Submitted URL: http://em.networkforgood.com/ls/click?upn=VAGGw4zHikj3d-2F5242H3Zrw3p4lSKyWzsL5ds-2BGRHTOqKTbpiVdUkBk8khMcMPTSE-VD_9DDfc6Y-2F...
Effective URL: https://venmo.com/KITSINC
Submission: On May 05 via api from US

Summary

This website contacted 22 IPs in 3 countries across 19 domains to perform 50 HTTP transactions. The main IP is 65.9.73.84, located in United States and belongs to AMAZON-02, US. The main domain is venmo.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on June 18th 2020. Valid for: 2 years.
This is the only time venmo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.123.124 11377 (SENDGRID)
1 65.9.73.84 16509 (AMAZON-02)
1 52.217.131.240 16509 (AMAZON-02)
4 13.225.84.4 16509 (AMAZON-02)
2 2 2a03:2880:f01... 32934 (FACEBOOK)
13 2a03:2880:f01... 32934 (FACEBOOK)
5 2600:9000:215... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
2 52.29.159.59 16509 (AMAZON-02)
2 2a04:4e42:3::645 54113 (FASTLY)
1 65.9.76.79 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:200... 54113 (FASTLY)
2 104.111.228.123 16625 (AKAMAI-AS)
2 34.201.75.101 14618 (AMAZON-AES)
1 1 65.9.73.111 16509 (AMAZON-02)
1 35.81.31.24 16509 (AMAZON-02)
1 2 64.4.245.84 17012 (PAYPAL)
3 23.45.107.81 16625 (AKAMAI-AS)
1 2a02:26f0:120... 20940 (AKAMAI-ASN1)
50 22
Domain Requested by
9 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
5 pics.venmo.com venmo.com
4 d1v6x81qdeozhc.cloudfront.net venmo.com
3 c.paypal.com www.paypalobjects.com
2 api.venmo.com d1v6x81qdeozhc.cloudfront.net
2 www.paypalobjects.com d1v6x81qdeozhc.cloudfront.net
c.paypal.com
2 jssdks.mparticle.com jssdkcdns.mparticle.com
2 www.facebook.com connect.facebook.net
2 identity.mparticle.com jssdkcdns.mparticle.com
2 api.braintreegateway.com d1v6x81qdeozhc.cloudfront.net
2 connect.facebook.net venmo.com
connect.facebook.net
2 www.google-analytics.com venmo.com
www.google-analytics.com
2 graph.facebook.com 2 redirects
1 c6.paypal.com venmo.com
1 dub.stats.paypal.com venmo.com
1 b.stats.paypal.com 1 redirects
1 ssl.kaptcha.com d1v6x81qdeozhc.cloudfront.net
1 assets.braintreegateway.com 1 redirects
1 www.google.de venmo.com
1 www.google.com venmo.com
1 stats.g.doubleclick.net www.google-analytics.com
1 cdn.amplitude.com jssdkcdns.mparticle.com
1 jssdkcdns.mparticle.com venmo.com
1 hello.myfonts.net s3.amazonaws.com
1 scontent-frt3-2.xx.fbcdn.net venmo.com
1 platform-lookaside.fbsbx.com venmo.com
1 s3.amazonaws.com venmo.com
1 venmo.com
1 em.networkforgood.com 1 redirects
50 29

This site contains links to these domains. Also see Links.

Domain
blog.venmo.com
help.venmo.com
Subject Issuer Validity Valid
ops.venmo.com
DigiCert SHA2 Extended Validation Server CA
2020-06-18 -
2022-06-06
2 years crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2
2020-08-04 -
2021-08-09
a year crt.sh
*.cloudfront.net
DigiCert Global CA G2
2021-02-22 -
2022-02-21
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-04-06 -
2021-07-03
3 months crt.sh
pics.venmo.com
Amazon
2020-10-07 -
2021-11-07
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-10 -
2021-08-10
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-04-13 -
2021-07-06
3 months crt.sh
jssdkcdns.mparticle.com
R3
2021-05-01 -
2021-07-30
3 months crt.sh
api.braintreegateway.com
DigiCert SHA2 Extended Validation Server CA
2020-10-19 -
2021-10-26
a year crt.sh
cdn.amplitude.com
Amazon
2020-11-18 -
2021-12-17
a year crt.sh
identity.mparticle.com
Go Daddy Secure Certificate Authority - G2
2019-05-27 -
2021-07-17
2 years crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-04-13 -
2021-07-06
3 months crt.sh
www.google.com
GTS CA 1C3
2021-04-13 -
2021-07-06
3 months crt.sh
www.google.de
GTS CA 1C3
2021-04-13 -
2021-07-06
3 months crt.sh
jssdks.mparticle.com
R3
2021-05-01 -
2021-07-30
3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA
2021-04-28 -
2022-01-11
9 months crt.sh
ssl.kaptcha.com
Thawte TLS RSA CA G1
2019-10-01 -
2021-11-29
2 years crt.sh
b.stats.paypal.com
DigiCert SHA2 High Assurance Server CA
2020-03-13 -
2022-06-03
2 years crt.sh
c.paypal.com
DigiCert SHA2 Extended Validation Server CA
2020-01-09 -
2022-01-13
2 years crt.sh

This page contains 6 frames:

Primary Page: https://venmo.com/KITSINC
Frame ID: 5C621DC3D1F3AEA19EC3A65719C688AD
Requests: 29 HTTP requests in this frame

Frame: https://www.paypalobjects.com/webstatic/r/fb/fb-all-prod.pp.min.js
Frame ID: 18E9FF92BD9FCEF63BA16CE6E4C022D8
Requests: 1 HTTP requests in this frame

Frame: https://ssl.kaptcha.com/logo.htm?m=undefined&s=dac2989de39f473b87c8db13da9d5e07
Frame ID: 44521B1353012E103CFC632AD452E79F
Requests: 1 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=59b824adee499cb8beff951ef757b048&t=1620235945.113&a=14
Frame ID: E480B745BB3F80D629406C0EC10C6947
Requests: 1 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://www.paypalobjects.com/webstatic/r/fb/fb-all-prod.pp.min.js
Frame ID: DE7827F7CCCE5CD783AB9A22EAEA9545
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/v2.1/plugins/like.php?action=like&app_id=180347063770&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35126d88d2244%26domain%3Dvenmo.com%26origin%3Dhttps%253A%252F%252Fvenmo.com%252Ff3e915fea9733cc%26relation%3Dparent.parent&color_scheme=light&container_width=1530&href=https%3A%2F%2Fwww.facebook.com%2Fvenmo&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=The%20pixel%20width%20of%20the%20plugin
Frame ID: 9EB51D4648C3B5FECCB6FA93D2B258BF
Requests: 10 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://em.networkforgood.com/ls/click?upn=VAGGw4zHikj3d-2F5242H3Zrw3p4lSKyWzsL5ds-2BGRHTOqKTbpiVdUkBk8khM... HTTP 302
    https://venmo.com/KITSINC Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i

Page Statistics

50
Requests

100 %
HTTPS

52 %
IPv6

19
Domains

29
Subdomains

22
IPs

3
Countries

705 kB
Transfer

2458 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://em.networkforgood.com/ls/click?upn=VAGGw4zHikj3d-2F5242H3Zrw3p4lSKyWzsL5ds-2BGRHTOqKTbpiVdUkBk8khMcMPTSE-VD_9DDfc6Y-2FP42CqRju14osDUBa45ThG6wiQLMa-2FjwPkNOaLTBSBSL3bEEG-2BU-2FLvqdfgnRr-2FxNd0-2FjsUhleq-2BYijZclVhFZegeOfkj9-2Bl1yP6rPG1FRtJ-2BNzPpG2tNkVy9BqZyQK0sV4aCW7PohtPj15C0O7YY2NWav4Jd-2B6qBy-2BRqkZ9aK2aPjyoH1w0odlxELUgce5UI0oSHu0me0Ps0dYSw0Rr3vPVtKCUVHC7cd6fhEHv90pnQA6SomLu5wZc1aT-2B3pxNXOJ-2FEF-2BXG8NyUjfHdBoCr8JjOhMYZOFXLM1ePLsW9zuPifzrTrWa2Bby7z77ldTU4K62pZuCdF4dTbVBMuvDwNwqmjOpjOKo3l8vo-3D HTTP 302
    https://venmo.com/KITSINC Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://graph.facebook.com/v6.0/1661491327227596/picture?type=large HTTP 302
  • https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=1661491327227596&height=200&width=200&ext=1622827943&hash=AeTeg4_5og_Lf2VIoB4
Request Chain 8
  • https://graph.facebook.com/v6.0/10807403/picture?type=large HTTP 302
  • https://scontent-frt3-2.xx.fbcdn.net/v/t1.30497-1/c59.0.200.200a/p200x200/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=luNWA412uOgAX85pJ1O&_nc_ht=scontent-frt3-2.xx&tp=27&oh=56f74bd7917c89cd907f7dccf77bb48e&oe=60B8B7B9
Request Chain 32
  • https://assets.braintreegateway.com/data/logo.htm?m=undefined&s=dac2989de39f473b87c8db13da9d5e07 HTTP 302
  • https://ssl.kaptcha.com/logo.htm?m=undefined&s=dac2989de39f473b87c8db13da9d5e07
Request Chain 33
  • https://b.stats.paypal.com/counter.cgi?i=127.0.0.1&p=59b824adee499cb8beff951ef757b048&t=1620235945.113&a=14 HTTP 302
  • https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=59b824adee499cb8beff951ef757b048&t=1620235945.113&a=14

50 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request KITSINC
venmo.com/
Redirect Chain
  • http://em.networkforgood.com/ls/click?upn=VAGGw4zHikj3d-2F5242H3Zrw3p4lSKyWzsL5ds-2BGRHTOqKTbpiVdUkBk8khMcMPTSE-VD_9DDfc6Y-2FP42CqRju14osDUBa45ThG6wiQLMa-2FjwPkNOaLTBSBSL3bEEG-2BU-2FLvqdfgnRr-2FxNd...
  • https://venmo.com/KITSINC
23 KB
8 KB
Document
General
Full URL
https://venmo.com/KITSINC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Venmo /
Resource Hash
01bbf23ea6024a19acf21e69a5769c3bb77c0c7e75f86470d955f454d062ded3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
venmo.com
:scheme
https
:path
/KITSINC
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Wed, 05 May 2021 17:32:23 GMT
content-encoding
gzip
set-cookie
v_id=fp01-b6e5f817-517a-44fe-9f1c-3257e4d58786; expires=Mon, 04-May-2026 17:32:23 GMT; Max-Age=157680000; Path=/; secure api_access_token=; expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/ csrftoken2=S4BbVUCDVURadJr7MfZIOlHmqNy77mEP; Domain=.venmo.com; expires=Wed, 04-May-2022 17:32:23 GMT; Max-Age=31449600; Path=/; secure sessionid=8trqdd49igy2jb1ampywyydtubj5gn20; expires=Wed, 05-May-2021 17:57:23 GMT; httponly; Max-Age=1500; Path=/; secure
version
autocut_28439
x-envoy-upstream-service-time
165
x-frame-options
SAMEORIGIN
x-request-id
2786150-1620235943.460-100.96.164.187-1186
strict-transport-security
max-age=31536000 max-age=31536000
server
Venmo
x-xss-protection
1; mode=block
x-content-type-options
nosniff
vary
Cookie,Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
KB3xEKidavQnmYrAJT1Uf02kBBh-CqmVFAtDRr1zoW5Q5NqmFIcxAQ==

Redirect headers

Server
nginx
Date
Wed, 05 May 2021 17:32:22 GMT
Content-Type
text/html; charset=utf-8
Content-Length
48
Connection
keep-alive
Location
https://venmo.com/KITSINC
X-Robots-Tag
noindex, nofollow
MyFontsWebfontsKit.css
s3.amazonaws.com/venmo/avenir-font/
7 KB
8 KB
Stylesheet
General
Full URL
https://s3.amazonaws.com/venmo/avenir-font/MyFontsWebfontsKit.css
Requested by
Host: venmo.com
URL: https://venmo.com/KITSINC
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.131.240 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
9b89d5ba54af3f9fff4fd6bc9defb550c4401054efc9a9a8e10b075d3865d59c

Request headers

Referer
https://venmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 17:32:24 GMT
Last-Modified
Tue, 19 Mar 2013 15:37:19 GMT
Server
AmazonS3
x-amz-request-id
JM3F6HKRRRSNGJGV
ETag
"5dd46fe616ae839d29acc5bd0e614c01"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
7376
x-amz-id-2
smTWd+cCW2e1MjOFe5v3dvEykRMgrYni/aNV74ufND1P/whQh4fpOcNvJ72aS75mwzDHJq1aKew=
j5.min-4567b7b359b8d162d04ebe7ead106971.gz.css
d1v6x81qdeozhc.cloudfront.net/static/css/
73 KB
13 KB
Stylesheet
General
Full URL
https://d1v6x81qdeozhc.cloudfront.net/static/css/j5.min-4567b7b359b8d162d04ebe7ead106971.gz.css
Requested by
Host: venmo.com
URL: https://venmo.com/KITSINC
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-4.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4f8c5f4930c7e5eb891b7b1b565794f4188acae016e654f37cc9d1b5950ad3e0

Request headers

Referer
https://venmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Mar 2021 13:33:54 GMT
Content-Encoding
gzip
Age
5025510
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
13025
Last-Modified
Tue, 15 Jan 2019 19:39:18 GMT
Server
AmazonS3
ETag
"8dfbe1eacfe502d3620b5dce8665f3f0"
x-amz-version-id
EcWXWOSPrYutF12eCHRqh7HZChM_ZpIW
Via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
Cache-Control
max-age=7776000,public
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Type
text/css
X-Amz-Cf-Id
NiedToK9g3NLwY_HQ9WuPTP9ZDzZB8ahTVst2yztnvMWfnnZAm9p3w==
Expires
Sat, 12 Feb 2022 22:56:05 GMT
compiled-venmo-b60e71f59106d6e64f0b7772336093e0.gz.js
d1v6x81qdeozhc.cloudfront.net/static/js/
812 KB
173 KB
Script
General
Full URL
https://d1v6x81qdeozhc.cloudfront.net/static/js/compiled-venmo-b60e71f59106d6e64f0b7772336093e0.gz.js
Requested by
Host: venmo.com
URL: https://venmo.com/KITSINC
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-4.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c221c1836e2611eb0b0bdabdcff890a4ee3fdd1a7df322f3d8566abc822a53ee

Request headers

Referer
https://venmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 10 Feb 2021 10:08:46 GMT
Content-Encoding
gzip
Age
7284218
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
176667
Last-Modified
Fri, 26 Jun 2020 13:45:29 GMT
Server
AmazonS3
ETag
"f2f01cb772cbc73542b8a1592723179b"
x-amz-version-id
p.oGbywAQlnGfflnW.E6JiP9gcJzjtCz
Via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
Cache-Control
max-age=7776000,public
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Type
application/javascript
X-Amz-Cf-Id
yJH33DtL0G8C3W4JNoDbM2U9qsVW7u3ZXMyMmMVO2GqBXzrH1ycEkQ==
Expires
Sat, 12 Feb 2022 22:56:05 GMT
venmo.j5.min-3330e8f8c85725ff5aa076215ac4f256.gz.js
d1v6x81qdeozhc.cloudfront.net/static/js/
221 KB
73 KB
Script
General
Full URL
https://d1v6x81qdeozhc.cloudfront.net/static/js/venmo.j5.min-3330e8f8c85725ff5aa076215ac4f256.gz.js
Requested by
Host: venmo.com
URL: https://venmo.com/KITSINC
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-4.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6bb4bf0dc2530910f0e10d12c7895f505eb0ae24d3db023c02888fe32c094b96

Request headers

Referer
https://venmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Feb 2021 08:47:43 GMT
Content-Encoding
gzip
Age
6165881
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
73983
Last-Modified
Tue, 15 Jan 2019 19:39:19 GMT
Server
AmazonS3
ETag
"f0990e0c8ae2dd2adb4c15617137c73c"
x-amz-version-id
5iBBdCAxppkyD986OylbdSNeWLvOE0Jw
Via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
Cache-Control
max-age=7776000,public
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Type
application/javascript
X-Amz-Cf-Id
osyRbhmgWBTKBMUwJ4lQx1qBFCur3MBiTEMrvMNJ-V7GXjsZdxBRDQ==
Expires
Sat, 12 Feb 2022 22:56:05 GMT
logo@2x-11a8ebcb6d56924e3303b945e27a5445.png
d1v6x81qdeozhc.cloudfront.net/static/assets/j5/
7 KB
8 KB
Image
General
Full URL
https://d1v6x81qdeozhc.cloudfront.net/static/assets/j5/logo@2x-11a8ebcb6d56924e3303b945e27a5445.png
Requested by
Host: venmo.com
URL: https://venmo.com/KITSINC
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-4.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
91b80c3392da79d42bafb5610b232175802b4c91a13a76caef4a6448e57864c6

Request headers

Referer
https://venmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 17 Apr 2021 20:22:53 GMT
Via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
Age
1544971
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
7195
Last-Modified
Mon, 11 Jun 2012 20:20:03 GMT
Server
AmazonS3
ETag
"11a8ebcb6d56924e3303b945e27a5445"
x-amz-version-id
null
Cache-Control
max-age=7776000,public
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Type
image/png
X-Amz-Cf-Id
q1BTbHQYLJCoiqLHFAxeFr82a8msqfo_Zersi8YlaqhLqMTGvn_RhA==
Expires
Sat, 12 Feb 2022 22:56:05 GMT
/
platform-lookaside.fbsbx.com/platform/profilepic/
Redirect Chain
  • https://graph.facebook.com/v6.0/1661491327227596/picture?type=large
  • https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=1661491327227596&height=200&width=200&ext=1622827943&hash=AeTeg4_5og_Lf2VIoB4
11 KB
11 KB
Image
General
Full URL
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=1661491327227596&height=200&width=200&ext=1622827943&hash=AeTeg4_5og_Lf2VIoB4
Requested by
Host: venmo.com
URL: https://venmo.com/KITSINC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ca9a517225af9552ef8b7e75ecd734183150529ce42386faed6afcbfb382c160

Request headers

Referer
https://venmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
2179022052
date
Wed, 05 May 2021 17:32:24 GMT
x-fb-trip-id
686109401
last-modified
Mon, 17 Oct 2016 14:13:55 GMT
x-needle-checksum
369007604
content-type
image/jpeg
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
x-fb-config-version-elb-prod
1091
cross-origin-resource-policy
cross-origin
content-disposition
attachment
x-fb-config-version-olb-prod
1091
content-length
10941

Redirect headers

strict-transport-security
max-age=15552000; preload
access-control-allow-origin
*
x-fb-rev
1003737399
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
Wxk/fqb5yvOY+WEqJp8IRRtce+tO2TUI9FS91E1+ER7PUo+Xyu/P+1stJOeklYuuWsYIla5PIseZtNcicYWiIg==
x-fb-trace-id
GGckuCrCgjU
date
Wed, 05 May 2021 17:32:23 GMT
content-type
image/jpeg
location
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=1661491327227596&height=200&width=200&ext=1622827943&hash=AeTeg4_5og_Lf2VIoB4
x-fb-request-id
ALFGtI1AFMdvS15-7Y3TSuj
cache-control
private, no-cache, no-store, must-revalidate
facebook-api-version
v6.0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
2e5033dd-cd01-456c-80db-32215aad9c88
pics.venmo.com/
3 KB
4 KB
Image
General
Full URL
https://pics.venmo.com/2e5033dd-cd01-456c-80db-32215aad9c88?width=100&height=100&photoVersion=1
Requested by
Host: venmo.com
URL: https://venmo.com/KITSINC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a00:14:2516:3680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ed81f9b4d4d14e7b1f7b0ab172a35494ff28adb0a7e44923eaa2252ba632c2f2

Request headers

Referer
https://venmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 17:32:26 GMT
via
1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Thu, 13 May 2021 00:00:00 GMT", rule-id="MzE5Yzg3MGEtN2YzYS00NDA2LWFlMWMtMzU5NzI5OGZiZTU2"
last-modified
Wed, 05 May 2021 17:06:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"9cc250c2c57337faf88a715595120533"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
3442
x-amz-cf-id
1NNFHV57huH7m8nuxkDYMWt-iuPZ-DbxV_ZZQZpkRNzY7q_qfqHk9g==
be82abe0-57f1-4cb5-9b72-6561046cf4c2
pics.venmo.com/
3 KB
4 KB
Image
General
Full URL
https://pics.venmo.com/be82abe0-57f1-4cb5-9b72-6561046cf4c2?width=100&height=100&photoVersion=2
Requested by
Host: venmo.com
URL: https://venmo.com/KITSINC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a00:14:2516:3680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
59539d57e91fc5f64079c8424ec705270dded1e4396e861fa944a03ad4b5d88b

Request headers

Referer
https://venmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 17:32:26 GMT
via
1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Thu, 13 May 2021 00:00:00 GMT", rule-id="MzE5Yzg3MGEtN2YzYS00NDA2LWFlMWMtMzU5NzI5OGZiZTU2"
last-modified
Wed, 05 May 2021 17:06:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"a6f947e4c834b16a6cb77e0b130ebf5e"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
3477
x-amz-cf-id
Qn1G0lWG3V63tPpDYQfeV2POLHcfo6U0Hxc9if-MViXw_fP680TDJA==
84628273_176159830277856_972693363922829312_n.jpg
scontent-frt3-2.xx.fbcdn.net/v/t1.30497-1/c59.0.200.200a/p200x200/
Redirect Chain
  • https://graph.facebook.com/v6.0/10807403/picture?type=large
  • https://scontent-frt3-2.xx.fbcdn.net/v/t1.30497-1/c59.0.200.200a/p200x200/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=luNWA412uOgAX85pJ1O&_nc_ht=scont...
2 KB
2 KB
Image
General
Full URL
https://scontent-frt3-2.xx.fbcdn.net/v/t1.30497-1/c59.0.200.200a/p200x200/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=luNWA412uOgAX85pJ1O&_nc_ht=scontent-frt3-2.xx&tp=27&oh=56f74bd7917c89cd907f7dccf77bb48e&oe=60B8B7B9
Requested by
Host: venmo.com
URL: https://venmo.com/KITSINC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
78f335c4bb91a0901fa856cde7114285fa2e0a0020d890daabf1569eb93e7f22

Request headers

Referer
https://venmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
674913611
date
Wed, 05 May 2021 17:32:24 GMT
x-fb-trip-id
686109401
last-modified
Mon, 03 Feb 2020 18:53:54 GMT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3168106802
x-fb-config-version-olb-prod
1089
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
2031

Redirect headers

strict-transport-security
max-age=15552000; preload
access-control-allow-origin
*
x-fb-rev
1003737399
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
7bE/n/yZOWBVRcxVz0rRqncYJPmqDvHfoL5VYEn+wMsV1x+nA7jlDafM2Gqr0VSBEbjJKwKpQpWBR8rEkhgmVw==
x-fb-trace-id
Al8bR91AnFJ
date
Wed, 05 May 2021 17:32:24 GMT
content-type
image/jpeg
location
https://scontent-frt3-2.xx.fbcdn.net/v/t1.30497-1/c59.0.200.200a/p200x200/84628273_176159830277856_972693363922829312_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=12b3be&_nc_ohc=luNWA412uOgAX85pJ1O&_nc_ht=scontent-frt3-2.xx&tp=27&oh=56f74bd7917c89cd907f7dccf77bb48e&oe=60B8B7B9
x-fb-request-id
A9gV9eE9wYdryfQ5APHsegJ
cache-control
private, no-cache, no-store, must-revalidate
facebook-api-version
v6.0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
9afd263a-ce77-4804-a811-3a8f75eef04c
pics.venmo.com/
2 KB
3 KB
Image
General
Full URL
https://pics.venmo.com/9afd263a-ce77-4804-a811-3a8f75eef04c?width=100&height=100&photoVersion=1
Requested by
Host: venmo.com
URL: https://venmo.com/KITSINC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a00:14:2516:3680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85460abad01f40eba55eed2533050344360cb9033d3e92f4eaf7241441a205e3

Request headers

Referer
https://venmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 17:32:26 GMT
via
1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Thu, 13 May 2021 00:00:00 GMT", rule-id="MzE5Yzg3MGEtN2YzYS00NDA2LWFlMWMtMzU5NzI5OGZiZTU2"
last-modified
Wed, 05 May 2021 17:06:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"b3c10ee743a6e50d6aaa4b425100ac79"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
2426
x-amz-cf-id
MLIEHueJDxBrO5hMM3zM-djXhgl7jwTSAntLd6Cxe-2XoxE6oALcZw==
da55cbf2-0c8a-47c4-bfc9-13e8d6bc9e4e
pics.venmo.com/
4 KB
4 KB
Image
General
Full URL
https://pics.venmo.com/da55cbf2-0c8a-47c4-bfc9-13e8d6bc9e4e?width=100&height=100&photoVersion=2
Requested by
Host: venmo.com
URL: https://venmo.com/KITSINC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a00:14:2516:3680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
671d6ba0bf327f3c63505e95b42306bb90fe5eb6eb3132946c94a2fb40e1062d

Request headers

Referer
https://venmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 17:32:26 GMT
via
1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Thu, 13 May 2021 00:00:00 GMT", rule-id="MzE5Yzg3MGEtN2YzYS00NDA2LWFlMWMtMzU5NzI5OGZiZTU2"
last-modified
Wed, 05 May 2021 17:06:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"1e17c4affd8f77d6c46deefd3027dd19"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
3814
x-amz-cf-id
WVa2mWcDNV9HUXgNFZ3iaP-bIuNt_DuK65ZpqWxgSrJkgSBJo8LO9Q==
2e5033dd-cd01-456c-80db-32215aad9c88
pics.venmo.com/
23 KB
23 KB
Image
General
Full URL
https://pics.venmo.com/2e5033dd-cd01-456c-80db-32215aad9c88?width=460&height=460&photoVersion=1
Requested by
Host: venmo.com
URL: https://venmo.com/KITSINC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:a00:14:2516:3680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d7680879c5e66d0ba1a22852f5c82f27bf27a47002a009cccee7999cc92a3ba

Request headers

Referer
https://venmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 17:32:26 GMT
via
1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Sun, 09 May 2021 00:00:00 GMT", rule-id="MzE5Yzg3MGEtN2YzYS00NDA2LWFlMWMtMzU5NzI5OGZiZTU2"
last-modified
Sat, 01 May 2021 20:17:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
etag
"7ea684e32db67207f3abe633500e1f27"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
23477
x-amz-cf-id
_Whq3LD3fWrXhFuanIcnR7YCcG1MvDvPkR45nPDbF1VHHRQu-vF1Cw==
264758
hello.myfonts.net/count/
0
301 B
Stylesheet
General
Full URL
https://hello.myfonts.net/count/264758
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/venmo/avenir-font/MyFontsWebfontsKit.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:f449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s3.amazonaws.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 17:32:24 GMT
server
cloudflare
age
1
expect-ct
null
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
64abb53c0deb2bce-FRA
content-length
0
cf-request-id
09df2f998100002bcec0b41000000001
expires
Thu, 05 May 2022 17:32:24 GMT
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: venmo.com
URL: https://venmo.com/KITSINC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://venmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
3932
date
Wed, 05 May 2021 16:26:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Wed, 05 May 2021 18:26:52 GMT
mparticle.js
jssdkcdns.mparticle.com/js/v2/40433222e815b743853a4bb6b7a86058/
191 KB
50 KB
Script
General
Full URL
https://jssdkcdns.mparticle.com/js/v2/40433222e815b743853a4bb6b7a86058/mparticle.js
Requested by
Host: venmo.com
URL: https://venmo.com/KITSINC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
9439c935fb7c9a4f4ba126613dd85ffa9a51a7581c79610892ebc97fa084b1a8

Request headers

Referer
https://venmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 17:32:24 GMT
via
1.1 varnish, 1.1 varnish
age
226
x-origin-name
fastlyshield--shield_ssl_cache_dca12922_DCA
x-cache
HIT, HIT
x-cache-hits
1, 1
content-encoding
gzip
content-length
50814
x-served-by
cache-dca12922-DCA, cache-hhn4036-HHN
server
Kestrel
x-timer
S1620235944.441282,VS0,VE1
vary
Accept, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 05 May 2021 18:28:38 GMT
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: venmo.com
URL: https://venmo.com/KITSINC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9274e1f199a41e0371aa94e2095c2aa4d1e299524590243217fd6ae284babcdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://venmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
xyFhrLhqLQwwrD9a58mroA==
cross-origin-resource-policy
cross-origin
expires
Wed, 05 May 2021 17:52:17 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1780
x-fb-rlafr
0
x-fb-debug
A8zxg/AFL/FTz318WmIY3xigGQdizf6ururjWR9tv+73adzzX4mseyx/LlCPTAsAoJtOARfN9YwOo6T8ttXxHg==
x-fb-trip-id
686109401
x-fb-content-md5
a7a2817fbbb7b973f0efccd8b0291436
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 05 May 2021 17:32:24 GMT
x-frame-options
DENY
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"6b8dd79e7cacd1da146a602319b1eaee"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
configuration
api.braintreegateway.com/merchants/dcz2m2h9dfjptytk/client_api/v1/ Frame
0
0
Preflight
General
Full URL
https://api.braintreegateway.com/merchants/dcz2m2h9dfjptytk/client_api/v1/configuration?tokenizationKey=production_pg6js949_dcz2m2h9dfjptytk&_meta%5BmerchantAppId%5D=venmo.com&_meta%5Bplatform%5D=web&_meta%5BsdkVersion%5D=3.10.0&_meta%5Bsource%5D=client&_meta%5Bintegration%5D=custom&_meta%5BintegrationType%5D=custom&_meta%5BsessionId%5D=621e77bc-8e60-4d4c-b2cf-3145cd0f0d2d&braintreeLibraryVersion=braintree%2Fweb%2F3.10.0&configVersion=3
Protocol
HTTP/1.1
Server
52.29.159.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-159-59.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://venmo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 05 May 2021 17:32:24 GMT
access-control-allow-origin
https://venmo.com
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,DELETE,OPTIONS,PATCH,POST,PUT
access-control-allow-headers
content-type
Content-Length
0
paypal-debug-id
d8ed83be7b324
configuration
api.braintreegateway.com/merchants/dcz2m2h9dfjptytk/client_api/v1/
1 KB
1 KB
XHR
General
Full URL
https://api.braintreegateway.com/merchants/dcz2m2h9dfjptytk/client_api/v1/configuration?tokenizationKey=production_pg6js949_dcz2m2h9dfjptytk&_meta%5BmerchantAppId%5D=venmo.com&_meta%5Bplatform%5D=web&_meta%5BsdkVersion%5D=3.10.0&_meta%5Bsource%5D=client&_meta%5Bintegration%5D=custom&_meta%5BintegrationType%5D=custom&_meta%5BsessionId%5D=621e77bc-8e60-4d4c-b2cf-3145cd0f0d2d&braintreeLibraryVersion=braintree%2Fweb%2F3.10.0&configVersion=3
Requested by
Host: d1v6x81qdeozhc.cloudfront.net
URL: https://d1v6x81qdeozhc.cloudfront.net/static/js/venmo.j5.min-3330e8f8c85725ff5aa076215ac4f256.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.29.159.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-159-59.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
b2b261969c7a0ff998e384e63cb35d99b46fcf38ed666bfb0b9e6881e26ccd29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://venmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 05 May 2021 17:32:24 GMT
content-encoding
gzip
vary
Braintree-Version, Accept-Encoding
Content-Type
application/json
access-control-allow-origin
https://venmo.com
Cache-Control
no-cache, no-store
access-control-allow-credentials
true
paypal-debug-id
beeae44dafc24
strict-transport-security
max-age=31536000; includeSubDomains
braintree-version
2016-10-07
Content-Length
900
collect
www.google-analytics.com/j/
4 B
33 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=940721880&t=pageview&_s=1&dl=https%3A%2F%2Fvenmo.com%2FKITSINC&ul=en-us&de=UTF-8&dt=Venmo%20%7C%20Tige%20Charity&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=931950543&gjid=178314506&cid=879769730.1620235945&tid=UA-15492939-15&_gid=1611269495.1620235945&_r=1&_slc=1&z=1873528235
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://venmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 May 2021 17:32:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://venmo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/
211 KB
62 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=69a1124994a78cd7983c4b1ce82ee29e&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
586c9ca42aca82e57c34d77dd995f7f065943c284b60dc72051bd5ce98a53add
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://venmo.com
Referer
https://venmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
XX95kfZHhl14PEVkBjrYlA==
cross-origin-resource-policy
cross-origin
expires
Thu, 05 May 2022 16:48:25 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
63643
x-fb-rlafr
0
x-fb-debug
9uXouUi9r0K04HUuS/GWSr4M3SUDf58RLnSCKdvOIhsZ2MX67DE+TQEBwPWSzY3byfPsOrwYAPJpqDvMncxd2g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
6abe1a9a69cea2c5cc0ff623cc6043bf
date
Wed, 05 May 2021 17:32:24 GMT
x-frame-options
DENY
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"04dfc6563ba5d513c47bb259257964d4"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
identify
identity.mparticle.com/v1/ Frame
0
0
Preflight
General
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Server
2a04:4e42:3::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-mp-key
Origin
https://venmo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Kestrel
access-control-allow-headers
content-type,x-mp-key
access-control-allow-origin
*
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
accept-ranges
bytes
date
Wed, 05 May 2021 17:32:24 GMT
via
1.1 varnish
age
1259
x-served-by
cache-fra19152-FRA
x-cache
HIT
x-cache-hits
210
x-timer
S1620235945.756559,VS0,VE0
strict-transport-security
max-age=900
amplitude-7.2.1-min.gz.js
cdn.amplitude.com/libs/
59 KB
19 KB
Script
General
Full URL
https://cdn.amplitude.com/libs/amplitude-7.2.1-min.gz.js
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/40433222e815b743853a4bb6b7a86058/mparticle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.76.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e8af1c8306411c684130fcf7d46fa10b1906898bcc781a822e5d4a38ae2cce8

Request headers

Origin
https://venmo.com
Referer
https://venmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 15:36:57 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
9770127
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
19222
access-control-allow-origin
*
last-modified
Tue, 22 Sep 2020 19:51:25 GMT
server
AmazonS3
etag
"e7ee6bc7f428f90fb1b1ed0e94b9f835"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
rtLe8nVXDx8sL7XBGT5sDlFBE.TwGFEn
via
1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
gd4eZ2-UsBwuuyShPoktKnyJFBhSILKEMkuLn_OznhodQfou-UHoQw==
identify
identity.mparticle.com/v1/
175 B
263 B
XHR
General
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/40433222e815b743853a4bb6b7a86058/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e937a7568658868aeca19036426f2553f8f3b06b60a0ccaab6beca7131b6bee6
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

x-mp-key
40433222e815b743853a4bb6b7a86058
Referer
https://venmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 05 May 2021 17:32:24 GMT
content-encoding
gzip
server
Kestrel
x-timer
S1620235945.777137,VS0,VE108
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-fra19152-FRA
vary
Accept-Encoding
x-cache
MISS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
strict-transport-security
max-age=900
accept-ranges
bytes
via
1.1 varnish
x-cache-hits
0
collect
stats.g.doubleclick.net/j/
4 B
84 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-15492939-15&cid=879769730.1620235945&jid=931950543&gjid=178314506&_gid=1611269495.1620235945&_u=IEBAAEAAAAAAAC~&z=672492074
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://venmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 05 May 2021 17:32:24 GMT
content-type
text/plain
access-control-allow-origin
https://venmo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
status
www.facebook.com/x/oauth/
0
0
Fetch
General
Full URL
https://www.facebook.com/x/oauth/status?client_id=180347063770&input_token&origin=1&redirect_uri=https%3A%2F%2Fvenmo.com%2FKITSINC&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=69a1124994a78cd7983c4b1ce82ee29e&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://venmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
4YBkIZ5TzG+hHgzbpneKc5ZYZiAVqkDa7Ry5XwdLK/JqvN/bI2/ha0U7JMCcvHs/3CsRVWslFAb+pTD0mdKuQg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 05 May 2021 17:32:24 GMT
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://venmo.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
108 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-15492939-15&cid=879769730.1620235945&jid=931950543&_u=IEBAAEAAAAAAAC~&z=1898644134
Requested by
Host: venmo.com
URL: https://venmo.com/KITSINC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://venmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 17:32:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-15492939-15&cid=879769730.1620235945&jid=931950543&_u=IEBAAEAAAAAAAC~&z=1898644134
Requested by
Host: venmo.com
URL: https://venmo.com/KITSINC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://venmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 May 2021 17:32:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Events
jssdks.mparticle.com/v2/JS/40433222e815b743853a4bb6b7a86058/
41 B
284 B
XHR
General
Full URL
https://jssdks.mparticle.com/v2/JS/40433222e815b743853a4bb6b7a86058/Events
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/40433222e815b743853a4bb6b7a86058/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
08fef54ac737aee3f2f1131184f3469e82fe904c281696b58febf729e0da1f03

Request headers

Referer
https://venmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 05 May 2021 17:32:24 GMT
content-encoding
gzip
server
Kestrel
x-timer
S1620235945.919993,VS0,VE2
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-served-by
cache-hhn4030-HHN
vary
Accept-Encoding
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
via
1.1 varnish
x-cache-hits
0
Events
jssdks.mparticle.com/v2/JS/40433222e815b743853a4bb6b7a86058/
41 B
128 B
XHR
General
Full URL
https://jssdks.mparticle.com/v2/JS/40433222e815b743853a4bb6b7a86058/Events
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/40433222e815b743853a4bb6b7a86058/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
08fef54ac737aee3f2f1131184f3469e82fe904c281696b58febf729e0da1f03

Request headers

Referer
https://venmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 05 May 2021 17:32:24 GMT
content-encoding
gzip
server
Kestrel
x-timer
S1620235945.919983,VS0,VE2
x-origin-name
7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-served-by
cache-hhn4030-HHN
vary
Accept-Encoding
x-cache
MISS
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
via
1.1 varnish
x-cache-hits
0
fb-all-prod.pp.min.js
www.paypalobjects.com/webstatic/r/fb/ Frame 18E9
57 KB
18 KB
Script
General
Full URL
https://www.paypalobjects.com/webstatic/r/fb/fb-all-prod.pp.min.js
Requested by
Host: d1v6x81qdeozhc.cloudfront.net
URL: https://d1v6x81qdeozhc.cloudfront.net/static/js/venmo.j5.min-3330e8f8c85725ff5aa076215ac4f256.gz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
eb16d80daecb92f5a56606ad94672c3a8aebb683319084407c36b181754aeb83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://venmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 17:32:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 13 Feb 2021 00:30:01 GMT
cache-control
public, max-age=86400
etag
W/"60271d89-e293"
surrogate-control
max-age=31536000
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
paypal-debug-id
ab06f4b7ebeb0
strict-transport-security
max-age=31536000
dc
ccg11-origin-www-1.paypal.com
content-length
18004
expires
Thu, 06 May 2021 17:32:25 GMT
device-data
api.venmo.com/v1/ Frame
0
0
Preflight
General
Full URL
https://api.venmo.com/v1/device-data
Protocol
HTTP/1.1
Server
34.201.75.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-75-101.compute-1.amazonaws.com
Software
Venmo /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,device-id
Origin
https://venmo.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Date
Wed, 05 May 2021 17:32:25 GMT
Content-Length
0
Connection
keep-alive
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization, device-id, device-os, x-csrftoken, venmo-otp-secret
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://venmo.com
access-control-max-age
86400
vary
Accept-Encoding
version
autocut_28439
x-envoy-upstream-service-time
5
x-frame-options
SAMEORIGIN
cache-control
public, no-cache, no-store
strict-transport-security
max-age=31536000
Server
Venmo
Strict-Transport-Security
max-age=31536000
X-Request-Id
804466318-1620235945.473-37.120.156.132-663
device-data
api.venmo.com/v1/
116 B
629 B
XHR
General
Full URL
https://api.venmo.com/v1/device-data
Requested by
Host: d1v6x81qdeozhc.cloudfront.net
URL: https://d1v6x81qdeozhc.cloudfront.net/static/js/compiled-venmo-b60e71f59106d6e64f0b7772336093e0.gz.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.75.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-75-101.compute-1.amazonaws.com
Software
Venmo /
Resource Hash
b02f328ed91e4db96cfa8776ba9fb573337688e21ed6c3c3e3b31e0800f8e021
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

device-id
fp01-b6e5f817-517a-44fe-9f1c-3257e4d58786
Referer
https://venmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 05 May 2021 17:32:25 GMT
content-encoding
gzip
vary
Accept-Encoding
server-request-id
27c0b1eb-a07d-9a18-9347-51ec46819785
x-frame-options
SAMEORIGIN
Connection
keep-alive
Content-Type
application/json
access-control-allow-origin
https://venmo.com
cache-control
public, no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
30
strict-transport-security
max-age=31536000
Content-Length
127
Server
Venmo
logo.htm
ssl.kaptcha.com/ Frame 4452
Redirect Chain
  • https://assets.braintreegateway.com/data/logo.htm?m=undefined&s=dac2989de39f473b87c8db13da9d5e07
  • https://ssl.kaptcha.com/logo.htm?m=undefined&s=dac2989de39f473b87c8db13da9d5e07
41 B
366 B
Document
General
Full URL
https://ssl.kaptcha.com/logo.htm?m=undefined&s=dac2989de39f473b87c8db13da9d5e07
Requested by
Host: d1v6x81qdeozhc.cloudfront.net
URL: https://d1v6x81qdeozhc.cloudfront.net/static/js/venmo.j5.min-3330e8f8c85725ff5aa076215ac4f256.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a09179dd962df38a01440ce2e4748c37bd832fe1ac2f65ad974490a89d63d129

Request headers

Host
ssl.kaptcha.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://venmo.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
about:blank

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache no-store must-revalidate private
Content-Type
text/html
Expires
0
Pragma
no-cache
X-Correlation-Id
4da3fcca-7d57-47a6-b0f9-a28430562bdf
Date
Wed, 05 May 2021 17:32:26 GMT
Content-Length
41

Redirect headers

content-type
text/html
content-length
154
location
https://ssl.kaptcha.com/logo.htm?m=undefined&s=dac2989de39f473b87c8db13da9d5e07
server
nginx
date
Wed, 05 May 2021 17:32:25 GMT
expires
Thu, 06 May 2021 17:32:25 GMT
cache-control
max-age=86400
strict-transport-security
max-age=31536000
x-cache
Miss from cloudfront
via
1.1 bdbb0d922c29917c00cfed799f55e7c2.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
tiFxKftdQVl5M57_SY3Ea_nNEY9tjQcruW3TWo01dtSMhri1BcKduQ==
counter2.cgi
dub.stats.paypal.com/ Frame E480
Redirect Chain
  • https://b.stats.paypal.com/counter.cgi?i=127.0.0.1&p=59b824adee499cb8beff951ef757b048&t=1620235945.113&a=14
  • https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=59b824adee499cb8beff951ef757b048&t=1620235945.113&a=14
42 B
299 B
Image
General
Full URL
https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=59b824adee499cb8beff951ef757b048&t=1620235945.113&a=14
Requested by
Host: venmo.com
URL: https://venmo.com/KITSINC
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software
PayPal-B.Stats/1.0 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer
https://venmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 05 May 2021 17:32:25 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
42
Content-Type
image/jpeg

Redirect headers

Location
https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=59b824adee499cb8beff951ef757b048&t=1620235945.113&a=14
Date
Wed, 05 May 2021 17:32:25 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
0
Content-Type
application/octet-stream
i
c.paypal.com/v1/r/d/ Frame DE78
195 B
1 KB
Document
General
Full URL
https://c.paypal.com/v1/r/d/i?js_src=https://www.paypalobjects.com/webstatic/r/fb/fb-all-prod.pp.min.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webstatic/r/fb/fb-all-prod.pp.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.45.107.81 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-107-81.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1ad6f1b6aaa18a205dc2e58d0f6c09265cc0d12e3b338c01cf7ec76bd047eb2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
c.paypal.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://venmo.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://venmo.com/

Response headers

CORRELATION-ID
73efec31b7eff
Content-Security-Policy-Report-Only
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
Content-Type
text/html;charset=UTF-8
Paypal-Debug-Id
73efec31b7eff
X-Content-Type-Options
nosniff
X-Xss-Protection
1; mode=block
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
164
Cache-Control
no-cache, no-store, must-revalidate
Date
Wed, 05 May 2021 17:32:25 GMT
Connection
keep-alive
fb-all-prod.pp.min.js
www.paypalobjects.com/webstatic/r/fb/ Frame DE78
57 KB
18 KB
Script
General
Full URL
https://www.paypalobjects.com/webstatic/r/fb/fb-all-prod.pp.min.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://www.paypalobjects.com/webstatic/r/fb/fb-all-prod.pp.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
eb16d80daecb92f5a56606ad94672c3a8aebb683319084407c36b181754aeb83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://c.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 17:32:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sat, 13 Feb 2021 00:30:01 GMT
cache-control
public, max-age=86400
etag
W/"60271d89-e293"
surrogate-control
max-age=31536000
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
paypal-debug-id
ab06f4b7ebeb0
strict-transport-security
max-age=31536000
dc
ccg11-origin-www-1.paypal.com
content-length
18004
expires
Thu, 06 May 2021 17:32:25 GMT
p1
c.paypal.com/v1/r/d/b/ Frame DE78
125 B
941 B
XHR
General
Full URL
https://c.paypal.com/v1/r/d/b/p1
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webstatic/r/fb/fb-all-prod.pp.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.45.107.81 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-107-81.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44ffa24411600be56b06052646669c60a3a874e8b8c733492556f6ea738c752e

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://www.paypalobjects.com/webstatic/r/fb/fb-all-prod.pp.min.js
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 05 May 2021 17:32:25 GMT
CORRELATION-ID
76fad663c46c9
P3p
policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
Paypal-Debug-Id
76fad663c46c9
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
application/json
Content-Length
125
p2
c.paypal.com/v1/r/d/b/ Frame DE78
125 B
695 B
XHR
General
Full URL
https://c.paypal.com/v1/r/d/b/p2
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/webstatic/r/fb/fb-all-prod.pp.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.45.107.81 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-107-81.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5820ecb4a4f4a68c3d69513d729fe10e6d5a55aebf837bb7321ac73093a98cd9

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://www.paypalobjects.com/webstatic/r/fb/fb-all-prod.pp.min.js
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 05 May 2021 17:32:25 GMT
CORRELATION-ID
f307aa3fa65a0
P3p
policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
Paypal-Debug-Id
f307aa3fa65a0
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
application/json
Content-Length
125
p3
c6.paypal.com/v1/r/d/b/ Frame DE78
0
266 B
Image
General
Full URL
https://c6.paypal.com/v1/r/d/b/p3?f=59b824adee499cb8beff951ef757b048&s=BRAINTREE_SIGNIN
Requested by
Host: venmo.com
URL: https://venmo.com/KITSINC
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:120:3ac::26cf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 05 May 2021 17:32:25 GMT
CORRELATION-ID
59c9be6c12b50
Paypal-Debug-Id
59c9be6c12b50
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Wed, 05 May 2021 17:32:25 GMT
like.php
www.facebook.com/v2.1/plugins/ Frame 9EB5
84 KB
21 KB
Document
General
Full URL
https://www.facebook.com/v2.1/plugins/like.php?action=like&app_id=180347063770&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35126d88d2244%26domain%3Dvenmo.com%26origin%3Dhttps%253A%252F%252Fvenmo.com%252Ff3e915fea9733cc%26relation%3Dparent.parent&color_scheme=light&container_width=1530&href=https%3A%2F%2Fwww.facebook.com%2Fvenmo&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=The%20pixel%20width%20of%20the%20plugin
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=69a1124994a78cd7983c4b1ce82ee29e&ua=modern_es6
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7fc2ab2f9522f3ec0ef0bf96a2177fc64c7ab4f66020b04a86827008cf81f3dd
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.1/plugins/like.php?action=like&app_id=180347063770&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35126d88d2244%26domain%3Dvenmo.com%26origin%3Dhttps%253A%252F%252Fvenmo.com%252Ff3e915fea9733cc%26relation%3Dparent.parent&color_scheme=light&container_width=1530&href=https%3A%2F%2Fwww.facebook.com%2Fvenmo&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=The%20pixel%20width%20of%20the%20plugin
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://venmo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://venmo.com/

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection
0
strict-transport-security
max-age=15552000; preload
content-encoding
br
facebook-api-version
v3.3
x-content-type-options
nosniff
vary
Accept-Encoding
pragma
no-cache
x-fb-rlafr
0
content-type
text/html; charset="utf-8"
x-fb-debug
YdCfn/aDeQh9H1C1Y3sGqmPKKCIaf3EByk3Z04t7A2AOZQk8XVWAUrFzq99xyj/MMADLO2PUVKrrBLA+w2tGoA==
date
Wed, 05 May 2021 17:32:26 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
mkyYGRzt4i0.css
static.xx.fbcdn.net/rsrc.php/v3/yB/l/0,cross/ Frame 9EB5
15 KB
4 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yB/l/0,cross/mkyYGRzt4i0.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.1/plugins/like.php?action=like&app_id=180347063770&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35126d88d2244%26domain%3Dvenmo.com%26origin%3Dhttps%253A%252F%252Fvenmo.com%252Ff3e915fea9733cc%26relation%3Dparent.parent&color_scheme=light&container_width=1530&href=https%3A%2F%2Fwww.facebook.com%2Fvenmo&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=The%20pixel%20width%20of%20the%20plugin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0d632ecead4b6fc79c491dc9a0a8f4593297a672c87cbbf2d2a259141ae2e2e0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 17:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
XaydGV3HWGq7KJ2iKHN99A==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
3874
x-fb-rlafr
0
x-fb-debug
BIAJdZZQHmPtmz8kBJppQV8X+tHUN2MoeXisA8oeaJgZ9V8NbDiPG/9PPtf1w70MZfevm3T1lvd5zdPLOuiMkA==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 05 May 2022 16:23:53 GMT
x6yfWGi7Xz3.js
static.xx.fbcdn.net/rsrc.php/v3/yk/r/ Frame 9EB5
292 KB
79 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/x6yfWGi7Xz3.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.1/plugins/like.php?action=like&app_id=180347063770&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35126d88d2244%26domain%3Dvenmo.com%26origin%3Dhttps%253A%252F%252Fvenmo.com%252Ff3e915fea9733cc%26relation%3Dparent.parent&color_scheme=light&container_width=1530&href=https%3A%2F%2Fwww.facebook.com%2Fvenmo&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=The%20pixel%20width%20of%20the%20plugin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a3c14c8e40db5e5989d6936fb50403b8e69c7d7d1e9f06d2574294281caaf914
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 17:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
9MjXTDEmpqVSECkHXO2RvQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
81150
x-fb-rlafr
0
x-fb-debug
I3JQv+frvidRrrGQe5VxrmbOTTIvU9w7ODnCEw/FgqG/IVeTqXJeV4NPk38NBXz2wuvIHeMIJ8UrfOZRoRlkBA==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 05 May 2022 05:43:44 GMT
IEOQM8FL8ot.js
static.xx.fbcdn.net/rsrc.php/v3/yr/r/ Frame 9EB5
5 KB
2 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yr/r/IEOQM8FL8ot.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.1/plugins/like.php?action=like&app_id=180347063770&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35126d88d2244%26domain%3Dvenmo.com%26origin%3Dhttps%253A%252F%252Fvenmo.com%252Ff3e915fea9733cc%26relation%3Dparent.parent&color_scheme=light&container_width=1530&href=https%3A%2F%2Fwww.facebook.com%2Fvenmo&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=The%20pixel%20width%20of%20the%20plugin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
908edfa9f7ec9fd5cb6b2159b5cb305d9c2c88601c8bf00a23bb0e96fcea1e21
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 17:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mrvV7Xg6Liq29ANLrbPdkw==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1630
x-fb-rlafr
0
x-fb-debug
QePWgOR4QPxGa28qH9Q4/0l/BD7NyJwKifRqUqq7MDVOmIT2h7otMSbAb0R1cNzwpSFk5eRq8vAi8U/8NGrbMA==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 29 Apr 2022 15:34:39 GMT
4Nr-nMKh0ep.js
static.xx.fbcdn.net/rsrc.php/v3/yB/r/ Frame 9EB5
102 KB
31 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yB/r/4Nr-nMKh0ep.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.1/plugins/like.php?action=like&app_id=180347063770&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35126d88d2244%26domain%3Dvenmo.com%26origin%3Dhttps%253A%252F%252Fvenmo.com%252Ff3e915fea9733cc%26relation%3Dparent.parent&color_scheme=light&container_width=1530&href=https%3A%2F%2Fwww.facebook.com%2Fvenmo&layout=button_count&locale=en_US&sdk=joey&send=false&show_faces=false&width=The%20pixel%20width%20of%20the%20plugin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
31d53a0f4b86221c12d035d0e9aa9d15d5cf02bdc9af1708074e689ce814053d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 17:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
vWPuxEA4z5Qua5JWE2x3ww==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
31046
x-fb-rlafr
0
x-fb-debug
UTHZm6KQ9E7QjsNQoLWlnsQselhiE52haJPDB4CC2DNl9Axi2Vm0RcPpJwQR1VzwB1VfLJ8dCjo23MTjEtebDQ==
x-fb-trip-id
686109401
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 03 May 2022 18:41:47 GMT
8hisAHYLoYO.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yM/l/en_US/ Frame 9EB5
105 KB
28 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yM/l/en_US/8hisAHYLoYO.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/x6yfWGi7Xz3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2763331f28e38140a0ea5f64a8a27591df0ac8793e3b2a8deb38ab0dfa286626
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 17:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
QcguboJoY7VVgjV46RTj8Q==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
28507
x-fb-rlafr
0
x-fb-debug
p/vXmSJo9lGHfigmBlNh/+R5xWvDvkj6h44JkQl2MqB7QS48/z4+zBSwEO66GPyi8f0riCm2H3ktsnlNm9xXwQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 28 Apr 2022 18:20:03 GMT
stMBhdaFhZk.js
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame 9EB5
16 KB
5 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/stMBhdaFhZk.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/x6yfWGi7Xz3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f8970a987003d54f7be44353c56366e850a17487e70c0c8d558d5c2918f02d38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 17:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
gdklLwme2uWQFrzrJOxaKA==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
5319
x-fb-rlafr
0
x-fb-debug
h+jt9v3IyXBJAyJSEIF1F1+hAhSpegoui6lVrlHCe19can5i6i6/4oVCsR9m0X7NBp1nsODTjvOpQhlgGZ7m3g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 22 Apr 2022 17:06:06 GMT
X7M0YPAwpPP.js
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame 9EB5
4 KB
1 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/X7M0YPAwpPP.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/x6yfWGi7Xz3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
743bda89e28ae71a8b21d6ee6a1a184e494dfd91df4d7d21ad0d70519666ee49
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 17:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
G4+Dx/EKAWodjgKEEID03w==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1298
x-fb-rlafr
0
x-fb-debug
7ZqkSC8p/S8+KIAmCJkRbT6ECOrmFynWqDFfLcuxDd7pyFrYTRvt3tIdoftLTPtMz8KUWYmCcAWAhIwS7sJEKw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 05 May 2022 16:23:39 GMT
JopZtdti8dq.js
static.xx.fbcdn.net/rsrc.php/v3/y_/r/ Frame 9EB5
7 KB
2 KB
Script
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/JopZtdti8dq.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/x6yfWGi7Xz3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
95d95840165ea5fc374a27f1cffe88a1b3d033562916ef1071393c9c8adbfe86
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 17:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mTMNw9OoY8KLmzHcqJmeVA==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
2270
x-fb-rlafr
0
x-fb-debug
QSfvePjxq0IzOd2ci+tgPaOz15keCFZWIxfu7Tl0c+YruXPWROLUpatPXM6yH6QnrtAqTc3JuQRlh5g59rdcFw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 04 May 2022 20:59:53 GMT
-Oi4iLq0ONT.css
static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/ Frame 9EB5
8 KB
2 KB
Stylesheet
General
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yf/l/0,cross/-Oi4iLq0ONT.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/x6yfWGi7Xz3.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e739a0e1a5498ea21cf30036c5890d28f15356da8e30b265147664be90f11800
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 May 2021 17:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
OdznCX2YT+XekM7Zpw3iJg==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1993
x-fb-rlafr
0
x-fb-debug
hOUuGIGpb3wXqSxWljDWVSSbULOkMc57Dm5/0io8ed0BzhOXFt5JVe2IEuBUqYZriLoExuxhgwrwAyvuXv+LAw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 05 May 2022 17:26:27 GMT

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| GoogleAnalyticsObject function| ga boolean| CLOSURE_NO_DEPS function| handle_document_click_story function| hideEl function| showEl function| SharingWidget boolean| COMPILED object| goog object| Hogan function| ContactOff function| FacebookUser function| Form function| FormField function| StoryView function| StoryClient function| TestSuper function| VenmoUser object| Vemplate function| oldDispatchEvent object| popupElt boolean| isAudienceMenuVisible number| openMenuStoryId number| openMenuStoryClass object| vmob number| max_length_large number| max_length_small function| goog_typeOf object| logging object| venmo object| closure_lm_645162 function| sendDeviceData function| alreadySentDeviceData function| setCookie string| token string| SENT_DEVICE_DATA_COOKIE function| $ function| jQuery function| _ object| Backbone function| moment object| braintree object| venmo_web object| mParticle function| fbAsyncInit object| app object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| FB object| mpAmplitudeKit object| regeneratorRuntime object| amplitude object| PFB_4732

11 Cookies

Domain/Path Name / Value
.c.paypal.com/ Name: sc_f
Value: J_kBVAa7A_cR0_zdIijfl_e4IyXOo9A2LtEolId7I7CM8P2DlPqMkK_DuBLdAIZeArfONOF94j4DolibOcrpx7PV8kptoaSCM8eOtW
.venmo.com/ Name: amp_8f6a82
Value: FvImoUEb40Mghhcjz2SGlh...1f4upd0qg.1f4upd0qg.0.0.0
.paypal.com/ Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK
Value: xTdfMZJvm9ReAlBALe3kFLJjo-GFjh-f9rldMOff7yqim83iYfkJvFnIYmog8rcyJL66Okn-qZ8gwLPS
.venmo.com/ Name: _ga
Value: GA1.2.879769730.1620235945
.venmo.com/ Name: mprtcl-v4_068342D6
Value: {'gs':{'ie':1|'dt':'40433222e815b743853a4bb6b7a86058'|'cgid':'c77d2743-c43d-49da-a7d2-5758774025fc'|'das':'2ffe2167-ebb2-477a-b751-a6e14b9cfb2f'|'csm':'WyI3Mjk3MzU5NjA5OTY1MTE0MTIyIl0='|'sid':'8C6E24DD-9EA4-4BD4-A62F-32431178ABF6'|'les':1620235944588|'ssd':1620235944586}|'l':0|'7297359609965114122':{'fst':1620235944892}|'cu':'7297359609965114122'}
venmo.com/ Name: sent_device_data
Value: 1
.venmo.com/ Name: _gat
Value: 1
venmo.com/ Name: sessionid
Value: 8trqdd49igy2jb1ampywyydtubj5gn20
.venmo.com/ Name: csrftoken2
Value: S4BbVUCDVURadJr7MfZIOlHmqNy77mEP
.venmo.com/ Name: _gid
Value: GA1.2.1611269495.1620235945
venmo.com/ Name: v_id
Value: fp01-b6e5f817-517a-44fe-9f1c-3257e4d58786

1 Console Messages

Source Level URL
Text
console-api warning URL: https://jssdkcdns.mparticle.com/js/v2/40433222e815b743853a4bb6b7a86058/mparticle.js(Line 41)
Message:
A user identification type of customerId was selected in mParticle dashboard, but was not passed to the identity call. Please check your implementation.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000 max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.braintreegateway.com
api.venmo.com
assets.braintreegateway.com
b.stats.paypal.com
c.paypal.com
c6.paypal.com
cdn.amplitude.com
connect.facebook.net
d1v6x81qdeozhc.cloudfront.net
dub.stats.paypal.com
em.networkforgood.com
graph.facebook.com
hello.myfonts.net
identity.mparticle.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
pics.venmo.com
platform-lookaside.fbsbx.com
s3.amazonaws.com
scontent-frt3-2.xx.fbcdn.net
ssl.kaptcha.com
static.xx.fbcdn.net
stats.g.doubleclick.net
venmo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.paypalobjects.com
104.111.228.123
13.225.84.4
167.89.123.124
23.45.107.81
2600:9000:2156:a00:14:2516:3680:93a1
2606:4700::6811:f449
2a00:1450:4001:803::2003
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:400c:c04::9d
2a02:26f0:120:3ac::26cf
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:200::645
2a04:4e42:3::645
2a04:4e42:600::645
34.201.75.101
35.81.31.24
52.217.131.240
52.29.159.59
64.4.245.84
65.9.73.111
65.9.73.84
65.9.76.79
01bbf23ea6024a19acf21e69a5769c3bb77c0c7e75f86470d955f454d062ded3
08fef54ac737aee3f2f1131184f3469e82fe904c281696b58febf729e0da1f03
0d632ecead4b6fc79c491dc9a0a8f4593297a672c87cbbf2d2a259141ae2e2e0
1ad6f1b6aaa18a205dc2e58d0f6c09265cc0d12e3b338c01cf7ec76bd047eb2c
1d7680879c5e66d0ba1a22852f5c82f27bf27a47002a009cccee7999cc92a3ba
1e8af1c8306411c684130fcf7d46fa10b1906898bcc781a822e5d4a38ae2cce8
2763331f28e38140a0ea5f64a8a27591df0ac8793e3b2a8deb38ab0dfa286626
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
31d53a0f4b86221c12d035d0e9aa9d15d5cf02bdc9af1708074e689ce814053d
44ffa24411600be56b06052646669c60a3a874e8b8c733492556f6ea738c752e
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4f8c5f4930c7e5eb891b7b1b565794f4188acae016e654f37cc9d1b5950ad3e0
5820ecb4a4f4a68c3d69513d729fe10e6d5a55aebf837bb7321ac73093a98cd9
586c9ca42aca82e57c34d77dd995f7f065943c284b60dc72051bd5ce98a53add
59539d57e91fc5f64079c8424ec705270dded1e4396e861fa944a03ad4b5d88b
671d6ba0bf327f3c63505e95b42306bb90fe5eb6eb3132946c94a2fb40e1062d
6bb4bf0dc2530910f0e10d12c7895f505eb0ae24d3db023c02888fe32c094b96
743bda89e28ae71a8b21d6ee6a1a184e494dfd91df4d7d21ad0d70519666ee49
78f335c4bb91a0901fa856cde7114285fa2e0a0020d890daabf1569eb93e7f22
7fc2ab2f9522f3ec0ef0bf96a2177fc64c7ab4f66020b04a86827008cf81f3dd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85460abad01f40eba55eed2533050344360cb9033d3e92f4eaf7241441a205e3
908edfa9f7ec9fd5cb6b2159b5cb305d9c2c88601c8bf00a23bb0e96fcea1e21
91b80c3392da79d42bafb5610b232175802b4c91a13a76caef4a6448e57864c6
9274e1f199a41e0371aa94e2095c2aa4d1e299524590243217fd6ae284babcdd
9439c935fb7c9a4f4ba126613dd85ffa9a51a7581c79610892ebc97fa084b1a8
95d95840165ea5fc374a27f1cffe88a1b3d033562916ef1071393c9c8adbfe86
9b89d5ba54af3f9fff4fd6bc9defb550c4401054efc9a9a8e10b075d3865d59c
a09179dd962df38a01440ce2e4748c37bd832fe1ac2f65ad974490a89d63d129
a3c14c8e40db5e5989d6936fb50403b8e69c7d7d1e9f06d2574294281caaf914
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b02f328ed91e4db96cfa8776ba9fb573337688e21ed6c3c3e3b31e0800f8e021
b2b261969c7a0ff998e384e63cb35d99b46fcf38ed666bfb0b9e6881e26ccd29
c221c1836e2611eb0b0bdabdcff890a4ee3fdd1a7df322f3d8566abc822a53ee
ca9a517225af9552ef8b7e75ecd734183150529ce42386faed6afcbfb382c160
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e739a0e1a5498ea21cf30036c5890d28f15356da8e30b265147664be90f11800
e937a7568658868aeca19036426f2553f8f3b06b60a0ccaab6beca7131b6bee6
eb16d80daecb92f5a56606ad94672c3a8aebb683319084407c36b181754aeb83
ed81f9b4d4d14e7b1f7b0ab172a35494ff28adb0a7e44923eaa2252ba632c2f2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8970a987003d54f7be44353c56366e850a17487e70c0c8d558d5c2918f02d38