; cookielawinfo-checkbox-analytics=no; cookielawinfo-checkbox-advertisement=no; cookielawinfo-checkbox-others=no
content-length: 18
:path: /?wc-ajax=get_refreshed_fragments
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: */*
cache-control: no-cache
:authority: abuserefuge.org
referer: https://abuserefuge.org/product/donate-any-amount
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: */*
Referer: https://abuserefuge.org/product/donate-any-amount
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 21:25:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://abuserefuge.org *
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
set-cookie: pdb-sess=2c280514ef1b973c0d1662d6ba2b365d; path=/ PHPSESSID=d914bf8bb9bc9f16e2defcfc3567ee90; path=/ woocommerce_multicurrency_forced_currency=EUR; expires=Fri, 08-Jul-2022 21:25:20 GMT; Max-Age=31536000; path=/; SameSite=strict pmpro_visit=1; path=/
x-robots-tag: noindex
content-length: 321
referrer-policy: no-referrer-when-downgrade
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3-29 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 825 B
847 B 14ms
13ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 20:57:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1663
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 825
x-xss-protection: 0
expires: Fri, 08 Jul 2022 20:57:35 GMT

GET
H3-29 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
932 B 15ms
14ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 15:21:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 21821
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 910
x-xss-protection: 0
expires: Fri, 08 Jul 2022 15:21:37 GMT

GET
H3-29 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 9ms
7ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 20:51:29 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2029
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1847
x-xss-protection: 0
expires: Fri, 08 Jul 2022 20:51:29 GMT

GET
H3-29 200 l Show response
translate.googleapis.com/translate_a/ Frame FE4A 3 KB
962 B 18ms
18ms Script
application/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xS+6ZRqPAe1+F7FihJlY1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'report-sample' 'nonce-xS+6ZRqPAe1+F7FihJlY1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
date: Thu, 08 Jul 2021 21:25:18 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ElegantIcons.woff
abuserefuge.org/wp-content/themes/thegem/fonts/elegant/ 62 KB
62 KB 225ms
225ms Font
font/x-woff 192.185.129.69
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://abuserefuge.org/wp-content/themes/thegem/fonts/elegant/ElegantIcons.woff
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/wp-content/themes/thegem/css/icons-elegant.css?ver=5.7.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.185.129.69 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: bh-ht-10.webhostbox.net
Software: nginx/1.19.10 /
Resource Hash: be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae

Request headers

sec-fetch-mode: cors
origin: https://abuserefuge.org
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _ga_2ZJB24TRF4=GS1.1.1625779517.1.0.1625779517.0; _ga=GA1.2.1593935874.1625779517; _gid=GA1.2.1093094348.1625779518; _gat_gtag_UA_199649804_1=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-functional=no; cookielawinfo-checkbox-performance=no; cookielawinfo-checkbox-analytics=no; cookielawinfo-checkbox-advertisement=no; cookielawinfo-checkbox-others=no
:path: /wp-content/themes/thegem/fonts/elegant/ElegantIcons.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: abuserefuge.org
referer: https://abuserefuge.org/wp-content/themes/thegem/css/icons-elegant.css?ver=5.7.2
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://abuserefuge.org
Referer: https://abuserefuge.org/wp-content/themes/thegem/css/icons-elegant.css?ver=5.7.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:18 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx/1.19.10
x-server-cache: false
vary: User-Agent
content-type: font/x-woff
access-control-allow-origin: *
accept-ranges: bytes
content-length: 63664

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame C16F 362 KB
111 KB 42ms
41ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&components.0=buttons&components.1=funding-eligibility&components.2=messages&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVFiZ2hZZC03bVJQeWltRXJpWVNjSWdUbllVc0xucjV3Vm5Qbm1mUGFTendLclVlM3FOemZFYzVoWHI5VWNmX0pHX0hGQVpwSk1KWVhNdWsmbWVyY2hhbnQtaWQ9QlhZRkI1TEE2MzVEMiZpbnRlbnQ9Y2FwdHVyZSZsb2NhbGU9ZW5fVVMmY29tcG9uZW50cz1idXR0b25zLGZ1bmRpbmctZWxpZ2liaWxpdHksbWVzc2FnZXMmY29tbWl0PWZhbHNlJmN1cnJlbmN5PVVTRCIsImF0dHJzIjp7ImRhdGEtcGFydG5lci1hdHRyaWJ1dGlvbi1pZCI6Ildvb1RoZW1lc19FQyIsImRhdGEtdWlkIjoidWlkX2d3YWtlc21kaGZ2YWt3eWxudWN6cmJwbHpkdGh4ZSJ9fQ&clientID=AQbghYd-7mRPyimEriYScIgTnYUsLnr5wVnPnmfPaSzwKrUe3qNzfEc5hXr9Ucf_JG_HFAZpJMJYXMuk&sdkCorrelationID=f36b4632abd62&storageID=uid_fb500c8ef8_mje6mju6mtg&sessionID=uid_7133086101_mje6mju6mtg&buttonSessionID=uid_be3f28a8a0_mje6mju6mtg&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOmZhbHNlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX19LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&merchantID.0=BXYFB5LA635D2&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

cf7d86d0ef74d75c9803f1d1c8728467a9417d0eef000564083c3334572bea79

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-gcoQ5KjrfT0x/nBFhNCIKXh4TPLvdKOOBh5/d4uUDZoEOA0a' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-gcoQ5KjrfT0x/nBFhNCIKXh4TPLvdKOOBh5/d4uUDZoEOA0a' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&components.0=buttons&components.1=funding-eligibility&components.2=messages&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVFiZ2hZZC03bVJQeWltRXJpWVNjSWdUbllVc0xucjV3Vm5Qbm1mUGFTendLclVlM3FOemZFYzVoWHI5VWNmX0pHX0hGQVpwSk1KWVhNdWsmbWVyY2hhbnQtaWQ9QlhZRkI1TEE2MzVEMiZpbnRlbnQ9Y2FwdHVyZSZsb2NhbGU9ZW5fVVMmY29tcG9uZW50cz1idXR0b25zLGZ1bmRpbmctZWxpZ2liaWxpdHksbWVzc2FnZXMmY29tbWl0PWZhbHNlJmN1cnJlbmN5PVVTRCIsImF0dHJzIjp7ImRhdGEtcGFydG5lci1hdHRyaWJ1dGlvbi1pZCI6Ildvb1RoZW1lc19FQyIsImRhdGEtdWlkIjoidWlkX2d3YWtlc21kaGZ2YWt3eWxudWN6cmJwbHpkdGh4ZSJ9fQ&clientID=AQbghYd-7mRPyimEriYScIgTnYUsLnr5wVnPnmfPaSzwKrUe3qNzfEc5hXr9Ucf_JG_HFAZpJMJYXMuk&sdkCorrelationID=f36b4632abd62&storageID=uid_fb500c8ef8_mje6mju6mtg&sessionID=uid_7133086101_mje6mju6mtg&buttonSessionID=uid_be3f28a8a0_mje6mju6mtg&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOmZhbHNlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX19LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&merchantID.0=BXYFB5LA635D2&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 368, 368
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-gcoQ5KjrfT0x/nBFhNCIKXh4TPLvdKOOBh5/d4uUDZoEOA0a' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-gcoQ5KjrfT0x/nBFhNCIKXh4TPLvdKOOBh5/d4uUDZoEOA0a' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0, 0
p3p: true
paypal-debug-id: 8ee7b6e07178e
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 112702
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Thu, 08 Jul 2021 21:25:18 GMT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"1b83e-ey0BfGTBWc9ThNqCboc/rod1x8Y"
expires: Thu, 08 Jul 2021 22:25:17 GMT

GET
DATA 200
OK truncated
/ Frame C16F 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame C16F 885 B
2 KB 214ms
213ms XHR
application/json 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

487e635a71a05517f48ee0110386a07b4261e9bb207aa1989943ab17f1e6f266

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&components.0=buttons&components.1=funding-eligibility&components.2=messages&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVFiZ2hZZC03bVJQeWltRXJpWVNjSWdUbllVc0xucjV3Vm5Qbm1mUGFTendLclVlM3FOemZFYzVoWHI5VWNmX0pHX0hGQVpwSk1KWVhNdWsmbWVyY2hhbnQtaWQ9QlhZRkI1TEE2MzVEMiZpbnRlbnQ9Y2FwdHVyZSZsb2NhbGU9ZW5fVVMmY29tcG9uZW50cz1idXR0b25zLGZ1bmRpbmctZWxpZ2liaWxpdHksbWVzc2FnZXMmY29tbWl0PWZhbHNlJmN1cnJlbmN5PVVTRCIsImF0dHJzIjp7ImRhdGEtcGFydG5lci1hdHRyaWJ1dGlvbi1pZCI6Ildvb1RoZW1lc19FQyIsImRhdGEtdWlkIjoidWlkX2d3YWtlc21kaGZ2YWt3eWxudWN6cmJwbHpkdGh4ZSJ9fQ&clientID=AQbghYd-7mRPyimEriYScIgTnYUsLnr5wVnPnmfPaSzwKrUe3qNzfEc5hXr9Ucf_JG_HFAZpJMJYXMuk&sdkCorrelationID=f36b4632abd62&storageID=uid_fb500c8ef8_mje6mju6mtg&sessionID=uid_7133086101_mje6mju6mtg&buttonSessionID=uid_be3f28a8a0_mje6mju6mtg&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOmZhbHNlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX19LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&merchantID.0=BXYFB5LA635D2&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

x-edgeconnect-origin-mex-latency: 26
date: Thu, 08 Jul 2021 21:25:19 GMT
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 140
etag: W/"375-RQWFh/43g+SxjpH/AtFYZOby9WU"
strict-transport-security: max-age=63072000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
paypal-debug-id: b66e426bc9569
dc: ccg11-origin-www-1.paypal.com
content-length: 885

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame C16F 891 B
2 KB 218ms
217ms Ping
application/json 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

acf7ee14fabfcf07018c589fc024f91b22d1beb3d640265082955da4ba13a793

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&components.0=buttons&components.1=funding-eligibility&components.2=messages&locale.lang=en&locale.country=US&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVFiZ2hZZC03bVJQeWltRXJpWVNjSWdUbllVc0xucjV3Vm5Qbm1mUGFTendLclVlM3FOemZFYzVoWHI5VWNmX0pHX0hGQVpwSk1KWVhNdWsmbWVyY2hhbnQtaWQ9QlhZRkI1TEE2MzVEMiZpbnRlbnQ9Y2FwdHVyZSZsb2NhbGU9ZW5fVVMmY29tcG9uZW50cz1idXR0b25zLGZ1bmRpbmctZWxpZ2liaWxpdHksbWVzc2FnZXMmY29tbWl0PWZhbHNlJmN1cnJlbmN5PVVTRCIsImF0dHJzIjp7ImRhdGEtcGFydG5lci1hdHRyaWJ1dGlvbi1pZCI6Ildvb1RoZW1lc19FQyIsImRhdGEtdWlkIjoidWlkX2d3YWtlc21kaGZ2YWt3eWxudWN6cmJwbHpkdGh4ZSJ9fQ&clientID=AQbghYd-7mRPyimEriYScIgTnYUsLnr5wVnPnmfPaSzwKrUe3qNzfEc5hXr9Ucf_JG_HFAZpJMJYXMuk&sdkCorrelationID=f36b4632abd62&storageID=uid_fb500c8ef8_mje6mju6mtg&sessionID=uid_7133086101_mje6mju6mtg&buttonSessionID=uid_be3f28a8a0_mje6mju6mtg&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOmZhbHNlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX19LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX19&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&merchantID.0=BXYFB5LA635D2&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-edgeconnect-origin-mex-latency: 25
date: Thu, 08 Jul 2021 21:25:19 GMT
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 152
etag: W/"37b-kBvFQ7fj28zy/5cuN8tPU5gMKSM"
strict-transport-security: max-age=63072000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
paypal-debug-id: dfbe1b7b32c10
dc: ccg11-origin-www-1.paypal.com
content-length: 891

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 13 KB
6 KB 854ms
854ms Script
application/x-javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=abuserefuge.org&t=xo&v=5.0.237&source=payments_sdk&mrid=BXYFB5LA635D2&client_id=Ae5f1gCMsVQdGHgW-9kVVhylPdkj3DLTOwMMhTFdG8I9LNH8VQfwHopNYUezZlyXGqCMOsgGKMowuMAT&comp=buttons,messages&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=Ae5f1gCMsVQdGHgW-9kVVhylPdkj3DLTOwMMhTFdG8I9LNH8VQfwHopNYUezZlyXGqCMOsgGKMowuMAT&currency=USD&integration-date=2020-10-15&components=buttons,messages&vault=false&commit=false&intent=capture&merchant-id=BXYFB5LA635D2&disable-funding=card

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

15f40b0c47fd35aaa995d60bae6327bb25a0e72f4061fbdcc8f1e9504a5fe77b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-q+Nw9LUfYZNdoP8G37yoLO+IyiZbf2MlENOSIexQHi2wZiGF' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 807, 807
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-q+Nw9LUfYZNdoP8G37yoLO+IyiZbf2MlENOSIexQHi2wZiGF' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0, 0
paypal-debug-id: e4ecaef14fa6b
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 4760
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Thu, 08 Jul 2021 21:25:19 GMT
strict-transport-security: max-age=63072000
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
etag: W/"3514-HJgZVF//xGnKllTko4AyNNyL2ks"

GET
DATA 200
OK truncated
/ Frame 3633 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame 0599 260 KB
85 KB 349ms
349ms Document
text/html 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=true&components.0=buttons&components.1=messages&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWU1ZjFnQ01zVlFkR0hnVy05a1ZWaHlsUGRrajNETFRPd01NaFRGZEc4STlMTkg4VlFmd0hvcE5ZVWV6Wmx5WEdxQ01Pc2dHS01vd3VNQVQmY3VycmVuY3k9VVNEJmludGVncmF0aW9uLWRhdGU9MjAyMC0xMC0xNSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMmdmF1bHQ9ZmFsc2UmY29tbWl0PWZhbHNlJmludGVudD1jYXB0dXJlJm1lcmNoYW50LWlkPUJYWUZCNUxBNjM1RDImZGlzYWJsZS1mdW5kaW5nPWNhcmQiLCJhdHRycyI6eyJkYXRhLXBhcnRuZXItYXR0cmlidXRpb24taWQiOiJXb29fUFBDUCIsImRhdGEtdWlkIjoidWlkX3pmbHZha2h2enB6YnVpdW1hbXhoZG5zeXB0d2VoaiJ9fQ&clientID=Ae5f1gCMsVQdGHgW-9kVVhylPdkj3DLTOwMMhTFdG8I9LNH8VQfwHopNYUezZlyXGqCMOsgGKMowuMAT&sdkCorrelationID=69d4e9edb3bb7&storageID=uid_73224920f7_mje6mju6mtk&sessionID=uid_516a2a7c55_mje6mju6mtk&buttonSessionID=uid_bdbf5430ff_mje6mju6mtk&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjpmYWxzZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19fSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&disableFunding.0=card&merchantID.0=BXYFB5LA635D2&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

06e2377f9159267ef6d9552435876d2e19a27c036cdddd4ddd55c484d92681f4

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.paypal.com
:scheme: https
:path: /smart/buttons?style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=true&components.0=buttons&components.1=messages&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWU1ZjFnQ01zVlFkR0hnVy05a1ZWaHlsUGRrajNETFRPd01NaFRGZEc4STlMTkg4VlFmd0hvcE5ZVWV6Wmx5WEdxQ01Pc2dHS01vd3VNQVQmY3VycmVuY3k9VVNEJmludGVncmF0aW9uLWRhdGU9MjAyMC0xMC0xNSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMmdmF1bHQ9ZmFsc2UmY29tbWl0PWZhbHNlJmludGVudD1jYXB0dXJlJm1lcmNoYW50LWlkPUJYWUZCNUxBNjM1RDImZGlzYWJsZS1mdW5kaW5nPWNhcmQiLCJhdHRycyI6eyJkYXRhLXBhcnRuZXItYXR0cmlidXRpb24taWQiOiJXb29fUFBDUCIsImRhdGEtdWlkIjoidWlkX3pmbHZha2h2enB6YnVpdW1hbXhoZG5zeXB0d2VoaiJ9fQ&clientID=Ae5f1gCMsVQdGHgW-9kVVhylPdkj3DLTOwMMhTFdG8I9LNH8VQfwHopNYUezZlyXGqCMOsgGKMowuMAT&sdkCorrelationID=69d4e9edb3bb7&storageID=uid_73224920f7_mje6mju6mtk&sessionID=uid_516a2a7c55_mje6mju6mtk&buttonSessionID=uid_bdbf5430ff_mje6mju6mtk&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjpmYWxzZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19fSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&disableFunding.0=card&merchantID.0=BXYFB5LA635D2&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://abuserefuge.org/product/donate-any-amount
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: l7_az=dcg14.slc; ts_c=vr%3D8802b93017a0a78868b82696fe139485%26vt%3D8802b93017a0a78868b82696fe139484; ts=vreXpYrS%3D1720473918%26vteXpYrS%3D1625781318%26vr%3D8802b93017a0a78868b82696fe139485%26vt%3D8802b93017a0a78868b82696fe139484%26vtyp%3Dnew; akavpau_ppsd=1625780119~id=374aeccc57fd22828a860dbd94912d5f; LANG=en_US%3BUS; enforce_policy=ccpa; x-pp-s=eyJ0IjoiMTYyNTc3OTUxODk5MCIsImwiOiIwIiwibSI6IjAifQ; tsrce=tagmanagernodeweb; nsid=s%3Ap605DFGSqR4iuegwZAUiOVvuXmUt62tM.QgpDSe%2FJmqBb9wrWzE5VTgJXRV5AQcxfnx5A5uNcAB8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://abuserefuge.org/product/donate-any-amount

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
etag: W/"41112-/CrDa1RbnYPwIY3OMqm/Fnue2fg"
p3p: true
paypal-debug-id: 63544cf45c949
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
x-edgeconnect-midmile-rtt: 150
x-edgeconnect-origin-mex-latency: 116
vary: Accept-Encoding
content-encoding: gzip
date: Thu, 08 Jul 2021 21:25:19 GMT
set-cookie: tsrce=smartcomponentnodeweb; Domain=.paypal.com; Path=/; Expires=Sun, 11 Jul 2021 21:25:19 GMT; HttpOnly; Secure; SameSite=None l7_az=dcg14.slc; Path=/; Domain=paypal.com; Expires=Thu, 08 Jul 2021 21:55:19 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1720473919%26vteXpYrS%3D1625781319%26vr%3D8802b93017a0a78868b82696fe139485%26vt%3D8802b93017a0a78868b82696fe139484%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Sun, 07 Jul 2024 21:25:19 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3D8802b93017a0a78868b82696fe139485%26vt%3D8802b93017a0a78868b82696fe139484; Path=/; Domain=paypal.com; Expires=Sun, 07 Jul 2024 21:25:19 GMT; Secure; SameSite=None x-cdn=akamai; path=/; domain=.paypal.com; secure akavpau_ppsd=1625780119~id=374aeccc57fd22828a860dbd94912d5f; Domain=www.paypal.com; Path=/; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=63072000

GET
H2 200 message Show response
www.paypal.com/credit-presentment/smart/ Frame 9C3F 18 KB
9 KB 571ms
570ms Document
text/html 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/credit-presentment/smart/message?merchant_id=BXYFB5LA635D2&currency=USD&amount=0&placement=product&style=%7B%22layout%22%3A%22text%22%2C%22logo%22%3A%7B%22type%22%3A%22primary%22%2C%22position%22%3A%22left%22%7D%2C%22text%22%3A%7B%22color%22%3A%22black%22%7D%2C%22color%22%3A%22blue%22%2C%22ratio%22%3A%221x1%22%7D&client_id=Ae5f1gCMsVQdGHgW-9kVVhylPdkj3DLTOwMMhTFdG8I9LNH8VQfwHopNYUezZlyXGqCMOsgGKMowuMAT&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVFiZ2hZZC03bVJQeWltRXJpWVNjSWdUbllVc0xucjV3Vm5Qbm1mUGFTendLclVlM3FOemZFYzVoWHI5VWNmX0pHX0hGQVpwSk1KWVhNdWsmbWVyY2hhbnQtaWQ9QlhZRkI1TEE2MzVEMiZpbnRlbnQ9Y2FwdHVyZSZsb2NhbGU9ZW5fVVMmY29tcG9uZW50cz1idXR0b25zLGZ1bmRpbmctZWxpZ2liaWxpdHksbWVzc2FnZXMmY29tbWl0PWZhbHNlJmN1cnJlbmN5PVVTRCIsImF0dHJzIjp7ImRhdGEtcGFydG5lci1hdHRyaWJ1dGlvbi1pZCI6Ildvb1RoZW1lc19FQyIsImRhdGEtdWlkIjoidWlkX2d3YWtlc21kaGZ2YWt3eWxudWN6cmJwbHpkdGh4ZSJ9fQ&env=production&version=1.24.1&deviceID=uid_fb500c8ef8_mje6mju6mtg&sessionID=uid_7133086101_mje6mju6mtg&scriptUID=uid_gwakesmdhfvakwylnuczrbplzdthxe&pp_debug=false

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

9d1c737186b375d85847d9b1ab964f31c13100bd13d0a4628e10aa18dde94dc9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-MDIRFzbmftQqNteMlYbLOM+G70E89xlZhucY9ETWymQRwqVW' 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com https:; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.paypal.com
:scheme: https
:path: /credit-presentment/smart/message?merchant_id=BXYFB5LA635D2&currency=USD&amount=0&placement=product&style=%7B%22layout%22%3A%22text%22%2C%22logo%22%3A%7B%22type%22%3A%22primary%22%2C%22position%22%3A%22left%22%7D%2C%22text%22%3A%7B%22color%22%3A%22black%22%7D%2C%22color%22%3A%22blue%22%2C%22ratio%22%3A%221x1%22%7D&client_id=Ae5f1gCMsVQdGHgW-9kVVhylPdkj3DLTOwMMhTFdG8I9LNH8VQfwHopNYUezZlyXGqCMOsgGKMowuMAT&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVFiZ2hZZC03bVJQeWltRXJpWVNjSWdUbllVc0xucjV3Vm5Qbm1mUGFTendLclVlM3FOemZFYzVoWHI5VWNmX0pHX0hGQVpwSk1KWVhNdWsmbWVyY2hhbnQtaWQ9QlhZRkI1TEE2MzVEMiZpbnRlbnQ9Y2FwdHVyZSZsb2NhbGU9ZW5fVVMmY29tcG9uZW50cz1idXR0b25zLGZ1bmRpbmctZWxpZ2liaWxpdHksbWVzc2FnZXMmY29tbWl0PWZhbHNlJmN1cnJlbmN5PVVTRCIsImF0dHJzIjp7ImRhdGEtcGFydG5lci1hdHRyaWJ1dGlvbi1pZCI6Ildvb1RoZW1lc19FQyIsImRhdGEtdWlkIjoidWlkX2d3YWtlc21kaGZ2YWt3eWxudWN6cmJwbHpkdGh4ZSJ9fQ&env=production&version=1.24.1&deviceID=uid_fb500c8ef8_mje6mju6mtg&sessionID=uid_7133086101_mje6mju6mtg&scriptUID=uid_gwakesmdhfvakwylnuczrbplzdthxe&pp_debug=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://abuserefuge.org/product/donate-any-amount
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: l7_az=dcg14.slc; ts_c=vr%3D8802b93017a0a78868b82696fe139485%26vt%3D8802b93017a0a78868b82696fe139484; ts=vreXpYrS%3D1720473918%26vteXpYrS%3D1625781318%26vr%3D8802b93017a0a78868b82696fe139485%26vt%3D8802b93017a0a78868b82696fe139484%26vtyp%3Dnew; akavpau_ppsd=1625780119~id=374aeccc57fd22828a860dbd94912d5f; LANG=en_US%3BUS; enforce_policy=ccpa; x-pp-s=eyJ0IjoiMTYyNTc3OTUxODk5MCIsImwiOiIwIiwibSI6IjAifQ; tsrce=tagmanagernodeweb; nsid=s%3Ap605DFGSqR4iuegwZAUiOVvuXmUt62tM.QgpDSe%2FJmqBb9wrWzE5VTgJXRV5AQcxfnx5A5uNcAB8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://abuserefuge.org/product/donate-any-amount

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-MDIRFzbmftQqNteMlYbLOM+G70E89xlZhucY9ETWymQRwqVW' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
etag: W/"49f4-YUBTpcRI4btzgYc2GoQ5MGKoPY0"
paypal-debug-id: da56c193ebd72
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
x-edgeconnect-midmile-rtt: 153
x-edgeconnect-origin-mex-latency: 373
vary: Accept-Encoding
content-encoding: gzip
date: Thu, 08 Jul 2021 21:25:19 GMT
content-length: 7555
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Fri, 09 Jul 2021 06:11:15 GMT; HttpOnly; Secure; SameSite=None enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Fri, 08 Jul 2022 21:25:19 GMT; Secure; SameSite=None x-pp-s=eyJ0IjoiMTYyNTc3OTUxOTY2NCIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure; SameSite=None tsrce=crcpresentmentnodeweb; Domain=.paypal.com; Path=/; Expires=Sun, 11 Jul 2021 21:25:19 GMT; HttpOnly; Secure; SameSite=None l7_az=dcg14.slc; Path=/; Domain=paypal.com; Expires=Thu, 08 Jul 2021 21:55:19 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1720473919%26vteXpYrS%3D1625781319%26vr%3D8802b93017a0a78868b82696fe139485%26vt%3D8802b93017a0a78868b82696fe139484%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Sun, 07 Jul 2024 21:25:19 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3D8802b93017a0a78868b82696fe139485%26vt%3D8802b93017a0a78868b82696fe139484; Path=/; Domain=paypal.com; Expires=Sun, 07 Jul 2024 21:25:19 GMT; Secure; SameSite=None x-cdn=akamai; path=/; domain=.paypal.com; secure akavpau_ppsd=1625780119~id=374aeccc57fd22828a860dbd94912d5f; Domain=www.paypal.com; Path=/; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=63072000

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 64 KB
17 KB 36ms
34ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=abuserefuge.org&t=xo&v=5.0.237&source=payments_sdk&mrid=BXYFB5LA635D2&client_id=AQbghYd-7mRPyimEriYScIgTnYUsLnr5wVnPnmfPaSzwKrUe3qNzfEc5hXr9Ucf_JG_HFAZpJMJYXMuk&comp=buttons,funding-eligibility,messages&vault=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

d227e8e8dd1e8e18de0048d0a79a03ed0a52132b15a96938d6ba4ce89a8a0e16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 21:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 07 Jul 2021 18:47:51 GMT
etag: W/"60e5f6d7-10177"
surrogate-control: max-age=31536000
vary: Accept-Encoding
content-type: application/javascript
paypal-debug-id: 20455cea7f03f
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=31536000
dc: ccg11-origin-www-1.paypal.com
content-length: 17354
expires: Thu, 08 Jul 2021 21:25:19 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
692 B 246ms
193ms Image
image/gif 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3ABXYFB5LA635D2-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3ABXYFB5LA635D2-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=6f949640-e616-4d32-974a-43ff84ae62d2&fltp=analytics&mrid=BXYFB5LA635D2&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Donate%20Any%20Amount%20%E2%80%93%20Abuse%20Refuge%20Org&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1625779519212&g=-120&completeurl=https%3A%2F%2Fabuserefuge.org%2Fproduct%2Fdonate-any-amount
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: akka-http/10.1.11 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 21:25:19 GMT
via: 1.1 varnish, 1.1 varnish
server: akka-http/10.1.11
x-timer: S1625779519.278769,VS0,VE172
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
expires: Thu, 08 Jul 2021 21:25:19 GMT
cache-control: no-cache, no-store, max-age=0, no-transform
x-cache-hits: 0, 0
accept-ranges: bytes
content-type: image/gif
content-length: 42
x-served-by: cache-hhn4046-HHN, cache-vie6381-VIE

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame 0899 218 KB
65 KB 34ms
34ms Document
text/html 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

dcf6fd9ff30c587eb8ba3a40082cd92514c1f618cbab76d6687590ab2fa05c0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: www.paypalobjects.com
:scheme: https
:path: /muse/analytics/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://abuserefuge.org/product/donate-any-amount
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://abuserefuge.org/product/donate-any-amount

Response headers

content-encoding: gzip
content-type: text/html
etag: W/"60e5f6d7-36841"
last-modified: Wed, 07 Jul 2021 18:47:51 GMT
paypal-debug-id: 81b16d12ef772
surrogate-control: max-age=31536000
dc: ccg11-origin-www-1.paypal.com
content-length: 66395
expires: Thu, 08 Jul 2021 21:25:19 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 08 Jul 2021 21:25:19 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31536000

GET
H2 200 noop.js Show response
www.paypalobjects.com/muse/ Frame 0899 18 B
353 B 34ms
34ms Fetch
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/noop.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/muse/analytics/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:19 GMT
x-content-type-options: nosniff
surrogate-control: max-age=31536000
paypal-debug-id: 6783e60bfe962
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 18
x-client-location: AT
pragma: no-cache
last-modified: Sat, 13 Feb 2021 00:26:56 GMT
etag: "60271cd0-12"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Thu, 08 Jul 2021 21:25:19 GMT

GET
H2 200 75a0bc6002deaf774995.chunk.js Show response
www.paypalobjects.com/muse/analytics/chunk/ Frame 0899 6 KB
3 KB 34ms
34ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/chunk/75a0bc6002deaf774995.chunk.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

95b259e818eb72c1daac60e8142d8012e99c8d28dc29e13212c419cb7cc35037

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypalobjects.com/muse/analytics/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 21:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 07 Jul 2021 18:47:51 GMT
etag: W/"60e5f6d7-19f9"
surrogate-control: max-age=31536000
vary: Accept-Encoding
content-type: application/javascript
paypal-debug-id: b4b695456f34f
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=31536000
dc: ccg11-origin-www-1.paypal.com
content-length: 2795
expires: Thu, 08 Jul 2021 21:25:19 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
159 B 182ms
182ms Image
image/gif 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3ABXYFB5LA635D2-1&page=muse%3Aoffer%3A%3A%3ABXYFB5LA635D2-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=6f949640-e616-4d32-974a-43ff84ae62d2&es=visitorInfoFlowStarted&mrid=BXYFB5LA635D2&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Donate%20Any%20Amount%20%E2%80%93%20Abuse%20Refuge%20Org&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1625779519573&g=-120&completeurl=https%3A%2F%2Fabuserefuge.org%2Fproduct%2Fdonate-any-amount
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: akka-http/10.1.11 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 21:25:19 GMT
via: 1.1 varnish, 1.1 varnish
server: akka-http/10.1.11
x-timer: S1625779520.587646,VS0,VE160
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
http_x_pp_az_locator: slca.slc
expires: Thu, 08 Jul 2021 21:25:19 GMT
cache-control: no-cache, no-store, max-age=0, no-transform
x-cache-hits: 0, 0
accept-ranges: bytes
content-type: image/gif
content-length: 42
x-served-by: cache-hhn11547-HHN, cache-vie6381-VIE

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame 0899 434 B
2 KB 294ms
294ms Fetch
application/json 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/chunk/75a0bc6002deaf774995.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

e71fb01f1b432f96b3c8e4d8848de9674ceb6d0c4408b737ca7e9b51dab94729

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-M8Nmwts6IkZ6K0wbrX1yO7K1GqIGZQhlL4W85BljDTc7lE61' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'
Strict-Transport-Security	max-age=63072000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-edgeconnect-origin-mex-latency: 103
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-M8Nmwts6IkZ6K0wbrX1yO7K1GqIGZQhlL4W85BljDTc7lE61' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'
x-edgeconnect-midmile-rtt: 149
paypal-debug-id: 966562ed8368e
date: Thu, 08 Jul 2021 21:25:20 GMT
dc: ccg11-origin-www-1.paypal.com
content-length: 434
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
etag: W/"1b2-o95kuhHlUNfy7cGKaCtL35mTQbg"
strict-transport-security: max-age=63072000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 296ms
228ms Preflight 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Protocol

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: 30f63557f2c24
dc: ccg11-origin-www-1.paypal.com
x-edgeconnect-midmile-rtt: 144
x-edgeconnect-origin-mex-latency: 43
date: Thu, 08 Jul 2021 21:25:19 GMT
strict-transport-security: max-age=63072000

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 0599 353 KB
108 KB 41ms
40ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=true&components.0=buttons&components.1=messages&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWU1ZjFnQ01zVlFkR0hnVy05a1ZWaHlsUGRrajNETFRPd01NaFRGZEc4STlMTkg4VlFmd0hvcE5ZVWV6Wmx5WEdxQ01Pc2dHS01vd3VNQVQmY3VycmVuY3k9VVNEJmludGVncmF0aW9uLWRhdGU9MjAyMC0xMC0xNSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMmdmF1bHQ9ZmFsc2UmY29tbWl0PWZhbHNlJmludGVudD1jYXB0dXJlJm1lcmNoYW50LWlkPUJYWUZCNUxBNjM1RDImZGlzYWJsZS1mdW5kaW5nPWNhcmQiLCJhdHRycyI6eyJkYXRhLXBhcnRuZXItYXR0cmlidXRpb24taWQiOiJXb29fUFBDUCIsImRhdGEtdWlkIjoidWlkX3pmbHZha2h2enB6YnVpdW1hbXhoZG5zeXB0d2VoaiJ9fQ&clientID=Ae5f1gCMsVQdGHgW-9kVVhylPdkj3DLTOwMMhTFdG8I9LNH8VQfwHopNYUezZlyXGqCMOsgGKMowuMAT&sdkCorrelationID=69d4e9edb3bb7&storageID=uid_73224920f7_mje6mju6mtk&sessionID=uid_516a2a7c55_mje6mju6mtk&buttonSessionID=uid_bdbf5430ff_mje6mju6mtk&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjpmYWxzZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19fSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&disableFunding.0=card&merchantID.0=BXYFB5LA635D2&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

4ca96972c992bed579159cc88beee996344ff45b75635979254997ac8bc9d884

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-ozIwKQRFHs+37meKMRfZWvGvu+++1UqBxEJKcI7lDqC0q8pE' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-ozIwKQRFHs+37meKMRfZWvGvu+++1UqBxEJKcI7lDqC0q8pE' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=true&components.0=buttons&components.1=messages&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWU1ZjFnQ01zVlFkR0hnVy05a1ZWaHlsUGRrajNETFRPd01NaFRGZEc4STlMTkg4VlFmd0hvcE5ZVWV6Wmx5WEdxQ01Pc2dHS01vd3VNQVQmY3VycmVuY3k9VVNEJmludGVncmF0aW9uLWRhdGU9MjAyMC0xMC0xNSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMmdmF1bHQ9ZmFsc2UmY29tbWl0PWZhbHNlJmludGVudD1jYXB0dXJlJm1lcmNoYW50LWlkPUJYWUZCNUxBNjM1RDImZGlzYWJsZS1mdW5kaW5nPWNhcmQiLCJhdHRycyI6eyJkYXRhLXBhcnRuZXItYXR0cmlidXRpb24taWQiOiJXb29fUFBDUCIsImRhdGEtdWlkIjoidWlkX3pmbHZha2h2enB6YnVpdW1hbXhoZG5zeXB0d2VoaiJ9fQ&clientID=Ae5f1gCMsVQdGHgW-9kVVhylPdkj3DLTOwMMhTFdG8I9LNH8VQfwHopNYUezZlyXGqCMOsgGKMowuMAT&sdkCorrelationID=69d4e9edb3bb7&storageID=uid_73224920f7_mje6mju6mtk&sessionID=uid_516a2a7c55_mje6mju6mtk&buttonSessionID=uid_bdbf5430ff_mje6mju6mtk&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjpmYWxzZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19fSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&disableFunding.0=card&merchantID.0=BXYFB5LA635D2&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 287, 287, 287
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-ozIwKQRFHs+37meKMRfZWvGvu+++1UqBxEJKcI7lDqC0q8pE' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-ozIwKQRFHs+37meKMRfZWvGvu+++1UqBxEJKcI7lDqC0q8pE' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0, 0, 0
p3p: true
paypal-debug-id: 171bbcb584479
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 109369
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Thu, 08 Jul 2021 21:25:19 GMT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"1ab39-ajMAVKEi5o9ctk4NMInaHvhtt8Y"
expires: Thu, 08 Jul 2021 22:25:18 GMT

GET
DATA 200
OK truncated
/ Frame 0599 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame 0599 891 B
2 KB 240ms
240ms XHR
application/json 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

ce20e40718bd79362e7635f6e4ad06b5344b11227beeba3837464fb10436e931

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=true&components.0=buttons&components.1=messages&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWU1ZjFnQ01zVlFkR0hnVy05a1ZWaHlsUGRrajNETFRPd01NaFRGZEc4STlMTkg4VlFmd0hvcE5ZVWV6Wmx5WEdxQ01Pc2dHS01vd3VNQVQmY3VycmVuY3k9VVNEJmludGVncmF0aW9uLWRhdGU9MjAyMC0xMC0xNSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMmdmF1bHQ9ZmFsc2UmY29tbWl0PWZhbHNlJmludGVudD1jYXB0dXJlJm1lcmNoYW50LWlkPUJYWUZCNUxBNjM1RDImZGlzYWJsZS1mdW5kaW5nPWNhcmQiLCJhdHRycyI6eyJkYXRhLXBhcnRuZXItYXR0cmlidXRpb24taWQiOiJXb29fUFBDUCIsImRhdGEtdWlkIjoidWlkX3pmbHZha2h2enB6YnVpdW1hbXhoZG5zeXB0d2VoaiJ9fQ&clientID=Ae5f1gCMsVQdGHgW-9kVVhylPdkj3DLTOwMMhTFdG8I9LNH8VQfwHopNYUezZlyXGqCMOsgGKMowuMAT&sdkCorrelationID=69d4e9edb3bb7&storageID=uid_73224920f7_mje6mju6mtk&sessionID=uid_516a2a7c55_mje6mju6mtk&buttonSessionID=uid_bdbf5430ff_mje6mju6mtk&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjpmYWxzZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19fSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&disableFunding.0=card&merchantID.0=BXYFB5LA635D2&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

x-edgeconnect-origin-mex-latency: 36
date: Thu, 08 Jul 2021 21:25:20 GMT
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 150
etag: W/"37b-F9sjvWazRgGWXbgFd5lppH3B1qQ"
strict-transport-security: max-age=63072000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
paypal-debug-id: 66c2ec8cf200e
dc: ccg11-origin-www-1.paypal.com
content-length: 891

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0599 891 B
2 KB 240ms
240ms Ping
application/json 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=true&components.0=buttons&components.1=messages&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWU1ZjFnQ01zVlFkR0hnVy05a1ZWaHlsUGRrajNETFRPd01NaFRGZEc4STlMTkg4VlFmd0hvcE5ZVWV6Wmx5WEdxQ01Pc2dHS01vd3VNQVQmY3VycmVuY3k9VVNEJmludGVncmF0aW9uLWRhdGU9MjAyMC0xMC0xNSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMmdmF1bHQ9ZmFsc2UmY29tbWl0PWZhbHNlJmludGVudD1jYXB0dXJlJm1lcmNoYW50LWlkPUJYWUZCNUxBNjM1RDImZGlzYWJsZS1mdW5kaW5nPWNhcmQiLCJhdHRycyI6eyJkYXRhLXBhcnRuZXItYXR0cmlidXRpb24taWQiOiJXb29fUFBDUCIsImRhdGEtdWlkIjoidWlkX3pmbHZha2h2enB6YnVpdW1hbXhoZG5zeXB0d2VoaiJ9fQ&clientID=Ae5f1gCMsVQdGHgW-9kVVhylPdkj3DLTOwMMhTFdG8I9LNH8VQfwHopNYUezZlyXGqCMOsgGKMowuMAT&sdkCorrelationID=69d4e9edb3bb7&storageID=uid_73224920f7_mje6mju6mtk&sessionID=uid_516a2a7c55_mje6mju6mtk&buttonSessionID=uid_bdbf5430ff_mje6mju6mtk&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjpmYWxzZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19fSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&disableFunding.0=card&merchantID.0=BXYFB5LA635D2&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

804c1e6f9dd59975f39e53ca240337227b156ffc94536590eb9a0e94f8ee13c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=true&components.0=buttons&components.1=messages&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWU1ZjFnQ01zVlFkR0hnVy05a1ZWaHlsUGRrajNETFRPd01NaFRGZEc4STlMTkg4VlFmd0hvcE5ZVWV6Wmx5WEdxQ01Pc2dHS01vd3VNQVQmY3VycmVuY3k9VVNEJmludGVncmF0aW9uLWRhdGU9MjAyMC0xMC0xNSZjb21wb25lbnRzPWJ1dHRvbnMsbWVzc2FnZXMmdmF1bHQ9ZmFsc2UmY29tbWl0PWZhbHNlJmludGVudD1jYXB0dXJlJm1lcmNoYW50LWlkPUJYWUZCNUxBNjM1RDImZGlzYWJsZS1mdW5kaW5nPWNhcmQiLCJhdHRycyI6eyJkYXRhLXBhcnRuZXItYXR0cmlidXRpb24taWQiOiJXb29fUFBDUCIsImRhdGEtdWlkIjoidWlkX3pmbHZha2h2enB6YnVpdW1hbXhoZG5zeXB0d2VoaiJ9fQ&clientID=Ae5f1gCMsVQdGHgW-9kVVhylPdkj3DLTOwMMhTFdG8I9LNH8VQfwHopNYUezZlyXGqCMOsgGKMowuMAT&sdkCorrelationID=69d4e9edb3bb7&storageID=uid_73224920f7_mje6mju6mtk&sessionID=uid_516a2a7c55_mje6mju6mtk&buttonSessionID=uid_bdbf5430ff_mje6mju6mtk&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOmZhbHNlLCJicmFuZGVkIjpmYWxzZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19fSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&disableFunding.0=card&merchantID.0=BXYFB5LA635D2&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-edgeconnect-origin-mex-latency: 26
date: Thu, 08 Jul 2021 21:25:20 GMT
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 150
etag: W/"37b-IQgQUQEwy1QksJdkoLrwAn5xDzA"
strict-transport-security: max-age=63072000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
paypal-debug-id: 88900d750eb7c
dc: ccg11-origin-www-1.paypal.com
content-length: 891

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 9C3F 362 KB
111 KB 40ms
40ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/credit-presentment/smart/message?merchant_id=BXYFB5LA635D2&currency=USD&amount=0&placement=product&style=%7B%22layout%22%3A%22text%22%2C%22logo%22%3A%7B%22type%22%3A%22primary%22%2C%22position%22%3A%22left%22%7D%2C%22text%22%3A%7B%22color%22%3A%22black%22%7D%2C%22color%22%3A%22blue%22%2C%22ratio%22%3A%221x1%22%7D&client_id=Ae5f1gCMsVQdGHgW-9kVVhylPdkj3DLTOwMMhTFdG8I9LNH8VQfwHopNYUezZlyXGqCMOsgGKMowuMAT&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVFiZ2hZZC03bVJQeWltRXJpWVNjSWdUbllVc0xucjV3Vm5Qbm1mUGFTendLclVlM3FOemZFYzVoWHI5VWNmX0pHX0hGQVpwSk1KWVhNdWsmbWVyY2hhbnQtaWQ9QlhZRkI1TEE2MzVEMiZpbnRlbnQ9Y2FwdHVyZSZsb2NhbGU9ZW5fVVMmY29tcG9uZW50cz1idXR0b25zLGZ1bmRpbmctZWxpZ2liaWxpdHksbWVzc2FnZXMmY29tbWl0PWZhbHNlJmN1cnJlbmN5PVVTRCIsImF0dHJzIjp7ImRhdGEtcGFydG5lci1hdHRyaWJ1dGlvbi1pZCI6Ildvb1RoZW1lc19FQyIsImRhdGEtdWlkIjoidWlkX2d3YWtlc21kaGZ2YWt3eWxudWN6cmJwbHpkdGh4ZSJ9fQ&env=production&version=1.24.1&deviceID=uid_fb500c8ef8_mje6mju6mtg&sessionID=uid_7133086101_mje6mju6mtg&scriptUID=uid_gwakesmdhfvakwylnuczrbplzdthxe&pp_debug=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

cf7d86d0ef74d75c9803f1d1c8728467a9417d0eef000564083c3334572bea79

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-gcoQ5KjrfT0x/nBFhNCIKXh4TPLvdKOOBh5/d4uUDZoEOA0a' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-gcoQ5KjrfT0x/nBFhNCIKXh4TPLvdKOOBh5/d4uUDZoEOA0a' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/credit-presentment/smart/message?merchant_id=BXYFB5LA635D2&currency=USD&amount=0&placement=product&style=%7B%22layout%22%3A%22text%22%2C%22logo%22%3A%7B%22type%22%3A%22primary%22%2C%22position%22%3A%22left%22%7D%2C%22text%22%3A%7B%22color%22%3A%22black%22%7D%2C%22color%22%3A%22blue%22%2C%22ratio%22%3A%221x1%22%7D&client_id=Ae5f1gCMsVQdGHgW-9kVVhylPdkj3DLTOwMMhTFdG8I9LNH8VQfwHopNYUezZlyXGqCMOsgGKMowuMAT&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVFiZ2hZZC03bVJQeWltRXJpWVNjSWdUbllVc0xucjV3Vm5Qbm1mUGFTendLclVlM3FOemZFYzVoWHI5VWNmX0pHX0hGQVpwSk1KWVhNdWsmbWVyY2hhbnQtaWQ9QlhZRkI1TEE2MzVEMiZpbnRlbnQ9Y2FwdHVyZSZsb2NhbGU9ZW5fVVMmY29tcG9uZW50cz1idXR0b25zLGZ1bmRpbmctZWxpZ2liaWxpdHksbWVzc2FnZXMmY29tbWl0PWZhbHNlJmN1cnJlbmN5PVVTRCIsImF0dHJzIjp7ImRhdGEtcGFydG5lci1hdHRyaWJ1dGlvbi1pZCI6Ildvb1RoZW1lc19FQyIsImRhdGEtdWlkIjoidWlkX2d3YWtlc21kaGZ2YWt3eWxudWN6cmJwbHpkdGh4ZSJ9fQ&env=production&version=1.24.1&deviceID=uid_fb500c8ef8_mje6mju6mtg&sessionID=uid_7133086101_mje6mju6mtg&scriptUID=uid_gwakesmdhfvakwylnuczrbplzdthxe&pp_debug=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 368, 368
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-gcoQ5KjrfT0x/nBFhNCIKXh4TPLvdKOOBh5/d4uUDZoEOA0a' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-gcoQ5KjrfT0x/nBFhNCIKXh4TPLvdKOOBh5/d4uUDZoEOA0a' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0, 0
p3p: true
paypal-debug-id: 8ee7b6e07178e
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 112702
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Thu, 08 Jul 2021 21:25:19 GMT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"1b83e-ey0BfGTBWc9ThNqCboc/rod1x8Y"
expires: Thu, 08 Jul 2021 22:25:17 GMT

GET
H2 200 smart-credit-common@1.24.1.js Show response
www.paypalobjects.com/upstream/bizcomponents/js/versioned/ Frame 9C3F 172 KB
57 KB 48ms
48ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/upstream/bizcomponents/js/versioned/smart-credit-common@1.24.1.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

166d3bbfc1bcd5ff1e0ba6b2c0e6d1039c9cd16740351cc46c7a3edd844fceea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 23 Jun 2021 15:50:48 GMT
etag: W/"60d35858-2aefb"
surrogate-control: max-age=31536000
vary: Accept-Encoding
content-type: application/javascript
paypal-debug-id: b7e350dbedbe8
cache-control: public, max-age=3600
strict-transport-security: max-age=31536000
dc: ccg11-origin-www-1.paypal.com
content-length: 58364
expires: Thu, 08 Jul 2021 22:25:19 GMT

GET
H2 200 smart-credit-message@1.24.1.js Show response
www.paypalobjects.com/upstream/bizcomponents/js/versioned/ Frame 9C3F 6 KB
3 KB 49ms
48ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/upstream/bizcomponents/js/versioned/smart-credit-message@1.24.1.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

164e5e9624054cdd5c8162abfb1c4b76a9697789d85be1c05bf6fb9d6a9d27b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 23 Jun 2021 15:50:48 GMT
etag: W/"60d35858-17b0"
surrogate-control: max-age=31536000
vary: Accept-Encoding
content-type: application/javascript
paypal-debug-id: f9d60a8ba8671
cache-control: public, max-age=3600
strict-transport-security: max-age=31536000
dc: ccg11-origin-www-1.paypal.com
content-length: 2598
expires: Thu, 08 Jul 2021 22:25:19 GMT

GET
H2 200 PayPalSansSmall-Regular.woff2
www.paypalobjects.com/ui-web/paypal-sans-small/1-0-0/ Frame 9C3F 36 KB
37 KB 64ms
63ms Font
application/font-woff2 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/ui-web/paypal-sans-small/1-0-0/PayPalSansSmall-Regular.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

fbc9938e7f80cc983bbdfe777b736364fec34f493d20a81f84b5c67b6bc0c24e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.paypal.com
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:19 GMT
x-content-type-options: nosniff
last-modified: Sat, 13 Feb 2021 00:29:24 GMT
cache-control: public, max-age=3600
etag: "60271d64-9142"
surrogate-control: max-age=31536000
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
paypal-debug-id: c45b80d5e609
strict-transport-security: max-age=31536000
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 37186
expires: Thu, 08 Jul 2021 22:25:19 GMT

GET
H2 200 PayPalSansSmall-Medium.woff2
www.paypalobjects.com/ui-web/paypal-sans-small/1-0-0/ Frame 9C3F 38 KB
38 KB 34ms
34ms Font
application/font-woff2 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/ui-web/paypal-sans-small/1-0-0/PayPalSansSmall-Medium.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

b337b4723a05881b0fdbc54695b0558d288b13ab9d98ff45d091e51d78fd6ed0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.paypal.com
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:19 GMT
x-content-type-options: nosniff
last-modified: Sat, 13 Feb 2021 00:29:24 GMT
cache-control: public, max-age=3600
etag: "60271d64-96ce"
surrogate-control: max-age=31536000
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
paypal-debug-id: e6e1c9768a2c
strict-transport-security: max-age=31536000
accept-ranges: bytes
dc: ccg11-origin-www-2.paypal.com
content-length: 38606
expires: Thu, 08 Jul 2021 22:25:19 GMT

GET
H2 200 ppc_fc_alt_no_paypal.svg
www.paypalobjects.com/upstream/assets/logos/US/ Frame 9C3F 9 KB
4 KB 35ms
34ms Image
image/svg+xml 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/upstream/assets/logos/US/ppc_fc_alt_no_paypal.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

59f8ba1249c637c971cf8162c7734c44ba9dccba4567d0857cbaaac4dd3fad0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 13 Feb 2021 00:29:36 GMT
cache-control: public, max-age=3600
etag: W/"60271d70-22e9"
surrogate-control: max-age=31536000
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
paypal-debug-id: d43356a6c9131
strict-transport-security: max-age=31536000
dc: ccg11-origin-www-1.paypal.com
content-length: 3482
expires: Thu, 08 Jul 2021 22:25:19 GMT

GET
H2 200 ppc_fc_alt.svg
www.paypalobjects.com/upstream/assets/logos/US/ Frame 9C3F 7 KB
3 KB 36ms
35ms Image
image/svg+xml 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/upstream/assets/logos/US/ppc_fc_alt.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

cef2620a0f9fc8f78ce5a1447ef1f2beee7138c592dc1ef101407abf02fd9559

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 13 Feb 2021 00:29:36 GMT
cache-control: public, max-age=3600
etag: W/"60271d70-1adf"
surrogate-control: max-age=31536000
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
paypal-debug-id: e22d442cbf281
strict-transport-security: max-age=31536000
dc: ccg11-origin-www-3.paypal.com
content-length: 2834
expires: Thu, 08 Jul 2021 22:25:19 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
487 B 197ms
196ms Image
image/gif 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3ABXYFB5LA635D2-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3ABXYFB5LA635D2-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=6f949640-e616-4d32-974a-43ff84ae62d2&fltp=analytics&mrid=BXYFB5LA635D2&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Donate%20Any%20Amount%20%E2%80%93%20Abuse%20Refuge%20Org&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1625779519994&g=-120&completeurl=https%3A%2F%2Fabuserefuge.org%2Fproduct%2Fdonate-any-amount
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: akka-http/10.1.11 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 21:25:20 GMT
via: 1.1 varnish, 1.1 varnish
server: akka-http/10.1.11
x-timer: S1625779520.007597,VS0,VE175
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
expires: Thu, 08 Jul 2021 21:25:20 GMT
cache-control: no-cache, no-store, max-age=0, no-transform
x-cache-hits: 0, 0
accept-ranges: bytes
content-type: image/gif
content-length: 42
x-served-by: cache-hhn4083-HHN, cache-vie6381-VIE

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame 9C3F 889 B
2 KB 214ms
213ms XHR
application/json 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

d900568f926dc902cfe23e81b70148567c1d3dd0f40b374ccbf14ca1a2014a88

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/credit-presentment/smart/message?merchant_id=BXYFB5LA635D2&currency=USD&amount=0&placement=product&style=%7B%22layout%22%3A%22text%22%2C%22logo%22%3A%7B%22type%22%3A%22primary%22%2C%22position%22%3A%22left%22%7D%2C%22text%22%3A%7B%22color%22%3A%22black%22%7D%2C%22color%22%3A%22blue%22%2C%22ratio%22%3A%221x1%22%7D&client_id=Ae5f1gCMsVQdGHgW-9kVVhylPdkj3DLTOwMMhTFdG8I9LNH8VQfwHopNYUezZlyXGqCMOsgGKMowuMAT&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVFiZ2hZZC03bVJQeWltRXJpWVNjSWdUbllVc0xucjV3Vm5Qbm1mUGFTendLclVlM3FOemZFYzVoWHI5VWNmX0pHX0hGQVpwSk1KWVhNdWsmbWVyY2hhbnQtaWQ9QlhZRkI1TEE2MzVEMiZpbnRlbnQ9Y2FwdHVyZSZsb2NhbGU9ZW5fVVMmY29tcG9uZW50cz1idXR0b25zLGZ1bmRpbmctZWxpZ2liaWxpdHksbWVzc2FnZXMmY29tbWl0PWZhbHNlJmN1cnJlbmN5PVVTRCIsImF0dHJzIjp7ImRhdGEtcGFydG5lci1hdHRyaWJ1dGlvbi1pZCI6Ildvb1RoZW1lc19FQyIsImRhdGEtdWlkIjoidWlkX2d3YWtlc21kaGZ2YWt3eWxudWN6cmJwbHpkdGh4ZSJ9fQ&env=production&version=1.24.1&deviceID=uid_fb500c8ef8_mje6mju6mtg&sessionID=uid_7133086101_mje6mju6mtg&scriptUID=uid_gwakesmdhfvakwylnuczrbplzdthxe&pp_debug=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

x-edgeconnect-origin-mex-latency: 25
date: Thu, 08 Jul 2021 21:25:20 GMT
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 144
etag: W/"379-Xa2hUyP3rix8vHIv+iPoBpGl7lY"
strict-transport-security: max-age=63072000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
paypal-debug-id: 67c74177396a9
dc: ccg11-origin-www-1.paypal.com
content-length: 889

GET
H2 200 ts
t.paypal.com/ 42 B
144 B 182ms
181ms Image
image/gif 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3ABXYFB5LA635D2-1&page=muse%3Aoffer%3A%3A%3ABXYFB5LA635D2-1%3A%3AvisitorInfo%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=6f949640-e616-4d32-974a-43ff84ae62d2&es=visitorInfo&mrid=BXYFB5LA635D2&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Donate%20Any%20Amount%20%E2%80%93%20Abuse%20Refuge%20Org&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1625779520186&g=-120&completeurl=https%3A%2F%2Fabuserefuge.org%2Fproduct%2Fdonate-any-amount
Requested by: Host: abuserefuge.org
URL: https://abuserefuge.org/product/donate-any-amount
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: akka-http/10.1.11 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jul 2021 21:25:20 GMT
via: 1.1 varnish, 1.1 varnish
server: akka-http/10.1.11
x-timer: S1625779520.199493,VS0,VE160
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
http_x_pp_az_locator: slcb.slc
expires: Thu, 08 Jul 2021 21:25:20 GMT
cache-control: no-cache, no-store, max-age=0, no-transform
x-cache-hits: 0, 0
accept-ranges: bytes
content-type: image/gif
content-length: 42
x-served-by: cache-hhn11548-HHN, cache-vie6381-VIE

GET
H2 200 modal Show response
www.paypal.com/credit-presentment/smart/ Frame 7C67 14 KB
9 KB 473ms
472ms Document
text/html 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/credit-presentment/smart/modal?merchant_id=BXYFB5LA635D2&currency=USD&amount=0&client_id=Ae5f1gCMsVQdGHgW-9kVVhylPdkj3DLTOwMMhTFdG8I9LNH8VQfwHopNYUezZlyXGqCMOsgGKMowuMAT&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVFiZ2hZZC03bVJQeWltRXJpWVNjSWdUbllVc0xucjV3Vm5Qbm1mUGFTendLclVlM3FOemZFYzVoWHI5VWNmX0pHX0hGQVpwSk1KWVhNdWsmbWVyY2hhbnQtaWQ9QlhZRkI1TEE2MzVEMiZpbnRlbnQ9Y2FwdHVyZSZsb2NhbGU9ZW5fVVMmY29tcG9uZW50cz1idXR0b25zLGZ1bmRpbmctZWxpZ2liaWxpdHksbWVzc2FnZXMmY29tbWl0PWZhbHNlJmN1cnJlbmN5PVVTRCIsImF0dHJzIjp7ImRhdGEtcGFydG5lci1hdHRyaWJ1dGlvbi1pZCI6Ildvb1RoZW1lc19FQyIsImRhdGEtdWlkIjoidWlkX2d3YWtlc21kaGZ2YWt3eWxudWN6cmJwbHpkdGh4ZSJ9fQ&env=production&version=1.24.1&deviceID=uid_fb500c8ef8_mje6mju6mtg&sessionID=uid_7133086101_mje6mju6mtg&scriptUID=uid_gwakesmdhfvakwylnuczrbplzdthxe&pp_debug=false

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

f2b3ceca837510704386710751e5bad264608507db47eaff742ee5ff0a24bf2d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-eSn96sU3S1egiDiCo0v2LwWxd8hjFHwhPDSPck6hlWXuTvSU' 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com https:; frame-src 'self' https://.paypalobjects.com https://.paypal.com https://.qualtrics.com; connect-src 'self' 'unsafe-inline' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.paypal.com
:scheme: https
:path: /credit-presentment/smart/modal?merchant_id=BXYFB5LA635D2&currency=USD&amount=0&client_id=Ae5f1gCMsVQdGHgW-9kVVhylPdkj3DLTOwMMhTFdG8I9LNH8VQfwHopNYUezZlyXGqCMOsgGKMowuMAT&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVFiZ2hZZC03bVJQeWltRXJpWVNjSWdUbllVc0xucjV3Vm5Qbm1mUGFTendLclVlM3FOemZFYzVoWHI5VWNmX0pHX0hGQVpwSk1KWVhNdWsmbWVyY2hhbnQtaWQ9QlhZRkI1TEE2MzVEMiZpbnRlbnQ9Y2FwdHVyZSZsb2NhbGU9ZW5fVVMmY29tcG9uZW50cz1idXR0b25zLGZ1bmRpbmctZWxpZ2liaWxpdHksbWVzc2FnZXMmY29tbWl0PWZhbHNlJmN1cnJlbmN5PVVTRCIsImF0dHJzIjp7ImRhdGEtcGFydG5lci1hdHRyaWJ1dGlvbi1pZCI6Ildvb1RoZW1lc19FQyIsImRhdGEtdWlkIjoidWlkX2d3YWtlc21kaGZ2YWt3eWxudWN6cmJwbHpkdGh4ZSJ9fQ&env=production&version=1.24.1&deviceID=uid_fb500c8ef8_mje6mju6mtg&sessionID=uid_7133086101_mje6mju6mtg&scriptUID=uid_gwakesmdhfvakwylnuczrbplzdthxe&pp_debug=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://abuserefuge.org/product/donate-any-amount
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: l7_az=dcg14.slc; ts_c=vr%3D8802b93017a0a78868b82696fe139485%26vt%3D8802b93017a0a78868b82696fe139484; LANG=en_US%3BUS; enforce_policy=ccpa; nsid=s%3Ap605DFGSqR4iuegwZAUiOVvuXmUt62tM.QgpDSe%2FJmqBb9wrWzE5VTgJXRV5AQcxfnx5A5uNcAB8; tsrce=crcpresentmentnodeweb; akavpau_ppsd=1625780120~id=3a77c3ba5903a45168d14f4083964e97; x-pp-s=eyJ0IjoiMTYyNTc3OTUyMDA3MyIsImwiOiIwIiwibSI6IjAifQ; ts=vreXpYrS%3D1720473920%26vteXpYrS%3D1625781320%26vr%3D8802b93017a0a78868b82696fe139485%26vt%3D8802b93017a0a78868b82696fe139484%26vtyp%3Dnew
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://abuserefuge.org/product/donate-any-amount

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-eSn96sU3S1egiDiCo0v2LwWxd8hjFHwhPDSPck6hlWXuTvSU' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
etag: W/"36fa-AfNmBrulZK11ITKxFDlgdrls1bE"
paypal-debug-id: 9f423c52becc0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
x-edgeconnect-midmile-rtt: 145
x-edgeconnect-origin-mex-latency: 238
vary: Accept-Encoding
content-encoding: gzip
date: Thu, 08 Jul 2021 21:25:20 GMT
content-length: 7886
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Fri, 09 Jul 2021 06:11:16 GMT; HttpOnly; Secure; SameSite=None enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Fri, 08 Jul 2022 21:25:20 GMT; Secure; SameSite=None x-pp-s=eyJ0IjoiMTYyNTc3OTUyMDczOSIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure; SameSite=None l7_az=dcg14.slc; Path=/; Domain=paypal.com; Expires=Thu, 08 Jul 2021 21:55:20 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1720473920%26vteXpYrS%3D1625781320%26vr%3D8802b93017a0a78868b82696fe139485%26vt%3D8802b93017a0a78868b82696fe139484%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Sun, 07 Jul 2024 21:25:20 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3D8802b93017a0a78868b82696fe139485%26vt%3D8802b93017a0a78868b82696fe139484; Path=/; Domain=paypal.com; Expires=Sun, 07 Jul 2024 21:25:20 GMT; Secure; SameSite=None x-cdn=akamai; path=/; domain=.paypal.com; secure akavpau_ppsd=1625780120~id=3a77c3ba5903a45168d14f4083964e97; Domain=www.paypal.com; Path=/; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=63072000

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 857 B
2 KB 231ms
231ms XHR
application/json 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

77ca2af4ce3f95f3681aa047eb4818eedbc565a63f376356a1910d9a55b40209

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

x-edgeconnect-origin-mex-latency: 41
date: Thu, 08 Jul 2021 21:25:20 GMT
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 143
etag: W/"359-aOrr/vukQSInBJGYN0EgjIsJsq0"
strict-transport-security: max-age=63072000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://abuserefuge.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
paypal-debug-id: 9bf7b3d0a7722
dc: ccg11-origin-www-1.paypal.com
content-length: 857

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 225ms
225ms Preflight 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://abuserefuge.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://abuserefuge.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: d5abc20cc109b
x-content-type-options: nosniff
dc: ccg11-origin-www-1.paypal.com
content-length: 0
x-edgeconnect-midmile-rtt: 144
x-edgeconnect-origin-mex-latency: 40
date: Thu, 08 Jul 2021 21:25:20 GMT
strict-transport-security: max-age=63072000

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 868 B
2 KB 234ms
234ms XHR
application/json 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

ba0f1c39020fc74e08bcc21c41828e830e7b33b141fd3d70616f80dc732c4baf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

x-edgeconnect-origin-mex-latency: 41
date: Thu, 08 Jul 2021 21:25:20 GMT
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 154
etag: W/"364-1JUwQ3/1Bka2PPnnVkInb9Fo/Tc"
strict-transport-security: max-age=63072000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://abuserefuge.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
paypal-debug-id: 507d9f7259b07
dc: ccg11-origin-www-1.paypal.com
content-length: 868

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 230ms
230ms Preflight 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://abuserefuge.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://abuserefuge.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: 81725e81b9d0f
x-content-type-options: nosniff
dc: ccg11-origin-www-1.paypal.com
content-length: 0
x-edgeconnect-midmile-rtt: 145
x-edgeconnect-origin-mex-latency: 38
date: Thu, 08 Jul 2021 21:25:20 GMT
strict-transport-security: max-age=63072000

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 7C67 362 KB
111 KB 41ms
40ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/credit-presentment/smart/modal?merchant_id=BXYFB5LA635D2&currency=USD&amount=0&client_id=Ae5f1gCMsVQdGHgW-9kVVhylPdkj3DLTOwMMhTFdG8I9LNH8VQfwHopNYUezZlyXGqCMOsgGKMowuMAT&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVFiZ2hZZC03bVJQeWltRXJpWVNjSWdUbllVc0xucjV3Vm5Qbm1mUGFTendLclVlM3FOemZFYzVoWHI5VWNmX0pHX0hGQVpwSk1KWVhNdWsmbWVyY2hhbnQtaWQ9QlhZRkI1TEE2MzVEMiZpbnRlbnQ9Y2FwdHVyZSZsb2NhbGU9ZW5fVVMmY29tcG9uZW50cz1idXR0b25zLGZ1bmRpbmctZWxpZ2liaWxpdHksbWVzc2FnZXMmY29tbWl0PWZhbHNlJmN1cnJlbmN5PVVTRCIsImF0dHJzIjp7ImRhdGEtcGFydG5lci1hdHRyaWJ1dGlvbi1pZCI6Ildvb1RoZW1lc19FQyIsImRhdGEtdWlkIjoidWlkX2d3YWtlc21kaGZ2YWt3eWxudWN6cmJwbHpkdGh4ZSJ9fQ&env=production&version=1.24.1&deviceID=uid_fb500c8ef8_mje6mju6mtg&sessionID=uid_7133086101_mje6mju6mtg&scriptUID=uid_gwakesmdhfvakwylnuczrbplzdthxe&pp_debug=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

cf7d86d0ef74d75c9803f1d1c8728467a9417d0eef000564083c3334572bea79

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-gcoQ5KjrfT0x/nBFhNCIKXh4TPLvdKOOBh5/d4uUDZoEOA0a' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-gcoQ5KjrfT0x/nBFhNCIKXh4TPLvdKOOBh5/d4uUDZoEOA0a' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/credit-presentment/smart/modal?merchant_id=BXYFB5LA635D2&currency=USD&amount=0&client_id=Ae5f1gCMsVQdGHgW-9kVVhylPdkj3DLTOwMMhTFdG8I9LNH8VQfwHopNYUezZlyXGqCMOsgGKMowuMAT&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVFiZ2hZZC03bVJQeWltRXJpWVNjSWdUbllVc0xucjV3Vm5Qbm1mUGFTendLclVlM3FOemZFYzVoWHI5VWNmX0pHX0hGQVpwSk1KWVhNdWsmbWVyY2hhbnQtaWQ9QlhZRkI1TEE2MzVEMiZpbnRlbnQ9Y2FwdHVyZSZsb2NhbGU9ZW5fVVMmY29tcG9uZW50cz1idXR0b25zLGZ1bmRpbmctZWxpZ2liaWxpdHksbWVzc2FnZXMmY29tbWl0PWZhbHNlJmN1cnJlbmN5PVVTRCIsImF0dHJzIjp7ImRhdGEtcGFydG5lci1hdHRyaWJ1dGlvbi1pZCI6Ildvb1RoZW1lc19FQyIsImRhdGEtdWlkIjoidWlkX2d3YWtlc21kaGZ2YWt3eWxudWN6cmJwbHpkdGh4ZSJ9fQ&env=production&version=1.24.1&deviceID=uid_fb500c8ef8_mje6mju6mtg&sessionID=uid_7133086101_mje6mju6mtg&scriptUID=uid_gwakesmdhfvakwylnuczrbplzdthxe&pp_debug=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 368, 368
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-gcoQ5KjrfT0x/nBFhNCIKXh4TPLvdKOOBh5/d4uUDZoEOA0a' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-gcoQ5KjrfT0x/nBFhNCIKXh4TPLvdKOOBh5/d4uUDZoEOA0a' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0, 0
p3p: true
paypal-debug-id: 8ee7b6e07178e
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 112702
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Thu, 08 Jul 2021 21:25:20 GMT
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"1b83e-ey0BfGTBWc9ThNqCboc/rod1x8Y"
expires: Thu, 08 Jul 2021 22:25:17 GMT

GET
H2 200 smart-credit-common@1.24.1.js Show response
www.paypalobjects.com/upstream/bizcomponents/js/versioned/ Frame 7C67 172 KB
57 KB 50ms
50ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/upstream/bizcomponents/js/versioned/smart-credit-common@1.24.1.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

166d3bbfc1bcd5ff1e0ba6b2c0e6d1039c9cd16740351cc46c7a3edd844fceea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 23 Jun 2021 15:50:48 GMT
etag: W/"60d35858-2aefb"
surrogate-control: max-age=31536000
vary: Accept-Encoding
content-type: application/javascript
paypal-debug-id: b7e350dbedbe8
cache-control: public, max-age=3600
strict-transport-security: max-age=31536000
dc: ccg11-origin-www-1.paypal.com
content-length: 58364
expires: Thu, 08 Jul 2021 22:25:20 GMT

GET
H2 200 smart-credit-modal-US@1.24.1.js Show response
www.paypalobjects.com/upstream/bizcomponents/js/versioned/ Frame 7C67 15 KB
5 KB 52ms
51ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/upstream/bizcomponents/js/versioned/smart-credit-modal-US@1.24.1.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

3f3418656e18f07d79584ccbb9e905cf24454ab9e9734a76ad85a79df4f7df82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 21:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 23 Jun 2021 15:50:48 GMT
etag: W/"60d35858-3a09"
surrogate-control: max-age=31536000
vary: Accept-Encoding
content-type: application/javascript
paypal-debug-id: a6649e1bb5e1e
cache-control: public, max-age=3600
strict-transport-security: max-age=31536000
dc: ccg11-origin-www-1.paypal.com
content-length: 4777
expires: Thu, 08 Jul 2021 22:25:20 GMT

GET
DATA 200
OK truncated
/ Frame 7C67 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7C67 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d3295ce01d228de6f1f8d97dcfc7a5b4ba3550985f62ffd21bad2c9b1f67eca

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7C67 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c84e1ed197438fffecc2c6fbe3e7e4fd8f060af2236f3a50e2e16c891c82cf16

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7C67 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame 7C67 891 B
2 KB 219ms
219ms XHR
application/json 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

e8043fcd07e38bbd2f6fedd5bf583b97196ef45b68fe95556f69f9d891c749df

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/credit-presentment/smart/modal?merchant_id=BXYFB5LA635D2&currency=USD&amount=0&client_id=Ae5f1gCMsVQdGHgW-9kVVhylPdkj3DLTOwMMhTFdG8I9LNH8VQfwHopNYUezZlyXGqCMOsgGKMowuMAT&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVFiZ2hZZC03bVJQeWltRXJpWVNjSWdUbllVc0xucjV3Vm5Qbm1mUGFTendLclVlM3FOemZFYzVoWHI5VWNmX0pHX0hGQVpwSk1KWVhNdWsmbWVyY2hhbnQtaWQ9QlhZRkI1TEE2MzVEMiZpbnRlbnQ9Y2FwdHVyZSZsb2NhbGU9ZW5fVVMmY29tcG9uZW50cz1idXR0b25zLGZ1bmRpbmctZWxpZ2liaWxpdHksbWVzc2FnZXMmY29tbWl0PWZhbHNlJmN1cnJlbmN5PVVTRCIsImF0dHJzIjp7ImRhdGEtcGFydG5lci1hdHRyaWJ1dGlvbi1pZCI6Ildvb1RoZW1lc19FQyIsImRhdGEtdWlkIjoidWlkX2d3YWtlc21kaGZ2YWt3eWxudWN6cmJwbHpkdGh4ZSJ9fQ&env=production&version=1.24.1&deviceID=uid_fb500c8ef8_mje6mju6mtg&sessionID=uid_7133086101_mje6mju6mtg&scriptUID=uid_gwakesmdhfvakwylnuczrbplzdthxe&pp_debug=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

x-edgeconnect-origin-mex-latency: 27
date: Thu, 08 Jul 2021 21:25:21 GMT
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 151
etag: W/"37b-FO5yFUcs+O0qIY/iAGzNkjj36B4"
strict-transport-security: max-age=63072000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
paypal-debug-id: e3406fa36bb49
dc: ccg11-origin-www-1.paypal.com
content-length: 891

OPTIONS
H2 204 log
www.paypal.com/credit-presentment/ Frame 0
0 221ms
221ms Preflight 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/credit-presentment/log

Protocol

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://abuserefuge.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-origin: https://abuserefuge.org
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: 95db39d51bd1e
dc: ccg11-origin-www-1.paypal.com
x-edgeconnect-midmile-rtt: 141
x-edgeconnect-origin-mex-latency: 40
date: Thu, 08 Jul 2021 21:25:28 GMT
strict-transport-security: max-age=63072000

POST
H2 400 log Show response
www.paypal.com/credit-presentment/ 12 B
1 KB 321ms
321ms XHR
text/html 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/credit-presentment/log

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

26130482ca65e533a15dd9d55362b10dcd3b674d980e3cedf1daa934489401cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

x-edgeconnect-origin-mex-latency: 112
date: Thu, 08 Jul 2021 21:25:29 GMT
x-edgeconnect-midmile-rtt: 149
etag: W/"c-DecAyDeZTerA9x2xMb4ggkrsBeo"
strict-transport-security: max-age=63072000
content-type: text/html; charset=utf-8
access-control-allow-origin: https://abuserefuge.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
paypal-debug-id: e5f88544065d7
dc: ccg11-origin-www-1.paypal.com
content-length: 12

POST
H2 204 log Show response
www.paypal.com/credit-presentment/ 0
1 KB 274ms
274ms XHR
text/plain 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/credit-presentment/log

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://abuserefuge.org/product/donate-any-amount
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

paypal-related-debug-ids
date: Thu, 08 Jul 2021 21:25:29 GMT
x-edgeconnect-midmile-rtt: 141
strict-transport-security: max-age=63072000
access-control-allow-origin: https://abuserefuge.org
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
paypal-debug-id: 1cbf922619182
dc: ccg11-origin-www-1.paypal.com
x-edgeconnect-origin-mex-latency: 80

OPTIONS
H2 204 log
www.paypal.com/credit-presentment/ Frame 0
0 227ms
226ms Preflight 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/credit-presentment/log

Protocol

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://abuserefuge.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-origin: https://abuserefuge.org
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: e9feba45d578c
dc: ccg11-origin-www-1.paypal.com
x-edgeconnect-midmile-rtt: 144
x-edgeconnect-origin-mex-latency: 42
date: Thu, 08 Jul 2021 21:25:29 GMT
strict-transport-security: max-age=63072000

Verdicts & Comments Add Verdict or Comment

242 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.paypal.com/	1970-01-20 21:54:33	Name: ts Value: vreXpYrS%3D1720473920%26vteXpYrS%3D1625781320%26vr%3D8802b93017a0a78868b82696fe139485%26vt%3D8802b93017a0a78868b82696fe139484%26vtyp%3Dnew
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTYyNTc3OTUyMDA3MyIsImwiOiIwIiwibSI6IjAifQ
.www.paypal.com/	1969-12-31 23:59:59	Name: akavpau_ppsd Value: 1625780120~id=3a77c3ba5903a45168d14f4083964e97
.paypal.com/	1970-01-20 04:21:55	Name: enforce_policy Value: ccpa
.paypal.com/	1970-01-19 19:36:51	Name: LANG Value: en_US%3BUS
.paypal.com/	1970-01-20 21:54:33	Name: ts_c Value: vr%3D8802b93017a0a78868b82696fe139485%26vt%3D8802b93017a0a78868b82696fe139484
.abuserefuge.org/	1970-01-20 13:07:31	Name: _ga_2ZJB24TRF4 Value: GS1.1.1625779517.1.0.1625779517.0
.paypal.com/	1970-01-19 19:36:21	Name: l7_az Value: dcg14.slc
abuserefuge.org/	1970-01-20 04:21:55	Name: cookielawinfo-checkbox-advertisement Value: no
abuserefuge.org/	1970-01-20 04:21:55	Name: cookielawinfo-checkbox-functional Value: no
abuserefuge.org/	1970-01-20 04:21:55	Name: cookielawinfo-checkbox-analytics Value: no
.abuserefuge.org/	1970-01-19 19:36:19	Name: _gat_gtag_UA_199649804_1 Value: 1
.paypal.com/	1970-01-19 19:40:38	Name: tsrce Value: crcpresentmentnodeweb
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3Ap605DFGSqR4iuegwZAUiOVvuXmUt62tM.QgpDSe%2FJmqBb9wrWzE5VTgJXRV5AQcxfnx5A5uNcAB8
.abuserefuge.org/	1970-01-20 13:07:31	Name: _ga Value: GA1.2.1593935874.1625779517
abuserefuge.org/	1970-01-20 04:21:55	Name: cookielawinfo-checkbox-performance Value: no
abuserefuge.org/	1970-01-20 04:21:55	Name: cookielawinfo-checkbox-necessary Value: yes
abuserefuge.org/	1970-01-20 04:21:55	Name: cookielawinfo-checkbox-others Value: no
.abuserefuge.org/	1970-01-19 19:37:45	Name: _gid Value: GA1.2.1093094348.1625779518

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://abuserefuge.org/wp-content/cache/minify/1/a08fb.js(Line 5) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	warning	URL: https://abuserefuge.org/wp-content/cache/minify/1/a08fb.js(Line 2) Message: jQuery.Deferred exception: accounting is not defined ReferenceError: accounting is not defined at woocommerce_nyp_unformat_price (https://abuserefuge.org/wp-content/cache/minify/1/0630d.js:3:443) at new n (https://abuserefuge.org/wp-content/cache/minify/1/0630d.js:3:3454) at HTMLDivElement.<anonymous> (https://abuserefuge.org/wp-content/cache/minify/1/0630d.js:3:1556) at Function.each (https://abuserefuge.org/wp-content/cache/minify/1/a08fb.js:2:2976) at s.fn.init.each (https://abuserefuge.org/wp-content/cache/minify/1/a08fb.js:2:1454) at e.getProducts (https://abuserefuge.org/wp-content/cache/minify/1/0630d.js:3:1471) at e.updateForm (https://abuserefuge.org/wp-content/cache/minify/1/0630d.js:3:1843) at HTMLFormElement.dispatch (https://abuserefuge.org/wp-content/cache/minify/1/a08fb.js:2:43090) at HTMLFormElement.v.handle (https://abuserefuge.org/wp-content/cache/minify/1/a08fb.js:2:41074) at Object.trigger (https://abuserefuge.org/wp-content/cache/minify/1/a08fb.js:2:71513) undefined
console-api	warning	URL: https://abuserefuge.org/wp-content/cache/minify/1/a08fb.js(Line 2) Message: jQuery.Deferred exception: accounting is not defined ReferenceError: accounting is not defined at woocommerce_nyp_unformat_price (https://abuserefuge.org/wp-content/cache/minify/1/0630d.js:3:443) at new n (https://abuserefuge.org/wp-content/cache/minify/1/0630d.js:3:3454) at HTMLDivElement.<anonymous> (https://abuserefuge.org/wp-content/cache/minify/1/0630d.js:3:1556) at Function.each (https://abuserefuge.org/wp-content/cache/minify/1/a08fb.js:2:2976) at s.fn.init.each (https://abuserefuge.org/wp-content/cache/minify/1/a08fb.js:2:1454) at e.getProducts (https://abuserefuge.org/wp-content/cache/minify/1/0630d.js:3:1471) at e.isValid (https://abuserefuge.org/wp-content/cache/minify/1/0630d.js:3:2541) at HTMLDocument.validate (https://abuserefuge.org/wp-content/cache/minify/1/0630d.js:3:6202) at HTMLDocument.dispatch (https://abuserefuge.org/wp-content/cache/minify/1/a08fb.js:2:43090) at HTMLDocument.v.handle (https://abuserefuge.org/wp-content/cache/minify/1/a08fb.js:2:41074) undefined
console-api	log	URL: https://abuserefuge.org/wp-content/cache/minify/1/79709.js(Line 7) Message: YT API init check
console-api	log	URL: https://abuserefuge.org/wp-content/cache/minify/1/79709.js(Line 7) Message: YT API init check
console-api	log	URL: https://abuserefuge.org/wp-content/cache/minify/1/79709.js(Line 7) Message: YT API init check
console-api	log	URL: https://abuserefuge.org/wp-content/cache/minify/1/79709.js(Line 7) Message: YT API init check

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abuserefuge.org
aroemails.com
cdn.printfriendly.com
fonts.googleapis.com
fonts.gstatic.com
key-cdn.printfriendly.com
t.paypal.com
translate.google.com
translate.googleapis.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
104.111.228.123
151.101.65.35
192.185.129.112
192.185.129.69
2a00:1450:4001:803::2003
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:811::2008
2a00:1450:4001:812::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2003
2a02:6ea0:c700::11
2a02:6ea0:c700::4
047c021588391a63990bc9fff83fb33bd10e01280a8638b6ee93b0b6b91ec448
06e2377f9159267ef6d9552435876d2e19a27c036cdddd4ddd55c484d92681f4
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
082b22757dbad8589ea6d4be0c71542a418b59436098fed7b31334b04e155ef0
09363cc7c668ce12683214a9877ae9c068a82dfb8f64111355933c24e7193a98
096c1f5532d651385837c267922db0e4c92724583fed08231f632aa25b9c044c
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0d3295ce01d228de6f1f8d97dcfc7a5b4ba3550985f62ffd21bad2c9b1f67eca
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
15f40b0c47fd35aaa995d60bae6327bb25a0e72f4061fbdcc8f1e9504a5fe77b
164e5e9624054cdd5c8162abfb1c4b76a9697789d85be1c05bf6fb9d6a9d27b0
166d3bbfc1bcd5ff1e0ba6b2c0e6d1039c9cd16740351cc46c7a3edd844fceea
1b08ca4940fbafeb0605ebc2ad8162e6518985408ca24f971ccfa01f6e0456fc
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
232051e7a880eb275df831758140387a45a60b5a3abe686d9c855059ffa1e8fb
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
251c607557e1302862934faeb35d7c9c20cbb64b4abb6a4faed721b71db501f2
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
26130482ca65e533a15dd9d55362b10dcd3b674d980e3cedf1daa934489401cc
27ed77182f4c71f25b824a8b93c88671882425b1f1a144f4fa5ac6e79cf56f4b
2bcffeae4901dd7c6b50296bd0d2d192088e66b1f2463117687b8ccbd805f45f
32325245023daef823fa545ba29fa3eb352aebf5292940e86d676b1b7308ac7e
34e93dc322f9f0ddfaa4b464cd8f0219d8f0a63ed250d032aadf26729b508980
358df2f955233a32a72afde6caa20a2fdaddf382241548ba588e2909f181bb9b
35f911bfa7bd459fdb4c46cdc9509bbffebdd1a17cfcc3bbe4858295d413c3a7
3cdb6cd71514f6416ddd88c9307df1f0b2c4e62257f155ba0ca135d677f2618b
3f3418656e18f07d79584ccbb9e905cf24454ab9e9734a76ad85a79df4f7df82
3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
456d17e807599620215b9ae289e7ac28d91b6571e947d8506b9f91d7d4da2682
47ab84e9fcd7fb12bfc8b7895cecc1dbb81d110f5e3bbd4737cb74d28824643a
487e635a71a05517f48ee0110386a07b4261e9bb207aa1989943ab17f1e6f266
4ba148c397102bdc2398a9e47819cae62aad84dd278afb5b7c8f4ab5bdbadb75
4ca96972c992bed579159cc88beee996344ff45b75635979254997ac8bc9d884
516db4728157c5dea9626143c7ccb01beb5036003bdb99bb1a59aa07400ec6fe
59f8ba1249c637c971cf8162c7734c44ba9dccba4567d0857cbaaac4dd3fad0c
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5f6e30edc55236c54bc309922cbd8f95a9d41447200eaf167f25e30bf6021f98
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c291877cf5d038d0c0add310d75c6962837353a596c7be8611eba0cbd6baff8
6d1db00322f48a2951b7e176aa34dbb5513682d1d3d4759241cb375d665065c0
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6e3452aef46a76d744bfbe2c7460237cd30bd5ef4c3e60229d001650f8355ed9
70443b824fa8e71c4b5f20c495e457ecd648fbe781001f0b688bd7a7c4374fbf
71f85d8adf38bc2c0cd0c6cd81aba1af76c4e0e06906ca65adae770b41e7a346
7311c5381c93b369e9314c203406e8f90038e1b4ba8c61f53d489c9ee9828862
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7604e2c8e1abda7673ee2c62855e5a95c200207e29e52dd4a8c4712e5399f792
77ca2af4ce3f95f3681aa047eb4818eedbc565a63f376356a1910d9a55b40209
7b8774ee42aac08bc5a2e690896b80dc20953e86dc152dc5b344b589df74273e
804c1e6f9dd59975f39e53ca240337227b156ffc94536590eb9a0e94f8ee13c4
832a17ab5d70f4677a719bc750dc796792efc0b70d847dbbbbc167f849568543
839392b626a00e09ce3ec77706959d551de27cca63c559fcd4a6415aef3e722a
8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8
86b95e988bb3d188e92c433b0a30989ecf104d6d3369cf541a4ec7bc0f2b636c
86f5dfb35dd62df1e9bb5c9f3fefa314b63d1fda7a5a905cce87b200299a13eb
87b896abde095f0c70c99b4a4135179e53ba8a95400363fe44bb6c9a3c041d4c
88189ed5390901d5ad68d7b0882db0be715f7411a572a57d0a404eab491f96f5
8acfd07239c4ddc91c090d0a1fc3eb03e4a16b9e21d93de05d361540f09e7905
914cb6fe13efdf97379c1a2910d677144821201ff3f41b67a5a6ddb367e1a27b
95b259e818eb72c1daac60e8142d8012e99c8d28dc29e13212c419cb7cc35037
9956843e6bcd1ca47a15a97ccabeb09d5255c051829af54ad6d3c14bbc096fa2
9c7c023f91428234ca0ea4df1199758686f4dcd04da96ba63571788fb3389c0b
9d1c737186b375d85847d9b1ab964f31c13100bd13d0a4628e10aa18dde94dc9
9dce46f67ab708db59c1dcdf3e94cdba5b615f19577cee8054e9851f870e9b20
a135225095f7cd0044cd2f6d3abb0637519f4dcbe398109753e0b9cbd7ea5cd7
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
acf7ee14fabfcf07018c589fc024f91b22d1beb3d640265082955da4ba13a793
b337b4723a05881b0fdbc54695b0558d288b13ab9d98ff45d091e51d78fd6ed0
b49498d1142de7f2e16afc2cd4250d2ba30c5df4de5d291f51d7cf69727efdbe
b51ea3eba3512f266245bea0678024c9bceb100cb612bcf69c3ff1fdcd5d66d0
b90b56764fde20e9445b9abb5a859d6c1409c948e44c348ecf98dd3384a1d59e
b972ea301334176cbfb61bff2075a920b4c8c66bc49c408918cb3033f3a927f9
ba0f1c39020fc74e08bcc21c41828e830e7b33b141fd3d70616f80dc732c4baf
ba3d37e1c1e284d68692dac4561b57f509bc6fb6b06ab1d631a590d451e067f2
be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae
be7a965349a1143e4f274564a3fa4e340d82dea21f3a06eae9d74b4292a55858
c3d695753f39bbe0a7cee3939cedf5fbe15e5818b377a51fc0f95246c9f12a01
c4bb27e2f2c620b22cda6faab8219f75b4c62c8abc1bedc0b804e082da92b8dd
c6e89e204412eff05c5c0976a8e91604c20cb7a8c12e6d521e910fcac2d8c739
c808f514cd0d2027f5cfaa288c4d63f432308d29fb7b949462770f7ed43b30e6
c84e1ed197438fffecc2c6fbe3e7e4fd8f060af2236f3a50e2e16c891c82cf16
ce20e40718bd79362e7635f6e4ad06b5344b11227beeba3837464fb10436e931
cef2620a0f9fc8f78ce5a1447ef1f2beee7138c592dc1ef101407abf02fd9559
cf7d86d0ef74d75c9803f1d1c8728467a9417d0eef000564083c3334572bea79
d227e8e8dd1e8e18de0048d0a79a03ed0a52132b15a96938d6ba4ce89a8a0e16
d4cd5cee9a33e69e4d2be7ae8cae8c89e5542db931f487e504bfb2ca206d2df8
d64c12a76a61096f3a14aa795d12c3fc0de8e5781ef2e1af3b66517e65d7f00e
d900568f926dc902cfe23e81b70148567c1d3dd0f40b374ccbf14ca1a2014a88
dae75abe452c089207a0148f5c27cd95ce4df37ba6a3f3ceec67d0f32346bb60
dc19e10410939a9e7e64b94f0af97320aee7e9ac2a657655f4240f83fec908f4
dcf6fd9ff30c587eb8ba3a40082cd92514c1f618cbab76d6687590ab2fa05c0b
ddca113f7af1d5d99296bfe6edf61177c152087983a42e0f045ee47e3391721e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71fb01f1b432f96b3c8e4d8848de9674ceb6d0c4408b737ca7e9b51dab94729
e7ddee2594b0f462ef608bbd385a3ab7557b4133780369bb19c675135ec7330f
e8043fcd07e38bbd2f6fedd5bf583b97196ef45b68fe95556f69f9d891c749df
eea7e479b4f717ccac449438640ca8bfb1fdc1c2b01083d3ab9ac688a1ea0e30
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f2b3ceca837510704386710751e5bad264608507db47eaff742ee5ff0a24bf2d
f3d7092e6eb6f3aa0c572e52e061a59cc88a3e9eff581c95c4bd7456800904d0
f90741069b67e8c04f266a9521c99399792e2af9abb3ef84934cf4c680f7e723
fbc9938e7f80cc983bbdfe777b736364fec34f493d20a81f84b5c67b6bc0c24e
fbda7e2fdbe7a1c1ec0f84af57d9fb56b7e3821fe401d8a905c86776c44356d1
fdc75f041e1a3d3d6d3b1d0a632ca0bc76d33d28edb2d8272e33050d0ac6f42f
ff307fcf1e1f8721e4f8e54fa3cf51d28ef46ed27371becf5f394545ab6e5157

abuserefuge.org Open in urlscan Pro 192.185.129.69 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

119 Requests

100 %HTTPS

75 %IPv6

10 Domains

15 Subdomains

16 IPs

2 Countries

2894 kBTransfer

9272 kBSize

19 Cookies

22 Outgoing links

Page URL History

Redirected requests

119 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

abuserefuge.org Open in urlscan Pro
192.185.129.69 Public Scan

Screenshot
Live screenshot

Full Image

119
Requests

100 %
HTTPS

75 %
IPv6

10
Domains

15
Subdomains

16
IPs

2
Countries

2894 kB
Transfer

9272 kB
Size

19
Cookies

119 HTTP transactions
9 data transactions