www.tajer.ps Open in urlscan Pro
138.199.37.226 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bestdelivery.store/
Effective URL:
https://www.tajer.ps/
Submission: On April 12 via automatic, source certstream-suspicious (April 12th 2022, 12:40:27 am UTC) — Scanned from DE

Summary HTTP 88 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 24 IPs in 3 countries across 19 domains to perform 88 HTTP transactions. The main IP is 138.199.37.226, located in Frankfurt am Main, Germany and belongs to CDN77 ^_^, GB. The main domain is www.tajer.ps.
TLS certificate: Issued by R3 on April 2nd 2022. Valid for: 3 months.

This is the only time www.tajer.ps was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a01:4f8:271:... 2a01:4f8:271:1882::2	24940 (HETZNER-AS) (HETZNER-AS)
1	138.199.37.226 138.199.37.226	60068 (CDN77 ^_^) (CDN77 ^_^)
5	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
17	185.152.64.17 185.152.64.17	60068 (CDN77 ^_^) (CDN77 ^_^)
5	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1	5.101.110.225 5.101.110.225	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
9	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
3	165.227.246.253 165.227.246.253	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
10	151.101.65.21 151.101.65.21	54113 (FASTLY) (FASTLY)
1 2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
5	23.45.107.81 23.45.107.81	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	64.4.245.84 64.4.245.84	17012 (PAYPAL) (PAYPAL)
2	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2800:233... 2606:2800:233:ce53:4396:b914:64c2:638e	15133 (EDGECAST) (EDGECAST)
3	20.40.202.19 20.40.202.19	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	51.77.64.70 51.77.64.70	() ()
4	2001:4860:480... 2001:4860:4802:36::36	() ()
88	24

1 2a01:4f8:271:1882::2 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

bestdelivery.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.199.37.226 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-37-226.datapacket.com

www.tajer.ps	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 185.152.64.17 (Prague, Czech Republic)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-152-64-17.datapacket.com

scripts.swipepages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.swipepages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.swipepages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.101.110.225 (United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: ams3.digitaloceanspaces.com

swipepages-assets.ams3.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 165.227.246.253 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

app.swipepages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.65.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.45.107.81 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-107-81.deploy.static.akamaitechnologies.com

c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.245.84 (United States) 1 redirects

ASN17012 (PAYPAL, US)

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

pt.wisernotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:ce53:4396:b914:64c2:638e (United States)

ASN15133 (EDGECAST, US)

c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.40.202.19 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ns.wisermapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.77.64.70 (None, )

ASN- ()

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:36::36 (None, )

ASN- ()

us-east1-wisernotify.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	paypal.com 1 redirects www.paypal.com — Cisco Umbrella Rank: 2500 t.paypal.com — Cisco Umbrella Rank: 3392 c.paypal.com — Cisco Umbrella Rank: 5906 b.stats.paypal.com — Cisco Umbrella Rank: 4652 dub.stats.paypal.com — Cisco Umbrella Rank: 17957 c6.paypal.com — Cisco Umbrella Rank: 6738	414 KB
20	swipepages.com scripts.swipepages.com — Cisco Umbrella Rank: 492424 media.swipepages.com — Cisco Umbrella Rank: 466713 assets.swipepages.com — Cisco Umbrella Rank: 690905 app.swipepages.com — Cisco Umbrella Rank: 464601	160 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	344 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 92	730 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46 jnn-pa.googleapis.com — Cisco Umbrella Rank: 272	23 KB
4	cloudfunctions.net us-east1-wisernotify.cloudfunctions.net	86 B
3	wisermapp.com ns.wisermapp.com — Cisco Umbrella Rank: 217844	16 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 static.doubleclick.net — Cisco Umbrella Rank: 340	1 KB
3	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 1886	42 KB
2	ip-api.com pro.ip-api.com	922 B
2	wisernotify.com pt.wisernotify.com — Cisco Umbrella Rank: 210985	57 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 107	67 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 212	2 KB
1	google.com www.google.com — Cisco Umbrella Rank: 4	14 KB
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 138	86 KB
1	digitaloceanspaces.com swipepages-assets.ams3.digitaloceanspaces.com	7 KB
1	tajer.ps www.tajer.ps	75 KB
1	bestdelivery.store 1 redirects bestdelivery.store	219 B
0	facebook.com Failed web.facebook.com Failed
88	19

	Domain	Requested by
10	www.paypal.com	scripts.swipepages.com www.paypal.com www.paypalobjects.com
9	www.youtube.com	www.tajer.ps www.youtube.com
9	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
9	scripts.swipepages.com	www.tajer.ps scripts.swipepages.com
5	c.paypal.com	www.paypal.com c.paypal.com
5	media.swipepages.com	www.tajer.ps
4	us-east1-wisernotify.cloudfunctions.net	pt.wisernotify.com
4	jnn-pa.googleapis.com	www.youtube.com
3	ns.wisermapp.com	pt.wisernotify.com
3	app.swipepages.com	scripts.swipepages.com
3	assets.swipepages.com	www.tajer.ps
3	www.paypalobjects.com	www.tajer.ps www.paypal.com www.paypalobjects.com
2	pro.ip-api.com	pt.wisernotify.com
2	pt.wisernotify.com	www.tajer.ps pt.wisernotify.com
2	t.paypal.com	www.tajer.ps
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
1	c6.paypal.com
1	dub.stats.paypal.com	www.paypal.com
1	b.stats.paypal.com	1 redirects
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	connect.facebook.net	www.tajer.ps
1	swipepages-assets.ams3.digitaloceanspaces.com	www.tajer.ps
1	fonts.googleapis.com	www.tajer.ps
1	www.tajer.ps
1	bestdelivery.store	1 redirects
0	web.facebook.com Failed	connect.facebook.net
88	30

This site contains links to these domains. Also see Links.

Domain
checkout.tajer.ps
app.tajer.ps
www.paypal.com
shop.bestdelivery.store
wa.me
mail.google.com
calendarhero.to

Subject Issuer	Validity	Valid
www.tajer.ps R3	`2022-04-02` - `2022-07-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
swipepages.com R3	`2022-02-03` - `2022-05-04`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-02-08` - `2023-01-10`	a year	crt.sh
*.ams3.digitaloceanspaces.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-23` - `2022-12-08`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-19` - `2022-04-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
c.paypal.com DigiCert SHA2 Extended Validation Server CA	`2021-11-03` - `2022-12-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-16` - `2022-06-15`	a year	crt.sh
ns.wisermapp.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-04-08` - `2022-10-08`	6 months	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-28` - `2022-11-27`	a year	crt.sh
misc.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.tajer.ps/
Frame ID: 66413DFBAF889F44A6C27C0973B3DF95
Requests: 51 HTTP requests in this frame

Frame: https://www.youtube.com/embed/vVJ1fi6KxVU
Frame ID: 5EF5CAA1ECF3970D43C3F61AB79F9E1A
Requests: 20 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.label=checkout&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=49&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVc4eHJJeml2Z0hHbjQyWC00aUhjdkRTTXU2bDFrdkNfWUpIemdkQVhVY2JTdno1SjZYa1hFcS1MeU9NMWxSclJlZ0U3WlQyU1UzdF9VU0EmY3VycmVuY3k9SUxTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2d3cmpheWNrb2tmZHVzb2lzbW52dG5odnFlanJmdiJ9fQ&clientID=AW8xrIzivgHGn42X-4iHcvDSMu6l1kvC_YJHzgdAXUcbSvz5J6XkXEq-LyOM1lRrRegE7ZT2SU3t_USA&sdkCorrelationID=f854657ffb835&storageID=uid_5460495f3c_mda6nda6mje&sessionID=uid_3cfc4a98f0_mda6nda6mje&buttonSessionID=uid_69d594b4e5_mda6nda6mje&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsIm1lcmNoYW50Q29uZmlnSGFzaCI6IiIsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOnRydWV9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=ILS&intent=capture&commit=true&vault=false&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Frame ID: A2C7A5F6B65B902ED8E8DFF3871171C6
Requests: 6 HTTP requests in this frame

Frame: data://truncated
Frame ID: 8F876A4BD8EA86AAFFA7999CD3812CC9
Requests: 1 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 0DA7BCDD2277F614A1AD80D180090D33
Requests: 2 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 238D2985AB8CA82CEC1EA9E36E06B5FE
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_3cfc4a98f0_mda6nda6mje&s=SMART_PAYMENT_BUTTONS
Frame ID: 8528AAD289206605C6D1151A7BA300A1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TAJER.PS CONTACTLESS ORDERING SOLUTION برنامج تاجر الفلسطيني لحلول الطلبات اللاتلامسيةMicrosoft Teams iconbar-graph

Page URL History Show full URLs

https://bestdelivery.store/ HTTP 301
https://www.tajer.ps/ Page URL

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

88
Requests

95 %
HTTPS

58 %
IPv6

19
Domains

30
Subdomains

24
IPs

3
Countries

2038 kB
Transfer

5701 kB
Size

15
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://checkout.tajer.ps/
Title: الأسعار

Search URL Search Domain Scan URL

URL: https://app.tajer.ps/login
Title: دخول

Search URL Search Domain Scan URL

URL: https://www.paypal.com/c2/webapps/mpp/paypal-popup?locale.x=en_C2

Search URL Search Domain Scan URL

URL: https://shop.bestdelivery.store/
Title: إضغط هنا وجرب بنفسك طريقة شراء زبائنك من متجرك

Search URL Search Domain Scan URL

URL: https://wa.me/+970569330052
Title: 970569330052+

Search URL Search Domain Scan URL

URL: https://mail.google.com/mail/u/0/?to=contact@tajer.ps&fs=1&tf=cm
Title: contact@tajer.ps

Search URL Search Domain Scan URL

URL: https://calendarhero.to/tajer.ps-Contactless-Ordering-Solution
Title: BOOK A MEETING

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bestdelivery.store/ HTTP 301
https://www.tajer.ps/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 72

https://b.stats.paypal.com/v2/counter.cgi?p=uid_3cfc4a98f0_mda6nda6mje&s=SMART_PAYMENT_BUTTONS HTTP 302
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_3cfc4a98f0_mda6nda6mje&s=SMART_PAYMENT_BUTTONS

88 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.tajer.ps/
Redirect Chain

https://bestdelivery.store/
https://www.tajer.ps/

267 KB
75 KB

247ms
7ms

Document
text/html

138.199.37.226
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tajer.ps/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-37-226.datapacket.com
Software: BunnyCDN-DE1-832 / Express
Resource Hash: 054b38893a2d1d9fc1e62345bc13475f0108f0767cdb1cca6a08425c0348853a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=604800
cdn-cache: HIT
cdn-cachedat: 03/29/2022 03:32:10
cdn-edgestorageid: 832
cdn-proxyver: 1.02
cdn-pullzone: 495480
cdn-requestcountrycode: DE
cdn-requestid: 6139b8a35deb70c780fe1af388104ef0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-status: 200
cdn-uid: faabe13d-df79-4fb2-a301-f433e02040fe
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 12 Apr 2022 00:40:19 GMT
etag: W/"42a02-17fd3aaaba3"
last-modified: Tue, 29 Mar 2022 03:14:12 GMT
server: BunnyCDN-DE1-832
vary: Accept-Encoding
x-powered-by: Express

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 707
content-type: text/html
date: Tue, 12 Apr 2022 00:40:18 GMT
location: https://www.tajer.ps/
server: LiteSpeed

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 182ms
55ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=IBM%20Plex%20Sans:500,400,400|Amiri:700,700,400,700,400|Cairo:400,400,700,600&display=swap

Requested by

Host: www.tajer.ps
URL: https://www.tajer.ps/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c0b5a69211ade3584428bd36a49eddf27090b282d75541e148bfef954666cd2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tajer.ps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 12 Apr 2022 00:40:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 12 Apr 2022 00:40:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 Apr 2022 00:40:20 GMT

GET
H2 200 checkout.min.css
scripts.swipepages.com/css/ 19 KB
5 KB 94ms
17ms Stylesheet
text/css 185.152.64.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.swipepages.com/css/checkout.min.css?ver=1.0.17
Requested by: Host: www.tajer.ps
URL: https://www.tajer.ps/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-17.datapacket.com
Software: BunnyCDN-CZ1-887 / Express
Resource Hash: 0f24e8cc67eeba64148cb7243e9d425c54f1f1de58e6a3b266551b8cb3399346

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tajer.ps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 00:40:19 GMT
content-encoding: br
cdn-edgestorageid: 887
access-control-allow-origin: *
x-powered-by: Express
cdn-cachedat: 04/08/2022 11:40:42
cdn-pullzone: 127004
server: BunnyCDN-CZ1-887
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified: Fri, 08 Apr 2022 11:08:49 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"4da6-18008dcc9e8"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css; charset=UTF-8
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: faabe13d-df79-4fb2-a301-f433e02040fe
cdn-requestid: 04447c2b611e1699dd89d2d9a255ede6
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 small-logo-tajer-ps2.png
media.swipepages.com/2021/12/5fa9ab0e12e6ae001c42d00c/ 17 KB
18 KB 111ms
30ms Image
image/png 185.152.64.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.swipepages.com/2021/12/5fa9ab0e12e6ae001c42d00c/small-logo-tajer-ps2.png

Requested by

Host: www.tajer.ps
URL: https://www.tajer.ps/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-185-152-64-17.datapacket.com

Software

BunnyCDN-CZ1-887 /

Resource Hash

748e309ba78ba043a16ffc6f3afb440543b0e1c2330c8b177a30042850511e52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tajer.ps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 00:40:19 GMT
cdn-edgestorageid: 887
x-amz-request-id: tx000000000000012eb2bb6-006230874d-1d14fa44-ams3c
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 03/15/2022 12:32:13
cdn-pullzone: 127001
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length: 17267
cache-control: public, max-age=31919000
server: BunnyCDN-CZ1-887
access-control-allow-origin: *
last-modified: Thu, 16 Dec 2021 20:06:47 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: "3a19a4bd18880183e1bd7255bb21e823"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cdn-cache: HIT
cdn-uid: faabe13d-df79-4fb2-a301-f433e02040fe
x-rgw-object-type: Normal
cdn-requestid: 29d720c7aff50588f8a0f0ab0a3a9dbb
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 Full_Online_Tray_RGB.png
www.paypalobjects.com/digitalassets/c/website/marketing/apac/C2/logos-buttons/optimize/ 9 KB
9 KB 146ms
16ms Image
image/png 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/digitalassets/c/website/marketing/apac/C2/logos-buttons/optimize/Full_Online_Tray_RGB.png

Requested by

Host: www.tajer.ps
URL: https://www.tajer.ps/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F2A) /

Resource Hash

461091ed8184dcc510916f86afd5c1cdc1a8485052692217c7bfa8fb539fdb57

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tajer.ps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 00:40:20 GMT
x-content-type-options: nosniff
last-modified: Thu, 29 Nov 2018 05:46:16 GMT
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
etag: "5bff7d28-22f7"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: image/png
paypal-debug-id: e5c7a09fd7b9f
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 8951
server: ECAcc (frc/8F2A)
expires: Tue, 12 Apr 2022 01:40:20 GMT

GET
H2 200 stripe.svg
assets.swipepages.com/dashboardgraphic/ 2 KB
2 KB 95ms
18ms Image
image/svg+xml 185.152.64.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.swipepages.com/dashboardgraphic/stripe.svg

Requested by

Host: www.tajer.ps
URL: https://www.tajer.ps/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-185-152-64-17.datapacket.com

Software

BunnyCDN-CZ1-887 /

Resource Hash

8f66119cffef94550b650ff234fc950e149e5f31dab5ffa48a3155e5c1b7c616

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tajer.ps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 00:40:19 GMT
content-encoding: br
vary: Accept-Encoding
cdn-edgestorageid: 887
x-amz-request-id: tx00000000000002beda0da-00622e0c04-22b04d11-ams3b
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 03/13/2022 15:21:40
cdn-pullzone: 127003
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
server: BunnyCDN-CZ1-887
access-control-allow-origin: *
last-modified: Mon, 16 Aug 2021 11:25:42 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"57fffe1f210c107f75a256b19aa00b3a"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
cdn-cache: HIT
cdn-uid: faabe13d-df79-4fb2-a301-f433e02040fe
x-rgw-object-type: Normal
cdn-requestid: 09b49dec9bfb4bbd7cfca7ec01543f2a
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK razorpay.svg
swipepages-assets.ams3.digitaloceanspaces.com/dashboardgraphic/ 6 KB
7 KB 79ms
17ms Image
image/svg+xml 5.101.110.225
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://swipepages-assets.ams3.digitaloceanspaces.com/dashboardgraphic/razorpay.svg

Requested by

Host: www.tajer.ps
URL: https://www.tajer.ps/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

5.101.110.225 , United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

ams3.digitaloceanspaces.com

Software

Resource Hash

2998491ebbbc654593012bf8740a6bcf09dceb6bd99ab53ccde00fdbec336159

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tajer.ps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 00:40:19 GMT
last-modified: Sat, 13 Nov 2021 04:19:39 GMT
x-amz-request-id: tx000000000000019617f97-006254ca73-2512a4f4-ams3b
etag: "ccd0e3798986d5db3af07dca9d1cbcdc"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
content-length: 6227

GET
H2 200 instamojo.png
assets.swipepages.com/dashboardgraphic/ 2 KB
3 KB 92ms
16ms Image
image/png 185.152.64.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.swipepages.com/dashboardgraphic/instamojo.png

Requested by

Host: www.tajer.ps
URL: https://www.tajer.ps/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-185-152-64-17.datapacket.com

Software

BunnyCDN-CZ1-887 /

Resource Hash

44f84dd48e44b694b0034331bf951303c002a911356ed9d071f361c834d2de65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tajer.ps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 00:40:19 GMT
cdn-edgestorageid: 887
x-amz-request-id: tx00000000000002be61aad-00622e0c04-22b40707-ams3b
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 03/13/2022 15:21:40
cdn-pullzone: 127003
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length: 2254
cache-control: public, max-age=31919000
server: BunnyCDN-CZ1-887
access-control-allow-origin: *
last-modified: Tue, 30 Nov 2021 06:37:02 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: "063ceafb6b6e5fd05ed4e3cd37bf416c"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cdn-cache: HIT
cdn-uid: faabe13d-df79-4fb2-a301-f433e02040fe
x-rgw-object-type: Normal
cdn-requestid: 91725c8aae0f604072e0508600c21a97
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 payment-select.png
assets.swipepages.com/ 336 B
1 KB 17ms
17ms Image
image/png 185.152.64.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.swipepages.com/payment-select.png

Requested by

Host: www.tajer.ps
URL: https://www.tajer.ps/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-185-152-64-17.datapacket.com

Software

BunnyCDN-CZ1-887 /

Resource Hash

3a1430fbbcaa28829fe12a704708bb7e9fb11f0e6007ee9372afcbc0578ca19c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tajer.ps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 00:40:19 GMT
cdn-edgestorageid: 887
x-amz-request-id: tx00000000000002be61aae-00622e0c04-22b40707-ams3b
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 03/13/2022 15:21:40
cdn-pullzone: 127003
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length: 336
cache-control: public, max-age=31919000
server: BunnyCDN-CZ1-887
access-control-allow-origin: *
last-modified: Thu, 26 Aug 2021 02:33:41 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: "b051f171d629a2024d8a6a65d477c78c"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cdn-cache: HIT
cdn-uid: faabe13d-df79-4fb2-a301-f433e02040fe
x-rgw-object-type: Normal
cdn-requestid: bab860f8bc55e02e035a28e734c5068a
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 full_online_tray_rgb.png
media.swipepages.com/2021/11/5fa9ab0e12e6ae001c42d00c/ 9 KB
10 KB 97ms
97ms Image
image/png 185.152.64.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.swipepages.com/2021/11/5fa9ab0e12e6ae001c42d00c/full_online_tray_rgb.png

Requested by

Host: www.tajer.ps
URL: https://www.tajer.ps/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-185-152-64-17.datapacket.com

Software

BunnyCDN-CZ1-887 /

Resource Hash

461091ed8184dcc510916f86afd5c1cdc1a8485052692217c7bfa8fb539fdb57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tajer.ps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 00:40:20 GMT
cdn-edgestorageid: 887
x-amz-request-id: tx00000000000000a5672be-006254ca74-1fd86f7b-ams3c
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 04/12/2022 00:40:20
cdn-pullzone: 127001
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length: 8951
cache-control: public, max-age=31919000
server: BunnyCDN-CZ1-887
access-control-allow-origin: *
last-modified: Fri, 05 Nov 2021 23:55:13 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: "27c6deb64bf3fe73de68ba5fc8f2948c"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cdn-cache: MISS
cdn-uid: faabe13d-df79-4fb2-a301-f433e02040fe
x-rgw-object-type: Normal
cdn-requestid: 09861309946d76686f842e543e40bf6f
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
scripts.swipepages.com/js/ 86 KB
33 KB 96ms
20ms Script
application/javascript 185.152.64.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.swipepages.com/js/jquery.min.js
Requested by: Host: www.tajer.ps
URL: https://www.tajer.ps/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-17.datapacket.com
Software: BunnyCDN-CZ1-887 / Express
Resource Hash: 82e02531ea4f45cbff2c0f71004344e4872380162a8128e9e523f97c73cf8d81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tajer.ps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 00:40:19 GMT
content-encoding: br
cdn-edgestorageid: 887
access-control-allow-origin: *
x-powered-by: Express
cdn-cachedat: 03/13/2022 13:07:48
cdn-pullzone: 127004
server: BunnyCDN-CZ1-887
last-modified: Fri, 25 Feb 2022 08:21:18 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"156f9-17f2ff85430"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cdn-cache: HIT
cdn-uid: faabe13d-df79-4fb2-a301-f433e02040fe
cache-control: public, max-age=31919000
cdn-requestid: cf800de6fd8fa90e008e5b154b73cd2a
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 asyncloader.min.js Show response
scripts.swipepages.com/js/vendor/ 571 B
888 B 121ms
45ms Script
application/javascript 185.152.64.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.swipepages.com/js/vendor/asyncloader.min.js
Requested by: Host: www.tajer.ps
URL: https://www.tajer.ps/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-17.datapacket.com
Software: BunnyCDN-CZ1-887 / Express
Resource Hash: d7e7e9011c4b157fd800f018124422887f75a321aa85c8eb826558d94773be87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tajer.ps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 00:40:19 GMT
content-encoding: br
cdn-edgestorageid: 887
access-control-allow-origin: *
x-powered-by: Express
cdn-cachedat: 03/13/2022 13:07:48
cdn-pullzone: 127004
server: BunnyCDN-CZ1-887
last-modified: Fri, 25 Feb 2022 08:21:18 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"23b-17f2ff85430"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cdn-cache: HIT
cdn-uid: faabe13d-df79-4fb2-a301-f433e02040fe
cache-control: public, max-age=31919000
cdn-requestid: fca5c4bca0b1d429ee74f4bdaa33e639
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 helpers.min.js Show response
scripts.swipepages.com/js/ 2 KB
1 KB 119ms
43ms Script
application/javascript 185.152.64.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.swipepages.com/js/helpers.min.js
Requested by: Host: www.tajer.ps
URL: https://www.tajer.ps/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-17.datapacket.com
Software: BunnyCDN-CZ1-887 / Express
Resource Hash: efde570c091135a8e32f0ec295e70750b24254d3ce4e959d7eca260cedb72c89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tajer.ps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 00:40:19 GMT
content-encoding: br
cdn-edgestorageid: 887
access-control-allow-origin: *
x-powered-by: Express
cdn-cachedat: 03/13/2022 13:07:48
cdn-pullzone: 127004
server: BunnyCDN-CZ1-887
last-modified: Fri, 25 Feb 2022 08:21:18 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"6c0-17f2ff85430"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cdn-cache: HIT
cdn-uid: faabe13d-df79-4fb2-a301-f433e02040fe
cache-control: public, max-age=31919000
cdn-requestid: 057ea03150086f497a1ff5c1359d6f75
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 checkout.min.js Show response
scripts.swipepages.com/js/ 29 KB
9 KB 120ms
44ms Script
application/javascript 185.152.64.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.swipepages.com/js/checkout.min.js?ver=1.0.22
Requested by: Host: www.tajer.ps
URL: https://www.tajer.ps/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-17.datapacket.com
Software: BunnyCDN-CZ1-887 / Express
Resource Hash: 9d765c99432a9e77d57be5f6be974fe5f315c2468c861b21e9aea721d7ba405a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tajer.ps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 00:40:19 GMT
content-encoding: br
cdn-edgestorageid: 887
access-control-allow-origin: *
x-powered-by: Express
cdn-cachedat: 03/13/2022 16:33:00
cdn-pullzone: 127004
server: BunnyCDN-CZ1-887
last-modified: Fri, 25 Feb 2022 08:21:18 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"7503-17f2ff85430"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cdn-cache: HIT
cdn-uid: faabe13d-df79-4fb2-a301-f433e02040fe
cache-control: public, max-age=31919000
cdn-requestid: 74d3153aba27f08279b4743071d85f9d
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 tatsu.min.js Show response
scripts.swipepages.com/js/ 41 KB
13 KB 120ms
44ms Script
application/javascript 185.152.64.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.swipepages.com/js/tatsu.min.js?ver=1.0.19
Requested by: Host: www.tajer.ps
URL: https://www.tajer.ps/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-17.datapacket.com
Software: BunnyCDN-CZ1-887 / Express
Resource Hash: 00176c1f5d2ff166bd762d04571eb21926a86df0f058fea18122abb1f93b004e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tajer.ps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 00:40:19 GMT
content-encoding: br
cdn-edgestorageid: 887
access-control-allow-origin: *
x-powered-by: Express
cdn-cachedat: 04/09/2022 06:24:38
cdn-pullzone: 127004
server: BunnyCDN-CZ1-887
last-modified: Sat, 09 Apr 2022 06:11:48 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"a38b-1800cf338a0"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cdn-cache: HIT
cdn-uid: faabe13d-df79-4fb2-a301-f433e02040fe
cache-control: public, max-age=31919000
cdn-requestid: 6aac2b736d72e1ed34ce72318e9537fc
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 analytics.min.js Show response
scripts.swipepages.com/js/ 4 KB
2 KB 37ms
37ms Script
application/javascript 185.152.64.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.swipepages.com/js/analytics.min.js?ver=1.0.7
Requested by: Host: www.tajer.ps
URL: https://www.tajer.ps/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-17.datapacket.com
Software: BunnyCDN-CZ1-887 / Express
Resource Hash: 273d52316869dec31cbafb63a326ae18ab6b1233b30f52921b08686e0d0ed7b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tajer.ps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 00:40:19 GMT
content-encoding: br
cdn-edgestorageid: 887
access-control-allow-origin: *
x-powered-by: Express
cdn-cachedat: 04/08/2022 11:50:11
cdn-pullzone: 127004
server: BunnyCDN-CZ1-887
last-modified: Fri, 08 Apr 2022 11:08:49 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"e6e-18008dcc9e8"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cdn-cache: HIT
cdn-uid: faabe13d-df79-4fb2-a301-f433e02040fe
cache-control: public, max-age=31919000
cdn-requestid: 8e5a78ceba26098cc77ebdcbb194cb7a
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 xfbml.customerchat.js Show response
connect.facebook.net/ar_AR/sdk/ 299 KB
86 KB 57ms
11ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ar_AR/sdk/xfbml.customerchat.js

Requested by

Host: www.tajer.ps
URL: https://www.tajer.ps/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d2a4f63518abbd021ab1d1830a0b6f690b2f5b97e0414f3587518b1fe56af2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tajer.ps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 2+R9utCjNj2hFPBkni1yyw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Tue, 12 Apr 2022 00:48:30 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87071
x-fb-rlafr: 0
x-fb-debug: edNiMnYoatpg2FzPZeNyuevA7OBROZlF1+RuNJEsUHNoYPyQemM3+SRRqu6C4M6nOYAEHJly5RFKyEfPzohjUA==
x-fb-trip-id: 686109401
x-fb-content-md5: 2e787908ef5cec512a2607b8565e9e10
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 12 Apr 2022 00:40:20 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "8f31419b57c92132284671aea9c6155d"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 J7acnpd8CGxBHp2VkaY6zp5yGw.woff2
fonts.gstatic.com/s/amiri/v23/ 86 KB
86 KB 280ms
148ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/amiri/v23/J7acnpd8CGxBHp2VkaY6zp5yGw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM%20Plex%20Sans:500,400,400|Amiri:700,700,400,700,400|Cairo:400,400,700,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74a1e872a7a5469b7f80b162d41a77f9317a3e79d5580d2925d6d0bdffb17580

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tajer.ps
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 00:31:37 GMT
x-content-type-options: nosniff
age: 432523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88408
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:09:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 07 Apr 2023 00:31:37 GMT

GET
H2 200 J7aRnpd8CGxBHpUrtLMA7w.woff2
fonts.gstatic.com/s/amiri/v23/ 86 KB
86 KB 234ms
102ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/amiri/v23/J7aRnpd8CGxBHpUrtLMA7w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM%20Plex%20Sans:500,400,400|Amiri:700,700,400,700,400|Cairo:400,400,700,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a38b6eb50c592ad6fad2f179f8f11206d14de473b3f497387a8320e0c079d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tajer.ps
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 00:25:13 GMT
x-content-type-options: nosniff
age: 432907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87852
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:10:00 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 07 Apr 2023 00:25:13 GMT

GET
H2 200 SLXGc1nY6HkvalIkTpu0xg.woff2
fonts.gstatic.com/s/cairo/v17/ 29 KB
29 KB 253ms
122ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v17/SLXGc1nY6HkvalIkTpu0xg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM%20Plex%20Sans:500,400,400|Amiri:700,700,400,700,400|Cairo:400,400,700,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fb0201eb648ada7265dc5c9bb6c5a4cfcf49364b4a9bec976557bb6c2369a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tajer.ps
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 23:53:22 GMT
x-content-type-options: nosniff
age: 2818
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29740
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:15:14 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 11 Apr 2023 23:53:22 GMT

GET
H2 200 J7acnpd8CGxBHp2VkaY_zp4.woff2
fonts.gstatic.com/s/amiri/v23/ 19 KB
20 KB 216ms
85ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/amiri/v23/J7acnpd8CGxBHp2VkaY_zp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM%20Plex%20Sans:500,400,400|Amiri:700,700,400,700,400|Cairo:400,400,700,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

976862397ada7e28a1fb279f3d831115c95d58cd9df2b7ee46918f8133a0abfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tajer.ps
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:39:27 GMT
x-content-type-options: nosniff
age: 450053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19884
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:09:48 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Apr 2023 19:39:27 GMT

GET
H2 200 SLXGc1nY6HkvalIhTps.woff2
fonts.gstatic.com/s/cairo/v17/ 32 KB
33 KB 171ms
40ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cairo/v17/SLXGc1nY6HkvalIhTps.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM%20Plex%20Sans:500,400,400|Amiri:700,700,400,700,400|Cairo:400,400,700,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4b2bb9f7daf4f2f3ef930ec5eccec7ef32af9930cd2e454fb51fb1bf26bb2e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tajer.ps
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 17:58:46 GMT
x-content-type-options: nosniff
age: 456094
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33264
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:16:29 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Apr 2023 17:58:46 GMT

GET
H2 200 J7aRnpd8CGxBHpUutLM.woff2
fonts.gstatic.com/s/amiri/v23/ 20 KB
20 KB 258ms
138ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/amiri/v23/J7aRnpd8CGxBHpUutLM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM%20Plex%20Sans:500,400,400|Amiri:700,700,400,700,400|Cairo:400,400,700,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4a30ab007939335bbf745c994f81fa69e554b02a85b310fbd583530ad317ad0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tajer.ps
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 19:39:08 GMT
x-content-type-options: nosniff
age: 450072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20612
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:09:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Apr 2023 19:39:08 GMT

GET
H2 200 zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v13/ 18 KB
19 KB 285ms
174ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v13/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM%20Plex%20Sans:500,400,400|Amiri:700,700,400,700,400|Cairo:400,400,700,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49791a696302b5112cec6f474d4d188ec3da019fab43b744b558c8b5e6644785

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tajer.ps
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 21:25:04 GMT
x-content-type-options: nosniff
age: 443716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18860
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:58:14 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Apr 2023 21:25:04 GMT

GET
H2 200 vVJ1fi6KxVU Show response
www.youtube.com/embed/ Frame 5EF5 60 KB
26 KB 190ms
101ms Document
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/vVJ1fi6KxVU

Requested by

Host: www.tajer.ps
URL: https://www.tajer.ps/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7d868d799676418a86d5ac129b91f44209e52c36bc3ee34c19e05ba25ed6bca7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tajer.ps/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Tue, 12 Apr 2022 00:40:20 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK public Show response
app.swipepages.com/api/products/6185b4dbf03abe001046c7bf/ 874 B
1 KB 49ms
15ms Fetch
application/json 165.227.246.253
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://app.swipepages.com/api/products/6185b4dbf03abe001046c7bf/public
Requested by: Host: scripts.swipepages.com
URL: https://scripts.swipepages.com/js/checkout.min.js?ver=1.0.22
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 165.227.246.253 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: / Express
Resource Hash: 62b2716f77c60acf6694e1614425fea4c69290771266b2baa6e04768a0fb83e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tajer.ps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 12 Apr 2022 00:40:20 GMT
x-powered-by: Express
etag: W/"36a-1NAAI3CcM2oBL3KwGANnZJOyftk"
content-length: 874
content-type: application/json; charset=utf-8

GET
H2 200 zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
fonts.gstatic.com/s/ibmplexsans/v13/ 18 KB
18 KB 169ms
169ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v13/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM%20Plex%20Sans:500,400,400|Amiri:700,700,400,700,400|Cairo:400,400,700,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcecb97c12786d7a9387a81e74e4179790fd84425c9c75be1aec3aed645bf6e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tajer.ps
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 20:19:44 GMT
x-content-type-options: nosniff
age: 447636
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18000
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:58:25 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 06 Apr 2023 20:19:44 GMT

GET /
web.facebook.com/plugins/customer_chat/SDK/ 0
0

GET /
web.facebook.com/plugins/customer_chat/facade/ 0
0

GET
H2 200 jquery-ui.min.js Show response
scripts.swipepages.com/js/vendor/ 28 KB
10 KB 14ms
13ms Script
application/javascript 185.152.64.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.swipepages.com/js/vendor/jquery-ui.min.js
Requested by: Host: scripts.swipepages.com
URL: https://scripts.swipepages.com/js/vendor/asyncloader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-17.datapacket.com
Software: BunnyCDN-CZ1-887 / Express
Resource Hash: 163abc022ac412402c1198f92c4bc8f4926e9b9acfb83ab6c9819f2fe2b946c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tajer.ps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 00:40:20 GMT
content-encoding: br
cdn-edgestorageid: 887
access-control-allow-origin: *
x-powered-by: Express
cdn-cachedat: 03/13/2022 13:07:49
cdn-pullzone: 127004
server: BunnyCDN-CZ1-887
last-modified: Fri, 25 Feb 2022 08:21:18 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"7063-17f2ff85430"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cdn-cache: HIT
cdn-uid: faabe13d-df79-4fb2-a301-f433e02040fe
cache-control: public, max-age=31919000
cdn-requestid: 2f49e3e52f70731f3b172a4a875d206a
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 exitIntent.min.js Show response
scripts.swipepages.com/js/vendor/ 2 KB
1 KB 15ms
15ms Script
application/javascript 185.152.64.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.swipepages.com/js/vendor/exitIntent.min.js
Requested by: Host: scripts.swipepages.com
URL: https://scripts.swipepages.com/js/vendor/asyncloader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-17.datapacket.com
Software: BunnyCDN-CZ1-887 / Express
Resource Hash: 8bbff8ee36dc1f786f149fd92394bf03ebf46de15edb7de7c54d733c97d6a6db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tajer.ps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 00:40:20 GMT
content-encoding: br
cdn-edgestorageid: 887
access-control-allow-origin: *
x-powered-by: Express
cdn-cachedat: 03/13/2022 18:01:50
cdn-pullzone: 127004
server: BunnyCDN-CZ1-887
last-modified: Fri, 25 Feb 2022 08:21:18 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"75a-17f2ff85430"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cdn-cache: HIT
cdn-uid: faabe13d-df79-4fb2-a301-f433e02040fe
cache-control: public, max-age=31919000
cdn-requestid: b351d17f5df52526bfa88483ef9df300
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/webp

POST
H/1.1 200
OK analytics Show response
app.swipepages.com/api/ 36 B
249 B 10ms
10ms XHR
text/html 165.227.246.253
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://app.swipepages.com/api/analytics
Requested by: Host: scripts.swipepages.com
URL: https://scripts.swipepages.com/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 165.227.246.253 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: / Express
Resource Hash: fdda3819a058f07fb78560d26e2db7115b404e7958eaec963bc0630b4baefea0

Request headers

Accept: */*
Referer: https://www.tajer.ps/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 12 Apr 2022 00:40:20 GMT
x-powered-by: Express
etag: W/"24-D19GFv5lgRZkJ73pgwe92cDcink"
content-length: 36
content-type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/webp

GET
H/1.1 200
OK public Show response
app.swipepages.com/api/subaccounts/5fa9ab0e12e6ae001c42d00c/paymentGateways/ 163 B
384 B 12ms
11ms Fetch
application/json 165.227.246.253
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://app.swipepages.com/api/subaccounts/5fa9ab0e12e6ae001c42d00c/paymentGateways/public
Requested by: Host: scripts.swipepages.com
URL: https://scripts.swipepages.com/js/checkout.min.js?ver=1.0.22
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 165.227.246.253 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: / Express
Resource Hash: 2c33d7b78fd53f2191205377401683a9b22da61eecbb146fcec6536e15cd8214

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tajer.ps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 12 Apr 2022 00:40:20 GMT
x-powered-by: Express
etag: W/"a3-OeQbnXgb8iBl3r0XXDeOjq5VIuU"
content-length: 163
content-type: application/json; charset=utf-8

GET
H2 200 small-logo-tajer-ps2-9f6cer.png
media.swipepages.com/2021/12/5fa9ab0e12e6ae001c42d00c/ 17 KB
18 KB 79ms
77ms Image
image/png 185.152.64.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.swipepages.com/2021/12/5fa9ab0e12e6ae001c42d00c/small-logo-tajer-ps2-9f6cer.png

Requested by

Host: www.tajer.ps
URL: https://www.tajer.ps/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-185-152-64-17.datapacket.com

Software

BunnyCDN-CZ1-887 /

Resource Hash

748e309ba78ba043a16ffc6f3afb440543b0e1c2330c8b177a30042850511e52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tajer.ps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 00:40:20 GMT
cdn-edgestorageid: 887
x-amz-request-id: tx00000000000000a56730a-006254ca74-1fd86f7b-ams3c
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 04/12/2022 00:40:20
cdn-pullzone: 127001
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length: 17267
cache-control: public, max-age=31919000
server: BunnyCDN-CZ1-887
access-control-allow-origin: *
last-modified: Thu, 16 Dec 2021 20:14:26 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: "3a19a4bd18880183e1bd7255bb21e823"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/png
cdn-cache: MISS
cdn-uid: faabe13d-df79-4fb2-a301-f433e02040fe
x-rgw-object-type: Normal
cdn-requestid: 07686ae2603af6bc8da032fc1981e673
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 403 section-hero-img-150.webp
media.swipepages.com/2020/2/ 0
0 61ms
60ms Image
application/xml 185.152.64.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.swipepages.com/2020/2/section-hero-img-150.webp
Requested by: Host: www.tajer.ps
URL: https://www.tajer.ps/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-185-152-64-17.datapacket.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tajer.ps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 js Show response
www.paypal.com/sdk/ 336 KB
104 KB 736ms
673ms Script
application/javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AW8xrIzivgHGn42X-4iHcvDSMu6l1kvC_YJHzgdAXUcbSvz5J6XkXEq-LyOM1lRrRegE7ZT2SU3t_USA&currency=ILS&disable-funding=credit,card

Requested by

Host: scripts.swipepages.com
URL: https://scripts.swipepages.com/js/vendor/asyncloader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

944af85256e8ee369da515d3f77f96c233314c0ad2c61a04e3e8af5cd3e14be3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-BXD19gXmwjd5S8HD7dky2r0eFGDmCBI2l2QbHI0kUBfUfsvJ' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-BXD19gXmwjd5S8HD7dky2r0eFGDmCBI2l2QbHI0kUBfUfsvJ' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tajer.ps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-BXD19gXmwjd5S8HD7dky2r0eFGDmCBI2l2QbHI0kUBfUfsvJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-BXD19gXmwjd5S8HD7dky2r0eFGDmCBI2l2QbHI0kUBfUfsvJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
age: 0
via: 1.1 varnish
x-cache: MISS
p3p: true
paypal-debug-id: f735934d71a81
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 105757
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4054-HHN
x-timer: S1649724021.551762,VS0,VE666
x-frame-options: SAMEORIGIN
date: Tue, 12 Apr 2022 00:40:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"19d1d-cDyic3zWzHp7fnxjUvTBNhKhEXI"
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 www-player.css
www.youtube.com/s/player/1e29bfc0/ Frame 5EF5 346 KB
47 KB 50ms
47ms Stylesheet
text/css 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1e29bfc0/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/vVJ1fi6KxVU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

745ceabc71fc51c9e19807a454ec780584da7f59f0f568edd02562343749c0b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/vVJ1fi6KxVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 14:56:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35042
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47431
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 00:15:09 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Apr 2023 14:56:18 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/1e29bfc0/www-embed-player.vflset/ Frame 5EF5 278 KB
86 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1e29bfc0/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/vVJ1fi6KxVU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd040a9506a3805bd492a729bc7a28a8deb8260f710329b18314b9db58208fa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/vVJ1fi6KxVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 14:56:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35042
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87824
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 00:15:09 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Apr 2023 14:56:18 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/1e29bfc0/player_ias.vflset/de_DE/ Frame 5EF5 2 MB
524 KB 100ms
98ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1e29bfc0/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/vVJ1fi6KxVU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89d58fdff13041d4c1df61f7de952d3932f3daa36ae7deaac5a6566c9ca0a75f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/vVJ1fi6KxVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 14:57:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34988
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 536308
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 00:15:09 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Apr 2023 14:57:12 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/1e29bfc0/fetch-polyfill.vflset/ Frame 5EF5 9 KB
3 KB 115ms
114ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1e29bfc0/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/vVJ1fi6KxVU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/vVJ1fi6KxVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 14:56:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35042
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 00:15:09 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Apr 2023 14:56:18 GMT

GET
H2 200 section-hero-img-750.jpg
media.swipepages.com/2020/2/ 31 KB
32 KB 66ms
66ms Image
image/jpeg 185.152.64.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.swipepages.com/2020/2/section-hero-img-750.jpg

Requested by

Host: www.tajer.ps
URL: https://www.tajer.ps/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-185-152-64-17.datapacket.com

Software

BunnyCDN-CZ1-887 /

Resource Hash

3e969f43185e9d996e4609c2c5de663ef70cef881843a915660a113194ef3ae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tajer.ps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 00:40:20 GMT
cdn-edgestorageid: 887
x-amz-request-id: tx00000000000000a56732f-006254ca74-1fd86f7b-ams3c
x-amz-meta-mtime: 1585677307
cdn-cachedat: 04/12/2022 00:40:20
cdn-pullzone: 127001
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length: 32022
cache-control: public, max-age=31919000
server: BunnyCDN-CZ1-887
access-control-allow-origin: *
last-modified: Tue, 29 Dec 2020 09:48:15 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: "01571e98338565eee00d5ee39c994454"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
cdn-cache: MISS
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-rgw-object-type: Normal
cdn-uid: faabe13d-df79-4fb2-a301-f433e02040fe
cdn-requestid: dfdc7adaa307947fb412f977c6d82cf8
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5EF5 15 KB
15 KB 52ms
51ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/vVJ1fi6KxVU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 566535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Apr 2023 11:18:05 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 5EF5
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

97ms
47ms

XHR
application/json

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/vVJ1fi6KxVU

Protocol

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d45830b209a9493335087461a5174631e75d6f4484fc2fcb4b12a493f97110f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 00:40:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 12 Apr 2022 00:40:20 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 5EF5 29 B
588 B 146ms
47ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1e29bfc0/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 00:29:42 GMT
x-content-type-options: nosniff
age: 638
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Apr 2022 00:44:42 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 136ms
47ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 12 Apr 2022 00:40:20 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 5EF5 45 KB
22 KB 104ms
55ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1e29bfc0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

81dc71801e1a69afb7c3de1bb81d01adcc504b4b1f1bbe233fcfbfd86e7c9339

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 12 Apr 2022 00:40:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 22287
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/1e29bfc0/player_ias.vflset/de_DE/ Frame 5EF5 118 KB
37 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1e29bfc0/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1e29bfc0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a438c03a8281036c5669b91c1ce9c99a80ea3f1554b86387fc7e6b628b168ec3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/vVJ1fi6KxVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 14:57:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34984
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37640
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 00:15:09 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Apr 2023 14:57:16 GMT

GET
H2 200 3e7Dt-NND0lfl1CWnwQTKd6Oub6JCw2680Irw1lDJJw.js Show response
www.google.com/js/th/ Frame 5EF5 35 KB
14 KB 746ms
40ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/3e7Dt-NND0lfl1CWnwQTKd6Oub6JCw2680Irw1lDJJw.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1e29bfc0/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddeec3b7e34d0f495f9750969f041329de8eb9be890b0dbaf3422bc35943249c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 12:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 477200
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13791
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 13:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Apr 2023 12:07:01 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/1e29bfc0/player_ias.vflset/de_DE/ Frame 5EF5 27 KB
8 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/1e29bfc0/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1e29bfc0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2599a1d88ac7b6beab2d4b6f1ba3480b94ce5bd1413350e3d88e8ad5d9d1b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/vVJ1fi6KxVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 14:57:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34984
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8164
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 00:15:09 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Apr 2023 14:57:16 GMT

GET
DATA 200
OK truncated
/ Frame 5EF5 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 O-dUQvpg3z5qp75HewQN64aGjRk8O8mIV99_88UV42VZpStoqCuojo9ATbu7jrS4hwZMAo2g=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 5EF5 2 KB
2 KB 941ms
292ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/O-dUQvpg3z5qp75HewQN64aGjRk8O8mIV99_88UV42VZpStoqCuojo9ATbu7jrS4hwZMAo2g=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/vVJ1fi6KxVU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

874d9281aea11a0ce978a57199d98cf7d4899929f484aae171496c0012c8d346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 00:40:21 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="channels4_profile.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1802
x-xss-protection: 0
expires: Wed, 13 Apr 2022 00:40:21 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/vVJ1fi6KxVU/ Frame 5EF5 66 KB
67 KB 796ms
148ms Image
image/webp 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/vVJ1fi6KxVU/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/vVJ1fi6KxVU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd5c16b281cc99e07e944ae32e20bdbb5262adf1c2f1efdf84e9667febe4dc2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 00:40:21 GMT
x-content-type-options: nosniff
server: sffe
etag: "1639545482"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67870
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 12 Apr 2022 02:40:21 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 5EF5 4 KB
3 KB 628ms
48ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1e29bfc0/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 00:40:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 12 Apr 2022 00:40:21 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 5EF5 98 B
142 B 49ms
49ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1e29bfc0/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a95e646a5365bdbebbf1cc041e89e2a8342724bd7d45852a658746d00457620a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 12 Apr 2022 00:40:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 13 KB
5 KB 763ms
763ms Script
application/x-javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=www.tajer.ps&t=xo&v=5.0.303&source=payments_sdk&client_id=AW8xrIzivgHGn42X-4iHcvDSMu6l1kvC_YJHzgdAXUcbSvz5J6XkXEq-LyOM1lRrRegE7ZT2SU3t_USA&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AW8xrIzivgHGn42X-4iHcvDSMu6l1kvC_YJHzgdAXUcbSvz5J6XkXEq-LyOM1lRrRegE7ZT2SU3t_USA&currency=ILS&disable-funding=credit,card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

621c8ba1d0427bdaadf84ab9074947663a0f72df7701436f6aa26383234b451d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-0MmUYGZZopim4NkSE3ZxzFOgfASgrQotgSUVsMEk4pmbeKDq' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tajer.ps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-0MmUYGZZopim4NkSE3ZxzFOgfASgrQotgSUVsMEk4pmbeKDq' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
age: 0
x-cache: MISS
paypal-debug-id: f7359345728fb
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 4748
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4054-HHN
x-timer: S1649724021.264896,VS0,VE757
x-frame-options: SAMEORIGIN
date: Tue, 12 Apr 2022 00:40:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/x-javascript; charset=utf-8
via: 1.1 varnish
cache-control: public, max-age=3600
etag: W/"3539-jk6C5rWCkU8UQF+gsY0gXpNxJJk"
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame A2C7 373 KB
152 KB 325ms
325ms Document
text/html 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?fundingSource=paypal&style.label=checkout&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=49&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVc4eHJJeml2Z0hHbjQyWC00aUhjdkRTTXU2bDFrdkNfWUpIemdkQVhVY2JTdno1SjZYa1hFcS1MeU9NMWxSclJlZ0U3WlQyU1UzdF9VU0EmY3VycmVuY3k9SUxTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2d3cmpheWNrb2tmZHVzb2lzbW52dG5odnFlanJmdiJ9fQ&clientID=AW8xrIzivgHGn42X-4iHcvDSMu6l1kvC_YJHzgdAXUcbSvz5J6XkXEq-LyOM1lRrRegE7ZT2SU3t_USA&sdkCorrelationID=f854657ffb835&storageID=uid_5460495f3c_mda6nda6mje&sessionID=uid_3cfc4a98f0_mda6nda6mje&buttonSessionID=uid_69d594b4e5_mda6nda6mje&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsIm1lcmNoYW50Q29uZmlnSGFzaCI6IiIsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOnRydWV9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=ILS&intent=capture&commit=true&vault=false&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AW8xrIzivgHGn42X-4iHcvDSMu6l1kvC_YJHzgdAXUcbSvz5J6XkXEq-LyOM1lRrRegE7ZT2SU3t_USA&currency=ILS&disable-funding=credit,card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3bfa4c2925da1d0df72b81aeca1e7ccf6f86b31f716b80ed8ccb0945b2cc34cd

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tajer.ps/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: none
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: br
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Tue, 12 Apr 2022 00:40:21 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"5d510-TE55QB+0vpInixbRQzYq+qfeNYI"
p3p: true
paypal-debug-id: f80502276c77c
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-served-by: cache-hhn4054-HHN
x-timer: S1649724022.583609,VS0,VE318
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 8F87 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 46ms
46ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 12 Apr 2022 00:40:21 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 204 generate_204
www.youtube.com/ Frame 5EF5 0
9 B 40ms
39ms Image
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?krZrcQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/vVJ1fi6KxVU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/vVJ1fi6KxVU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 00:40:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/100/ Frame 5EF5 52 KB
15 KB 89ms
42ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/100/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30b6e85cb864024d05a4778952ea29bc0612dc2f73e68354ae9ac3375eab7132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 10:54:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15463
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 16:04:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 12 Apr 2022 10:54:13 GMT

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame A2C7 336 KB
104 KB 8ms
8ms Script
application/javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AW8xrIzivgHGn42X-4iHcvDSMu6l1kvC_YJHzgdAXUcbSvz5J6XkXEq-LyOM1lRrRegE7ZT2SU3t_USA&currency=ILS&disable-funding=credit,card

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.label=checkout&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=49&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVc4eHJJeml2Z0hHbjQyWC00aUhjdkRTTXU2bDFrdkNfWUpIemdkQVhVY2JTdno1SjZYa1hFcS1MeU9NMWxSclJlZ0U3WlQyU1UzdF9VU0EmY3VycmVuY3k9SUxTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2d3cmpheWNrb2tmZHVzb2lzbW52dG5odnFlanJmdiJ9fQ&clientID=AW8xrIzivgHGn42X-4iHcvDSMu6l1kvC_YJHzgdAXUcbSvz5J6XkXEq-LyOM1lRrRegE7ZT2SU3t_USA&sdkCorrelationID=f854657ffb835&storageID=uid_5460495f3c_mda6nda6mje&sessionID=uid_3cfc4a98f0_mda6nda6mje&buttonSessionID=uid_69d594b4e5_mda6nda6mje&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsIm1lcmNoYW50Q29uZmlnSGFzaCI6IiIsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOnRydWV9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=ILS&intent=capture&commit=true&vault=false&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

944af85256e8ee369da515d3f77f96c233314c0ad2c61a04e3e8af5cd3e14be3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-BXD19gXmwjd5S8HD7dky2r0eFGDmCBI2l2QbHI0kUBfUfsvJ' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-BXD19gXmwjd5S8HD7dky2r0eFGDmCBI2l2QbHI0kUBfUfsvJ' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.label=checkout&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=49&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVc4eHJJeml2Z0hHbjQyWC00aUhjdkRTTXU2bDFrdkNfWUpIemdkQVhVY2JTdno1SjZYa1hFcS1MeU9NMWxSclJlZ0U3WlQyU1UzdF9VU0EmY3VycmVuY3k9SUxTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2d3cmpheWNrb2tmZHVzb2lzbW52dG5odnFlanJmdiJ9fQ&clientID=AW8xrIzivgHGn42X-4iHcvDSMu6l1kvC_YJHzgdAXUcbSvz5J6XkXEq-LyOM1lRrRegE7ZT2SU3t_USA&sdkCorrelationID=f854657ffb835&storageID=uid_5460495f3c_mda6nda6mje&sessionID=uid_3cfc4a98f0_mda6nda6mje&buttonSessionID=uid_69d594b4e5_mda6nda6mje&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsIm1lcmNoYW50Q29uZmlnSGFzaCI6IiIsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOnRydWV9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=ILS&intent=capture&commit=true&vault=false&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-BXD19gXmwjd5S8HD7dky2r0eFGDmCBI2l2QbHI0kUBfUfsvJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-BXD19gXmwjd5S8HD7dky2r0eFGDmCBI2l2QbHI0kUBfUfsvJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
age: 1
via: 1.1 varnish
x-cache: HIT
p3p: true
paypal-debug-id: f735934d71a81
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 105757
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4054-HHN
x-timer: S1649724022.931823,VS0,VE1
x-frame-options: SAMEORIGIN
date: Tue, 12 Apr 2022 00:40:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"19d1d-cDyic3zWzHp7fnxjUvTBNhKhEXI"
accept-ranges: bytes
x-cache-hits: 1

GET
DATA 200
OK truncated
/ Frame A2C7 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
16 KB 8ms
7ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=www.tajer.ps&t=xo&v=5.0.303&source=payments_sdk&client_id=AW8xrIzivgHGn42X-4iHcvDSMu6l1kvC_YJHzgdAXUcbSvz5J6XkXEq-LyOM1lRrRegE7ZT2SU3t_USA&vault=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F14) /

Resource Hash

a4b749626aab6395c52aed1a8016aa5f6c4c8ca60cf771c0d8ce54202a53e725

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tajer.ps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 00:40:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 213d2c2043f7e
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 16529
last-modified: Thu, 10 Mar 2022 18:16:31 GMT
server: ECAcc (frc/8F14)
etag: "622a407f-dad7"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 12 Apr 2022 01:40:22 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
620 B 195ms
154ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3A7A9AT7TLSC3L2-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3A7A9AT7TLSC3L2-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=f549eddd-5e50-4d7b-a5ff-b25eb343b294&fltp=analytics&mrid=7A9AT7TLSC3L2&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=TAJER.PS%20CONTACTLESS%20ORDERING%20SOLUTION%20%D8%A8%D8%B1%D9%86%D8%A7%D9%85%D8%AC%20%D8%AA%D8%A7%D8%AC%D8%B1%20%D8%A7%D9%84%D9%81%D9%84%D8%B3%D8%B7%D9%8A%D9%86%D9%8A%20%D9%84%D8%AD%D9%84%D9%88%D9%84%20%D8%A7%D9%84%D8%B7%D9%84%D8%A8%D8%A7%D8%AA%20%D8%A7%D9%84%D9%84%D8%A7%D8%AA%D9%84%D8%A7%D9%85%D8%B3%D9%8A%D8%A9&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1649724022031&g=0&completeurl=https%3A%2F%2Fwww.tajer.ps%2F

Requested by

Host: www.tajer.ps
URL: https://www.tajer.ps/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F64) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tajer.ps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Apr 2022 00:40:22 GMT
content-type: image/gif
server: ECAcc (frc/8F64)
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 2281287bd1aaa
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=147
timing-allow-origin: *
content-length: 42
expires: Tue, 12 Apr 2022 00:40:22 GMT

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame 0DA7 54 KB
16 KB 8ms
8ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F27) /

Resource Hash

1b8f3d676f1df1ca5867197fb16660fe565e70b9c6cd4176985a522df98e6d14

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tajer.ps/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16790
content-type: text/html
date: Tue, 12 Apr 2022 00:40:22 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "622a407f-d994"
expires: Tue, 12 Apr 2022 01:40:22 GMT
last-modified: Thu, 10 Mar 2022 18:16:31 GMT
paypal-debug-id: 44948ac2f2a19
server: ECAcc (frc/8F27)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

GET
H2 200 ts
t.paypal.com/ 42 B
445 B 151ms
151ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A7A9AT7TLSC3L2-1&page=muse%3Aoffer%3A%3A%3A7A9AT7TLSC3L2-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=f549eddd-5e50-4d7b-a5ff-b25eb343b294&es=visitorInfoFlowStarted&mrid=7A9AT7TLSC3L2&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=TAJER.PS%20CONTACTLESS%20ORDERING%20SOLUTION%20%D8%A8%D8%B1%D9%86%D8%A7%D9%85%D8%AC%20%D8%AA%D8%A7%D8%AC%D8%B1%20%D8%A7%D9%84%D9%81%D9%84%D8%B3%D8%B7%D9%8A%D9%86%D9%8A%20%D9%84%D8%AD%D9%84%D9%88%D9%84%20%D8%A7%D9%84%D8%B7%D9%84%D8%A8%D8%A7%D8%AA%20%D8%A7%D9%84%D9%84%D8%A7%D8%AA%D9%84%D8%A7%D9%85%D8%B3%D9%8A%D8%A9&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1649724022109&g=0&completeurl=https%3A%2F%2Fwww.tajer.ps%2F

Requested by

Host: www.tajer.ps
URL: https://www.tajer.ps/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F64) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tajer.ps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Apr 2022 00:40:22 GMT
content-type: image/gif
server: ECAcc (frc/8F64)
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 8e403d1a9fb8
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=145
timing-allow-origin: *
content-length: 42
expires: Tue, 12 Apr 2022 00:40:22 GMT

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame 0DA7 434 B
2 KB 277ms
276ms Fetch
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9a672a168bb4956dd11fd77183640772917d90451f6a4cbd847e7c2f7dacd2fa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-P6logyGndEeS5m+HM+jpUI3/fOZLWvIohUpXf14YoynYGE0d' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-P6logyGndEeS5m+HM+jpUI3/fOZLWvIohUpXf14YoynYGE0d' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish
vary: Accept-Encoding
x-cache: MISS
paypal-debug-id: f805022599f5d
date: Tue, 12 Apr 2022 00:40:22 GMT
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4054-HHN
x-timer: S1649724022.308392,VS0,VE266
x-frame-options: SAMEORIGIN
etag: W/"1b2-n8lgqDIjTbj3TUYsMxLgMMQA0fo"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
content-encoding: br
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 181ms
161ms Preflight 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Tue, 12 Apr 2022 00:40:22 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f805022dd0d23
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4074-HHN
x-timer: S1649724022.145131,VS0,VE155

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame A2C7 56 KB
19 KB 116ms
9ms Script
application/javascript 23.45.107.81
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.107.81 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-45-107-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

cdd271b86f93710e10a49e074bacf5a5462ebad6af7ed4c9d2325682371960ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000, max-age=63072000
content-encoding: gzip
x-content-type-options: nosniff
surrogate-control: max-age=31536000
paypal-debug-id: de69f67a96bc7
server-timing: content-encoding;desc="gzip",x-cdn;desc="akamai"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 19339
etag: W/"62423b6b-de68"
last-modified: Mon, 28 Mar 2022 22:49:15 GMT
date: Tue, 12 Apr 2022 00:40:22 GMT
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, s-maxage=31536000
access-control-allow-credentials: false
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com, *
expires: Wed, 13 Apr 2022 00:40:22 GMT

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame A2C7 839 B
892 B 205ms
204ms Ping
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9f1ab07cdb6dd5c87a39c4618f924265573930275ff9a6b5a5cef91a9c32c4b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.label=checkout&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=49&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVc4eHJJeml2Z0hHbjQyWC00aUhjdkRTTXU2bDFrdkNfWUpIemdkQVhVY2JTdno1SjZYa1hFcS1MeU9NMWxSclJlZ0U3WlQyU1UzdF9VU0EmY3VycmVuY3k9SUxTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2d3cmpheWNrb2tmZHVzb2lzbW52dG5odnFlanJmdiJ9fQ&clientID=AW8xrIzivgHGn42X-4iHcvDSMu6l1kvC_YJHzgdAXUcbSvz5J6XkXEq-LyOM1lRrRegE7ZT2SU3t_USA&sdkCorrelationID=f854657ffb835&storageID=uid_5460495f3c_mda6nda6mje&sessionID=uid_3cfc4a98f0_mda6nda6mje&buttonSessionID=uid_69d594b4e5_mda6nda6mje&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsIm1lcmNoYW50Q29uZmlnSGFzaCI6IiIsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOnRydWV9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=ILS&intent=capture&commit=true&vault=false&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 12 Apr 2022 00:40:22 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f764893dc044b
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn4054-HHN
x-timer: S1649724023.685216,VS0,VE198
etag: W/"347-U2MuarRC+SjEWIkTNG1rK77mnC0"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame 238D 160 B
964 B 182ms
182ms Document
text/html 23.45.107.81
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.107.81 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-45-107-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 160
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
correlation-id: 96943a9f72920
date: Tue, 12 Apr 2022 00:40:22 GMT
paypal-debug-id: 96943a9f72920
server-timing: content-encoding;desc="",x-cdn;desc="akamai"
strict-transport-security: max-age=63072000
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/v2/ Frame 8528
Redirect Chain

https://b.stats.paypal.com/v2/counter.cgi?p=uid_3cfc4a98f0_mda6nda6mje&s=SMART_PAYMENT_BUTTONS
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_3cfc4a98f0_mda6nda6mje&s=SMART_PAYMENT_BUTTONS

42 B
299 B

106ms
33ms

Image
image/jpeg

64.4.245.84
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_3cfc4a98f0_mda6nda6mje&s=SMART_PAYMENT_BUTTONS
Requested by: Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.label=checkout&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=49&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVc4eHJJeml2Z0hHbjQyWC00aUhjdkRTTXU2bDFrdkNfWUpIemdkQVhVY2JTdno1SjZYa1hFcS1MeU9NMWxSclJlZ0U3WlQyU1UzdF9VU0EmY3VycmVuY3k9SUxTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2d3cmpheWNrb2tmZHVzb2lzbW52dG5odnFlanJmdiJ9fQ&clientID=AW8xrIzivgHGn42X-4iHcvDSMu6l1kvC_YJHzgdAXUcbSvz5J6XkXEq-LyOM1lRrRegE7ZT2SU3t_USA&sdkCorrelationID=f854657ffb835&storageID=uid_5460495f3c_mda6nda6mje&sessionID=uid_3cfc4a98f0_mda6nda6mje&buttonSessionID=uid_69d594b4e5_mda6nda6mje&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsIm1lcmNoYW50Q29uZmlnSGFzaCI6IiIsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOnRydWV9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=ILS&intent=capture&commit=true&vault=false&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Protocol: HTTP/1.1
Server: 64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Tue, 12 Apr 2022 00:40:22 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_3cfc4a98f0_mda6nda6mje&s=SMART_PAYMENT_BUTTONS
Date: Tue, 12 Apr 2022 00:40:22 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 238D 56 KB
19 KB 10ms
9ms Script
application/javascript 23.45.107.81
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.107.81 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-45-107-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

cdd271b86f93710e10a49e074bacf5a5462ebad6af7ed4c9d2325682371960ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000, max-age=63072000
content-encoding: gzip
x-content-type-options: nosniff
surrogate-control: max-age=31536000
paypal-debug-id: de69f67a96bc7
server-timing: content-encoding;desc="gzip",x-cdn;desc="akamai"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 19339
etag: W/"62423b6b-de68"
last-modified: Mon, 28 Mar 2022 22:49:15 GMT
date: Tue, 12 Apr 2022 00:40:22 GMT
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, s-maxage=31536000
access-control-allow-credentials: false
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com, *
expires: Wed, 13 Apr 2022 00:40:22 GMT

GET
H2 200 pixel.js Show response
pt.wisernotify.com/ 110 KB
25 KB 71ms
29ms Script
text/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.wisernotify.com/pixel.js?ti=4rt2akki98qgmo
Requested by: Host: www.tajer.ps
URL: https://www.tajer.ps/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 700077c87b5f1d09e4b00d81693b1bca4632ff6322ba260a4126d033c5fc7610

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tajer.ps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=c83znw==, md5=w7yBVGGrLjyW+6inGZkSHQ==
date: Tue, 12 Apr 2022 00:40:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2520
x-guploader-uploadid: ADPycdujmNZOVAlLymv1mboOThT-0pznKN0yM-Q0frTZD-QJHTKOXmsX-T-RpYJok2QIGYj1b3CBT8cbWiVyTiAnQMOl9INeB-Fs
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 12 Apr 2022 00:54:55 GMT
last-modified: Thu, 07 Apr 2022 06:51:40 GMT
server: cloudflare
etag: W/"c3bc815461ab2e3c96fba8a71999121d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2F1Sny5VsZfLixtoJUkyoVYF8ijyKQPy8hVLRrNkkrNtqLDvXv3VXVty4i4Vj%2BvTrUaaVpe2tB9eUacIBtR6ZXiz1ffqHpOZGX2Nx8FW4afMA%2FxfFyzvaAxNMcCGh0bda4oD3ut8cTVy710M0BEmNDA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1649314300675519
access-control-allow-origin: *
content-type: text/javascript
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 112272
cf-ray: 6fa7e907ed159244-FRA
cf-bgj: minify

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame 238D 125 B
781 B 188ms
188ms XHR
application/json 23.45.107.81
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.107.81 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-45-107-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

04a8494d1623ef0f813975423487d568bc3cce9b35a4c4fe83b6e1e18447484f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 12 Apr 2022 00:40:23 GMT
correlation-id: c2d07defcc25f
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
strict-transport-security: max-age=63072000
content-type: application/json
paypal-debug-id: c2d07defcc25f
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="",x-cdn;desc="akamai"
timing-allow-origin: *
content-length: 125

POST
H2 200 e Show response
c.paypal.com/v1/r/d/b/ Frame 238D 15 B
253 B 192ms
191ms XHR
application/json 23.45.107.81
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.107.81 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-45-107-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 12 Apr 2022 00:40:23 GMT
correlation-id: 9ab0b45b29ceb
strict-transport-security: max-age=63072000
content-type: application/json
paypal-debug-id: 9ab0b45b29ceb
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="",x-cdn;desc="akamai"
timing-allow-origin: *
content-length: 15

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame 238D 0
297 B 239ms
182ms Image
text/plain 2606:2800:233:ce53:4396:b914:64c2:638e
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=uid_3cfc4a98f0_mda6nda6mje&s=SMART_PAYMENT_BUTTONS

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:ce53:4396:b914:64c2:638e , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F48) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 00:40:22 GMT
content-encoding: gzip
correlation-id: f5edac7691b9e
server: ECAcc (frc/8F48)
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: f5edac7691b9e
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=175
timing-allow-origin: *
vary: Accept-Encoding
content-length: 20

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame A2C7 836 B
1 KB 191ms
190ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AW8xrIzivgHGn42X-4iHcvDSMu6l1kvC_YJHzgdAXUcbSvz5J6XkXEq-LyOM1lRrRegE7ZT2SU3t_USA&currency=ILS&disable-funding=credit,card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6938f2c958a402f3f2a8eaef8d0ec040baff6f90a4c9492d99d7fe78101d559d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.label=checkout&style.layout=horizontal&style.color=gold&style.shape=rect&style.tagline=false&style.height=49&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVc4eHJJeml2Z0hHbjQyWC00aUhjdkRTTXU2bDFrdkNfWUpIemdkQVhVY2JTdno1SjZYa1hFcS1MeU9NMWxSclJlZ0U3WlQyU1UzdF9VU0EmY3VycmVuY3k9SUxTJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2d3cmpheWNrb2tmZHVzb2lzbW52dG5odnFlanJmdiJ9fQ&clientID=AW8xrIzivgHGn42X-4iHcvDSMu6l1kvC_YJHzgdAXUcbSvz5J6XkXEq-LyOM1lRrRegE7ZT2SU3t_USA&sdkCorrelationID=f854657ffb835&storageID=uid_5460495f3c_mda6nda6mje&sessionID=uid_3cfc4a98f0_mda6nda6mje&buttonSessionID=uid_69d594b4e5_mda6nda6mje&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsIm1lcmNoYW50Q29uZmlnSGFzaCI6IiIsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImhpcGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sImVsbyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX0sImpjYiI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6dHJ1ZX19LCJndWVzdEVuYWJsZWQiOmZhbHNlfSwidmVubW8iOnsiZWxpZ2libGUiOmZhbHNlfSwiaXRhdSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJjcmVkaXQiOnsiZWxpZ2libGUiOmZhbHNlfSwiYXBwbGVwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwic2VwYSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6dHJ1ZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOnRydWV9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=ILS&intent=capture&commit=true&vault=false&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
content-type: application/json

Response headers

date: Tue, 12 Apr 2022 00:40:23 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f7648934edf92
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn4054-HHN
x-timer: S1649724023.033360,VS0,VE184
etag: W/"344-fLPyb7EVNgxl+OyV7PvfLTy8ZpI"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 816 B
1 KB 174ms
174ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AW8xrIzivgHGn42X-4iHcvDSMu6l1kvC_YJHzgdAXUcbSvz5J6XkXEq-LyOM1lRrRegE7ZT2SU3t_USA&currency=ILS&disable-funding=credit,card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

64c7c3851913b1c4b0134f4c62c209ff7ba4fbf76d78c31a8a180bfc30b87663

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.tajer.ps/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
content-type: application/json

Response headers

date: Tue, 12 Apr 2022 00:40:23 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f764893d872a5
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn4074-HHN
x-timer: S1649724023.191632,VS0,VE168
etag: W/"330-71tjHKYkEYDA3w2GO5DjZ6qSrTM"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tajer.ps
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 156ms
155ms Preflight 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tajer.ps
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

accept-ranges: none
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.tajer.ps
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: br
date: Tue, 12 Apr 2022 00:40:23 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f764893e7d308
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: accept-encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn4074-HHN
x-timer: S1649724023.035730,VS0,VE149

GET
H3 200 pixel.css
pt.wisernotify.com/ 200 KB
32 KB 26ms
14ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.wisernotify.com/pixel.css
Requested by: Host: pt.wisernotify.com
URL: https://pt.wisernotify.com/pixel.js?ti=4rt2akki98qgmo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4b282811576530de63202edc010b07be10a21b10a24fbe2296e349db8486faf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tajer.ps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-goog-hash: crc32c=ROUReA==, md5=uRnIAYwIvPzwT5ehmoLY2w==
date: Tue, 12 Apr 2022 00:40:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2729
cf-polished: origSize=205993
x-guploader-uploadid: ADPycdvkgZVR6lVmA6k5Zdazu6wpdfiJCDpTtxSE0tdErd9qlz1VEnfCuPJLyxYfPqjfJ8F5a2TOP_N1-GoroZ2P8UbCbO3uCsGb
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 12 Apr 2022 00:54:54 GMT
last-modified: Tue, 05 Apr 2022 11:21:31 GMT
server: cloudflare
etag: W/"b919c8018c08bcfcf04f97a19a82d8db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=limMr3A%2Blk%2BrIzEjKcw3SeMhI%2FQEL6kxpunJl3h0MBSka0xonUdLVw7NlA9%2F%2FDVjfKq%2Bj1P1wWtElYDyfT6jWnhQWuyv0Bj1i9WRrnM2ngypjjCmW1s4y2IXdw%2BC7xQ%2FSv4olgPMZ1JSiCn022H07%2Fw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1649157691681623
access-control-allow-origin: *
content-type: text/css
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 205993
cf-ray: 6fa7e90839965c0e-FRA
cf-bgj: minify

GET
H/1.1 200
OK checkLimit Show response
ns.wisermapp.com/api/ 48 B
412 B 597ms
131ms XHR
application/json 20.40.202.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ns.wisermapp.com/api/checkLimit?ti=4rt2akki98qgmo&vid=e3ca6042-3595-06f0-f3fc-68c51d704e18
Requested by: Host: pt.wisernotify.com
URL: https://pt.wisernotify.com/pixel.js?ti=4rt2akki98qgmo
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.19 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 8f5aa5446714ef9b2115b90423ad0d8c642ea87a69a64bc7569ab71e133caf43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tajer.ps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Tue, 12 Apr 2022 00:40:22 GMT
X-Powered-By: Express
ETag: W/"30-7u+oIeqPZZ+rbM/jr/2u9jT/4gI"
Content-Type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: true
Content-Length: 48
request-context: appId=cid-v1:8abb5fcd-0732-4119-9949-7fb4d5b817c8

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 5EF5 28 B
54 B 54ms
53ms XHR
application/json 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/1e29bfc0/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/vVJ1fi6KxVU
X-YouTube-Client-Version: 1.20220410.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgs1c1NnQ29rVUp0RSj0lNOSBg%3D%3D
X-YouTube-Ad-Signals: dt=1649724020659&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C840%2C500&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 12 Apr 2022 00:40:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 12 Apr 2022 00:40:23 GMT

POST
H/1.1 200
OK getData Show response
ns.wisermapp.com/api/ 15 KB
15 KB 141ms
141ms XHR
application/json 20.40.202.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ns.wisermapp.com/api/getData
Requested by: Host: pt.wisernotify.com
URL: https://pt.wisernotify.com/pixel.js?ti=4rt2akki98qgmo
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.19 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash: 7ebee5c51b4eef680335c39f90e2f4da855d3009e0b1e1d75c53d79bac414b48

Request headers

Referer: https://www.tajer.ps/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type: application/json

Response headers

Date: Tue, 12 Apr 2022 00:40:26 GMT
X-Powered-By: Express
ETag: W/"3b9d-GyUQqrlhUCk0+fSjOZvK/9sEJ3s"
Content-Type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: true
Content-Length: 15261
request-context: appId=cid-v1:8abb5fcd-0732-4119-9949-7fb4d5b817c8

OPTIONS
H/1.1 204
No Content getData
ns.wisermapp.com/api/ Frame 0
0 123ms
123ms Preflight 20.40.202.19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ns.wisermapp.com/api/getData
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.40.202.19 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tajer.ps
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Date: Tue, 12 Apr 2022 00:40:25 GMT
Vary: Access-Control-Request-Headers
X-Powered-By: Express
request-context: appId=cid-v1:8abb5fcd-0732-4119-9949-7fb4d5b817c8

GET
H/1.1 200
OK json Show response
pro.ip-api.com/ 305 B
461 B 44ms
7ms XHR
application/json 51.77.64.70

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json?key=J7D8MFF4nA1BdkR
Requested by: Host: pt.wisernotify.com
URL: https://pt.wisernotify.com/pixel.js?ti=4rt2akki98qgmo
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e0e78fe0a0314d67d0a4e715334e2160117413581369943ff4252d8e3026b52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tajer.ps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 12 Apr 2022 00:40:26 GMT
Content-Length: 305
Content-Type: application/json; charset=utf-8

GET
H/1.1 200
OK json Show response
pro.ip-api.com/ 305 B
461 B 37ms
7ms XHR
application/json 51.77.64.70

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json?key=J7D8MFF4nA1BdkR
Requested by: Host: pt.wisernotify.com
URL: https://pt.wisernotify.com/pixel.js?ti=4rt2akki98qgmo
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.77.64.70 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e0e78fe0a0314d67d0a4e715334e2160117413581369943ff4252d8e3026b52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tajer.ps/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 12 Apr 2022 00:40:26 GMT
Content-Length: 305
Content-Type: application/json; charset=utf-8

OPTIONS
H2 201 logDetail
us-east1-wisernotify.cloudfunctions.net/reports/ Frame 0
0 241ms
138ms Preflight
application/json 2001:4860:4802:36::36

General

Check archive.org

Show headers Download Go to

Full URL: https://us-east1-wisernotify.cloudfunctions.net/reports/logDetail
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 -, , ASN (),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tajer.ps
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 22
content-type: application/json; charset=utf-8
date: Tue, 12 Apr 2022 00:40:27 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
function-execution-id: b3gg3isx9agx
server: Google Frontend
x-cloud-trace-context: 84fece71ec1f720a138173eccaf6746a

OPTIONS
H2 201 log
us-east1-wisernotify.cloudfunctions.net/reports/ Frame 0
0 238ms
136ms Preflight
application/json 2001:4860:4802:36::36

General

Check archive.org

Show headers Download Go to

Full URL: https://us-east1-wisernotify.cloudfunctions.net/reports/log
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 -, , ASN (),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tajer.ps
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 22
content-type: application/json; charset=utf-8
date: Tue, 12 Apr 2022 00:40:27 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
function-execution-id: vx1y08uez7ks
server: Google Frontend
x-cloud-trace-context: da4485d48eaa877dbe41c9b648532fee

POST
H3 201 logDetail
us-east1-wisernotify.cloudfunctions.net/reports/ 6 B
45 B 208ms
137ms XHR
application/json 2001:4860:4802:36::36

General

Check archive.org

Show headers Download Go to

Full URL: https://us-east1-wisernotify.cloudfunctions.net/reports/logDetail
Requested by: Host: pt.wisernotify.com
URL: https://pt.wisernotify.com/pixel.js?ti=4rt2akki98qgmo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::36 -, , ASN (),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Referer: https://www.tajer.ps/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type: application/json

Response headers

date: Tue, 12 Apr 2022 00:40:27 GMT
content-encoding: gzip
server: Google Frontend
access-control-allow-headers: Content-Type
etag: W/"6-JBls4FkQjfZ7VowtRNIdA6ELOsw"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: a1c2d2d0b34d58f2656d4adad7dcfbd2
cache-control: private
function-execution-id: b3ggb0iqqq8n
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26

POST
H3 201 log Show response
us-east1-wisernotify.cloudfunctions.net/reports/ 2 B
41 B 207ms
135ms XHR
application/json 2001:4860:4802:36::36

General

Check archive.org

Show headers Download Go to

Full URL: https://us-east1-wisernotify.cloudfunctions.net/reports/log
Requested by: Host: pt.wisernotify.com
URL: https://pt.wisernotify.com/pixel.js?ti=4rt2akki98qgmo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::36 -, , ASN (),
Reverse DNS
Software: Google Frontend /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.tajer.ps/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type: application/json

Response headers

date: Tue, 12 Apr 2022 00:40:27 GMT
content-encoding: gzip
server: Google Frontend
access-control-allow-headers: Content-Type
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: a46b0bec813e16665c2a5050f2d1d8c7
cache-control: private
function-execution-id: vx1yepofbex3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: web.facebook.com
URL: https://web.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a8f611577e214%26domain%3Dwww.tajer.ps%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.tajer.ps%252Ff199b1e1d01b694%26relation%3Dparent.parent&current_url=https%3A%2F%2Fwww.tajer.ps%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=ar_AR&log_id=dc50f781-c8fa-4fa0-86c6-a7ba2383b26a&page_id=102559262231236&request_time=1649724020309&sdk=joey&suppress_http_code=1

Domain: web.facebook.com
URL: https://web.facebook.com/plugins/customer_chat/facade/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a8f611577e214%26domain%3Dwww.tajer.ps%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.tajer.ps%252Ff199b1e1d01b694%26relation%3Dparent.parent&current_url=https%3A%2F%2Fwww.tajer.ps%2F&is_loaded_by_facade=true&locale=ar_AR&log_id=dc50f781-c8fa-4fa0-86c6-a7ba2383b26a&page_id=102559262231236&request_time=1649724020309&sdk=joey&suppress_http_code=1

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.tajer.ps/	1969-12-31 23:59:59	Name: swipepages_user Value: wihd70z94yl1vf34ve
www.tajer.ps/	1969-12-31 23:59:59	Name: 61234962a8c76e0010a7d75b Value: 61234962a8c76e0010a7d75d
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: ZwuT9scstw8
.youtube.com/	1970-01-20 06:34:36	Name: VISITOR_INFO1_LIVE Value: 5sSgCokUJtE
.paypal.com/	1970-01-20 02:15:25	Name: l7_az Value: dcg15.slc
.paypal.com/	1970-01-21 04:32:12	Name: ts_c Value: vr%3D1b36dba51800a7887166a6d2fcfae326%26vt%3D1b36dba51800a7887166a6d2fcfae325
.paypal.com/	1970-01-20 11:01:00	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1970-01-20 02:15:55	Name: LANG Value: de_DE%3BDE
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY0OTcyNDAyMjQ4NSIsImwiOiIwIiwibSI6IjAifQ
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3AsDyVi87Fj5gHkaPv1vfpqechC6RFTfFv.Axe2Yi5m7c7pARRABuW2DoU1U1livWvGAGzY8wuEroM
.paypalobjects.com/	1970-01-20 02:16:50	Name: paypal-offers--cust Value: null:null:null
.paypal.com/	1970-01-20 02:19:43	Name: tsrce Value: loggernodeweb
.c.paypal.com/	1970-01-21 22:03:24	Name: sc_f Value: pxFpYBecMtZrMeJlLvgpPP9r-CXUDG50G2We2acVMvzmov7wZGD2LpJBIKNDtkoj4VuivxKSXEGJQ7ngBlREbzngncLbffOdgfy1uW
.paypal.com/	1970-01-27 09:27:24	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: M5dgJkgZ3v0m1Lkhc2tJ2VlpJdxqAUtQSSuYq5ffK57EN0OHM071vUYJBp8BFFz-9QYfFKX1uc9j0Byr
.paypal.com/	1970-01-21 04:32:12	Name: ts Value: vreXpYrS%3D1744418423%26vteXpYrS%3D1649725823%26vr%3D1b36dba51800a7887166a6d2fcfae326%26vt%3D1b36dba51800a7887166a6d2fcfae325%26vtyp%3Dnew

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.tajer.ps/ Message: Access to XMLHttpRequest at 'https://web.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a8f611577e214%26domain%3Dwww.tajer.ps%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.tajer.ps%252Ff199b1e1d01b694%26relation%3Dparent.parent&current_url=https%3A%2F%2Fwww.tajer.ps%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=ar_AR&log_id=dc50f781-c8fa-4fa0-86c6-a7ba2383b26a&page_id=102559262231236&request_time=1649724020309&sdk=joey&suppress_http_code=1' from origin 'https://www.tajer.ps' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://web.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a8f611577e214%26domain%3Dwww.tajer.ps%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.tajer.ps%252Ff199b1e1d01b694%26relation%3Dparent.parent&current_url=https%3A%2F%2Fwww.tajer.ps%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=ar_AR&log_id=dc50f781-c8fa-4fa0-86c6-a7ba2383b26a&page_id=102559262231236&request_time=1649724020309&sdk=joey&suppress_http_code=1 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.tajer.ps/ Message: Access to XMLHttpRequest at 'https://web.facebook.com/plugins/customer_chat/facade/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a8f611577e214%26domain%3Dwww.tajer.ps%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.tajer.ps%252Ff199b1e1d01b694%26relation%3Dparent.parent&current_url=https%3A%2F%2Fwww.tajer.ps%2F&is_loaded_by_facade=true&locale=ar_AR&log_id=dc50f781-c8fa-4fa0-86c6-a7ba2383b26a&page_id=102559262231236&request_time=1649724020309&sdk=joey&suppress_http_code=1' from origin 'https://www.tajer.ps' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://web.facebook.com/plugins/customer_chat/facade/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1a8f611577e214%26domain%3Dwww.tajer.ps%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.tajer.ps%252Ff199b1e1d01b694%26relation%3Dparent.parent&current_url=https%3A%2F%2Fwww.tajer.ps%2F&is_loaded_by_facade=true&locale=ar_AR&log_id=dc50f781-c8fa-4fa0-86c6-a7ba2383b26a&page_id=102559262231236&request_time=1649724020309&sdk=joey&suppress_http_code=1 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://media.swipepages.com/2020/2/section-hero-img-150.webp Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.swipepages.com
assets.swipepages.com
b.stats.paypal.com
bestdelivery.store
c.paypal.com
c6.paypal.com
connect.facebook.net
dub.stats.paypal.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
media.swipepages.com
ns.wisermapp.com
pro.ip-api.com
pt.wisernotify.com
scripts.swipepages.com
static.doubleclick.net
swipepages-assets.ams3.digitaloceanspaces.com
t.paypal.com
us-east1-wisernotify.cloudfunctions.net
web.facebook.com
www.google.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.tajer.ps
www.youtube.com
yt3.ggpht.com
web.facebook.com
138.199.37.226
151.101.65.21
165.227.246.253
185.152.64.17
192.229.221.25
20.40.202.19
2001:4860:4802:36::36
23.45.107.81
2606:2800:233:ce53:4396:b914:64c2:638e
2a00:1450:4001:808::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2006
2a00:1450:4001:813::200a
2a00:1450:4001:828::2003
2a00:1450:4001:829::2004
2a00:1450:4001:829::2016
2a00:1450:4001:830::2001
2a01:4f8:271:1882::2
2a03:2880:f01c:8012:face:b00c:0:3
2a06:98c1:3120::7
5.101.110.225
51.77.64.70
64.4.245.84
00176c1f5d2ff166bd762d04571eb21926a86df0f058fea18122abb1f93b004e
04a8494d1623ef0f813975423487d568bc3cce9b35a4c4fe83b6e1e18447484f
054b38893a2d1d9fc1e62345bc13475f0108f0767cdb1cca6a08425c0348853a
0d45830b209a9493335087461a5174631e75d6f4484fc2fcb4b12a493f97110f
0f24e8cc67eeba64148cb7243e9d425c54f1f1de58e6a3b266551b8cb3399346
163abc022ac412402c1198f92c4bc8f4926e9b9acfb83ab6c9819f2fe2b946c3
1b8f3d676f1df1ca5867197fb16660fe565e70b9c6cd4176985a522df98e6d14
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
273d52316869dec31cbafb63a326ae18ab6b1233b30f52921b08686e0d0ed7b4
2998491ebbbc654593012bf8740a6bcf09dceb6bd99ab53ccde00fdbec336159
2c33d7b78fd53f2191205377401683a9b22da61eecbb146fcec6536e15cd8214
30b6e85cb864024d05a4778952ea29bc0612dc2f73e68354ae9ac3375eab7132
3a1430fbbcaa28829fe12a704708bb7e9fb11f0e6007ee9372afcbc0578ca19c
3bfa4c2925da1d0df72b81aeca1e7ccf6f86b31f716b80ed8ccb0945b2cc34cd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e969f43185e9d996e4609c2c5de663ef70cef881843a915660a113194ef3ae8
44f84dd48e44b694b0034331bf951303c002a911356ed9d071f361c834d2de65
461091ed8184dcc510916f86afd5c1cdc1a8485052692217c7bfa8fb539fdb57
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
49791a696302b5112cec6f474d4d188ec3da019fab43b744b558c8b5e6644785
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4d2a4f63518abbd021ab1d1830a0b6f690b2f5b97e0414f3587518b1fe56af2b
4fb0201eb648ada7265dc5c9bb6c5a4cfcf49364b4a9bec976557bb6c2369a18
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
621c8ba1d0427bdaadf84ab9074947663a0f72df7701436f6aa26383234b451d
62b2716f77c60acf6694e1614425fea4c69290771266b2baa6e04768a0fb83e8
64c7c3851913b1c4b0134f4c62c209ff7ba4fbf76d78c31a8a180bfc30b87663
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6938f2c958a402f3f2a8eaef8d0ec040baff6f90a4c9492d99d7fe78101d559d
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6e0e78fe0a0314d67d0a4e715334e2160117413581369943ff4252d8e3026b52
700077c87b5f1d09e4b00d81693b1bca4632ff6322ba260a4126d033c5fc7610
745ceabc71fc51c9e19807a454ec780584da7f59f0f568edd02562343749c0b9
748e309ba78ba043a16ffc6f3afb440543b0e1c2330c8b177a30042850511e52
74a1e872a7a5469b7f80b162d41a77f9317a3e79d5580d2925d6d0bdffb17580
7a38b6eb50c592ad6fad2f179f8f11206d14de473b3f497387a8320e0c079d5d
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
7d868d799676418a86d5ac129b91f44209e52c36bc3ee34c19e05ba25ed6bca7
7ebee5c51b4eef680335c39f90e2f4da855d3009e0b1e1d75c53d79bac414b48
81dc71801e1a69afb7c3de1bb81d01adcc504b4b1f1bbe233fcfbfd86e7c9339
82e02531ea4f45cbff2c0f71004344e4872380162a8128e9e523f97c73cf8d81
874d9281aea11a0ce978a57199d98cf7d4899929f484aae171496c0012c8d346
89d58fdff13041d4c1df61f7de952d3932f3daa36ae7deaac5a6566c9ca0a75f
8bbff8ee36dc1f786f149fd92394bf03ebf46de15edb7de7c54d733c97d6a6db
8f5aa5446714ef9b2115b90423ad0d8c642ea87a69a64bc7569ab71e133caf43
8f66119cffef94550b650ff234fc950e149e5f31dab5ffa48a3155e5c1b7c616
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
944af85256e8ee369da515d3f77f96c233314c0ad2c61a04e3e8af5cd3e14be3
976862397ada7e28a1fb279f3d831115c95d58cd9df2b7ee46918f8133a0abfb
9a672a168bb4956dd11fd77183640772917d90451f6a4cbd847e7c2f7dacd2fa
9d765c99432a9e77d57be5f6be974fe5f315c2468c861b21e9aea721d7ba405a
9f1ab07cdb6dd5c87a39c4618f924265573930275ff9a6b5a5cef91a9c32c4b4
a438c03a8281036c5669b91c1ce9c99a80ea3f1554b86387fc7e6b628b168ec3
a4b282811576530de63202edc010b07be10a21b10a24fbe2296e349db8486faf
a4b749626aab6395c52aed1a8016aa5f6c4c8ca60cf771c0d8ce54202a53e725
a95e646a5365bdbebbf1cc041e89e2a8342724bd7d45852a658746d00457620a
bd040a9506a3805bd492a729bc7a28a8deb8260f710329b18314b9db58208fa3
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c0b5a69211ade3584428bd36a49eddf27090b282d75541e148bfef954666cd2e
c4b2bb9f7daf4f2f3ef930ec5eccec7ef32af9930cd2e454fb51fb1bf26bb2e8
cdd271b86f93710e10a49e074bacf5a5462ebad6af7ed4c9d2325682371960ae
ce2599a1d88ac7b6beab2d4b6f1ba3480b94ce5bd1413350e3d88e8ad5d9d1b4
d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d7e7e9011c4b157fd800f018124422887f75a321aa85c8eb826558d94773be87
ddeec3b7e34d0f495f9750969f041329de8eb9be890b0dbaf3422bc35943249c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a30ab007939335bbf745c994f81fa69e554b02a85b310fbd583530ad317ad0
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
efde570c091135a8e32f0ec295e70750b24254d3ce4e959d7eca260cedb72c89
fcecb97c12786d7a9387a81e74e4179790fd84425c9c75be1aec3aed645bf6e2
fd5c16b281cc99e07e944ae32e20bdbb5262adf1c2f1efdf84e9667febe4dc2b
fdda3819a058f07fb78560d26e2db7115b404e7958eaec963bc0630b4baefea0

www.tajer.ps Open in urlscan Pro 138.199.37.226 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

88 Requests

95 %HTTPS

58 %IPv6

19 Domains

30 Subdomains

24 IPs

3 Countries

2038 kBTransfer

5701 kBSize

15 Cookies

7 Outgoing links

Page URL History

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.tajer.ps Open in urlscan Pro
138.199.37.226 Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

95 %
HTTPS

58 %
IPv6

19
Domains

30
Subdomains

24
IPs

3
Countries

2038 kB
Transfer

5701 kB
Size

15
Cookies

88 HTTP transactions
5 data transactions