signup.bluetiehome.com Open in urlscan Pro
71.19.237.17 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bluetiehome.com/
Effective URL:
https://signup.bluetiehome.com/
Submission: On December 22 via api (December 22nd 2022, 3:55:21 pm UTC) from US — Scanned from DE

Summary HTTP 50 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 7 domains to perform 50 HTTP transactions. The main IP is 71.19.237.17, located in United States and belongs to BIRD-HOSTING, US. The main domain is signup.bluetiehome.com.
TLS certificate: Issued by Thawte RSA CA 2018 on December 20th 2022. Valid for: 9 months.

This is the only time signup.bluetiehome.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 15	71.19.237.17 71.19.237.17	19133 (BIRD-HOSTING) (BIRD-HOSTING)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
12	151.101.193.21 151.101.193.21	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:400d:803::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
7	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 2	64.4.245.84 64.4.245.84	17012 (PAYPAL) (PAYPAL)
1	2606:2800:233... 2606:2800:233:ce53:4396:b914:64c2:638e	15133 (EDGECAST) (EDGECAST)
50	12

15 71.19.237.17 (United States) 2 redirects

ASN19133 (BIRD-HOSTING, US)
PTR: 17.237.19.71.in-addr.arpa

bluetiehome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
signup.bluetiehome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.193.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.245.84 (United States) 1 redirects

ASN17012 (PAYPAL, US)

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:ce53:4396:b914:64c2:638e (United States)

ASN15133 (EDGECAST, US)

c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	paypal.com 1 redirects www.paypal.com — Cisco Umbrella Rank: 2180 t.paypal.com — Cisco Umbrella Rank: 2855 c.paypal.com — Cisco Umbrella Rank: 5158 b.stats.paypal.com — Cisco Umbrella Rank: 4680 dub.stats.paypal.com — Cisco Umbrella Rank: 22100 c6.paypal.com — Cisco Umbrella Rank: 5997	388 KB
15	bluetiehome.com 2 redirects bluetiehome.com signup.bluetiehome.com	392 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	383 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2	59 KB
2	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2008	33 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	43 KB
50	7

	Domain	Requested by
13	signup.bluetiehome.com	signup.bluetiehome.com
12	www.paypal.com	signup.bluetiehome.com www.paypal.com www.paypalobjects.com
5	c.paypal.com	www.paypal.com c.paypal.com
5	www.google.com	signup.bluetiehome.com www.gstatic.com www.google.com
4	www.gstatic.com	www.google.com www.gstatic.com
2	fonts.gstatic.com	www.google.com
2	t.paypal.com	signup.bluetiehome.com
2	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	bluetiehome.com	2 redirects
1	c6.paypal.com
1	dub.stats.paypal.com	www.paypal.com
1	b.stats.paypal.com	1 redirects
1	www.googletagmanager.com	signup.bluetiehome.com
50	14

This site contains links to these domains. Also see Links.

Domain
support.bluetiehome.com
bluetie.com
moreinfo.bluetiehome.com
login.bluetiehome.com

Subject Issuer	Validity	Valid
bluetie.com Thawte RSA CA 2018	`2022-12-20` - `2023-10-03`	9 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-11-10` - `2023-11-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA	`2022-10-13` - `2023-11-13`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://signup.bluetiehome.com/
Frame ID: CEEC5C43B7113459C170EFDFCD8E2C7E
Requests: 25 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?style.label=subscribe&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.344&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVIzaDk2cm1ZZnFtV19SeUJqM1BQNFVwTkpwaDRMeVktTjhZTVRzLUx4eFd0ejVhUFdHVHdqQVRfYTFEUlRWTkpBVG1zcjhNeTB6UUg3TzkmdmF1bHQ9dHJ1ZSZpbnRlbnQ9c3Vic2NyaXB0aW9uIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfZ3V4ZmNndnJocmFtdGh1aXN5dHh2emZqeXV0aGJ0In19&clientID=AR3h96rmYfqmW_RyBj3PP4UpNJph4LyY-N8YMTs-LxxWtz5aPWGTwjAT_a1DRTVNJATmsr8My0zQH7O9&sdkCorrelationID=0158353910603&storageID=uid_8976eae5f7_mtu6ntu6mty&sessionID=uid_f4da85d8b6_mtu6ntu6mty&buttonSessionID=uid_5980a0181b_mtu6ntu6mty&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=subscription_setup&currency=USD&intent=subscription&commit=true&vault=true&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Frame ID: 2EC36B0FA895AC3BC6469C08DED05C61
Requests: 7 HTTP requests in this frame

Frame: data://truncated
Frame ID: 7C3633E822A154C2BC975FABA7642546
Requests: 2 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: AADF341D59D91A5AAC02F09E078ACE33
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdeN5cUAAAAAGGF550pgJi53Oc2bgWlg9QzE3YE&co=aHR0cHM6Ly9zaWdudXAuYmx1ZXRpZWhvbWUuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=6lgogm1hx0dy
Frame ID: 86D7EF2425CE84CFC88F242F2EA8559F
Requests: 9 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: A1BD79BEC375929EFD38C22498EECFEF
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_f4da85d8b6_mtu6ntu6mty&s=SMART_PAYMENT_BUTTONS
Frame ID: B8DE3AE60B99F056E0A060B8E56C3C44
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Email Registration | BlueTieHome

Page URL History Show full URLs

http://bluetiehome.com/ HTTP 302
https://bluetiehome.com/ HTTP 302
https://signup.bluetiehome.com/ Page URL

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

50
Requests

98 %
HTTPS

55 %
IPv6

7
Domains

14
Subdomains

12
IPs

3
Countries

1317 kB
Transfer

2817 kB
Size

17
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://support.bluetiehome.com/
Title: Support

Search URL Search Domain Scan URL

URL: https://bluetie.com/legal/tos/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://bluetie.com/legal/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://moreinfo.bluetiehome.com/

Search URL Search Domain Scan URL

URL: https://login.bluetiehome.com/
Title: Login here.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bluetiehome.com/ HTTP 302
https://bluetiehome.com/ HTTP 302
https://signup.bluetiehome.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://b.stats.paypal.com/v2/counter.cgi?p=uid_f4da85d8b6_mtu6ntu6mty&s=SMART_PAYMENT_BUTTONS HTTP 302
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_f4da85d8b6_mtu6ntu6mty&s=SMART_PAYMENT_BUTTONS

50 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
signup.bluetiehome.com/
Redirect Chain

http://bluetiehome.com/
https://bluetiehome.com/
https://signup.bluetiehome.com/

12 KB
12 KB

398ms
97ms

Document
text/html

71.19.237.17
BIRD-HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://signup.bluetiehome.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 71.19.237.17 , United States, ASN19133 (BIRD-HOSTING, US),
Reverse DNS: 17.237.19.71.in-addr.arpa
Software: Apache/2.4.6 (CentOS) mod_wsgi/4.5.3 Python/3.4.3 PHP/5.4.16 / PHP/5.4.16
Resource Hash: 1291d0f11aae5b3d847c8e7dfd68896b8c61c00761d1370f522c9bd29643b0a0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-control: private
Connection: close
Content-Type: text/html; charset=UTF-8
Date: Thu, 22 Dec 2022 15:55:15 GMT
Server: Apache/2.4.6 (CentOS) mod_wsgi/4.5.3 Python/3.4.3 PHP/5.4.16
Transfer-Encoding: chunked
X-Powered-By: PHP/5.4.16

Redirect headers

Connection: close
Content-Length: 17
Content-Type: text/html; charset=UTF-8
Date: Thu, 22 Dec 2022 15:55:15 GMT
Location: https://signup.bluetiehome.com
Server: Apache/2.4.6 (CentOS) mod_wsgi/4.5.3 Python/3.4.3 PHP/5.4.16
X-Powered-By: PHP/5.4.16

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 137ms
51ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-159162385-1

Requested by

Host: signup.bluetiehome.com
URL: https://signup.bluetiehome.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7cfce1cee410fd9ae288e4b4c5d00042c82e0ecbed4fe230079c863fc0f021c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://signup.bluetiehome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 15:55:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43577
x-xss-protection: 0
last-modified: Thu, 22 Dec 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 22 Dec 2022 15:55:16 GMT

GET
H/1.1 200
OK all.min.css
signup.bluetiehome.com/fontawesome/css/ 170 KB
171 KB 365ms
183ms Stylesheet
text/css 71.19.237.17
BIRD-HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://signup.bluetiehome.com/fontawesome/css/all.min.css
Requested by: Host: signup.bluetiehome.com
URL: https://signup.bluetiehome.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 71.19.237.17 , United States, ASN19133 (BIRD-HOSTING, US),
Reverse DNS: 17.237.19.71.in-addr.arpa
Software: Apache/2.4.6 (CentOS) mod_wsgi/4.5.3 Python/3.4.3 PHP/5.4.16 /
Resource Hash: 839ce8e32e994f4fb4af526183b8f41ba67e47c7025746cc94e7e6a53d3d3453

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://signup.bluetiehome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 22 Dec 2022 15:55:16 GMT
Last-Modified: Wed, 21 Jul 2021 17:22:36 GMT
Server: Apache/2.4.6 (CentOS) mod_wsgi/4.5.3 Python/3.4.3 PHP/5.4.16
ETag: "2a8fd-5c7a56aa0af00"
Content-Type: text/css
Cache-control: private
Connection: close
Accept-Ranges: bytes
Content-Length: 174333

GET
H/1.1 200
OK update.css
signup.bluetiehome.com/css/ 1 KB
2 KB 274ms
92ms Stylesheet
text/css 71.19.237.17
BIRD-HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://signup.bluetiehome.com/css/update.css
Requested by: Host: signup.bluetiehome.com
URL: https://signup.bluetiehome.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 71.19.237.17 , United States, ASN19133 (BIRD-HOSTING, US),
Reverse DNS: 17.237.19.71.in-addr.arpa
Software: Apache/2.4.6 (CentOS) mod_wsgi/4.5.3 Python/3.4.3 PHP/5.4.16 /
Resource Hash: d8b7d8db622daf1e70cc57e2111cc13175c7c4018600662ab25c9cca1cdf798f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://signup.bluetiehome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 22 Dec 2022 15:55:16 GMT
Last-Modified: Wed, 21 Jul 2021 17:22:38 GMT
Server: Apache/2.4.6 (CentOS) mod_wsgi/4.5.3 Python/3.4.3 PHP/5.4.16
ETag: "4b7-5c7a56abf3380"
Content-Type: text/css
Cache-control: private
Connection: close
Accept-Ranges: bytes
Content-Length: 1207

GET
H/1.1 200
OK main.css
signup.bluetiehome.com/css/ 15 KB
15 KB 365ms
184ms Stylesheet
text/css 71.19.237.17
BIRD-HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://signup.bluetiehome.com/css/main.css
Requested by: Host: signup.bluetiehome.com
URL: https://signup.bluetiehome.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 71.19.237.17 , United States, ASN19133 (BIRD-HOSTING, US),
Reverse DNS: 17.237.19.71.in-addr.arpa
Software: Apache/2.4.6 (CentOS) mod_wsgi/4.5.3 Python/3.4.3 PHP/5.4.16 /
Resource Hash: 44c077a2a9e639b2320fc431f7fa8233b6b753d1033ac32563a3e62f5da4ec5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://signup.bluetiehome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 22 Dec 2022 15:55:16 GMT
Last-Modified: Tue, 16 Nov 2021 13:52:18 GMT
Server: Apache/2.4.6 (CentOS) mod_wsgi/4.5.3 Python/3.4.3 PHP/5.4.16
ETag: "3b09-5d0e83bcf8880"
Content-Type: text/css
Cache-control: private
Connection: close
Accept-Ranges: bytes
Content-Length: 15113

GET
H/1.1 200
OK reg.css
signup.bluetiehome.com/css/ 2 KB
2 KB 274ms
93ms Stylesheet
text/css 71.19.237.17
BIRD-HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://signup.bluetiehome.com/css/reg.css
Requested by: Host: signup.bluetiehome.com
URL: https://signup.bluetiehome.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 71.19.237.17 , United States, ASN19133 (BIRD-HOSTING, US),
Reverse DNS: 17.237.19.71.in-addr.arpa
Software: Apache/2.4.6 (CentOS) mod_wsgi/4.5.3 Python/3.4.3 PHP/5.4.16 /
Resource Hash: 24be2ed3adfa9051c2a426b06cd686813bd0868f95a20d1b64c7527fa642533c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://signup.bluetiehome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 22 Dec 2022 15:55:16 GMT
Last-Modified: Fri, 27 Aug 2021 02:55:21 GMT
Server: Apache/2.4.6 (CentOS) mod_wsgi/4.5.3 Python/3.4.3 PHP/5.4.16
ETag: "62f-5ca819d3a7840"
Content-Type: text/css
Cache-control: private
Connection: close
Accept-Ranges: bytes
Content-Length: 1583

GET
H/1.1 200
OK bthome_logo.svg
signup.bluetiehome.com/images/ 1 KB
2 KB 276ms
94ms Image
image/svg+xml 71.19.237.17
BIRD-HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://signup.bluetiehome.com/images/bthome_logo.svg
Requested by: Host: signup.bluetiehome.com
URL: https://signup.bluetiehome.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 71.19.237.17 , United States, ASN19133 (BIRD-HOSTING, US),
Reverse DNS: 17.237.19.71.in-addr.arpa
Software: Apache/2.4.6 (CentOS) mod_wsgi/4.5.3 Python/3.4.3 PHP/5.4.16 /
Resource Hash: 72a73ca5c81bb1376796b2901a31ef1453df47033404c3fa3e657ae7ab8ae016

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://signup.bluetiehome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 22 Dec 2022 15:55:16 GMT
Last-Modified: Wed, 21 Jul 2021 17:22:42 GMT
Server: Apache/2.4.6 (CentOS) mod_wsgi/4.5.3 Python/3.4.3 PHP/5.4.16
ETag: "578-5c7a56afc3c80"
Content-Type: image/svg+xml
Cache-control: private
Connection: close
Accept-Ranges: bytes
Content-Length: 1400

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
998 B 138ms
51ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LdeN5cUAAAAAGGF550pgJi53Oc2bgWlg9QzE3YE

Requested by

Host: signup.bluetiehome.com
URL: https://signup.bluetiehome.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

87b5c40a372824c7a264cb36dbcc15fe23b4e343bbcfd6c0f39bbd7b164f6b9a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://signup.bluetiehome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 15:55:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 585
x-xss-protection: 1; mode=block
expires: Thu, 22 Dec 2022 15:55:16 GMT

GET
H/1.1 200
OK register.js Show response
signup.bluetiehome.com/js/ 23 KB
23 KB 364ms
182ms Script
application/javascript 71.19.237.17
BIRD-HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://signup.bluetiehome.com/js/register.js
Requested by: Host: signup.bluetiehome.com
URL: https://signup.bluetiehome.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 71.19.237.17 , United States, ASN19133 (BIRD-HOSTING, US),
Reverse DNS: 17.237.19.71.in-addr.arpa
Software: Apache/2.4.6 (CentOS) mod_wsgi/4.5.3 Python/3.4.3 PHP/5.4.16 /
Resource Hash: 8990e01ec83b92151976fa2f788d0fecfae2095b5039d4d0735bf106224160e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://signup.bluetiehome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 22 Dec 2022 15:55:16 GMT
Last-Modified: Tue, 18 Jan 2022 14:41:49 GMT
Server: Apache/2.4.6 (CentOS) mod_wsgi/4.5.3 Python/3.4.3 PHP/5.4.16
ETag: "5ab2-5d5dc44e60540"
Content-Type: application/javascript
Cache-control: private
Connection: close
Accept-Ranges: bytes
Content-Length: 23218

GET
H/1.1 200
OK md5.js Show response
signup.bluetiehome.com/js/ 8 KB
8 KB 274ms
92ms Script
application/javascript 71.19.237.17
BIRD-HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://signup.bluetiehome.com/js/md5.js
Requested by: Host: signup.bluetiehome.com
URL: https://signup.bluetiehome.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 71.19.237.17 , United States, ASN19133 (BIRD-HOSTING, US),
Reverse DNS: 17.237.19.71.in-addr.arpa
Software: Apache/2.4.6 (CentOS) mod_wsgi/4.5.3 Python/3.4.3 PHP/5.4.16 /
Resource Hash: 6be2517d96180010505ae30aec599aa76bde1d409588468605ca0f78465ee453

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://signup.bluetiehome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 22 Dec 2022 15:55:16 GMT
Last-Modified: Wed, 21 Jul 2021 17:20:36 GMT
Server: Apache/2.4.6 (CentOS) mod_wsgi/4.5.3 Python/3.4.3 PHP/5.4.16
ETag: "2047-5c7a56379a100"
Content-Type: application/javascript
Cache-control: private
Connection: close
Accept-Ranges: bytes
Content-Length: 8263

GET
H2 200 js Show response
www.paypal.com/sdk/ 313 KB
93 KB 556ms
498ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AR3h96rmYfqmW_RyBj3PP4UpNJph4LyY-N8YMTs-LxxWtz5aPWGTwjAT_a1DRTVNJATmsr8My0zQH7O9&vault=true&intent=subscription

Requested by

Host: signup.bluetiehome.com
URL: https://signup.bluetiehome.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0dd142affc2f7d937b5ec8c8953e936366f68d13057dd91c1202f2c3524e641b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-JR8RYEEUc8ZMHDcwx2ev1pl1pN1Z3a7aTL+YvQjLhi6vd9lf' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-JR8RYEEUc8ZMHDcwx2ev1pl1pN1Z3a7aTL+YvQjLhi6vd9lf' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://signup.bluetiehome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-JR8RYEEUc8ZMHDcwx2ev1pl1pN1Z3a7aTL+YvQjLhi6vd9lf' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-JR8RYEEUc8ZMHDcwx2ev1pl1pN1Z3a7aTL+YvQjLhi6vd9lf' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 22 Dec 2022 15:55:16 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 0
x-cache: MISS
p3p: true
paypal-debug-id: f6477010659cd
server-timing: "traceparent;desc="00-0000000000000000000f6477010659cd-f9277285c61c0e4c-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 94236
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220095-HHN
traceparent: 00-0000000000000000000f6477010659cd-94218a34caf2a292-01
x-timer: S1671724516.995328,VS0,VE487
etag: W/"1701c-/WdArHN9mElRsgn8C3mAjaM732A"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK cookies.min.js Show response
signup.bluetiehome.com/js/ 758 B
1 KB 277ms
96ms Script
application/javascript 71.19.237.17
BIRD-HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://signup.bluetiehome.com/js/cookies.min.js
Requested by: Host: signup.bluetiehome.com
URL: https://signup.bluetiehome.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 71.19.237.17 , United States, ASN19133 (BIRD-HOSTING, US),
Reverse DNS: 17.237.19.71.in-addr.arpa
Software: Apache/2.4.6 (CentOS) mod_wsgi/4.5.3 Python/3.4.3 PHP/5.4.16 /
Resource Hash: bfc0ab09af7647937d2eb8bdb1e7443023ec16519cf0eb90ee055c8cd7430b46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://signup.bluetiehome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 22 Dec 2022 15:55:16 GMT
Last-Modified: Wed, 21 Jul 2021 17:20:36 GMT
Server: Apache/2.4.6 (CentOS) mod_wsgi/4.5.3 Python/3.4.3 PHP/5.4.16
ETag: "2f6-5c7a56379a100"
Content-Type: application/javascript
Cache-control: private
Connection: close
Accept-Ranges: bytes
Content-Length: 758

GET
H/1.1 200
OK plans.js Show response
signup.bluetiehome.com/js/ 9 KB
9 KB 276ms
95ms Script
application/javascript 71.19.237.17
BIRD-HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://signup.bluetiehome.com/js/plans.js
Requested by: Host: signup.bluetiehome.com
URL: https://signup.bluetiehome.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 71.19.237.17 , United States, ASN19133 (BIRD-HOSTING, US),
Reverse DNS: 17.237.19.71.in-addr.arpa
Software: Apache/2.4.6 (CentOS) mod_wsgi/4.5.3 Python/3.4.3 PHP/5.4.16 /
Resource Hash: 5c5b9dec3f5188aa74f7e5a5d77ab672f0befb913524ec628dcff7fbfb1ea157

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://signup.bluetiehome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 22 Dec 2022 15:55:16 GMT
Last-Modified: Tue, 25 Jan 2022 14:20:19 GMT
Server: Apache/2.4.6 (CentOS) mod_wsgi/4.5.3 Python/3.4.3 PHP/5.4.16
ETag: "234e-5d668c8e5cec0"
Content-Type: application/javascript
Cache-control: private
Connection: close
Accept-Ranges: bytes
Content-Length: 9038

GET
H/1.1 200
OK update.js Show response
signup.bluetiehome.com/js/ 9 KB
9 KB 274ms
93ms Script
application/javascript 71.19.237.17
BIRD-HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://signup.bluetiehome.com/js/update.js
Requested by: Host: signup.bluetiehome.com
URL: https://signup.bluetiehome.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 71.19.237.17 , United States, ASN19133 (BIRD-HOSTING, US),
Reverse DNS: 17.237.19.71.in-addr.arpa
Software: Apache/2.4.6 (CentOS) mod_wsgi/4.5.3 Python/3.4.3 PHP/5.4.16 /
Resource Hash: 9fd5b99fca774273cad5633c3aba9ad10feaad7cb528ede92e611ebaef7ae62e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://signup.bluetiehome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 22 Dec 2022 15:55:16 GMT
Last-Modified: Wed, 21 Jul 2021 17:20:36 GMT
Server: Apache/2.4.6 (CentOS) mod_wsgi/4.5.3 Python/3.4.3 PHP/5.4.16
ETag: "2444-5c7a56379a100"
Content-Type: application/javascript
Cache-control: private
Connection: close
Accept-Ranges: bytes
Content-Length: 9284

GET
H/1.1 200
OK paypal_reg.js Show response
signup.bluetiehome.com/js/ 3 KB
4 KB 275ms
92ms Script
application/javascript 71.19.237.17
BIRD-HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://signup.bluetiehome.com/js/paypal_reg.js
Requested by: Host: signup.bluetiehome.com
URL: https://signup.bluetiehome.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 71.19.237.17 , United States, ASN19133 (BIRD-HOSTING, US),
Reverse DNS: 17.237.19.71.in-addr.arpa
Software: Apache/2.4.6 (CentOS) mod_wsgi/4.5.3 Python/3.4.3 PHP/5.4.16 /
Resource Hash: 5a7f21be23c39e29e24573a69d2b41b235f1e93b4963d6783bb0138b7e58f629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://signup.bluetiehome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 22 Dec 2022 15:55:16 GMT
Last-Modified: Fri, 27 Aug 2021 02:55:11 GMT
Server: Apache/2.4.6 (CentOS) mod_wsgi/4.5.3 Python/3.4.3 PHP/5.4.16
ETag: "cc0-5ca819ca1e1c0"
Content-Type: application/javascript
Cache-control: private
Connection: close
Accept-Ranges: bytes
Content-Length: 3264

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 163ms
47ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-159162385-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://signup.bluetiehome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 22 Dec 2022 14:27:21 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5275
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 22 Dec 2022 16:27:21 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
210 B 68ms
68ms XHR
text/plain 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2003819315&t=pageview&_s=1&dl=https%3A%2F%2Fsignup.bluetiehome.com%2F&ul=en-us&de=UTF-8&dt=Email%20Registration%20%7C%20BlueTieHome&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=288051570&gjid=375325920&cid=890653407.1671724516&tid=UA-159162385-1&_gid=1536335527.1671724516&_r=1&gtm=2oubu0&z=435250555

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://signup.bluetiehome.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 15:55:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://signup.bluetiehome.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ 407 KB
163 KB 117ms
35ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdeN5cUAAAAAGGF550pgJi53Oc2bgWlg9QzE3YE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://signup.bluetiehome.com/
Origin: https://signup.bluetiehome.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 14:21:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5624
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 14:21:32 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 13 KB
6 KB 11ms
10ms Script
application/x-javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=signup.bluetiehome.com&t=xo&v=5.0.344&source=payments_sdk&client_id=AR3h96rmYfqmW_RyBj3PP4UpNJph4LyY-N8YMTs-LxxWtz5aPWGTwjAT_a1DRTVNJATmsr8My0zQH7O9&vault=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AR3h96rmYfqmW_RyBj3PP4UpNJph4LyY-N8YMTs-LxxWtz5aPWGTwjAT_a1DRTVNJATmsr8My0zQH7O9&vault=true&intent=subscription

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e1b623fbc2b45b7f12b0b87859415c8e716502043288dc4ac99b560592d6c428

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-616LMDL89PGxHAzIsp8Qq9bg3J3FJAg+2GPVjTOJTgFN9+Kl' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://signup.bluetiehome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-616LMDL89PGxHAzIsp8Qq9bg3J3FJAg+2GPVjTOJTgFN9+Kl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 22 Dec 2022 15:55:16 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 14770
x-cache: HIT
paypal-debug-id: f518632b58804
server-timing: "traceparent;desc="00-0000000000000000000f518632b58804-a836256c988c486c-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4753
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220095-HHN
traceparent: 00-0000000000000000000f518632b58804-9f432078d2f8947e-01
x-timer: S1671724517.520762,VS0,VE3
etag: W/"354b-1jJvh6vG2tOt0KwO6EW7iESw/SU"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
17 KB 30ms
8ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=signup.bluetiehome.com&t=xo&v=5.0.344&source=payments_sdk&client_id=AR3h96rmYfqmW_RyBj3PP4UpNJph4LyY-N8YMTs-LxxWtz5aPWGTwjAT_a1DRTVNJATmsr8My0zQH7O9&vault=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://signup.bluetiehome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 15:55:16 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: 84840867de170
dc: ccg11-origin-www-1.paypal.com
content-length: 16464
x-served-by: cache-sjc10081-SJC, cache-hhn-etou8220052-HHN
last-modified: Tue, 03 May 2022 17:28:29 GMT
x-timer: S1671724517.558209,VS0,VE0
etag: W/"6271663d-da91"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 1004776, 562834

GET
H2 200 ts
t.paypal.com/ 42 B
739 B 247ms
173ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AAVN8XJQ4MB5ZY-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AAVN8XJQ4MB5ZY-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=27bce300-34e9-48c8-9934-9aea2f7f4cf3&fltp=analytics&mrid=AVN8XJQ4MB5ZY&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Email%20Registration%20%7C%20BlueTieHome&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1671724516533&g=0&completeurl=https%3A%2F%2Fsignup.bluetiehome.com%2F

Requested by

Host: signup.bluetiehome.com
URL: https://signup.bluetiehome.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/3585) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://signup.bluetiehome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 15:55:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (lhd/3585)
traceparent: 00-0000000000000000000468e6f26f1958-91494a8ecf5f3074-01
content-type: image/gif
paypal-debug-id: 468e6f26f1958
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 42
expires: Thu, 22 Dec 2022 15:55:16 GMT

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame 2EC3 388 KB
143 KB 376ms
376ms Document
text/html 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?style.label=subscribe&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.344&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVIzaDk2cm1ZZnFtV19SeUJqM1BQNFVwTkpwaDRMeVktTjhZTVRzLUx4eFd0ejVhUFdHVHdqQVRfYTFEUlRWTkpBVG1zcjhNeTB6UUg3TzkmdmF1bHQ9dHJ1ZSZpbnRlbnQ9c3Vic2NyaXB0aW9uIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfZ3V4ZmNndnJocmFtdGh1aXN5dHh2emZqeXV0aGJ0In19&clientID=AR3h96rmYfqmW_RyBj3PP4UpNJph4LyY-N8YMTs-LxxWtz5aPWGTwjAT_a1DRTVNJATmsr8My0zQH7O9&sdkCorrelationID=0158353910603&storageID=uid_8976eae5f7_mtu6ntu6mty&sessionID=uid_f4da85d8b6_mtu6ntu6mty&buttonSessionID=uid_5980a0181b_mtu6ntu6mty&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=subscription_setup&currency=USD&intent=subscription&commit=true&vault=true&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AR3h96rmYfqmW_RyBj3PP4UpNJph4LyY-N8YMTs-LxxWtz5aPWGTwjAT_a1DRTVNJATmsr8My0zQH7O9&vault=true&intent=subscription

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ef82ae3397e32ec41098e73b783c8db32c413db9ecee1c356531bd0f84347141

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://signup.bluetiehome.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: none
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: br
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Thu, 22 Dec 2022 15:55:16 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/W/"611b6-Q0aaH/Ib5epXwyXsVM5W4KnnQVs"
p3p: true
paypal-debug-id: f2324123e5fbc
server-timing: "traceparent;desc="00-0000000000000000000f2324123e5fbc-406162f26109cab5-01"";content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f2324123e5fbc-f2fd0f1aa6a339c4-01
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-served-by: cache-hhn-etou8220095-HHN
x-timer: S1671724517.613840,VS0,VE369
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 7C36 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7C36 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1003 B
2 KB 207ms
207ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AR3h96rmYfqmW_RyBj3PP4UpNJph4LyY-N8YMTs-LxxWtz5aPWGTwjAT_a1DRTVNJATmsr8My0zQH7O9&vault=true&intent=subscription

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9c89cb64af054c3b86d2fa406c990a01cee0f96f8020c2fb4351d98a368d7d91

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://signup.bluetiehome.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

date: Thu, 22 Dec 2022 15:55:17 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f2324121c0da0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220093-HHN
traceparent: 00-0000000000000000000f2324121c0da0-625d5ee0ba2a7d22-01
x-timer: S1671724517.809208,VS0,VE197
etag: W/W/"3eb-aVWT7qA597IqbrwZ3y5xnD7+h/E"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://signup.bluetiehome.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 176ms
162ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://signup.bluetiehome.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://signup.bluetiehome.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Thu, 22 Dec 2022 15:55:16 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f2324124e9847
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f2324124e9847-f2839beb38e52617-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn-etou8220093-HHN
x-timer: S1671724517.644183,VS0,VE156

GET
H/1.1 200
OK fa-solid-900.woff2
signup.bluetiehome.com/fontawesome/webfonts/ 134 KB
134 KB 363ms
182ms Font
application/octet-stream 71.19.237.17
BIRD-HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://signup.bluetiehome.com/fontawesome/webfonts/fa-solid-900.woff2
Requested by: Host: signup.bluetiehome.com
URL: https://signup.bluetiehome.com/fontawesome/css/all.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 71.19.237.17 , United States, ASN19133 (BIRD-HOSTING, US),
Reverse DNS: 17.237.19.71.in-addr.arpa
Software: Apache/2.4.6 (CentOS) mod_wsgi/4.5.3 Python/3.4.3 PHP/5.4.16 /
Resource Hash: 943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c

Request headers

Referer: https://signup.bluetiehome.com/fontawesome/css/all.min.css
Origin: https://signup.bluetiehome.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 22 Dec 2022 15:55:16 GMT
Last-Modified: Wed, 21 Jul 2021 17:20:38 GMT
Server: Apache/2.4.6 (CentOS) mod_wsgi/4.5.3 Python/3.4.3 PHP/5.4.16
ETag: "21678-5c7a563982580"
Cache-control: private
Connection: close
Accept-Ranges: bytes
Content-Length: 136824

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame AADF 54 KB
17 KB 7ms
6ms Document
text/html 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://signup.bluetiehome.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16791
content-type: text/html
date: Thu, 22 Dec 2022 15:55:16 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"6271663d-d994"
last-modified: Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id: 50b39f10d2761
strict-transport-security: max-age=31557600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 935084, 614220
x-content-type-options: nosniff
x-served-by: cache-sjc10023-SJC, cache-hhn-etou8220052-HHN
x-timer: S1671724517.651441,VS0,VE0

GET
H2 200 ts
t.paypal.com/ 42 B
447 B 164ms
163ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AAVN8XJQ4MB5ZY-1&page=muse%3Aoffer%3A%3A%3AAVN8XJQ4MB5ZY-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=27bce300-34e9-48c8-9934-9aea2f7f4cf3&es=visitorInfoFlowStarted&mrid=AVN8XJQ4MB5ZY&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Email%20Registration%20%7C%20BlueTieHome&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1671724516687&g=0&completeurl=https%3A%2F%2Fsignup.bluetiehome.com%2F

Requested by

Host: signup.bluetiehome.com
URL: https://signup.bluetiehome.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/35D6) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://signup.bluetiehome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Dec 2022 15:55:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (lhd/35D6)
traceparent: 00-000000000000000000069e264ec95f01-b34623c55220f288-01
content-type: image/gif
paypal-debug-id: 69e264ec95f01
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 42
expires: Thu, 22 Dec 2022 15:55:16 GMT

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame AADF 435 B
2 KB 299ms
298ms Fetch
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

af2455fb342994fdf8053fbef3af117d02d17cf58694c060c0ca7622df7e71f2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-u00zQhdgAhDh4Vn2vy1Tq1qT1DDDg0QjMJiBKJtkDfIt6/pm' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-u00zQhdgAhDh4Vn2vy1Tq1qT1DDDg0QjMJiBKJtkDfIt6/pm' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
date: Thu, 22 Dec 2022 15:55:17 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f232412af3ed9
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220095-HHN
traceparent: 00-0000000000000000000f232412af3ed9-213f1ee1078421ba-01
x-timer: S1671724517.890633,VS0,VE279
etag: W/W/"1b3-d2YsGE9AzT53jrtr639pOdez6/w"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 193ms
193ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Thu, 22 Dec 2022 15:55:16 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f23241297b55a
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f23241297b55a-505dab68b7515f6a-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn-etou8220093-HHN
x-timer: S1671724517.695168,VS0,VE184

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 86D7 42 KB
22 KB 143ms
64ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdeN5cUAAAAAGGF550pgJi53Oc2bgWlg9QzE3YE&co=aHR0cHM6Ly9zaWdudXAuYmx1ZXRpZWhvbWUuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=6lgogm1hx0dy

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3b3fe7bf24da6b3de3fdcb315ffc8414ddb2dd5f2be0fd54b1a66801b412ce72

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cTTYEHpuav3lkJhDtCiLrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://signup.bluetiehome.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22268
content-security-policy: script-src 'report-sample' 'nonce-cTTYEHpuav3lkJhDtCiLrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 22 Dec 2022 15:55:16 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 86D7 52 KB
24 KB 109ms
36ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdeN5cUAAAAAGGF550pgJi53Oc2bgWlg9QzE3YE&co=aHR0cHM6Ly9zaWdudXAuYmx1ZXRpZWhvbWUuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=6lgogm1hx0dy

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 13:42:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7978
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 13:42:18 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 86D7 407 KB
163 KB 125ms
53ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 14:21:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5624
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 14:21:32 GMT

GET
DATA 200
OK truncated
/ Frame 2EC3 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 86D7 2 KB
2 KB 36ms
36ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 591308
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 22 Dec 2022 19:40:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 86D7 15 KB
16 KB 115ms
35ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 12:17:50 GMT
x-content-type-options: nosniff
age: 445047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Dec 2023 12:17:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 86D7 15 KB
15 KB 124ms
44ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 236038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 22:21:19 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 86D7 102 B
134 B 48ms
47ms Other
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdeN5cUAAAAAGGF550pgJi53Oc2bgWlg9QzE3YE&co=aHR0cHM6Ly9zaWdudXAuYmx1ZXRpZWhvbWUuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=6lgogm1hx0dy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 15:55:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 22 Dec 2022 15:55:17 GMT

GET
DATA 200
OK truncated
/ Frame 2EC3 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 2EC3 313 KB
93 KB 10ms
9ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AR3h96rmYfqmW_RyBj3PP4UpNJph4LyY-N8YMTs-LxxWtz5aPWGTwjAT_a1DRTVNJATmsr8My0zQH7O9&vault=true&intent=subscription

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.label=subscribe&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.344&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVIzaDk2cm1ZZnFtV19SeUJqM1BQNFVwTkpwaDRMeVktTjhZTVRzLUx4eFd0ejVhUFdHVHdqQVRfYTFEUlRWTkpBVG1zcjhNeTB6UUg3TzkmdmF1bHQ9dHJ1ZSZpbnRlbnQ9c3Vic2NyaXB0aW9uIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfZ3V4ZmNndnJocmFtdGh1aXN5dHh2emZqeXV0aGJ0In19&clientID=AR3h96rmYfqmW_RyBj3PP4UpNJph4LyY-N8YMTs-LxxWtz5aPWGTwjAT_a1DRTVNJATmsr8My0zQH7O9&sdkCorrelationID=0158353910603&storageID=uid_8976eae5f7_mtu6ntu6mty&sessionID=uid_f4da85d8b6_mtu6ntu6mty&buttonSessionID=uid_5980a0181b_mtu6ntu6mty&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=subscription_setup&currency=USD&intent=subscription&commit=true&vault=true&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0dd142affc2f7d937b5ec8c8953e936366f68d13057dd91c1202f2c3524e641b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-JR8RYEEUc8ZMHDcwx2ev1pl1pN1Z3a7aTL+YvQjLhi6vd9lf' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-JR8RYEEUc8ZMHDcwx2ev1pl1pN1Z3a7aTL+YvQjLhi6vd9lf' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/smart/buttons?style.label=subscribe&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.344&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVIzaDk2cm1ZZnFtV19SeUJqM1BQNFVwTkpwaDRMeVktTjhZTVRzLUx4eFd0ejVhUFdHVHdqQVRfYTFEUlRWTkpBVG1zcjhNeTB6UUg3TzkmdmF1bHQ9dHJ1ZSZpbnRlbnQ9c3Vic2NyaXB0aW9uIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfZ3V4ZmNndnJocmFtdGh1aXN5dHh2emZqeXV0aGJ0In19&clientID=AR3h96rmYfqmW_RyBj3PP4UpNJph4LyY-N8YMTs-LxxWtz5aPWGTwjAT_a1DRTVNJATmsr8My0zQH7O9&sdkCorrelationID=0158353910603&storageID=uid_8976eae5f7_mtu6ntu6mty&sessionID=uid_f4da85d8b6_mtu6ntu6mty&buttonSessionID=uid_5980a0181b_mtu6ntu6mty&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=subscription_setup&currency=USD&intent=subscription&commit=true&vault=true&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-JR8RYEEUc8ZMHDcwx2ev1pl1pN1Z3a7aTL+YvQjLhi6vd9lf' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-JR8RYEEUc8ZMHDcwx2ev1pl1pN1Z3a7aTL+YvQjLhi6vd9lf' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 22 Dec 2022 15:55:17 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1
x-cache: HIT
p3p: true
paypal-debug-id: f6477010659cd
server-timing: "traceparent;desc="00-0000000000000000000f6477010659cd-f9277285c61c0e4c-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 94236
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220095-HHN
traceparent: 00-0000000000000000000f6477010659cd-94218a34caf2a292-01
x-timer: S1671724517.189384,VS0,VE2
etag: W/"1701c-/WdArHN9mElRsgn8C3mAjaM732A"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
accept-ranges: bytes
x-cache-hits: 1

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 86D7 32 KB
18 KB 95ms
91ms XHR
application/json 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LdeN5cUAAAAAGGF550pgJi53Oc2bgWlg9QzE3YE

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

467c36d7494aa1534007de766de155ed71db057b6269e02200f36ee70af8125c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdeN5cUAAAAAGGF550pgJi53Oc2bgWlg9QzE3YE&co=aHR0cHM6Ly9zaWdudXAuYmx1ZXRpZWhvbWUuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=6lgogm1hx0dy
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 22 Dec 2022 15:55:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18555
x-xss-protection: 1; mode=block
expires: Thu, 22 Dec 2022 15:55:17 GMT

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 2EC3 58 KB
20 KB 46ms
12ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBA) /

Resource Hash

def7e4d139a8615c2721b3a2f0aee56e08052118029fa0bc8101fc0daea957d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 15:55:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 156471
x-cache: HIT
paypal-debug-id: 104deb0ed911b
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 20336
last-modified: Tue, 20 Dec 2022 17:16:51 GMT
server: ECAcc (frc/4CBA)
traceparent: 00-0000000000000000000104deb0ed911b-50a9b0daf65ed199-01
etag: "63a1ee03-e9eb"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: false
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Dec 2022 15:55:17 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 86D7 32 KB
18 KB 84ms
82ms XHR
application/json 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LdeN5cUAAAAAGGF550pgJi53Oc2bgWlg9QzE3YE

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f58bd0a63f0ddfc1bbc5a0c3d7cadacca5e6853ea8e547d430516c2400c4270e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdeN5cUAAAAAGGF550pgJi53Oc2bgWlg9QzE3YE&co=aHR0cHM6Ly9zaWdudXAuYmx1ZXRpZWhvbWUuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=6lgogm1hx0dy
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 22 Dec 2022 15:55:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18773
x-xss-protection: 1; mode=block
expires: Thu, 22 Dec 2022 15:55:18 GMT

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 2EC3 1021 B
2 KB 234ms
224ms Ping
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

43670ed7e8c45e19b8dda8f985b3faecff2ee34b9423b13de9923072941238fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?style.label=subscribe&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.344&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVIzaDk2cm1ZZnFtV19SeUJqM1BQNFVwTkpwaDRMeVktTjhZTVRzLUx4eFd0ejVhUFdHVHdqQVRfYTFEUlRWTkpBVG1zcjhNeTB6UUg3TzkmdmF1bHQ9dHJ1ZSZpbnRlbnQ9c3Vic2NyaXB0aW9uIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfZ3V4ZmNndnJocmFtdGh1aXN5dHh2emZqeXV0aGJ0In19&clientID=AR3h96rmYfqmW_RyBj3PP4UpNJph4LyY-N8YMTs-LxxWtz5aPWGTwjAT_a1DRTVNJATmsr8My0zQH7O9&sdkCorrelationID=0158353910603&storageID=uid_8976eae5f7_mtu6ntu6mty&sessionID=uid_f4da85d8b6_mtu6ntu6mty&buttonSessionID=uid_5980a0181b_mtu6ntu6mty&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=subscription_setup&currency=USD&intent=subscription&commit=true&vault=true&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 22 Dec 2022 15:55:18 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f781802693ef1
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220095-HHN
traceparent: 00-0000000000000000000f781802693ef1-5f6359e339c98b1f-01
x-timer: S1671724518.984885,VS0,VE209
etag: W/W/"3fd-LX0WzFGtjAFqVEjuhS5LIqJbnaQ"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame A1BD 160 B
1 KB 180ms
174ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/35E2) /

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 141
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
correlation-id: f1fa962ad54ce
date: Thu, 22 Dec 2022 15:55:17 GMT
origin-trial: A+THamRrv1ypMR6JeaJx7Wmo8rytLELMAeCL0XGhTihfUtp+dVqcCNYiWxOzySlH2Xk7lzRrFY3mxv6viKT1qggAAACKeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
paypal-debug-id: f1fa962ad54ce
server: ECAcc (lhd/35E2)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000f1fa962ad54ce-aa6b65b80d56fee4-01
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/v2/ Frame B8DE
Redirect Chain

https://b.stats.paypal.com/v2/counter.cgi?p=uid_f4da85d8b6_mtu6ntu6mty&s=SMART_PAYMENT_BUTTONS
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_f4da85d8b6_mtu6ntu6mty&s=SMART_PAYMENT_BUTTONS

42 B
299 B

147ms
43ms

Image
image/jpeg

64.4.245.84
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_f4da85d8b6_mtu6ntu6mty&s=SMART_PAYMENT_BUTTONS
Requested by: Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.label=subscribe&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.344&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVIzaDk2cm1ZZnFtV19SeUJqM1BQNFVwTkpwaDRMeVktTjhZTVRzLUx4eFd0ejVhUFdHVHdqQVRfYTFEUlRWTkpBVG1zcjhNeTB6UUg3TzkmdmF1bHQ9dHJ1ZSZpbnRlbnQ9c3Vic2NyaXB0aW9uIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfZ3V4ZmNndnJocmFtdGh1aXN5dHh2emZqeXV0aGJ0In19&clientID=AR3h96rmYfqmW_RyBj3PP4UpNJph4LyY-N8YMTs-LxxWtz5aPWGTwjAT_a1DRTVNJATmsr8My0zQH7O9&sdkCorrelationID=0158353910603&storageID=uid_8976eae5f7_mtu6ntu6mty&sessionID=uid_f4da85d8b6_mtu6ntu6mty&buttonSessionID=uid_5980a0181b_mtu6ntu6mty&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=subscription_setup&currency=USD&intent=subscription&commit=true&vault=true&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Protocol: HTTP/1.1
Server: 64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 22 Dec 2022 15:55:18 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_f4da85d8b6_mtu6ntu6mty&s=SMART_PAYMENT_BUTTONS
Date: Thu, 22 Dec 2022 15:55:18 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame A1BD 58 KB
20 KB 32ms
6ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBA) /

Resource Hash

def7e4d139a8615c2721b3a2f0aee56e08052118029fa0bc8101fc0daea957d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 15:55:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 156472
x-cache: HIT
paypal-debug-id: 104deb0ed911b
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 20336
last-modified: Tue, 20 Dec 2022 17:16:51 GMT
server: ECAcc (frc/4CBA)
traceparent: 00-0000000000000000000104deb0ed911b-50a9b0daf65ed199-01
etag: "63a1ee03-e9eb"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: false
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Dec 2022 15:55:18 GMT

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame A1BD 125 B
890 B 267ms
217ms XHR
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/359E) /

Resource Hash

cf2ac437203e7322d3b8ccb3f0b8a21dff744c63960e21355bb1cdc11705b57a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 22 Dec 2022 15:55:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: 660b86100bbf8
server: ECAcc (lhd/359E)
traceparent: 00-0000000000000000000660b86100bbf8-0e4def2cc2153686-01
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: 660b86100bbf8
content-type: application/json
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 125

POST
H2 204 e Show response
c.paypal.com/v1/r/d/b/ Frame A1BD 0
98 B 231ms
188ms XHR
text/plain 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/35E6) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 22 Dec 2022 15:55:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: d5a4030fe3bf3
server: ECAcc (lhd/35E6)
traceparent: 00-0000000000000000000d5a4030fe3bf3-4f8d396d722c3f38-01
paypal-debug-id: d5a4030fe3bf3
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame A1BD 0
337 B 394ms
188ms Image
text/plain 2606:2800:233:ce53:4396:b914:64c2:638e
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=uid_f4da85d8b6_mtu6ntu6mty&s=SMART_PAYMENT_BUTTONS

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:ce53:4396:b914:64c2:638e , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/35B6) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 15:55:18 GMT
content-encoding: gzip
correlation-id: 69795021abd90
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (lhd/35B6)
traceparent: 00-000000000000000000069795021abd90-d3258a8f844f3b8b-01
vary: Accept-Encoding
paypal-debug-id: 69795021abd90
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 20

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame 2EC3 1016 B
1017 B 218ms
186ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AR3h96rmYfqmW_RyBj3PP4UpNJph4LyY-N8YMTs-LxxWtz5aPWGTwjAT_a1DRTVNJATmsr8My0zQH7O9&vault=true&intent=subscription

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e31389060e17a763bf303f0e6be41154b58e8e46960be324f790a5798a7a9218

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?style.label=subscribe&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.344&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVIzaDk2cm1ZZnFtV19SeUJqM1BQNFVwTkpwaDRMeVktTjhZTVRzLUx4eFd0ejVhUFdHVHdqQVRfYTFEUlRWTkpBVG1zcjhNeTB6UUg3TzkmdmF1bHQ9dHJ1ZSZpbnRlbnQ9c3Vic2NyaXB0aW9uIiwiYXR0cnMiOnsiZGF0YS11aWQiOiJ1aWRfZ3V4ZmNndnJocmFtdGh1aXN5dHh2emZqeXV0aGJ0In19&clientID=AR3h96rmYfqmW_RyBj3PP4UpNJph4LyY-N8YMTs-LxxWtz5aPWGTwjAT_a1DRTVNJATmsr8My0zQH7O9&sdkCorrelationID=0158353910603&storageID=uid_8976eae5f7_mtu6ntu6mty&sessionID=uid_f4da85d8b6_mtu6ntu6mty&buttonSessionID=uid_5980a0181b_mtu6ntu6mty&env=production&buttonSize=huge&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfSwic2F0aXNwYXkiOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=subscription_setup&currency=USD&intent=subscription&commit=true&vault=true&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

date: Thu, 22 Dec 2022 15:55:18 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f781802b57acd
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220095-HHN
traceparent: 00-0000000000000000000f781802b57acd-24126deb2acf4df0-01
x-timer: S1671724518.327395,VS0,VE182
etag: W/W/"3f8-SrVeK3u293wv+nOHJmG+DkFC3HA"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1018 B
2 KB 188ms
188ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AR3h96rmYfqmW_RyBj3PP4UpNJph4LyY-N8YMTs-LxxWtz5aPWGTwjAT_a1DRTVNJATmsr8My0zQH7O9&vault=true&intent=subscription

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

383af46da7744c22db1add831a5d2bb622e2b18464ff989f284a71be3052eab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://signup.bluetiehome.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/json

Response headers

date: Thu, 22 Dec 2022 15:55:18 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS
paypal-debug-id: f210857cd9def
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn-etou8220093-HHN
traceparent: 00-0000000000000000000f210857cd9def-12758f4fbaf44389-01
x-timer: S1671724519.526856,VS0,VE181
etag: W/W/"3fa-rNrxRBnf0QQ/z2tr+H4SknArPmo"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://signup.bluetiehome.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 227ms
196ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://signup.bluetiehome.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://signup.bluetiehome.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Thu, 22 Dec 2022 15:55:18 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f7818020e4216
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f7818020e4216-f96fcfe3520c0f1d-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn-etou8220093-HHN
x-timer: S1671724518.327200,VS0,VE192

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 12:41:16	Name: _GRECAPTCHA Value: 09AJ4Tk-5m9G14QsSeg1P8mFoK-ARf3L-3OI4vCxu_76AtIjy7M2LmjswKc6B823COIcPgMXkBtM7MMXMw-DSGAKQ
bluetiehome.com/	1969-12-31 23:59:59	Name: SERVERID Value:
signup.bluetiehome.com/	1969-12-31 23:59:59	Name: SERVERID Value:
.bluetiehome.com/	1970-01-20 17:58:04	Name: _ga Value: GA1.2.890653407.1671724516
.bluetiehome.com/	1970-01-20 08:23:30	Name: _gid Value: GA1.2.1536335527.1671724516
.bluetiehome.com/	1970-01-20 08:22:04	Name: _gat_gtag_UA_159162385_1 Value: 1
.paypal.com/	1970-01-20 17:07:40	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1970-01-20 08:22:36	Name: LANG Value: de_DE%3BDE
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3AychjkTMsVZLWcQ7bDhIYutUnxNpaY2py.S%2BmGf3BmttuYnIz5sv9wt8Efch%2BwcFvFSp3RRk7clcg
.paypal.com/	1970-01-20 08:22:06	Name: l7_az Value: dcg14.slc
.paypalobjects.com/	1970-01-20 08:23:30	Name: paypal-offers--cust Value: null:null:null
.paypal.com/	1970-01-20 08:26:23	Name: tsrce Value: loggernodeweb
.paypal.com/	1970-01-20 17:58:04	Name: ts Value: vreXpYrS%3D1766418918%26vteXpYrS%3D1671726318%26vr%3D3a8bcab31850ad04b70b2e5dfe5574a3%26vt%3D3a8bcab31850ad04b70b2e5dfe5574a2%26vtyp%3Dnew
.paypal.com/	1970-01-20 17:58:04	Name: ts_c Value: vr%3D3a8bcab31850ad04b70b2e5dfe5574a3%26vt%3D3a8bcab31850ad04b70b2e5dfe5574a2
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY3MTcyNDUxODQzMCIsImwiOiIwIiwibSI6IjAifQ
.c.paypal.com/	1970-01-20 17:58:04	Name: sc_f Value: Gk3yNXmOAJ68_i-99gCWjlvamX79pgI9YyagaG9uJQfN4BvSMooKjIXSMFz33PbTCCMz0OyWaBpHbVGBQ7_0nbt39gPix9yILlcQyG
.paypal.com/	1970-01-20 17:58:04	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: uF0PesGEdFxN9vLQPdlFyMP_oNh6YI-hYuQIWJUHLdxuSEH0mwR2eMu3c8uPYIQAUKUQz640cMS0cPjS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.stats.paypal.com
bluetiehome.com
c.paypal.com
c6.paypal.com
dub.stats.paypal.com
fonts.gstatic.com
signup.bluetiehome.com
t.paypal.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
151.101.193.21
151.101.66.133
192.229.221.25
2606:2800:233:ce53:4396:b914:64c2:638e
2a00:1450:4001:827::2003
2a00:1450:4001:827::2004
2a00:1450:4001:829::2003
2a00:1450:4001:829::2008
2a00:1450:400d:803::200e
64.4.245.84
71.19.237.17
0dd142affc2f7d937b5ec8c8953e936366f68d13057dd91c1202f2c3524e641b
1291d0f11aae5b3d847c8e7dfd68896b8c61c00761d1370f522c9bd29643b0a0
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b
24be2ed3adfa9051c2a426b06cd686813bd0868f95a20d1b64c7527fa642533c
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
383af46da7744c22db1add831a5d2bb622e2b18464ff989f284a71be3052eab2
3b3fe7bf24da6b3de3fdcb315ffc8414ddb2dd5f2be0fd54b1a66801b412ce72
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43670ed7e8c45e19b8dda8f985b3faecff2ee34b9423b13de9923072941238fc
44c077a2a9e639b2320fc431f7fa8233b6b753d1033ac32563a3e62f5da4ec5a
467c36d7494aa1534007de766de155ed71db057b6269e02200f36ee70af8125c
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
5a7f21be23c39e29e24573a69d2b41b235f1e93b4963d6783bb0138b7e58f629
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c5b9dec3f5188aa74f7e5a5d77ab672f0befb913524ec628dcff7fbfb1ea157
64b32d14f993564fe182a5690410f7d4aa2ace59934eac09d7dcf03a68ec7566
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6be2517d96180010505ae30aec599aa76bde1d409588468605ca0f78465ee453
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
72a73ca5c81bb1376796b2901a31ef1453df47033404c3fa3e657ae7ab8ae016
7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81
7cfce1cee410fd9ae288e4b4c5d00042c82e0ecbed4fe230079c863fc0f021c9
839ce8e32e994f4fb4af526183b8f41ba67e47c7025746cc94e7e6a53d3d3453
87b5c40a372824c7a264cb36dbcc15fe23b4e343bbcfd6c0f39bbd7b164f6b9a
8990e01ec83b92151976fa2f788d0fecfae2095b5039d4d0735bf106224160e6
8ae3400104c7b0db11e9fe317236e68a26afba6580192041e87038ceff4db638
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c
9c89cb64af054c3b86d2fa406c990a01cee0f96f8020c2fb4351d98a368d7d91
9fd5b99fca774273cad5633c3aba9ad10feaad7cb528ede92e611ebaef7ae62e
af2455fb342994fdf8053fbef3af117d02d17cf58694c060c0ca7622df7e71f2
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bfc0ab09af7647937d2eb8bdb1e7443023ec16519cf0eb90ee055c8cd7430b46
cf2ac437203e7322d3b8ccb3f0b8a21dff744c63960e21355bb1cdc11705b57a
d8b7d8db622daf1e70cc57e2111cc13175c7c4018600662ab25c9cca1cdf798f
def7e4d139a8615c2721b3a2f0aee56e08052118029fa0bc8101fc0daea957d6
e1b623fbc2b45b7f12b0b87859415c8e716502043288dc4ac99b560592d6c428
e31389060e17a763bf303f0e6be41154b58e8e46960be324f790a5798a7a9218
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef82ae3397e32ec41098e73b783c8db32c413db9ecee1c356531bd0f84347141
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
f58bd0a63f0ddfc1bbc5a0c3d7cadacca5e6853ea8e547d430516c2400c4270e

signup.bluetiehome.com Open in urlscan Pro 71.19.237.17 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

98 %HTTPS

55 %IPv6

7 Domains

14 Subdomains

12 IPs

3 Countries

1317 kBTransfer

2817 kBSize

17 Cookies

5 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

signup.bluetiehome.com Open in urlscan Pro
71.19.237.17 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

98 %
HTTPS

55 %
IPv6

7
Domains

14
Subdomains

12
IPs

3
Countries

1317 kB
Transfer

2817 kB
Size

17
Cookies

50 HTTP transactions
4 data transactions