paypal.intuitionplan.com Open in urlscan Pro
2606:4700::6810:cc2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://paypal.intuitionplan.com/
Effective URL:
https://paypal.intuitionplan.com/order1590749150420
Submission Tags: @phishunt_io
Submission: On April 29 via api (April 29th 2021, 11:09:21 pm UTC) from DE

Summary HTTP 46 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 14 IPs in 4 countries across 11 domains to perform 46 HTTP transactions. The main IP is 2606:4700::6810:cc2, located in United States and belongs to CLOUDFLARENET, US. The main domain is paypal.intuitionplan.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 29th 2021. Valid for: a year.

This is the only time paypal.intuitionplan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 15	2606:4700::68... 2606:4700::6810:cc2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6810:10c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.111.228.123 104.111.228.123	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	18.203.61.226 18.203.61.226	16509 (AMAZON-02) (AMAZON-02)
5	151.101.193.21 151.101.193.21	54113 (FASTLY) (FASTLY)
1	13.224.106.60 13.224.106.60	16509 (AMAZON-02) (AMAZON-02)
3	3.97.223.64 3.97.223.64	16509 (AMAZON-02) (AMAZON-02)
1	23.45.106.90 23.45.106.90	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
2	162.247.243.147 162.247.243.147	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
46	14

15 2606:4700::6810:cc2 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

paypal.intuitionplan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.111.9.35 (United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:10c2 (United States)

ASN13335 (CLOUDFLARENET, US)

images.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.228.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.61.226 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-61-226.eu-west-1.compute.amazonaws.com

track.addevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.193.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.106.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-106-60.mad50.r.cloudfront.net

cdn.funnelytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.97.223.64 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-97-223-64.ca-central-1.compute.amazonaws.com

track-v2.funnelytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.106.90 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-106-90.deploy.static.akamaitechnologies.com

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.147 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	intuitionplan.com 1 redirects paypal.intuitionplan.com	914 KB
8	clickfunnels.com 1 redirects assets.clickfunnels.com images.clickfunnels.com app.clickfunnels.com	7 KB
6	paypal.com www.paypal.com t.paypal.com	25 KB
4	funnelytics.io cdn.funnelytics.io track-v2.funnelytics.io	4 KB
4	gstatic.com fonts.gstatic.com	114 KB
3	paypalobjects.com www.paypalobjects.com	534 KB
3	fontawesome.com use.fontawesome.com	93 KB
2	nr-data.net bam-cell.nr-data.net	1 KB
2	googleapis.com fonts.googleapis.com	3 KB
1	newrelic.com js-agent.newrelic.com	12 KB
1	addevent.com track.addevent.com
46	11

	Domain	Requested by
13	paypal.intuitionplan.com	1 redirects paypal.intuitionplan.com
5	www.paypal.com	www.paypalobjects.com
5	app.clickfunnels.com	paypal.intuitionplan.com
4	fonts.gstatic.com	fonts.googleapis.com
3	track-v2.funnelytics.io	cdn.funnelytics.io
3	www.paypalobjects.com	paypal.intuitionplan.com www.paypal.com
3	use.fontawesome.com	paypal.intuitionplan.com use.fontawesome.com
2	bam-cell.nr-data.net	js-agent.newrelic.com
2	assets.clickfunnels.com	1 redirects paypal.intuitionplan.com
2	fonts.googleapis.com	paypal.intuitionplan.com
1	js-agent.newrelic.com	paypal.intuitionplan.com
1	t.paypal.com	paypal.intuitionplan.com
1	cdn.funnelytics.io	paypal.intuitionplan.com
1	track.addevent.com	paypal.intuitionplan.com
1	images.clickfunnels.com	paypal.intuitionplan.com
46	15

This site contains links to these domains. Also see Links.

Domain
clickfunnels.com
www.hilaryjsturges.com
www.clickfunnels.com

Subject Issuer	Validity	Valid
paypal.intuitionplan.com Cloudflare Inc ECC CA-3	`2021-04-29` - `2022-04-28`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
ssl566619.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-04-06` - `2021-10-13`	6 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2021-04-19` - `2022-01-11`	9 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
addevent.com Amazon	`2021-02-25` - `2022-03-26`	a year	crt.sh
*.funnelytics.io Amazon	`2021-01-06` - `2022-02-03`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-11-18` - `2021-11-22`	a year	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-04-26` - `2022-04-10`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://paypal.intuitionplan.com/order1590749150420
Frame ID: 141E1A9D18C8F078C84EB174E75B7963
Requests: 40 HTTP requests in this frame

Frame: https://www.paypal.com/smart/button?env=production&commit=true&style.size=responsive&style.shape=rect&style.color=blue&style.layout=vertical&style.label=paypal&funding.allowed=credit&funding.disallowed=card%2Cvenmo&domain=paypal.intuitionplan.com&sessionID=fda7197074_mjm6mdk6mda&buttonSessionID=32493df501_mjm6mdk6mda&storageID=37ad882785_mjm6mdk6mda&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ%3D%3D&uid=daebd15a59&version=4&xcomponent=1
Frame ID: 63F7980CFB623A6A60A386B73E52AE30
Requests: 7 HTTP requests in this frame

Frame: data://truncated
Frame ID: 21F3447BDBF198528506580DBD3BA02D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://paypal.intuitionplan.com/ HTTP 302
https://paypal.intuitionplan.com/order1590749150420 Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

ClickFunnels () Expand

Overall confidence: 100%
Detected patterns

env /Clickfunnels/i

Page Statistics

46
Requests

98 %
HTTPS

31 %
IPv6

11
Domains

15
Subdomains

14
IPs

4
Countries

1705 kB
Transfer

5832 kB
Size

4
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://clickfunnels.com/?aff_sub=paused_modal
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.hilaryjsturges.com/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.clickfunnels.com/?aff_sub2=badge&aff_sub=over_limit

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://paypal.intuitionplan.com/ HTTP 302
https://paypal.intuitionplan.com/order1590749150420 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://assets.clickfunnels.com/templates/listhacking-sales/images/arrow-flash-small.gif HTTP 301
https://images.clickfunnels.com/old-public-templates/listhacking-sales/images/arrow-flash-small.gif

46 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request order1590749150420 Show response
paypal.intuitionplan.com/
Redirect Chain

https://paypal.intuitionplan.com/
https://paypal.intuitionplan.com/order1590749150420

124 KB
20 KB

400ms
399ms

Document
text/html

2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paypal.intuitionplan.com/order1590749150420

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

381b8e3dad8bd2f245f51c6559e504aebcab1827a4329796f35389c05bdead0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

:method: GET
:authority: paypal.intuitionplan.com
:scheme: https
:path: /order1590749150420
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=df4fde5ff4285ac8b5dc175d0571d7fd31619737739; __cf_bm=f9cdf459223f14e75ff0cd3b5de38093fce8abd2-1619737739-1800-AQ++aPtkxeoaIOv6WX2tTOlAFU0BZ+K0b2k+7LVlhn6WruYFW6ZcwzYFxJWkPqIGnSXkwLIKlgzk3ri1PUtc0keVULUf5rCi4vXELgTKobQs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 23:08:59 GMT
content-type: text/html; charset=utf-8
cf-ray: 647c32085b384aa4-FRA
access-control-allow-origin: *
cache-control: max-age=60, public, s-maxage=600, r-maxage=10
last-modified: Mon, 07 Dec 2020 00:46:51 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: REVALIDATED
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-request-id: 09c17d993500004aa4b8988000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200 OK
x-content-digest: c5ea797c266c6f4c1549b650e7d86b3c8fb1a15f
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: stale, valid, store
x-request-id: 324b83eb6898d320bba3fe411fdc2f30
x-runtime: 0.568657
server: cloudflare
content-encoding: br

Redirect headers

date: Thu, 29 Apr 2021 23:08:59 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=df4fde5ff4285ac8b5dc175d0571d7fd31619737739; expires=Sat, 29-May-21 23:08:59 GMT; path=/; domain=.paypal.intuitionplan.com; HttpOnly; SameSite=Lax __cf_bm=f9cdf459223f14e75ff0cd3b5de38093fce8abd2-1619737739-1800-AQ++aPtkxeoaIOv6WX2tTOlAFU0BZ+K0b2k+7LVlhn6WruYFW6ZcwzYFxJWkPqIGnSXkwLIKlgzk3ri1PUtc0keVULUf5rCi4vXELgTKobQs; path=/; expires=Thu, 29-Apr-21 23:38:59 GMT; domain=.paypal.intuitionplan.com; HttpOnly; Secure; SameSite=None
location: https://paypal.intuitionplan.com/order1590749150420
cf-ray: 647c320628334aa4-FRA
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
cf-request-id: 09c17d97d900004aa4b2bc3000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pragma: no-cache
status: 302 Found
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 22c9ef2ef98db4569dd70d9ad76424a4
x-runtime: 0.197949
server: cloudflare

GET
H2 200 lander.css
paypal.intuitionplan.com/assets/ 425 KB
64 KB 41ms
40ms Stylesheet
text/css 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paypal.intuitionplan.com/assets/lander.css

Requested by

Host: paypal.intuitionplan.com
URL: https://paypal.intuitionplan.com/order1590749150420

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da352a7b4c5780eb6b96891c48bc403337bb3baaf7ad20674f0311e7988f75fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /assets/lander.css
pragma: no-cache
cookie: __cfduid=df4fde5ff4285ac8b5dc175d0571d7fd31619737739; __cf_bm=f9cdf459223f14e75ff0cd3b5de38093fce8abd2-1619737739-1800-AQ++aPtkxeoaIOv6WX2tTOlAFU0BZ+K0b2k+7LVlhn6WruYFW6ZcwzYFxJWkPqIGnSXkwLIKlgzk3ri1PUtc0keVULUf5rCi4vXELgTKobQs
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: paypal.intuitionplan.com
referer: https://paypal.intuitionplan.com/order1590749150420
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paypal.intuitionplan.com/order1590749150420
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 23:09:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 504
cf-request-id: 09c17d9ace00004aa4839be000000001
last-modified: Thu, 29 Apr 2021 18:15:59 GMT
server: cloudflare
etag: W/"608af7df-6a51b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 647c320aee724aa4-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 29 Apr 2021 23:29:00 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.9.0/css/ 55 KB
14 KB 162ms
52ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Requested by: Host: paypal.intuitionplan.com
URL: https://paypal.intuitionplan.com/order1590749150420
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

Referer: https://paypal.intuitionplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 23:09:00 GMT
content-encoding: gzip
last-modified: Tue, 04 Jun 2019 20:35:33 GMT
server: NetDNA-cache/2.2
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v5.9.0/css/ 26 KB
5 KB 192ms
81ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
Requested by: Host: paypal.intuitionplan.com
URL: https://paypal.intuitionplan.com/order1590749150420
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f

Request headers

Referer: https://paypal.intuitionplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 23:09:00 GMT
content-encoding: gzip
last-modified: Tue, 04 Jun 2019 20:35:35 GMT
server: NetDNA-cache/2.2
etag: W/"e140a7d32f343530f016095df3cc2ae4"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 css
fonts.googleapis.com/ 44 KB
2 KB 15ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

Requested by

Host: paypal.intuitionplan.com
URL: https://paypal.intuitionplan.com/order1590749150420

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6fd89d19383dc52535875138f8cd475a44299c4070a3a35fe7572fbdfc05646d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://paypal.intuitionplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Apr 2021 22:24:31 GMT
server: ESF
date: Thu, 29 Apr 2021 23:08:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Apr 2021 23:08:59 GMT

GET
H2 200 application.js Show response
paypal.intuitionplan.com/assets/userevents/ 5 KB
2 KB 27ms
26ms Script
application/x-javascript 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paypal.intuitionplan.com/assets/userevents/application.js

Requested by

Host: paypal.intuitionplan.com
URL: https://paypal.intuitionplan.com/order1590749150420

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

004e3565fa58bd4ff0cbf31deb5451508a5ec7d46c4480f9bfa23326f187a158

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /assets/userevents/application.js
pragma: no-cache
cookie: __cfduid=df4fde5ff4285ac8b5dc175d0571d7fd31619737739; __cf_bm=f9cdf459223f14e75ff0cd3b5de38093fce8abd2-1619737739-1800-AQ++aPtkxeoaIOv6WX2tTOlAFU0BZ+K0b2k+7LVlhn6WruYFW6ZcwzYFxJWkPqIGnSXkwLIKlgzk3ri1PUtc0keVULUf5rCi4vXELgTKobQs
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: paypal.intuitionplan.com
referer: https://paypal.intuitionplan.com/order1590749150420
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paypal.intuitionplan.com/order1590749150420
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 23:09:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 503
cf-request-id: 09c17d9ace00004aa4913d4000000001
last-modified: Thu, 29 Apr 2021 18:15:59 GMT
server: cloudflare
etag: W/"608af7df-1353"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 647c320aee734aa4-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 29 Apr 2021 23:29:00 GMT

GET
H2 200 cf-logo.png
paypal.intuitionplan.com/funnels/paused-account/ 6 KB
6 KB 138ms
137ms Image
image/png 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paypal.intuitionplan.com/funnels/paused-account/cf-logo.png

Requested by

Host: paypal.intuitionplan.com
URL: https://paypal.intuitionplan.com/order1590749150420

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa64be7e67aeedc05d88ad037251e9ee7ab5a640c3d924e55fb72a498adbf255

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /funnels/paused-account/cf-logo.png
pragma: no-cache
cookie: __cfduid=df4fde5ff4285ac8b5dc175d0571d7fd31619737739; __cf_bm=f9cdf459223f14e75ff0cd3b5de38093fce8abd2-1619737739-1800-AQ++aPtkxeoaIOv6WX2tTOlAFU0BZ+K0b2k+7LVlhn6WruYFW6ZcwzYFxJWkPqIGnSXkwLIKlgzk3ri1PUtc0keVULUf5rCi4vXELgTKobQs
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: paypal.intuitionplan.com
referer: https://paypal.intuitionplan.com/order1590749150420
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paypal.intuitionplan.com/order1590749150420
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 23:09:00 GMT
vary: Accept-Encoding
cf-cache-status: MISS
content-length: 6089
cf-request-id: 09c17d9b9100004aa467129000000001
last-modified: Thu, 29 Apr 2021 18:15:58 GMT
server: cloudflare
etag: "608af7de-17c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 647c320c1feb4aa4-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 200 closemodal.png
assets.clickfunnels.com/images/ 672 B
1 KB 73ms
54ms Image
image/webp 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.clickfunnels.com/images/closemodal.png

Requested by

Host: paypal.intuitionplan.com
URL: https://paypal.intuitionplan.com/order1590749150420

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://paypal.intuitionplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 23:09:00 GMT
vary: Accept, Accept-Encoding
cf-cache-status: HIT
age: 90651
cf-polished: origFmt=png, origSize=788
content-disposition: inline; filename="closemodal.webp"
content-length: 672
cf-request-id: 09c17d9ba300004a9738137000000001
last-modified: Wed, 28 Apr 2021 15:59:58 GMT
server: cloudflare
etag: "6089867e-314"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 30 May 2021 23:09:00 GMT
cache-control: public, max-age=2678400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 647c320c3cd84a97-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
cf-bgj: imgq:100,h2pri,csam-hash

GET
H2

200

arrow-flash-small.gif
images.clickfunnels.com/old-public-templates/listhacking-sales/images/
Redirect Chain

https://assets.clickfunnels.com/templates/listhacking-sales/images/arrow-flash-small.gif
https://images.clickfunnels.com/old-public-templates/listhacking-sales/images/arrow-flash-small.gif

462 B
854 B

41ms
39ms

Image
image/webp

2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.clickfunnels.com/old-public-templates/listhacking-sales/images/arrow-flash-small.gif
Requested by: Host: paypal.intuitionplan.com
URL: https://paypal.intuitionplan.com/order1590749150420
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8312763f657406a0328d9901f05e3c28611700e3408a56a5ec993acdd70f2aa

Request headers

Referer: https://paypal.intuitionplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 23:09:00 GMT
cf-cache-status: HIT
age: 1268692
cf-polished: origFmt=gif, origSize=494
cf-ray: 647c320ccfc1dfdb-FRA
last-modified: Fri, 14 Aug 2015 19:43:23 GMT
content-disposition: inline; filename="arrow-flash-small.webp"
content-length: 462
x-amz-id-2: 6ojUm5zzcmnwRtFhzr4lwKwrvh9BxDlYEz9OoF3uuiY3SRiAWCbgzjMlId7lsmv3zoZiMG2iTtI=
cf-bgj: imgq:100,h2pri,csam-hash
server: cloudflare
etag: "64a7dd71d7bdc6a7200c52ce9b36701a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-amz-request-id: 5HRP0EMS85Q2EA7H
cache-control: public, max-age=2678400
cf-request-id: 09c17d9bfa0000dfdb8813a000000001
accept-ranges: bytes
content-type: image/webp
expires: Sun, 30 May 2021 23:09:00 GMT

Redirect headers

date: Thu, 29 Apr 2021 23:09:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 585811
cf-request-id: 09c17d9ba300004a97ff19c000000001
server: cloudflare
location: https://images.clickfunnels.com/old-public-templates/listhacking-sales/images/arrow-flash-small.gif
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: public, max-age=2678400
access-control-allow-credentials: true
cf-ray: 647c320c3cdd4a97-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 30 May 2021 23:09:00 GMT

GET
H2 200 smartmockups_kem8gjw1.png
paypal.intuitionplan.com/hosted/images/bf/c75e0431c34109803350454bbe97fe/ 520 KB
521 KB 651ms
650ms Image
image/png 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paypal.intuitionplan.com/hosted/images/bf/c75e0431c34109803350454bbe97fe/smartmockups_kem8gjw1.png
Requested by: Host: paypal.intuitionplan.com
URL: https://paypal.intuitionplan.com/order1590749150420
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be285121c77d6ad5dda6c18e1756bdc33a2f4dc371e82f41db6eab526b4a142

Request headers

:path: /hosted/images/bf/c75e0431c34109803350454bbe97fe/smartmockups_kem8gjw1.png
pragma: no-cache
cookie: __cfduid=df4fde5ff4285ac8b5dc175d0571d7fd31619737739; __cf_bm=f9cdf459223f14e75ff0cd3b5de38093fce8abd2-1619737739-1800-AQ++aPtkxeoaIOv6WX2tTOlAFU0BZ+K0b2k+7LVlhn6WruYFW6ZcwzYFxJWkPqIGnSXkwLIKlgzk3ri1PUtc0keVULUf5rCi4vXELgTKobQs
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: paypal.intuitionplan.com
referer: https://paypal.intuitionplan.com/order1590749150420
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paypal.intuitionplan.com/order1590749150420
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 23:09:00 GMT
cf-cache-status: MISS
last-modified: Thu, 03 Sep 2020 11:48:12 GMT
server: cloudflare
x-amz-cf-pop: FRA53-C1
etag: "5715e7abd21170753cae2eb340e5cadd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 647c320c1fed4aa4-FRA
content-length: 532521
cf-request-id: 09c17d9b9100004aa44f95a000000001

GET
H2 200 lomm_review_stars.png
paypal.intuitionplan.com/hosted/images/1f/017600b09311e7961c7520fa79c2e3/ 4 KB
4 KB 40ms
38ms Image
image/png 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paypal.intuitionplan.com/hosted/images/1f/017600b09311e7961c7520fa79c2e3/lomm_review_stars.png
Requested by: Host: paypal.intuitionplan.com
URL: https://paypal.intuitionplan.com/order1590749150420
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 606f8af18837adb36264fe11933e9dbdb49c82a9c3ca183aed00e3f93029c1f0

Request headers

:path: /hosted/images/1f/017600b09311e7961c7520fa79c2e3/lomm_review_stars.png
pragma: no-cache
cookie: __cfduid=df4fde5ff4285ac8b5dc175d0571d7fd31619737739; __cf_bm=f9cdf459223f14e75ff0cd3b5de38093fce8abd2-1619737739-1800-AQ++aPtkxeoaIOv6WX2tTOlAFU0BZ+K0b2k+7LVlhn6WruYFW6ZcwzYFxJWkPqIGnSXkwLIKlgzk3ri1PUtc0keVULUf5rCi4vXELgTKobQs
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: paypal.intuitionplan.com
referer: https://paypal.intuitionplan.com/order1590749150420
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paypal.intuitionplan.com/order1590749150420
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 23:09:00 GMT
cf-cache-status: HIT
age: 5767
cf-polished: origSize=3851
content-length: 3616
cf-request-id: 09c17d9b9100004aa433b42000000001
last-modified: Sat, 14 Oct 2017 03:52:41 GMT
server: cloudflare
etag: "58b52856c7d4e82084bd3996a25ee9f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 647c320c1fee4aa4-FRA
cf-bgj: imgq:85,h2pri,csam-hash

GET
H3-29 200 css
fonts.googleapis.com/ 5 KB
710 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%7CRaleway%7CPlayfair+Display%7CRaleway%7CPlayfair+Display%7CRaleway%7CPlayfair+Display%7CRaleway%7CPlayfair+Display%7C

Requested by

Host: paypal.intuitionplan.com
URL: https://paypal.intuitionplan.com/order1590749150420

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d0c49167525c742d717fa672092074e4c7c24268956225e8dbfc75fa49508148

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://paypal.intuitionplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Apr 2021 23:09:00 GMT
server: ESF
date: Thu, 29 Apr 2021 23:09:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Apr 2021 23:09:00 GMT

GET
H2 200 lander.js Show response
paypal.intuitionplan.com/assets/ 985 KB
274 KB 27ms
27ms Script
application/x-javascript 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paypal.intuitionplan.com/assets/lander.js

Requested by

Host: paypal.intuitionplan.com
URL: https://paypal.intuitionplan.com/order1590749150420

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

253e2d20ce218a7dae54caf35cce8444acb5dda859ece580e8d2756de6a23b59

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /assets/lander.js
pragma: no-cache
cookie: __cfduid=df4fde5ff4285ac8b5dc175d0571d7fd31619737739; __cf_bm=f9cdf459223f14e75ff0cd3b5de38093fce8abd2-1619737739-1800-AQ++aPtkxeoaIOv6WX2tTOlAFU0BZ+K0b2k+7LVlhn6WruYFW6ZcwzYFxJWkPqIGnSXkwLIKlgzk3ri1PUtc0keVULUf5rCi4vXELgTKobQs
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: paypal.intuitionplan.com
referer: https://paypal.intuitionplan.com/order1590749150420
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paypal.intuitionplan.com/order1590749150420
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 23:09:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 503
cf-request-id: 09c17d9b8e00004aa486837000000001
last-modified: Thu, 29 Apr 2021 18:15:59 GMT
server: cloudflare
etag: W/"608af7df-f63c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 647c320c1fe34aa4-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 29 Apr 2021 23:29:00 GMT

GET
H2 200 ClickfunnelsTag.png
paypal.intuitionplan.com/hosted/images/3d/392630953c4119a324492bb1c05778/ 9 KB
9 KB 29ms
28ms Image
image/png 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paypal.intuitionplan.com/hosted/images/3d/392630953c4119a324492bb1c05778/ClickfunnelsTag.png
Requested by: Host: paypal.intuitionplan.com
URL: https://paypal.intuitionplan.com/order1590749150420
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59a24fd9ceda194298ccf0b352fa9acd789bf3fb4c69c01bcdcab44c584d0219

Request headers

:path: /hosted/images/3d/392630953c4119a324492bb1c05778/ClickfunnelsTag.png
pragma: no-cache
cookie: __cfduid=df4fde5ff4285ac8b5dc175d0571d7fd31619737739; __cf_bm=f9cdf459223f14e75ff0cd3b5de38093fce8abd2-1619737739-1800-AQ++aPtkxeoaIOv6WX2tTOlAFU0BZ+K0b2k+7LVlhn6WruYFW6ZcwzYFxJWkPqIGnSXkwLIKlgzk3ri1PUtc0keVULUf5rCi4vXELgTKobQs
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: paypal.intuitionplan.com
referer: https://paypal.intuitionplan.com/order1590749150420
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paypal.intuitionplan.com/order1590749150420
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 23:09:00 GMT
cf-cache-status: HIT
age: 6340
cf-polished: origSize=9030
content-length: 8895
cf-request-id: 09c17d9b9200004aa47c9bd000000001
last-modified: Fri, 03 Jan 2020 17:41:49 GMT
server: cloudflare
etag: "a633777156a5ffeb58c92d3d59fa4e34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
cf-ray: 647c320c1fef4aa4-FRA
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 mailcheck.min.js Show response
app.clickfunnels.com/ 3 KB
1 KB 71ms
45ms Script
application/x-javascript 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/mailcheck.min.js

Requested by

Host: paypal.intuitionplan.com
URL: https://paypal.intuitionplan.com/order1590749150420

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0189e16cf01f8149342c9f2de872cfa73571f2a145a830f18b16154bf1d2982

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://paypal.intuitionplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 23:09:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1622
cf-request-id: 09c17d9baa0000dfdb8abd9000000001
last-modified: Thu, 29 Apr 2021 18:15:58 GMT
server: cloudflare
etag: W/"608af7de-a8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 647c320c4f58dfdb-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 200 checkout.js Show response
www.paypalobjects.com/api/ 1 MB
231 KB 172ms
57ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/api/checkout.js

Requested by

Host: paypal.intuitionplan.com
URL: https://paypal.intuitionplan.com/order1590749150420

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

35c6497ea4f4c90cdc7a18e6afe990690a46c9f1fa327e18fa163f7d03ab8034

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://paypal.intuitionplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 23:09:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
surrogate-control: max-age=31536000
paypal-debug-id: 7ff0af748e8a9
dc: phx-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 235891
last-modified: Wed, 07 Apr 2021 20:34:12 GMT
etag: W/"606e1744-165bad"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-headers: x-csrf-token
expires: Fri, 30 Apr 2021 23:09:00 GMT

GET
H2 200 pushcrew.js Show response
app.clickfunnels.com/assets/ 637 B
1 KB 70ms
44ms Script
application/x-javascript 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/assets/pushcrew.js

Requested by

Host: paypal.intuitionplan.com
URL: https://paypal.intuitionplan.com/order1590749150420

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://paypal.intuitionplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 23:09:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 274
cf-request-id: 09c17d9baa0000dfdb70b04000000001
last-modified: Thu, 29 Apr 2021 18:15:58 GMT
server: cloudflare
etag: W/"608af7de-27d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
access-control-allow-credentials: true
cf-ray: 647c320c4f59dfdb-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 29 Apr 2021 23:29:00 GMT

GET
H2 200 name2.png
paypal.intuitionplan.com/images/ 3 KB
3 KB 133ms
132ms Image
image/png 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paypal.intuitionplan.com/images/name2.png

Requested by

Host: paypal.intuitionplan.com
URL: https://paypal.intuitionplan.com/assets/lander.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a09b81cb4895ab6fb00240f7d6b6061bd62ee55b41558591543ebe50809306b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /images/name2.png
pragma: no-cache
cookie: __cfduid=df4fde5ff4285ac8b5dc175d0571d7fd31619737739; __cf_bm=f9cdf459223f14e75ff0cd3b5de38093fce8abd2-1619737739-1800-AQ++aPtkxeoaIOv6WX2tTOlAFU0BZ+K0b2k+7LVlhn6WruYFW6ZcwzYFxJWkPqIGnSXkwLIKlgzk3ri1PUtc0keVULUf5rCi4vXELgTKobQs
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: paypal.intuitionplan.com
referer: https://paypal.intuitionplan.com/assets/lander.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paypal.intuitionplan.com/assets/lander.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 23:09:00 GMT
vary: Accept-Encoding
cf-cache-status: MISS
content-length: 3142
cf-request-id: 09c17d9b9c00004aa4b53ee000000001
last-modified: Thu, 29 Apr 2021 18:15:58 GMT
server: cloudflare
etag: "608af7de-c46"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2678400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 647c320c280a4aa4-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 30 May 2021 23:09:00 GMT

GET
H2 200 email2.png
paypal.intuitionplan.com/images/ 3 KB
3 KB 137ms
137ms Image
image/png 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://paypal.intuitionplan.com/images/email2.png

Requested by

Host: paypal.intuitionplan.com
URL: https://paypal.intuitionplan.com/assets/lander.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3406f6cc630164b707537cf074683c31484bec5fe17cb45de959bae16695b89

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /images/email2.png
pragma: no-cache
cookie: __cfduid=df4fde5ff4285ac8b5dc175d0571d7fd31619737739; __cf_bm=f9cdf459223f14e75ff0cd3b5de38093fce8abd2-1619737739-1800-AQ++aPtkxeoaIOv6WX2tTOlAFU0BZ+K0b2k+7LVlhn6WruYFW6ZcwzYFxJWkPqIGnSXkwLIKlgzk3ri1PUtc0keVULUf5rCi4vXELgTKobQs
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: paypal.intuitionplan.com
referer: https://paypal.intuitionplan.com/assets/lander.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paypal.intuitionplan.com/assets/lander.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 23:09:00 GMT
vary: Accept-Encoding
cf-cache-status: MISS
content-length: 3200
cf-request-id: 09c17d9b9d00004aa4311e5000000001
last-modified: Thu, 29 Apr 2021 18:15:58 GMT
server: cloudflare
etag: "608af7de-c80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=2678400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 647c320c280c4aa4-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 30 May 2021 23:09:00 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v19/ 46 KB
46 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v19/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paypal.intuitionplan.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:37:32 GMT
server: sffe
age: 75958
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47272
x-xss-protection: 0
expires: Fri, 29 Apr 2022 02:03:02 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.9.0/webfonts/ 74 KB
74 KB 156ms
52ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

Origin: https://paypal.intuitionplan.com
Referer: https://use.fontawesome.com/releases/v5.9.0/css/all.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 23:09:00 GMT
last-modified: Tue, 04 Jun 2019 20:34:47 GMT
server: NetDNA-cache/2.2
etag: "b5cf8ae26748570d8fb95a47f46b69e1"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 75440

GET
H3-29 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 19ms
18ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%7CRaleway%7CPlayfair+Display%7CRaleway%7CPlayfair+Display%7CRaleway%7CPlayfair+Display%7CRaleway%7CPlayfair+Display%7C

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paypal.intuitionplan.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:52 GMT
server: sffe
age: 392722
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19172
x-xss-protection: 0
expires: Mon, 25 Apr 2022 10:03:38 GMT

GET
H3-29 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
fonts.gstatic.com/s/raleway/v19/ 21 KB
21 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v19/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d94fd1a3793df0abe10fb36e59825864e1ec9623496e1e04c9cca624be01394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paypal.intuitionplan.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 23:35:07 GMT
server: sffe
age: 392722
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21028
x-xss-protection: 0
expires: Mon, 25 Apr 2022 10:03:38 GMT

GET
H3-29 200 nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2
fonts.gstatic.com/s/playfairdisplay/v22/ 28 KB
28 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v22/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5348e4d76366efc13f2bcb5a5ce138e581e90d570a09d0ec66a8cab4920be6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paypal.intuitionplan.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:41:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 20:30:38 GMT
server: sffe
age: 84439
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28568
x-xss-protection: 0
expires: Thu, 28 Apr 2022 23:41:41 GMT

GET
H2 200 vendor.js Show response
paypal.intuitionplan.com/ 18 KB
5 KB 162ms
162ms Script
application/javascript 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paypal.intuitionplan.com/vendor.js

Requested by

Host: paypal.intuitionplan.com
URL: https://paypal.intuitionplan.com/order1590749150420

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

:path: /vendor.js
pragma: no-cache
cookie: __cfduid=df4fde5ff4285ac8b5dc175d0571d7fd31619737739; __cf_bm=f9cdf459223f14e75ff0cd3b5de38093fce8abd2-1619737739-1800-AQ++aPtkxeoaIOv6WX2tTOlAFU0BZ+K0b2k+7LVlhn6WruYFW6ZcwzYFxJWkPqIGnSXkwLIKlgzk3ri1PUtc0keVULUf5rCi4vXELgTKobQs
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: paypal.intuitionplan.com
referer: https://paypal.intuitionplan.com/order1590749150420
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paypal.intuitionplan.com/order1590749150420
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 23:09:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 200 OK
cf-request-id: 09c17d9c9f00004aa4a397e000000001
x-request-id: abd14ae3deb3a26832d098f6b2b034cc
x-runtime: 0.014439
x-content-digest: 581e49c9b7bdd06dab54c00931f4256b223e620e
server: cloudflare
x-frame-options: ALLOWALL
etag: W/"7422e50efbaea439fda7ef3b0eb54ee1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, public
access-control-allow-credentials: true
cf-ray: 647c320dca324aa4-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: stale, valid, store

GET
H/1.1 200
OK /
track.addevent.com/atc/ 0
0 283ms
69ms Image
text/html 18.203.61.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=8cbef9c6-0f39-4288-1604-966ef464981b&url=https%3A%2F%2Fpaypal.intuitionplan.com%2Forder1590749150420&cache=1619737740456
Requested by: Host: paypal.intuitionplan.com
URL: https://paypal.intuitionplan.com/order1590749150420
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.61.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-61-226.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paypal.intuitionplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, X-Access-Token
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
5 KB 371ms
250ms Script
application/x-javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=paypal.intuitionplan.com&source=checkoutjs&t=xo&v=4.0.328

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

32fa63f8008fbd2c88a3b98b877bf68fa5c97fbb6c3c61ff8f80ea7adc198f6b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-DWKRvyMSH80MDOSPZ2SKSeT7h4MTrEcUCWjL29135CQFjVT8' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://paypal.intuitionplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-DWKRvyMSH80MDOSPZ2SKSeT7h4MTrEcUCWjL29135CQFjVT8' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS, MISS
paypal-debug-id: 35c2eb83f7513
dc: phx-origin-www-2.paypal.com
vary: Accept-Encoding
content-length: 4415
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4033-HHN, cache-bma1620-BMA
x-timer: S1619737741.656154,VS0,VE218
x-frame-options: SAMEORIGIN
date: Thu, 29 Apr 2021 23:09:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/x-javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
etag: W/"3037-5hlwvQcglV93T/NU2YnRlpmKO7E"
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 track.js Show response
cdn.funnelytics.io/ 9 KB
3 KB 251ms
78ms Script
application/javascript 13.224.106.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.funnelytics.io/track.js
Requested by: Host: paypal.intuitionplan.com
URL: https://paypal.intuitionplan.com/order1590749150420
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.106.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-106-60.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bda277a4ba0af74a71829d0503828c4f976d0c56187bf9dfb4f7c017d99179d2

Request headers

Referer: https://paypal.intuitionplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 19:59:09 GMT
content-encoding: gzip
last-modified: Tue, 08 Dec 2020 16:42:53 GMT
server: AmazonS3
age: 11391
etag: W/"4ae1baef1263c1a5a4d1b46c51016daa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 95f1b7018f5640d0a596bfddfbb25f68.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: 728pERaYhnnRCBzqp1b1wiZ7AmAl2Xxpgy96tth-2iA-SqeJp1727A==

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
331 B 218ms
203ms XHR
text/html 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=ZThUemRJemdQanF0WEIxbU5mbG5FUT09LS1HUzgxM0ZucXBMY1NzWHBtNzA2eDdRPT0%3D--53dbebb4aeb9bd1c51c4163d2ef9cff9b5c18469&page_id=U3JjMFM0WmRCRlduMTkxNmt3a1RyUT09LS1adG9wQXZXQU0zRUZRamd1ZWNzQVBBPT0%3D--62888b969cf30ebce7e695b7fa8213b02a1bc0bd&funnel_step_id=NGNtdy9lUnpHQXQ0UGFSTHNydXZOZz09LS1TV2Y2enRRY3hEVDVxTmNPWllkTTNBPT0%3D--3aa884d7f19334dcaf2a7771c68225832612700d&user_id=eFFvZ2pOMjBkcVg5L2J6NTAyT3pHQT09LS12UVVsVW0wRmppR1hpRjAzTnVnVkp3PT0%3D--187ba2ba7541533705a3605bd033829c25a91323&account_id=VytpU3VLYTh2aEJDWWZDeWxOYzMyUT09LS1Yc3RMM1pTemk0WnErZjJKcFB1WVZRPT0%3D--537f8d31aaef1b5c3f51a359ea99e07841e9500f&page_code=Mzk2NTA0NTc%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::PageviewsCreatedSummary&nonce=041cb6f8-6a93-4c4c-8fe2-7846ceb7357f&url=https%3A%2F%2Fpaypal.intuitionplan.com%2Forder1590749150420

Requested by

Host: paypal.intuitionplan.com
URL: https://paypal.intuitionplan.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Referer: https://paypal.intuitionplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 23:09:00 GMT
access-control-request-method: *
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-origin: *
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
cf-request-id: 09c17d9cfe0000d6c5b416f000000001
x-request-id: 0fb39b3e6fef0ec05cba2ec82377c5cb
x-runtime: 0.050553
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
pragma: no-cache
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 647c320e6cded6c5-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: miss

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
956 B 203ms
190ms XHR
text/html 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=ZThUemRJemdQanF0WEIxbU5mbG5FUT09LS1HUzgxM0ZucXBMY1NzWHBtNzA2eDdRPT0%3D--53dbebb4aeb9bd1c51c4163d2ef9cff9b5c18469&page_id=U3JjMFM0WmRCRlduMTkxNmt3a1RyUT09LS1adG9wQXZXQU0zRUZRamd1ZWNzQVBBPT0%3D--62888b969cf30ebce7e695b7fa8213b02a1bc0bd&funnel_step_id=NGNtdy9lUnpHQXQ0UGFSTHNydXZOZz09LS1TV2Y2enRRY3hEVDVxTmNPWllkTTNBPT0%3D--3aa884d7f19334dcaf2a7771c68225832612700d&user_id=eFFvZ2pOMjBkcVg5L2J6NTAyT3pHQT09LS12UVVsVW0wRmppR1hpRjAzTnVnVkp3PT0%3D--187ba2ba7541533705a3605bd033829c25a91323&account_id=VytpU3VLYTh2aEJDWWZDeWxOYzMyUT09LS1Yc3RMM1pTemk0WnErZjJKcFB1WVZRPT0%3D--537f8d31aaef1b5c3f51a359ea99e07841e9500f&page_code=Mzk2NTA0NTc%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniquePageviewsCreatedSummary&nonce=0a0406d6-87aa-4dae-b398-7fb901227c6c&url=https%3A%2F%2Fpaypal.intuitionplan.com%2Forder1590749150420

Requested by

Host: paypal.intuitionplan.com
URL: https://paypal.intuitionplan.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Referer: https://paypal.intuitionplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 23:09:00 GMT
access-control-request-method: *
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-origin: *
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
cf-request-id: 09c17d9cff0000d6c5a6072000000001
x-request-id: 924d584cda5e283546d00580ce334a11
x-runtime: 0.044175
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
pragma: no-cache
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 647c320e6ce2d6c5-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: miss

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
331 B 209ms
196ms XHR
text/html 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clickfunnels.com/userevents/?funnel_id=ZThUemRJemdQanF0WEIxbU5mbG5FUT09LS1HUzgxM0ZucXBMY1NzWHBtNzA2eDdRPT0%3D--53dbebb4aeb9bd1c51c4163d2ef9cff9b5c18469&page_id=U3JjMFM0WmRCRlduMTkxNmt3a1RyUT09LS1adG9wQXZXQU0zRUZRamd1ZWNzQVBBPT0%3D--62888b969cf30ebce7e695b7fa8213b02a1bc0bd&funnel_step_id=NGNtdy9lUnpHQXQ0UGFSTHNydXZOZz09LS1TV2Y2enRRY3hEVDVxTmNPWllkTTNBPT0%3D--3aa884d7f19334dcaf2a7771c68225832612700d&user_id=eFFvZ2pOMjBkcVg5L2J6NTAyT3pHQT09LS12UVVsVW0wRmppR1hpRjAzTnVnVkp3PT0%3D--187ba2ba7541533705a3605bd033829c25a91323&account_id=VytpU3VLYTh2aEJDWWZDeWxOYzMyUT09LS1Yc3RMM1pTemk0WnErZjJKcFB1WVZRPT0%3D--537f8d31aaef1b5c3f51a359ea99e07841e9500f&page_code=Mzk2NTA0NTc%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniqueVisitorsCreatedSummary&nonce=3e4d7957-9c44-4b90-8f82-2231daa33a8f&url=https%3A%2F%2Fpaypal.intuitionplan.com%2Forder1590749150420

Requested by

Host: paypal.intuitionplan.com
URL: https://paypal.intuitionplan.com/assets/userevents/application.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Referer: https://paypal.intuitionplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 23:09:00 GMT
access-control-request-method: *
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-origin: *
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 202 Accepted
cf-request-id: 09c17d9cfe0000d6c5b7b62000000001
x-request-id: 305266a96a6549eb0dc86f791c095d31
x-runtime: 0.052870
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/html
pragma: no-cache
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 647c320e6ce0d6c5-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: miss

GET
H2 200 button Show response
www.paypal.com/smart/ Frame 63F7 74 KB
16 KB 336ms
335ms Document
text/html 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/button?env=production&commit=true&style.size=responsive&style.shape=rect&style.color=blue&style.layout=vertical&style.label=paypal&funding.allowed=credit&funding.disallowed=card%2Cvenmo&domain=paypal.intuitionplan.com&sessionID=fda7197074_mjm6mdk6mda&buttonSessionID=32493df501_mjm6mdk6mda&storageID=37ad882785_mjm6mdk6mda&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ%3D%3D&uid=daebd15a59&version=4&xcomponent=1

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

957481ada77f9a98c5076eb07b44ddbfbe7aec70fd155a03350cf1fd692c239d

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.paypal.com
:scheme: https
:path: /smart/button?env=production&commit=true&style.size=responsive&style.shape=rect&style.color=blue&style.layout=vertical&style.label=paypal&funding.allowed=credit&funding.disallowed=card%2Cvenmo&domain=paypal.intuitionplan.com&sessionID=fda7197074_mjm6mdk6mda&buttonSessionID=32493df501_mjm6mdk6mda&storageID=37ad882785_mjm6mdk6mda&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ%3D%3D&uid=daebd15a59&version=4&xcomponent=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paypal.intuitionplan.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://paypal.intuitionplan.com/

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
p3p: true
paypal-debug-id: 9d1b5aa9ec8a5
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Fri, 30 Apr 2021 07:54:56 GMT; HttpOnly; Secure; SameSite=None tsrce=smartcomponentnodeweb; Domain=.paypal.com; Path=/; Expires=Sun, 02 May 2021 23:09:00 GMT; HttpOnly; Secure; SameSite=None l7_az=dcg13.slc; Path=/; Domain=paypal.com; Expires=Thu, 29 Apr 2021 23:39:00 GMT; HttpOnly; Secure; SameSite=None ts=vreXpYrS%3D1714432140%26vteXpYrS%3D1619739540%26vr%3D1fe485c81790ad0057eef20ffe59b499%26vt%3D1fe485c81790ad0057eef20ffe59b498%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Sun, 28 Apr 2024 23:09:00 GMT; HttpOnly; Secure; SameSite=None ts_c=vr%3D1fe485c81790ad0057eef20ffe59b499%26vt%3D1fe485c81790ad0057eef20ffe59b498; Path=/; Domain=paypal.com; Expires=Sun, 28 Apr 2024 23:09:00 GMT; Secure; SameSite=None x-cdn=fastly:BMA; Domain=paypal.com; Path=/; Secure
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Thu, 29 Apr 2021 23:09:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11567-HHN, cache-bma1620-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1619737741.656109,VS0,VE304
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 21F3 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3551a75936077de738fa814761a357e4616685f20b8b4c7b80ca565eb6c7b3a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 21F3 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 969120fcfbd39914a5e73208e24420bedd03238c32c53b0ed80a0558658133d4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 21F3 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59f43716cabcb5cf8e918fe857f49e517e41b5eb608e92cb17a2b7e95579ad0d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 272ms
214ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-app-name,x-requested-with
Origin: https://paypal.intuitionplan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-app-name,x-requested-with
access-control-allow-methods: POST
access-control-allow-origin: https://paypal.intuitionplan.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: 71d8236c8108a
x-content-type-options: nosniff
dc: ccg11-origin-www-1.paypal.com
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
date: Thu, 29 Apr 2021 23:09:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4042-HHN, cache-bma1679-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1619737741.751906,VS0,VE185
content-encoding: br
vary: accept-encoding

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 855 B
1 KB 442ms
441ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

848db667fcf73a4c95be6fc4ed7f97061481a246cc732af3674fe590d14319f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

x-app-name: checkoutjs
Referer: https://paypal.intuitionplan.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/json

Response headers

date: Thu, 29 Apr 2021 23:09:01 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: b49095a264af0
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: phx-origin-www-3.paypal.com
x-served-by: cache-hhn4083-HHN, cache-bma1679-BMA
x-timer: S1619737741.993736,VS0,VE386
etag: W/"357-/rmguMg/VPOGyRU4+fXIm6b+Urw"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://paypal.intuitionplan.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0, 0

POST
H2 200 sessions Show response
track-v2.funnelytics.io/ 50 B
261 B 560ms
271ms XHR
application/json 3.97.223.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track-v2.funnelytics.io/sessions
Requested by: Host: cdn.funnelytics.io
URL: https://cdn.funnelytics.io/track.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.97.223.64 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-97-223-64.ca-central-1.compute.amazonaws.com
Software: /
Resource Hash: 54e88fa20bfc082395eda8d788bf56a835ded6026bdd3abb9b87b52984c3c79c

Request headers

Referer: https://paypal.intuitionplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Thu, 29 Apr 2021 23:09:01 GMT
x-amzn-requestid: db1e2ff8-5641-4d72-a18c-44d17440180e
x-amz-apigw-id: ekZmEE7nYosFTpg=
x-amzn-trace-id: Root=1-608b3c8d-65739e2c5c2e31251410ad6e;Sampled=0
content-length: 50
content-type: application/json

GET
H/1.1 200
OK ts
t.paypal.com/ 42 B
814 B 598ms
491ms Image
image/gif 23.45.106.90
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Order%20Page&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1619737740893&g=-120&completeurl=https%3A%2F%2Fpaypal.intuitionplan.com%2Forder1590749150420&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Requested by: Host: paypal.intuitionplan.com
URL: https://paypal.intuitionplan.com/order1590749150420
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.106.90 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-106-90.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.11 /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://paypal.intuitionplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Apr 2021 23:09:01 GMT
Server: akka-http/10.1.11
P3P: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 29 Apr 2021 23:09:01 GMT

GET
DATA 200
OK truncated
/ Frame 63F7 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3551a75936077de738fa814761a357e4616685f20b8b4c7b80ca565eb6c7b3a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 63F7 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 969120fcfbd39914a5e73208e24420bedd03238c32c53b0ed80a0558658133d4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 63F7 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59f43716cabcb5cf8e918fe857f49e517e41b5eb608e92cb17a2b7e95579ad0d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 checkout.js Show response
www.paypalobjects.com/api/ Frame 63F7 1 MB
231 KB 58ms
58ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/api/checkout.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/button?env=production&commit=true&style.size=responsive&style.shape=rect&style.color=blue&style.layout=vertical&style.label=paypal&funding.allowed=credit&funding.disallowed=card%2Cvenmo&domain=paypal.intuitionplan.com&sessionID=fda7197074_mjm6mdk6mda&buttonSessionID=32493df501_mjm6mdk6mda&storageID=37ad882785_mjm6mdk6mda&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ%3D%3D&uid=daebd15a59&version=4&xcomponent=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

35c6497ea4f4c90cdc7a18e6afe990690a46c9f1fa327e18fa163f7d03ab8034

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 23:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
surrogate-control: max-age=31536000
paypal-debug-id: 7ff0af748e8a9
dc: phx-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 235891
last-modified: Wed, 07 Apr 2021 20:34:12 GMT
etag: W/"606e1744-165bad"
strict-transport-security: max-age=31536000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-headers: x-csrf-token
expires: Fri, 30 Apr 2021 23:09:01 GMT

GET
H2 200 button.js Show response
www.paypalobjects.com/api/xo/ Frame 63F7 404 KB
72 KB 85ms
85ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/api/xo/button.js?date=2021-3-29

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

dc2cb18bb30c55d562fe97d816aec43d84cba990bac52d10b64569515e87761e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 23:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 20:43:17 GMT
etag: W/"606f6ae5-64f15"
surrogate-control: max-age=31536000
vary: Accept-Encoding
content-type: application/javascript
paypal-debug-id: 8d67faf8d7e40
cache-control: public, max-age=86400
strict-transport-security: max-age=31536000
dc: ccg11-origin-www-1.paypal.com
content-length: 72755
expires: Fri, 30 Apr 2021 23:09:01 GMT

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame 63F7 866 B
1 KB 204ms
204ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4308fd31aaf8d86e7b64b4e0a5c8fab039b6037d8c4a4510b24333716d27b7cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

x-app-name: checkoutjs
Referer: https://www.paypal.com/smart/button?env=production&commit=true&style.size=responsive&style.shape=rect&style.color=blue&style.layout=vertical&style.label=paypal&funding.allowed=credit&funding.disallowed=card%2Cvenmo&domain=paypal.intuitionplan.com&sessionID=fda7197074_mjm6mdk6mda&buttonSessionID=32493df501_mjm6mdk6mda&storageID=37ad882785_mjm6mdk6mda&locale.x=en_US&logLevel=warn&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWxvYmplY3RzLmNvbS9hcGkvY2hlY2tvdXQuanMifQ%3D%3D&uid=daebd15a59&version=4&xcomponent=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/json

Response headers

date: Thu, 29 Apr 2021 23:09:01 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: ca0008a455fda
strict-transport-security: max-age=63072000; includeSubDomains; preload
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn4066-HHN, cache-bma1620-BMA
x-timer: S1619737741.172839,VS0,VE175
etag: W/"362-eSQHzd0D2YBgG/aEMBWTqeDEIaA"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0, 0

POST
H2 200 steps Show response
track-v2.funnelytics.io/ 47 B
257 B 278ms
277ms XHR
application/json 3.97.223.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track-v2.funnelytics.io/steps
Requested by: Host: cdn.funnelytics.io
URL: https://cdn.funnelytics.io/track.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.97.223.64 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-97-223-64.ca-central-1.compute.amazonaws.com
Software: /
Resource Hash: ed8be6c18da4a90c6d3121c778172ad029efe6aca984eebb030287ca87fb44f3

Request headers

Referer: https://paypal.intuitionplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Thu, 29 Apr 2021 23:09:01 GMT
x-amzn-requestid: bfa5b6a1-c157-4c2b-9ef5-f49172c8c9e2
x-amz-apigw-id: ekZmHGAQYosFQLQ=
x-amzn-trace-id: Root=1-608b3c8d-21a87ca10f6f4fd458743dc6;Sampled=0
content-length: 47
content-type: application/json

GET
H2 200 086cb476-791e-493b-bc0c-75251c6d5b5d Show response
track-v2.funnelytics.io/settings/ 150 B
361 B 183ms
183ms XHR
application/json 3.97.223.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track-v2.funnelytics.io/settings/086cb476-791e-493b-bc0c-75251c6d5b5d
Requested by: Host: cdn.funnelytics.io
URL: https://cdn.funnelytics.io/track.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.97.223.64 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-97-223-64.ca-central-1.compute.amazonaws.com
Software: /
Resource Hash: 7b32261d63ef8b682b2b9924844c319a135be80fde3e9c567bacd6a3c37d4195

Request headers

Referer: https://paypal.intuitionplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 29 Apr 2021 23:09:01 GMT
x-amzn-requestid: 00c3c4b1-3765-4e6e-b2ed-69b1603a8693
x-amz-apigw-id: ekZmHGNV4osFYCw=
x-amzn-trace-id: Root=1-608b3c8d-76b8e335130340ae477fc970;Sampled=0
content-length: 150
content-type: application/json

GET
H2 200 nr-1208.min.js Show response
js-agent.newrelic.com/ 31 KB
12 KB 164ms
54ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1208.min.js
Requested by: Host: paypal.intuitionplan.com
URL: https://paypal.intuitionplan.com/order1590749150420
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f

Request headers

Referer: https://paypal.intuitionplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: RGJXhnJ2IqU3nLrOoxetOoKLCG4kx4sX
content-encoding: gzip
etag: "1a71e4208296f97b465116492f59124d"
x-amz-request-id: DFZCY10K7ZS1T3PF
x-cache: HIT
content-length: 11777
x-amz-id-2: 4+5W1y2tsdHLVv1trzLrts8GoOvSB55FAqeyd5oh0h04+xQ6FJMTonh0u/oFN9jVhWni1XRPJ4c=
x-served-by: cache-hhn4043-HHN
last-modified: Wed, 10 Mar 2021 16:24:28 GMT
server: AmazonS3
x-timer: S1619737742.633256,VS0,VE0
date: Thu, 29 Apr 2021 23:09:01 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1458

GET
H2 200 background.png Show response
paypal.intuitionplan.com/images/ 117 B
645 B 177ms
177ms XHR
text/javascript 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paypal.intuitionplan.com/images/background.png?_unique=0.37444647666092146&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//paypal.intuitionplan.com/order1590749150420&_title=Order%20Page&_key=w3hequvd&_page_key=uilmwjp65wbfekf7&_fid=9256183&_fspos=3&_fvrs=1&_funnel_stat=0&_location=https://paypal.intuitionplan.com/order1590749150420&_referrer=

Requested by

Host: paypal.intuitionplan.com
URL: https://paypal.intuitionplan.com/vendor.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger Enterprise 6.0.7

Resource Hash

8b9ed66e4f87931ae6b26099df8174d45fe1ea5b78a3aebbf687aceeb479a38b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

:path: /images/background.png?_unique=0.37444647666092146&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//paypal.intuitionplan.com/order1590749150420&_title=Order%20Page&_key=w3hequvd&_page_key=uilmwjp65wbfekf7&_fid=9256183&_fspos=3&_fvrs=1&_funnel_stat=0&_location=https://paypal.intuitionplan.com/order1590749150420&_referrer=
pragma: no-cache
cookie: _fs=8d8f7141-25e9-40fe-8f7f-9ab74e2a092e
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: paypal.intuitionplan.com
referer: https://paypal.intuitionplan.com/order1590749150420
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://paypal.intuitionplan.com/order1590749150420
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 23:09:01 GMT
access-control-request-method: *
cf-cache-status: DYNAMIC
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 200 OK
strict-transport-security: max-age=0
content-encoding: br
cf-request-id: 09c17da0bd00004aa4ae1f0000000001
x-request-id: aa98644b6b5ee7717fd74dcddfd1f445
x-runtime: 0.020278
server: cloudflare
x-frame-options: ALLOWALL
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
set-cookie: __cfduid=d12aeda68984c199725fa7fc30356eca11619737741; expires=Sat, 29-May-21 23:09:01 GMT; path=/; domain=.paypal.intuitionplan.com; HttpOnly; SameSite=Lax __cf_bm=c5f6bb900873ca29aead7135ca2e543a8949573c-1619737741-1800-ATYIR4wbAIiyjLgouOItL4b99ALBOrN3nCT5c6Vd3mLzxjv8odmv/vRxK9hvXw8LVDwSj1sCR/Ng8Suiik9du4lexYaFTsHNdQcijZ2JvQbM; path=/; expires=Thu, 29-Apr-21 23:39:01 GMT; domain=.paypal.intuitionplan.com; HttpOnly; Secure; SameSite=None
cf-ray: 647c32146a7e4aa4-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
x-rack-cache: miss

GET
H/1.1 200
OK NRJS-fc902efb332119fff33 Show response
bam-cell.nr-data.net/1/ 57 B
646 B 227ms
166ms Script
text/javascript 162.247.243.147
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1208.49599aa&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2617&ck=1&ref=https://paypal.intuitionplan.com/order1590749150420&ap=574&be=789&fe=2299&dc=1328&perf=%7B%22timing%22:%7B%22of%22:1619737739193,%22n%22:0,%22r%22:0,%22re%22:378,%22f%22:378,%22dn%22:378,%22dne%22:378,%22c%22:378,%22ce%22:378,%22rq%22:379,%22rp%22:778,%22rpe%22:784,%22dl%22:781,%22di%22:1328,%22ds%22:1328,%22de%22:1458,%22dc%22:2299,%22l%22:2299,%22le%22:2408%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=1090&fcp=1090&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1208.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer: https://paypal.intuitionplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 29 Apr 2021 23:09:02 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 647c3216ca9215e4-ARN
cf-request-id: 09c17da242000015e4efbb6000000001
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK NRJS-fc902efb332119fff33 Show response
bam-cell.nr-data.net/events/1/ 24 B
500 B 638ms
638ms XHR
image/gif 162.247.243.147
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/events/1/NRJS-fc902efb332119fff33?a=367981416&v=1208.49599aa&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=12617&ck=1&ref=https://paypal.intuitionplan.com/order1590749150420
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1208.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://paypal.intuitionplan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

Date: Thu, 29 Apr 2021 23:09:12 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://paypal.intuitionplan.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
CF-Ray: 647c3254e82515e4-ARN
Content-Length: 24
cf-request-id: 09c17dc913000015e465079000000001

OPTIONS logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.paypal.com
URL: https://www.paypal.com/xoplatform/logger/api/logger

Verdicts & Comments Add Verdict or Comment

270 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.paypal.com/	1970-01-20 20:13:52	Name: ts_c Value: vr%3D1fe487371790a2d00764a76effffffff%26vt%3D1fe487371790a2d00764a76efffffffe
.paypal.com/	1970-01-20 20:13:52	Name: ts Value: vreXpYrS%3D1714432141%26vteXpYrS%3D1619739541%26vr%3D1fe487371790a2d00764a76effffffff%26vt%3D1fe487371790a2d00764a76efffffffe
.paypal.com/	1970-01-19 17:55:39	Name: l7_az Value: dcg13.slc
.intuitionplan.com/	1970-01-25 20:05:16	Name: _fs Value: 8d8f7141-25e9-40fe-8f7f-9ab74e2a092e

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://paypal.intuitionplan.com/assets/lander.js(Line 112) Message: keen.io could not be loaded

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.clickfunnels.com
assets.clickfunnels.com
bam-cell.nr-data.net
cdn.funnelytics.io
fonts.googleapis.com
fonts.gstatic.com
images.clickfunnels.com
js-agent.newrelic.com
paypal.intuitionplan.com
t.paypal.com
track-v2.funnelytics.io
track.addevent.com
use.fontawesome.com
www.paypal.com
www.paypalobjects.com
www.paypal.com
104.111.228.123
13.224.106.60
151.101.114.110
151.101.193.21
162.247.243.147
18.203.61.226
23.111.9.35
23.45.106.90
2606:4700::6810:10c2
2606:4700::6810:cc2
2a00:1450:4001:801::2003
2a00:1450:4001:828::200a
3.97.223.64
004e3565fa58bd4ff0cbf31deb5451508a5ec7d46c4480f9bfa23326f187a158
0a09b81cb4895ab6fb00240f7d6b6061bd62ee55b41558591543ebe50809306b
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f
1824e38c8fe9b23fb54ed5deafd63f31fcceed673d89111bebc8f05d1aa7b126
1d94fd1a3793df0abe10fb36e59825864e1ec9623496e1e04c9cca624be01394
253e2d20ce218a7dae54caf35cce8444acb5dda859ece580e8d2756de6a23b59
32fa63f8008fbd2c88a3b98b877bf68fa5c97fbb6c3c61ff8f80ea7adc198f6b
35c6497ea4f4c90cdc7a18e6afe990690a46c9f1fa327e18fa163f7d03ab8034
381b8e3dad8bd2f245f51c6559e504aebcab1827a4329796f35389c05bdead0c
4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f
4308fd31aaf8d86e7b64b4e0a5c8fab039b6037d8c4a4510b24333716d27b7cf
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
54e88fa20bfc082395eda8d788bf56a835ded6026bdd3abb9b87b52984c3c79c
59a24fd9ceda194298ccf0b352fa9acd789bf3fb4c69c01bcdcab44c584d0219
59f43716cabcb5cf8e918fe857f49e517e41b5eb608e92cb17a2b7e95579ad0d
5be285121c77d6ad5dda6c18e1756bdc33a2f4dc371e82f41db6eab526b4a142
606f8af18837adb36264fe11933e9dbdb49c82a9c3ca183aed00e3f93029c1f0
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6fd89d19383dc52535875138f8cd475a44299c4070a3a35fe7572fbdfc05646d
7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d
7b32261d63ef8b682b2b9924844c319a135be80fde3e9c567bacd6a3c37d4195
848db667fcf73a4c95be6fc4ed7f97061481a246cc732af3674fe590d14319f9
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
8b9ed66e4f87931ae6b26099df8174d45fe1ea5b78a3aebbf687aceeb479a38b
957481ada77f9a98c5076eb07b44ddbfbe7aec70fd155a03350cf1fd692c239d
969120fcfbd39914a5e73208e24420bedd03238c32c53b0ed80a0558658133d4
9c5348e4d76366efc13f2bcb5a5ce138e581e90d570a09d0ec66a8cab4920be6
bda277a4ba0af74a71829d0503828c4f976d0c56187bf9dfb4f7c017d99179d2
c3551a75936077de738fa814761a357e4616685f20b8b4c7b80ca565eb6c7b3a
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
d0c49167525c742d717fa672092074e4c7c24268956225e8dbfc75fa49508148
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d3406f6cc630164b707537cf074683c31484bec5fe17cb45de959bae16695b89
da352a7b4c5780eb6b96891c48bc403337bb3baaf7ad20674f0311e7988f75fb
dc2cb18bb30c55d562fe97d816aec43d84cba990bac52d10b64569515e87761e
e0189e16cf01f8149342c9f2de872cfa73571f2a145a830f18b16154bf1d2982
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8312763f657406a0328d9901f05e3c28611700e3408a56a5ec993acdd70f2aa
ed8be6c18da4a90c6d3121c778172ad029efe6aca984eebb030287ca87fb44f3
f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422
fa64be7e67aeedc05d88ad037251e9ee7ab5a640c3d924e55fb72a498adbf255

paypal.intuitionplan.com Open in urlscan Pro 2606:4700::6810:cc2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

98 %HTTPS

31 %IPv6

11 Domains

15 Subdomains

14 IPs

4 Countries

1705 kBTransfer

5832 kBSize

4 Cookies

3 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

paypal.intuitionplan.com Open in urlscan Pro
2606:4700::6810:cc2 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

98 %
HTTPS

31 %
IPv6

11
Domains

15
Subdomains

14
IPs

4
Countries

1705 kB
Transfer

5832 kB
Size

4
Cookies

46 HTTP transactions
6 data transactions