mail.elegantresearchservice.com Open in urlscan Pro
136.243.149.233 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://mail.elegantresearchservice.com/
Submission: On October 28 via api (October 28th 2022, 9:12:47 am UTC) from US — Scanned from US

Summary HTTP 50 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 9 domains to perform 50 HTTP transactions. The main IP is 136.243.149.233, located in Germany and belongs to HETZNER-AS, DE. The main domain is mail.elegantresearchservice.com.

This is the only time mail.elegantresearchservice.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	136.243.149.233 136.243.149.233	24940 (HETZNER-AS) (HETZNER-AS)
8	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1400:d::... 2600:1400:d::6878:d293	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
10	151.101.193.21 151.101.193.21	54113 (FASTLY) (FASTLY)
2 6	2606:4700:20:... 2606:4700:20::681a:76b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1400:d::... 2600:1400:d::6878:d28b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.193.35 151.101.193.35	54113 (FASTLY) (FASTLY)
6	192.229.210.155 192.229.210.155	15133 (EDGECAST) (EDGECAST)
1	2606:4700:20:... 2606:4700:20::681a:4f7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	64.4.251.12 64.4.251.12	17012 (PAYPAL) (PAYPAL)
50	13

13 136.243.149.233 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: ndovu.bitsimba.com

mail.elegantresearchservice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1400:d::6878:d293 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.193.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:76b (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

apps.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
files.elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
elfsight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1400:d::6878:d28b (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.229.210.155 (United States)

ASN15133 (EDGECAST, US)

c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:4f7 (United States)

ASN13335 (CLOUDFLARENET, US)

files.elfsightcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.251.12 (United States) 1 redirects

ASN17012 (PAYPAL, US)

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
chd.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	paypal.com 1 redirects www.paypal.com — Cisco Umbrella Rank: 2383 t.paypal.com — Cisco Umbrella Rank: 3098 c.paypal.com — Cisco Umbrella Rank: 5838 b.stats.paypal.com — Cisco Umbrella Rank: 5064 chd.stats.paypal.com — Cisco Umbrella Rank: 9282 c6.paypal.com — Cisco Umbrella Rank: 6710	399 KB
13	elegantresearchservice.com mail.elegantresearchservice.com	10 MB
8	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 208	219 KB
6	elfsight.com 2 redirects apps.elfsight.com — Cisco Umbrella Rank: 15329 static.elfsight.com — Cisco Umbrella Rank: 14986 files.elfsight.com — Cisco Umbrella Rank: 76260 elfsight.com — Cisco Umbrella Rank: 12356	286 KB
3	typekit.net use.typekit.net — Cisco Umbrella Rank: 418 p.typekit.net — Cisco Umbrella Rank: 559	44 KB
1	elfsightcdn.com files.elfsightcdn.com — Cisco Umbrella Rank: 63135	1 MB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 760	11 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	830 B
0	qodewire.com Failed systems.qodewire.com Failed
50	9

	Domain	Requested by
13	mail.elegantresearchservice.com	mail.elegantresearchservice.com
10	www.paypal.com	mail.elegantresearchservice.com www.paypal.com
8	cdnjs.cloudflare.com	mail.elegantresearchservice.com cdnjs.cloudflare.com
5	c.paypal.com	www.paypal.com c.paypal.com
2	static.elfsight.com	mail.elegantresearchservice.com apps.elfsight.com
2	apps.elfsight.com	1 redirects apps.elfsight.com
2	use.typekit.net	mail.elegantresearchservice.com use.typekit.net
1	c6.paypal.com	mail.elegantresearchservice.com
1	chd.stats.paypal.com	mail.elegantresearchservice.com
1	b.stats.paypal.com	1 redirects
1	elfsight.com	mail.elegantresearchservice.com
1	files.elfsightcdn.com	mail.elegantresearchservice.com
1	files.elfsight.com	1 redirects
1	t.paypal.com	mail.elegantresearchservice.com
1	p.typekit.net	use.typekit.net
1	unpkg.com	mail.elegantresearchservice.com
1	fonts.googleapis.com	mail.elegantresearchservice.com
0	systems.qodewire.com Failed	mail.elegantresearchservice.com
50	18

This site contains links to these domains. Also see Links.

Domain
api.whatsapp.com
elfsight.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-04-12` - `2023-04-12`	a year	crt.sh
elfsight.com Cloudflare Inc ECC CA-3	`2022-04-30` - `2023-04-30`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh

This page contains 5 frames:

Primary Page: http://mail.elegantresearchservice.com/
Frame ID: 46138343B698981472AFDD08399C43C2
Requests: 40 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=pill&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.338&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVN1TmxhMVlzMklsWFpySURBeHdudDNrTTdkcFNwWEZHOHpGUFlDbTBxZnNkVmp6MHpJc3FhSkpYcl9Eb2IycnlXRmY0a3VVMzhtbkc0ZkEmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9VVNEJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCIsImF0dHJzIjp7ImRhdGEtc2RrLWludGVncmF0aW9uLXNvdXJjZSI6ImJ1dHRvbi1mYWN0b3J5IiwiZGF0YS11aWQiOiJ1aWRfenh1cWp6Z3N2cGt3cXF1eXZoamxodGN5Z29tYWRoIn19&clientID=ASuNla1Ys2IlXZrIDAxwnt3kM7dpSpXFG8zFPYCm0qfsdVjz0zIsqaJJXr_Dob2ryWFf4kuU38mnG4fA&sdkCorrelationID=f759943e9aa43&storageID=uid_59a21430bc_mdk6mti6nda&sessionID=uid_ea452c3809_mdk6mti6nda&buttonSessionID=uid_5faf99a99b_mdk6mti6nda&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Frame ID: B49B510BE9A7837C6A0C48D5B02ED35A
Requests: 6 HTTP requests in this frame

Frame: data://truncated
Frame ID: 87EFA7B93335323884DD349365137587
Requests: 1 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 08094CFF3364C6477B3A04B80C4E7C5D
Requests: 5 HTTP requests in this frame

Frame: https://chd.stats.paypal.com/v2/counter2.cgi?p=uid_ea452c3809_mdk6mti6nda&s=SMART_PAYMENT_BUTTONS
Frame ID: CEB68BCE41DC8C8C951B702D97D9D166
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Best online Research and academic writing help services

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

50
Requests

66 %
HTTPS

58 %
IPv6

9
Domains

18
Subdomains

13
IPs

2
Countries

12233 kB
Transfer

13738 kB
Size

10
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://api.whatsapp.com/send?phone=254743728965
Title: Start Chat

Search URL Search Domain Scan URL

URL: https://elfsight.com/whatsapp-chat-widget/?utm_source=websites&utm_medium=clients&utm_content=whatsapp-chat&utm_term=mail.elegantresearchservice.com&utm_campaign=free-widget
Title: Free Whatsapp Chat widget

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://apps.elfsight.com/p/platform.js HTTP 301
https://static.elfsight.com/platform/platform.js

Request Chain 40

https://files.elfsight.com/storage/2e4637d8-d70d-4039-a8e6-6dbf1f0168ee/ad84a785-92b9-44be-b4f4-729817801b01.jpg HTTP 301
https://files.elfsightcdn.com/2e4637d8-d70d-4039-a8e6-6dbf1f0168ee/ad84a785-92b9-44be-b4f4-729817801b01.jpg

Request Chain 45

https://b.stats.paypal.com/v2/counter.cgi?p=uid_ea452c3809_mdk6mti6nda&s=SMART_PAYMENT_BUTTONS HTTP 302
https://chd.stats.paypal.com/v2/counter2.cgi?p=uid_ea452c3809_mdk6mti6nda&s=SMART_PAYMENT_BUTTONS

50 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
mail.elegantresearchservice.com/ 26 KB
26 KB 874ms
102ms Document
text/html 136.243.149.233
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://mail.elegantresearchservice.com/
Protocol: HTTP/1.1
Server: 136.243.149.233 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ndovu.bitsimba.com
Software: nginx /
Resource Hash: db5150b10f05fe45eeaf2a5bf4aad891df8403556156dffe05b181facfed1c47

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Content-Length: 26304
Content-Type: text/html
Date: Fri, 28 Oct 2022 09:12:40 GMT
Last-Modified: Tue, 08 Feb 2022 10:20:11 GMT
Server: nginx

GET
H2 200 owl.carousel.min.css
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/ 3 KB
956 B 46ms
15ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.carousel.min.css

Requested by

Host: mail.elegantresearchservice.com
URL: http://mail.elegantresearchservice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.elegantresearchservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 3059070
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 845
last-modified: Mon, 04 May 2020 16:04:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf0-d17"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76128d133b911841-EWR
expires: Wed, 18 Oct 2023 09:12:40 GMT

GET
H2 200 owl.theme.default.min.css
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/ 1013 B
419 B 47ms
16ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.theme.default.min.css

Requested by

Host: mail.elegantresearchservice.com
URL: http://mail.elegantresearchservice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.elegantresearchservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 931311
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 331
last-modified: Mon, 04 May 2020 16:04:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf0-3f5"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76128d133b921841-EWR
expires: Wed, 18 Oct 2023 09:12:40 GMT

GET
H2 200 hnk5xes.css
use.typekit.net/ 2 KB
865 B 121ms
71ms Stylesheet
text/css 2600:1400:d::6878:d293
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/hnk5xes.css

Requested by

Host: mail.elegantresearchservice.com
URL: http://mail.elegantresearchservice.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d::6878:d293 New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

c95b29c5c13e0cd438ff5a1f78a601abe7f81280ba5c3c4fe5d42361cf2143a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.elegantresearchservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Fri, 28 Oct 2022 09:12:40 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 633

GET
H2 200 bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/5.1.0/css/ 159 KB
17 KB 44ms
14ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/5.1.0/css/bootstrap.min.css

Requested by

Host: mail.elegantresearchservice.com
URL: http://mail.elegantresearchservice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfc391e34328c09f0680ae8ff3d63e86224ae7e71c973147ccb84540b2fdd9b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.elegantresearchservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 9074924
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17426
last-modified: Wed, 04 Aug 2021 16:03:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "610aba41-4412"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76128d133b931841-EWR
expires: Wed, 18 Oct 2023 09:12:40 GMT

GET jquery.min.js
systems.qodewire.com/academic/wp-content/plugins/opskill-widgets/css/ 0
0

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/ 58 KB
11 KB 41ms
11ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Requested by

Host: mail.elegantresearchservice.com
URL: http://mail.elegantresearchservice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.elegantresearchservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 7390693
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10480
last-modified: Tue, 16 Mar 2021 19:29:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60510736-e7d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76128d134b941841-EWR
expires: Wed, 18 Oct 2023 09:12:40 GMT

GET
H2 200 css2
fonts.googleapis.com/ 420 B
830 B 50ms
20ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Cinzel+Decorative&display=swap

Requested by

Host: mail.elegantresearchservice.com
URL: http://mail.elegantresearchservice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7243ee75b7776dd4e7801f450e3ca5621ba071037e0d0e811c91c4082984dc99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.elegantresearchservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Oct 2022 09:12:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 09:12:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Oct 2022 09:12:40 GMT

GET
H2 200 js Show response
www.paypal.com/sdk/ 302 KB
90 KB 663ms
633ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=ASuNla1Ys2IlXZrIDAxwnt3kM7dpSpXFG8zFPYCm0qfsdVjz0zIsqaJJXr_Dob2ryWFf4kuU38mnG4fA&enable-funding=venmo&currency=USD&disable-funding=credit,card

Requested by

Host: mail.elegantresearchservice.com
URL: http://mail.elegantresearchservice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e87230ace2232c6eb1e8f465162b97e498a4af0e794bd3b8189d286886bdaa08

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-f+RXJS7dQE/quctPIxYeWvYZTJY+LkDYxF9Ly3IwXRe83aT2' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-f+RXJS7dQE/quctPIxYeWvYZTJY+LkDYxF9Ly3IwXRe83aT2' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.elegantresearchservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-f+RXJS7dQE/quctPIxYeWvYZTJY+LkDYxF9Ly3IwXRe83aT2' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-f+RXJS7dQE/quctPIxYeWvYZTJY+LkDYxF9Ly3IwXRe83aT2' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Oct 2022 09:12:40 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 0
x-cache: MISS, MISS
p3p: true
paypal-debug-id: f8135907ff8e3
server-timing: "traceparent;desc="00-0000000000000000000f8135907ff8e3-562823343cc28a40-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 90500
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000087-IAD, cache-ewr18135-EWR
traceparent: 00-0000000000000000000f8135907ff8e3-acfbf475c383cfb1-01
x-timer: S1666948360.199940,VS0,VE627
etag: W/"16184-EqIUXmmVvATiWEJ5kZRxSwIvdmM"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H/1.1 200
OK index-2.css
mail.elegantresearchservice.com/ 14 KB
14 KB 99ms
98ms Stylesheet
text/css 136.243.149.233
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://mail.elegantresearchservice.com/index-2.css
Requested by: Host: mail.elegantresearchservice.com
URL: http://mail.elegantresearchservice.com/
Protocol: HTTP/1.1
Server: 136.243.149.233 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ndovu.bitsimba.com
Software: nginx /
Resource Hash: eab48476fe71441a108bd425d9ed5075ab8429443836a25a6741606aec50c4e7

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.elegantresearchservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Date: Fri, 28 Oct 2022 09:12:40 GMT
Last-Modified: Thu, 09 Dec 2021 11:33:07 GMT
Server: nginx
Accept-Ranges: bytes
Content-Length: 14604
Content-Type: text/css

GET
H2

200

platform.js Show response
static.elfsight.com/platform/
Redirect Chain

https://apps.elfsight.com/p/platform.js
https://static.elfsight.com/platform/platform.js

48 KB
16 KB

25ms
12ms

Script
application/javascript

2606:4700:20::681a:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.elfsight.com/platform/platform.js

Requested by

Host: mail.elegantresearchservice.com
URL: http://mail.elegantresearchservice.com/

Protocol

Server

2606:4700:20::681a:76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fb79688ef6e8f5db5e0a0bf5a149b3808b2d4fcf9d2e9954cd3c003e28d6449

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.elegantresearchservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:12:40 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000000000015ca864a3-0063486399-3ade2f46-sfo2a
age: 3276
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 23 Sep 2022 11:30:00 GMT
server: cloudflare
etag: W/"625b8e6913d0ec9591ea5b662ac36be4"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
x-hw: 1665689627.dop046.ny3.t,1665689627.cds126.ny3.hn,1665689627.cds129.ny3.c
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CFWub1CVkxBxmniOvaTK%2BxkSxobYYV9me%2Bl83Ot28BTYX8L%2Fe5hN4jJdJ9XLmQNpUcg1cvuI4kozm4E7uYE2uxprrlEtLrVnv3glY%2FBysB%2Fe80mZteYmxBnW9pl9cdkPBWDUAJVRmkEWWjHT5yFG5yQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=3600
x-rgw-object-type: Normal
cf-ray: 76128d161db43348-EWR

Redirect headers

date: Fri, 28 Oct 2022 09:12:40 GMT
strict-transport-security: max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kEqo8eimP%2BOuhFt32kONgjh%2Bf9cFVve265XpmgAL1gXGmfYOnUe650tJvNUmYlwX4tGcNY5nqwN0rdXrve6AZc6OiHQIKpgr8m6DV5P6p7rAJGxBmDGyhOFMmYox52iR1monOsaJIi08630nqf%2B5"}],"group":"cf-nel","max_age":604800}
location: https://static.elfsight.com/platform/platform.js
cache-control: max-age=3600
cf-ray: 76128d15fd8e3348-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 28 Oct 2022 10:12:40 GMT

GET
H2 200 boxicons.min.css
unpkg.com/boxicons@2.0.9/css/ 62 KB
11 KB 46ms
14ms Stylesheet
text/css 2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/boxicons@2.0.9/css/boxicons.min.css

Requested by

Host: mail.elegantresearchservice.com
URL: http://mail.elegantresearchservice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fc89b0c376bb37f904f4a63ef38e27ba939b1b2da6df77d127d533bb9d167f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.elegantresearchservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:12:40 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 12787949
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01G4HT9GG3HZYND5DFP1BH3BM4-lga
server: cloudflare
etag: W/"f925-BeqWOuFeYgoFGuw/jd5Lb4VJnJY"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 76128d134e1ac413-EWR

GET
H/1.1 200
OK elegant-logo.png
mail.elegantresearchservice.com/ 7 KB
7 KB 98ms
98ms Image
image/png 136.243.149.233
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mail.elegantresearchservice.com/elegant-logo.png
Requested by: Host: mail.elegantresearchservice.com
URL: http://mail.elegantresearchservice.com/
Protocol: HTTP/1.1
Server: 136.243.149.233 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ndovu.bitsimba.com
Software: nginx /
Resource Hash: 581bee577fae17418b3dfe7029f24428dd12003319205a6d960072ae5c7157b0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.elegantresearchservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Date: Fri, 28 Oct 2022 09:12:40 GMT
Last-Modified: Thu, 09 Dec 2021 11:36:13 GMT
Server: nginx
Accept-Ranges: bytes
Content-Length: 6913
Content-Type: image/png

GET
H/1.1 200
OK menu.png
mail.elegantresearchservice.com/ 4 KB
4 KB 98ms
98ms Image
image/png 136.243.149.233
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mail.elegantresearchservice.com/menu.png
Requested by: Host: mail.elegantresearchservice.com
URL: http://mail.elegantresearchservice.com/
Protocol: HTTP/1.1
Server: 136.243.149.233 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ndovu.bitsimba.com
Software: nginx /
Resource Hash: 817eca338041ebc43877e97523d6b03bc0bdc5a2c27c411d2767c4f1202e7ada

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.elegantresearchservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Date: Fri, 28 Oct 2022 09:12:40 GMT
Last-Modified: Thu, 09 Dec 2021 11:36:44 GMT
Server: nginx
Accept-Ranges: bytes
Content-Length: 4207
Content-Type: image/png

GET
H/1.1 200
OK college-student.png
mail.elegantresearchservice.com/ 863 KB
863 KB 102ms
102ms Image
image/png 136.243.149.233
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mail.elegantresearchservice.com/college-student.png
Requested by: Host: mail.elegantresearchservice.com
URL: http://mail.elegantresearchservice.com/
Protocol: HTTP/1.1
Server: 136.243.149.233 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ndovu.bitsimba.com
Software: nginx /
Resource Hash: 6496c571a1e14681e3dd0cc3650ddcb1a4abadb5747ee0a4a4c44a3a79d5adb8

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.elegantresearchservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Date: Fri, 28 Oct 2022 09:12:40 GMT
Last-Modified: Thu, 09 Dec 2021 11:35:56 GMT
Server: nginx
Accept-Ranges: bytes
Content-Length: 883248
Content-Type: image/png

GET
H/1.1 200
OK paypal.js Show response
mail.elegantresearchservice.com/ 1 KB
1 KB 98ms
97ms Script
application/javascript 136.243.149.233
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://mail.elegantresearchservice.com/paypal.js
Requested by: Host: mail.elegantresearchservice.com
URL: http://mail.elegantresearchservice.com/
Protocol: HTTP/1.1
Server: 136.243.149.233 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ndovu.bitsimba.com
Software: nginx /
Resource Hash: 305716e9edeeca68bfcdbf3d061230bc8f8c986a23141756512a5b5b3522137b

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.elegantresearchservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Date: Fri, 28 Oct 2022 09:12:40 GMT
Last-Modified: Thu, 09 Dec 2021 11:33:40 GMT
Server: nginx
Accept-Ranges: bytes
Content-Length: 1124
Content-Type: application/javascript

GET
H/1.1 200
OK writingrail3.jpg
mail.elegantresearchservice.com/ 1 MB
1 MB 99ms
99ms Image
image/jpeg 136.243.149.233
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mail.elegantresearchservice.com/writingrail3.jpg
Requested by: Host: mail.elegantresearchservice.com
URL: http://mail.elegantresearchservice.com/
Protocol: HTTP/1.1
Server: 136.243.149.233 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ndovu.bitsimba.com
Software: nginx /
Resource Hash: 7688c4876529ca690969d35db89ae148ff3415d5196722b768b90f35f079ae7b

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.elegantresearchservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Date: Fri, 28 Oct 2022 09:12:40 GMT
Last-Modified: Thu, 09 Dec 2021 11:37:25 GMT
Server: nginx
Accept-Ranges: bytes
Content-Length: 1128971
Content-Type: image/jpeg

GET
H/1.1 200
OK writingrail4.jpg
mail.elegantresearchservice.com/ 1 MB
1 MB 195ms
102ms Image
image/jpeg 136.243.149.233
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mail.elegantresearchservice.com/writingrail4.jpg
Requested by: Host: mail.elegantresearchservice.com
URL: http://mail.elegantresearchservice.com/
Protocol: HTTP/1.1
Server: 136.243.149.233 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ndovu.bitsimba.com
Software: nginx /
Resource Hash: b4337246a1f691749e882f8b73b552373e832ec02728ac3b70c27a3fe493ed2f

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.elegantresearchservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Date: Fri, 28 Oct 2022 09:12:41 GMT
Last-Modified: Thu, 09 Dec 2021 11:38:58 GMT
Server: nginx
Accept-Ranges: bytes
Content-Length: 1208316
Content-Type: image/jpeg

GET
H/1.1 200
OK writingrail5.jpg
mail.elegantresearchservice.com/ 1 MB
1 MB 197ms
103ms Image
image/jpeg 136.243.149.233
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mail.elegantresearchservice.com/writingrail5.jpg
Requested by: Host: mail.elegantresearchservice.com
URL: http://mail.elegantresearchservice.com/
Protocol: HTTP/1.1
Server: 136.243.149.233 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ndovu.bitsimba.com
Software: nginx /
Resource Hash: 9ada913557497704d2e56f0d8ca48e959fad72b28c62d12527d32a6de1e9be1b

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.elegantresearchservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Date: Fri, 28 Oct 2022 09:12:41 GMT
Last-Modified: Thu, 09 Dec 2021 11:39:28 GMT
Server: nginx
Accept-Ranges: bytes
Content-Length: 1088926
Content-Type: image/jpeg

GET
H/1.1 200
OK writingrail9.jpg
mail.elegantresearchservice.com/ 3 MB
3 MB 199ms
102ms Image
image/jpeg 136.243.149.233
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mail.elegantresearchservice.com/writingrail9.jpg
Requested by: Host: mail.elegantresearchservice.com
URL: http://mail.elegantresearchservice.com/
Protocol: HTTP/1.1
Server: 136.243.149.233 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ndovu.bitsimba.com
Software: nginx /
Resource Hash: b2521d8ae3dd0aff3c5f4d17c73b5e1bac76b8954bfae0cf2412b99304f8c935

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.elegantresearchservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Date: Fri, 28 Oct 2022 09:12:41 GMT
Last-Modified: Thu, 09 Dec 2021 11:40:36 GMT
Server: nginx
Accept-Ranges: bytes
Content-Length: 2767883
Content-Type: image/jpeg

GET
H/1.1 200
OK writingrail8.jpg
mail.elegantresearchservice.com/ 792 KB
792 KB 198ms
102ms Image
image/jpeg 136.243.149.233
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mail.elegantresearchservice.com/writingrail8.jpg
Requested by: Host: mail.elegantresearchservice.com
URL: http://mail.elegantresearchservice.com/
Protocol: HTTP/1.1
Server: 136.243.149.233 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ndovu.bitsimba.com
Software: nginx /
Resource Hash: 2d0591c949a5600771a16c2d220264165bc9dd84944821e88db32bee375d4226

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.elegantresearchservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Date: Fri, 28 Oct 2022 09:12:41 GMT
Last-Modified: Thu, 09 Dec 2021 11:39:27 GMT
Server: nginx
Accept-Ranges: bytes
Content-Length: 810593
Content-Type: image/jpeg

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
27 KB 12ms
10ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: mail.elegantresearchservice.com
URL: http://mail.elegantresearchservice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.elegantresearchservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 9286067
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27938
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76128d14ed001841-EWR
expires: Wed, 18 Oct 2023 09:12:40 GMT

GET
H3 200 owl.carousel.min.js Show response
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/ 43 KB
10 KB 12ms
12ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js

Requested by

Host: mail.elegantresearchservice.com
URL: http://mail.elegantresearchservice.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.elegantresearchservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:12:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 3755491
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10158
last-modified: Mon, 04 May 2020 16:04:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf0-ad36"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76128d150ddd192a-EWR
expires: Wed, 18 Oct 2023 09:12:40 GMT

GET
H/1.1 200
OK carousel.js Show response
mail.elegantresearchservice.com/ 265 B
463 B 101ms
100ms Script
application/javascript 136.243.149.233
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://mail.elegantresearchservice.com/carousel.js
Requested by: Host: mail.elegantresearchservice.com
URL: http://mail.elegantresearchservice.com/
Protocol: HTTP/1.1
Server: 136.243.149.233 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ndovu.bitsimba.com
Software: nginx /
Resource Hash: 10db64b99226bf4f9cb87cc5086ec39825fc0b411c91ebdd5e352209c77e4918

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.elegantresearchservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Date: Fri, 28 Oct 2022 09:12:40 GMT
Last-Modified: Thu, 09 Dec 2021 11:34:38 GMT
Server: nginx
Accept-Ranges: bytes
Content-Length: 265
Content-Type: application/javascript

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 51ms
5ms Stylesheet
text/css 2600:1400:d::6878:d28b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=hnk5xes&ht=tk&f=28873.28876&a=29883096&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hnk5xes.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d::6878:d28b New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:12:40 GMT
last-modified: Thu, 28 Jul 2022 21:30:08 GMT
server: nginx
etag: "62e2ffe0-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
5 KB 330ms
328ms Script
application/x-javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=mail.elegantresearchservice.com&t=xo&v=5.0.338&source=payments_sdk&client_id=ASuNla1Ys2IlXZrIDAxwnt3kM7dpSpXFG8zFPYCm0qfsdVjz0zIsqaJJXr_Dob2ryWFf4kuU38mnG4fA&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=ASuNla1Ys2IlXZrIDAxwnt3kM7dpSpXFG8zFPYCm0qfsdVjz0zIsqaJJXr_Dob2ryWFf4kuU38mnG4fA&enable-funding=venmo&currency=USD&disable-funding=credit,card

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-g0TeSafdRgOuBRYqxQXif0DPc7VHMiUWhO/S/2er+clx8h/8' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.elegantresearchservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-g0TeSafdRgOuBRYqxQXif0DPc7VHMiUWhO/S/2er+clx8h/8' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Oct 2022 09:12:41 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 0
x-cache: MISS, MISS
paypal-debug-id: f644658d765d7
server-timing: "traceparent;desc="00-0000000000000000000f644658d765d7-98fc76a3d93dbc57-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4299
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000121-IAD, cache-ewr18135-EWR
traceparent: 00-0000000000000000000f644658d765d7-76a4d9e86e129ec9-01
x-timer: S1666948361.923997,VS0,VE323
etag: W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 l
use.typekit.net/af/ac34da/00000000000000007735b230/30/ 43 KB
43 KB 26ms
8ms Font
application/font-woff2 2600:1400:d::6878:d293
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/ac34da/00000000000000007735b230/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hnk5xes.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d::6878:d293 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f5b11429063644fbd2aec4bdc63e07d946460e71682f91fe9e884c544cea7078

Request headers

Referer: https://use.typekit.net/hnk5xes.css
Origin: http://mail.elegantresearchservice.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:12:40 GMT
server: nginx
etag: "34295de83a938b9d6fadfa55004b40dc7d8b9165"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 43808

GET
DATA 200
OK truncated
/ 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame B49B 411 KB
165 KB 281ms
280ms Document
text/html 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=pill&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.338&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVN1TmxhMVlzMklsWFpySURBeHdudDNrTTdkcFNwWEZHOHpGUFlDbTBxZnNkVmp6MHpJc3FhSkpYcl9Eb2IycnlXRmY0a3VVMzhtbkc0ZkEmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9VVNEJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCIsImF0dHJzIjp7ImRhdGEtc2RrLWludGVncmF0aW9uLXNvdXJjZSI6ImJ1dHRvbi1mYWN0b3J5IiwiZGF0YS11aWQiOiJ1aWRfenh1cWp6Z3N2cGt3cXF1eXZoamxodGN5Z29tYWRoIn19&clientID=ASuNla1Ys2IlXZrIDAxwnt3kM7dpSpXFG8zFPYCm0qfsdVjz0zIsqaJJXr_Dob2ryWFf4kuU38mnG4fA&sdkCorrelationID=f759943e9aa43&storageID=uid_59a21430bc_mdk6mti6nda&sessionID=uid_ea452c3809_mdk6mti6nda&buttonSessionID=uid_5faf99a99b_mdk6mti6nda&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

27c9435734c09a8c62f037d1193ee138686976d71d8ce9983ef351b5a04f23fe

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://mail.elegantresearchservice.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: none
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: br
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Fri, 28 Oct 2022 09:12:41 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/W/"66af2-jJYzOmYGQaG241FGJPWdBohAopY"
p3p: true
paypal-debug-id: f644658ee2c53
server-timing: "traceparent;desc="00-0000000000000000000f644658ee2c53-227cef07580e3505-01"";content-encoding;desc="br",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f644658ee2c53-c080b269193e2d6f-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-served-by: cache-iad-kiad7000086-IAD, cache-ewr18135-EWR
x-timer: S1666948361.036165,VS0,VE275
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 87EF 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/ 76 KB
77 KB 40ms
31ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2699316cb83af2502422d101e81564b0492785cab2fdfbdc256f90e1c4ad5606

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Origin: http://mail.elegantresearchservice.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:12:41 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5663646
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78196
last-modified: Tue, 16 Mar 2021 19:29:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60510736-13174"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76128d18ae3dc411-EWR
expires: Wed, 18 Oct 2023 09:12:41 GMT

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1017 B
1 KB 243ms
243ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b7f69ac7f1d926b7c6702fbc419537a0030643f25dc7330f9be5dc20b0a48569

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: http://mail.elegantresearchservice.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
content-type: application/json

Response headers

date: Fri, 28 Oct 2022 09:12:41 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f64465847c1e7
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-iad-kjyo7100062-IAD, cache-ewr18132-EWR
traceparent: 00-0000000000000000000f64465847c1e7-0b947c5c88eaec84-01
x-timer: S1666948361.257458,VS0,VE219
etag: W/W/"3f9-qECgrNSMVat3CX0jfJZ7ruNyeVg"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: http://mail.elegantresearchservice.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0, 0

GET
H/1.1 200
OK writingrail12.jpg
mail.elegantresearchservice.com/ 2 MB
2 MB 102ms
101ms Image
image/jpeg 136.243.149.233
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://mail.elegantresearchservice.com/writingrail12.jpg
Requested by: Host: mail.elegantresearchservice.com
URL: http://mail.elegantresearchservice.com/index-2.css
Protocol: HTTP/1.1
Server: 136.243.149.233 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ndovu.bitsimba.com
Software: nginx /
Resource Hash: 196966b15e2890fa4665a043b384fa45e524455a1e2725c45f8519b233531d67

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.elegantresearchservice.com/index-2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Date: Fri, 28 Oct 2022 09:12:41 GMT
Last-Modified: Thu, 09 Dec 2021 11:40:26 GMT
Server: nginx
Accept-Ranges: bytes
Content-Length: 2337103
Content-Type: image/jpeg

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/ 75 KB
75 KB 12ms
11ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de698f771f908f6249a14b16e6c5e46c7bb7fd7477be0d48253a6c27481eb7e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Origin: http://mail.elegantresearchservice.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:12:41 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5584891
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76764
last-modified: Tue, 16 Mar 2021 19:29:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60510736-12bdc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76128d195ef3c411-EWR
expires: Wed, 18 Oct 2023 09:12:41 GMT

GET
H3 200 / Show response
apps.elfsight.com/p/boot/ 3 KB
2 KB 343ms
334ms XHR
application/json 2606:4700:20::681a:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.elfsight.com/p/boot/?page=http%3A%2F%2Fmail.elegantresearchservice.com%2F&w=88ade1ec-163a-4564-9422-e54cc3b904de

Requested by

Host: apps.elfsight.com
URL: https://apps.elfsight.com/p/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5eb6fb5ba9d4a9647619bd22ba3b96413f1490f29c07d760b73d8cd3e614cafe

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.elegantresearchservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:12:41 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: http://mail.elegantresearchservice.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQN3M6XKzmiPKPHkbkamf0NiSwnSz5Ny%2FfQFSKIIV2Uhqm9uPy0aaEhpmWLknhoqvAekhRIkQobJOyeYu9s%2FuR11tKqXdkYXjifhJ%2FFfayHdz22zO4MA0DuvBQvvy8pGNQn%2FZNdu0wmGcVT3BUHr"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, private
access-control-allow-credentials: true
cf-apo-via: origin,host
access-control-max-age: 86400
cf-ray: 76128d19c8ed0c95-EWR
access-control-allow-headers: DNT, Referer, Content-Type, Set-Cookie, x-csrf-token, x-socket-id

GET
H2 200 ts
t.paypal.com/ 42 B
844 B 217ms
82ms Image
image/gif 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Best%20online%20Research%20and%20academic%20writing%20help%20services&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1666948361257&g=0&completeurl=http%3A%2F%2Fmail.elegantresearchservice.com%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

Requested by

Host: mail.elegantresearchservice.com
URL: http://mail.elegantresearchservice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.elegantresearchservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Fri, 28 Oct 2022 09:12:41 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 4c86324082bea
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-iad-kjyo7100024-IAD, cache-ewr18162-EWR
pragma: no-cache
traceparent: 00-00000000000000000004c86324082bea-e3d99feadcb3362d-01
x-timer: S1666948361.397376,VS0,VE76
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Oct 2022 09:12:41 GMT

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 160ms
145ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://mail.elegantresearchservice.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: http://mail.elegantresearchservice.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Fri, 28 Oct 2022 09:12:41 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f64465878f797
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f64465878f797-db6d209e3b3446bd-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-iad-kcgs7200067-IAD, cache-ewr18132-EWR
x-timer: S1666948361.092427,VS0,VE141

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame B49B 302 KB
89 KB 16ms
14ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=ASuNla1Ys2IlXZrIDAxwnt3kM7dpSpXFG8zFPYCm0qfsdVjz0zIsqaJJXr_Dob2ryWFf4kuU38mnG4fA&enable-funding=venmo&currency=USD&disable-funding=credit,card

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=pill&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.338&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVN1TmxhMVlzMklsWFpySURBeHdudDNrTTdkcFNwWEZHOHpGUFlDbTBxZnNkVmp6MHpJc3FhSkpYcl9Eb2IycnlXRmY0a3VVMzhtbkc0ZkEmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9VVNEJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCIsImF0dHJzIjp7ImRhdGEtc2RrLWludGVncmF0aW9uLXNvdXJjZSI6ImJ1dHRvbi1mYWN0b3J5IiwiZGF0YS11aWQiOiJ1aWRfenh1cWp6Z3N2cGt3cXF1eXZoamxodGN5Z29tYWRoIn19&clientID=ASuNla1Ys2IlXZrIDAxwnt3kM7dpSpXFG8zFPYCm0qfsdVjz0zIsqaJJXr_Dob2ryWFf4kuU38mnG4fA&sdkCorrelationID=f759943e9aa43&storageID=uid_59a21430bc_mdk6mti6nda&sessionID=uid_ea452c3809_mdk6mti6nda&buttonSessionID=uid_5faf99a99b_mdk6mti6nda&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e87230ace2232c6eb1e8f465162b97e498a4af0e794bd3b8189d286886bdaa08

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-f+RXJS7dQE/quctPIxYeWvYZTJY+LkDYxF9Ly3IwXRe83aT2' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-f+RXJS7dQE/quctPIxYeWvYZTJY+LkDYxF9Ly3IwXRe83aT2' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=pill&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.338&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVN1TmxhMVlzMklsWFpySURBeHdudDNrTTdkcFNwWEZHOHpGUFlDbTBxZnNkVmp6MHpJc3FhSkpYcl9Eb2IycnlXRmY0a3VVMzhtbkc0ZkEmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9VVNEJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCIsImF0dHJzIjp7ImRhdGEtc2RrLWludGVncmF0aW9uLXNvdXJjZSI6ImJ1dHRvbi1mYWN0b3J5IiwiZGF0YS11aWQiOiJ1aWRfenh1cWp6Z3N2cGt3cXF1eXZoamxodGN5Z29tYWRoIn19&clientID=ASuNla1Ys2IlXZrIDAxwnt3kM7dpSpXFG8zFPYCm0qfsdVjz0zIsqaJJXr_Dob2ryWFf4kuU38mnG4fA&sdkCorrelationID=f759943e9aa43&storageID=uid_59a21430bc_mdk6mti6nda&sessionID=uid_ea452c3809_mdk6mti6nda&buttonSessionID=uid_5faf99a99b_mdk6mti6nda&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-f+RXJS7dQE/quctPIxYeWvYZTJY+LkDYxF9Ly3IwXRe83aT2' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-f+RXJS7dQE/quctPIxYeWvYZTJY+LkDYxF9Ly3IwXRe83aT2' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Oct 2022 09:12:41 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1
x-cache: MISS, HIT
p3p: true
paypal-debug-id: f8135907ff8e3
server-timing: "traceparent;desc="00-0000000000000000000f8135907ff8e3-562823343cc28a40-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 90500
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000087-IAD, cache-ewr18135-EWR
traceparent: 00-0000000000000000000f8135907ff8e3-acfbf475c383cfb1-01
x-timer: S1666948361.412479,VS0,VE6
etag: W/"16184-EqIUXmmVvATiWEJ5kZRxSwIvdmM"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
accept-ranges: bytes
x-cache-hits: 0, 1

GET
DATA 200
OK truncated
/ Frame B49B 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 whatsappChat.js Show response
static.elfsight.com/apps/whatsapp-chat/release/d1e8fdd29594d919614323c2f50256ee44ddc9d8/app/ 547 KB
159 KB 26ms
24ms Script
application/javascript 2606:4700:20::681a:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.elfsight.com/apps/whatsapp-chat/release/d1e8fdd29594d919614323c2f50256ee44ddc9d8/app/whatsappChat.js

Requested by

Host: apps.elfsight.com
URL: https://apps.elfsight.com/p/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4eabd79f6ea14aa587cf68791fd8d923a55ff33e5be720e6dc378efbfdc05ee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.elegantresearchservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:12:41 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000000000003ce308ae-00635a9af1-42d93a25-sfo2a
age: 66065
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 Oct 2022 14:49:50 GMT
server: cloudflare
etag: W/"6c765ea70b06ad8c882c1c90eeca6ad4"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
x-hw: 1666882296.dop030.ny3.t,1666882296.cds239.ny3.hn,1666882296.cds215.ny3.c
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=On4jitYO0ASCl%2BuKRbW5XcDX2sf6s8NrQP1zpe0pjgV%2B4YIY7UXdNn7vNsmksUR2bDr8JEGejai%2FWd0LeP635I7ovTOUmXrLA9SVmtFDnO4K30a9bqOm%2B6Tpcl6aDxPeT7ziK%2FKs%2B7XChGBHObo0R24%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
x-rgw-object-type: Normal
cf-ray: 76128d1be9c20c95-EWR

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame B49B 57 KB
20 KB 58ms
8ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/7931) /

Resource Hash

e560d581ed6a8c168699938f8e85479245e1fc465c09ac8034acf5a1e3d72736

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:12:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 486788
x-cache: HIT
paypal-debug-id: 60e8355b5c627
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=4
dc: ccg11-origin-www-1.paypal.com
content-length: 20053
last-modified: Tue, 09 Aug 2022 20:44:56 GMT
server: ECAcc (nya/7931)
traceparent: 00-000000000000000000060e8355b5c627-e14dab3e3426b767-01
etag: "62f2c748-e586"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: false
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Oct 2022 09:12:41 GMT

GET
H2

200

ad84a785-92b9-44be-b4f4-729817801b01.jpg
files.elfsightcdn.com/2e4637d8-d70d-4039-a8e6-6dbf1f0168ee/
Redirect Chain

https://files.elfsight.com/storage/2e4637d8-d70d-4039-a8e6-6dbf1f0168ee/ad84a785-92b9-44be-b4f4-729817801b01.jpg
https://files.elfsightcdn.com/2e4637d8-d70d-4039-a8e6-6dbf1f0168ee/ad84a785-92b9-44be-b4f4-729817801b01.jpg

1 MB
1 MB

1273ms
1244ms

Image
image/jpeg

2606:4700:20::681a:4f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.elfsightcdn.com/2e4637d8-d70d-4039-a8e6-6dbf1f0168ee/ad84a785-92b9-44be-b4f4-729817801b01.jpg

Requested by

Host: mail.elegantresearchservice.com
URL: http://mail.elegantresearchservice.com/

Protocol

Server

2606:4700:20::681a:4f7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf1af485688f44dd5557125faf6f871885f4a212c798fee17fcfc1645de536ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.elegantresearchservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:12:43 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx000000000000022ea5145-00635b9d09-21d29c43-nyc3a
content-length: 1262015
last-modified: Tue, 08 Feb 2022 12:49:39 GMT
server: cloudflare
etag: "ad8c2f42739a6e9f8599b98eb31d320b"
vary: Accept-Encoding
x-hw: 1666948361.dop201.ny3.t,1666948361.cds244.ny3.hn,1666948361.cds059.ny3.p
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vGuae%2BmAljz2%2FHTep%2BIg1W7n2cRc1%2BxwaDp7MqcXle3NpNby%2FgH%2B%2BlHp%2F4yHP2YYzj%2BS6rGUvqgCC23WDpi78DCPx%2F2I4wrQ3AKsuD4TinEwWCJRmQ%2Bc0Db8z2%2FFuTz6%2FRAmzSa2I4LxzoaIzX6ED9FNIg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 76128d1ded950cd9-EWR

Redirect headers

date: Fri, 28 Oct 2022 09:12:41 GMT
strict-transport-security: max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tpJJ1dt3VSKqJevt%2FhAxqwnMjKLS%2F8vKPqmm0L6mO7zINJ4HMqZ5Jk%2Bsn2dQG9rBTZUMPzqVss0Ur%2FZsgQdq9LVgTewtSduL%2B%2FXxj88dMUNVTN8IY6JOWK2gMDwplbTNT5d63uSYq7DR5pm0GzPu3w%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://files.elfsightcdn.com/2e4637d8-d70d-4039-a8e6-6dbf1f0168ee/ad84a785-92b9-44be-b4f4-729817801b01.jpg
cache-control: max-age=3600
cf-ray: 76128d1d9cb53348-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 28 Oct 2022 10:12:41 GMT

GET
H2 200 whatsapp.png
elfsight.com/assets/chats/patterns/ 107 KB
108 KB 40ms
17ms Image
image/webp 2606:4700:20::681a:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://elfsight.com/assets/chats/patterns/whatsapp.png

Requested by

Host: mail.elegantresearchservice.com
URL: http://mail.elegantresearchservice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:76b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9841568d51b19a0ede7d10e05f5fbdb02b73874afb7e978c0d4e958ecf0455e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.elegantresearchservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:12:41 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2240
cf-polished: origFmt=png, origSize=114536
content-disposition: inline; filename="whatsapp.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 110038
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Tue, 26 Feb 2019 11:09:08 GMT
server: cloudflare
etag: "5c751e54-1bf68"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wosyaAykA333eqKNZ%2BwaLdIFVpJD1COoppIyNgKiGxXQD36%2BZS5LREjUf7wMKcnFI%2BE2gtYa118qzBy9IqTW8vMU6y8mUjVQ1OvSmKguC4modCPTyGLT%2BPsCryTFR3khvO6AQmWeBEkLmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 76128d1daccb3348-EWR

GET
DATA 200
OK truncated
/ 417 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ea2386004d026938ef0f644a75fc9fa38a79f9f813286883e47bdae3624e11e

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.elegantresearchservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09c6bdbc252355240537e7c5aa1ecf07104ffa7cc4227ee4953e05bd2e968696

Request headers

accept-language: en-US,en;q=0.9
Referer: http://mail.elegantresearchservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame 0809 160 B
1 KB 112ms
111ms Document
text/html 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dcd/7D44) /

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 141
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
correlation-id: 2b6e9774040e
date: Fri, 28 Oct 2022 09:12:41 GMT
origin-trial: A+THamRrv1ypMR6JeaJx7Wmo8rytLELMAeCL0XGhTihfUtp+dVqcCNYiWxOzySlH2Xk7lzRrFY3mxv6viKT1qggAAACKeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
paypal-debug-id: 2b6e9774040e
server: ECAcc (dcd/7D44)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=105
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-000000000000000000002b6e9774040e-a9e52410b886ff62-01
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

counter2.cgi
chd.stats.paypal.com/v2/ Frame CEB6
Redirect Chain

https://b.stats.paypal.com/v2/counter.cgi?p=uid_ea452c3809_mdk6mti6nda&s=SMART_PAYMENT_BUTTONS
https://chd.stats.paypal.com/v2/counter2.cgi?p=uid_ea452c3809_mdk6mti6nda&s=SMART_PAYMENT_BUTTONS

42 B
299 B

202ms
65ms

Image
image/jpeg

64.4.251.12
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://chd.stats.paypal.com/v2/counter2.cgi?p=uid_ea452c3809_mdk6mti6nda&s=SMART_PAYMENT_BUTTONS
Requested by: Host: mail.elegantresearchservice.com
URL: http://mail.elegantresearchservice.com/
Protocol: HTTP/1.1
Server: 64.4.251.12 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

Date: Fri, 28 Oct 2022 09:12:42 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://chd.stats.paypal.com/v2/counter2.cgi?p=uid_ea452c3809_mdk6mti6nda&s=SMART_PAYMENT_BUTTONS
Date: Fri, 28 Oct 2022 09:12:42 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame B49B 1023 B
2 KB 151ms
149ms Ping
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a9b1ff79bdc44b9cd35dc3a1d9b89306a535a0f2d60073ba7bead203152f30e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=pill&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.338&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVN1TmxhMVlzMklsWFpySURBeHdudDNrTTdkcFNwWEZHOHpGUFlDbTBxZnNkVmp6MHpJc3FhSkpYcl9Eb2IycnlXRmY0a3VVMzhtbkc0ZkEmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9VVNEJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCIsImF0dHJzIjp7ImRhdGEtc2RrLWludGVncmF0aW9uLXNvdXJjZSI6ImJ1dHRvbi1mYWN0b3J5IiwiZGF0YS11aWQiOiJ1aWRfenh1cWp6Z3N2cGt3cXF1eXZoamxodGN5Z29tYWRoIn19&clientID=ASuNla1Ys2IlXZrIDAxwnt3kM7dpSpXFG8zFPYCm0qfsdVjz0zIsqaJJXr_Dob2ryWFf4kuU38mnG4fA&sdkCorrelationID=f759943e9aa43&storageID=uid_59a21430bc_mdk6mti6nda&sessionID=uid_ea452c3809_mdk6mti6nda&buttonSessionID=uid_5faf99a99b_mdk6mti6nda&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 28 Oct 2022 09:12:42 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f599239371526
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-iad-kcgs7200168-IAD, cache-ewr18135-EWR
traceparent: 00-0000000000000000000f599239371526-68d9a82092f9be30-01
x-timer: S1666948362.924707,VS0,VE139
etag: W/W/"3ff-YSYnf2c1s/e3j0pONoRJvi4M80o"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 0809 57 KB
20 KB 7ms
7ms Script
application/javascript 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nya/7931) /

Resource Hash

e560d581ed6a8c168699938f8e85479245e1fc465c09ac8034acf5a1e3d72736

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 486789
x-cache: HIT
paypal-debug-id: 60e8355b5c627
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=3
dc: ccg11-origin-www-1.paypal.com
content-length: 20053
last-modified: Tue, 09 Aug 2022 20:44:56 GMT
server: ECAcc (nya/7931)
traceparent: 00-000000000000000000060e8355b5c627-e14dab3e3426b767-01
etag: "62f2c748-e586"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: false
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Oct 2022 09:12:42 GMT

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame 0809 125 B
806 B 152ms
151ms XHR
application/json 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dcd/7D0C) /

Resource Hash

a68b2c081b7c633da8f68328b4e9e3a9c81cb4828f177640ef8782da13e35804

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 28 Oct 2022 09:12:41 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: 6f6e48a4eb390
server: ECAcc (dcd/7D0C)
traceparent: 00-00000000000000000006f6e48a4eb390-3e6bf8124a22e51d-01
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: 6f6e48a4eb390
content-type: application/json
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=144
timing-allow-origin: *
content-length: 125

POST
H2 204 e Show response
c.paypal.com/v1/r/d/b/ Frame 0809 0
144 B 105ms
104ms XHR
text/plain 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dcd/7D38) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 28 Oct 2022 09:12:41 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: 6e445b2f68907
server: ECAcc (dcd/7D38)
traceparent: 00-00000000000000000006e445b2f68907-5d96be8fcbeb59ec-01
paypal-debug-id: 6e445b2f68907
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=95
timing-allow-origin: *

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame 0809 0
181 B 153ms
115ms Image
text/plain 192.229.210.155
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=uid_ea452c3809_mdk6mti6nda&s=SMART_PAYMENT_BUTTONS

Requested by

Host: mail.elegantresearchservice.com
URL: http://mail.elegantresearchservice.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.210.155 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dcd/7D7A) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 09:12:41 GMT
content-encoding: gzip
correlation-id: c52b6b59c01da
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (dcd/7D7A)
traceparent: 00-0000000000000000000c52b6b59c01da-b312a0ba25b632c4-01
vary: Accept-Encoding
paypal-debug-id: c52b6b59c01da
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=112
timing-allow-origin: *
content-length: 20

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame B49B 1017 B
1 KB 161ms
160ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c2c9baf02f6a272b1d0ae3bf7b63bb88a71703ef56390dda4385b6c29a1fd256

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?style.label=paypal&style.layout=vertical&style.color=blue&style.shape=pill&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.338&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVN1TmxhMVlzMklsWFpySURBeHdudDNrTTdkcFNwWEZHOHpGUFlDbTBxZnNkVmp6MHpJc3FhSkpYcl9Eb2IycnlXRmY0a3VVMzhtbkc0ZkEmZW5hYmxlLWZ1bmRpbmc9dmVubW8mY3VycmVuY3k9VVNEJmRpc2FibGUtZnVuZGluZz1jcmVkaXQsY2FyZCIsImF0dHJzIjp7ImRhdGEtc2RrLWludGVncmF0aW9uLXNvdXJjZSI6ImJ1dHRvbi1mYWN0b3J5IiwiZGF0YS11aWQiOiJ1aWRfenh1cWp6Z3N2cGt3cXF1eXZoamxodGN5Z29tYWRoIn19&clientID=ASuNla1Ys2IlXZrIDAxwnt3kM7dpSpXFG8zFPYCm0qfsdVjz0zIsqaJJXr_Dob2ryWFf4kuU38mnG4fA&sdkCorrelationID=f759943e9aa43&storageID=uid_59a21430bc_mdk6mti6nda&sessionID=uid_ea452c3809_mdk6mti6nda&buttonSessionID=uid_5faf99a99b_mdk6mti6nda&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjpmYWxzZSwiYnJhbmRlZCI6dHJ1ZSwiaW5zdGFsbG1lbnRzIjpmYWxzZSwidmVuZG9ycyI6eyJ2aXNhIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJtYXN0ZXJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJhbWV4Ijp7ImVsaWdpYmxlIjp0cnVlLCJ2YXVsdGFibGUiOnRydWV9LCJkaXNjb3ZlciI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6ZmFsc2V9LCJ2ZW5tbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJpdGF1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImNyZWRpdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJhcHBsZXBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzZXBhIjp7ImVsaWdpYmxlIjpmYWxzZX0sImlkZWFsIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJhbmNvbnRhY3QiOnsiZWxpZ2libGUiOmZhbHNlfSwiZ2lyb3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm15YmFuayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwMjQiOnsiZWxpZ2libGUiOmZhbHNlfSwiemltcGxlciI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtYXhpbWEiOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0b2JhbmNhcmlvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1lcmNhZG9wYWdvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm11bHRpYmFuY28iOnsiZWxpZ2libGUiOmZhbHNlfX0&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&enableFunding.0=venmo&disableFunding.0=credit&disableFunding.1=card&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
content-type: application/json

Response headers

date: Fri, 28 Oct 2022 09:12:42 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f599239b4abb5
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-iad-kcgs7200115-IAD, cache-ewr18135-EWR
traceparent: 00-0000000000000000000f599239b4abb5-a1a8526b77deabf7-01
x-timer: S1666948362.173754,VS0,VE139
etag: W/W/"3f9-/up9A+g/UrLxpwW16vqIjR1ueUY"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0, 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1017 B
1 KB 134ms
134ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

673cb5d13e4c3804168b4335decbc8db20bef38620f13f8c0a9c5cdf84342119

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: http://mail.elegantresearchservice.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36
content-type: application/json

Response headers

date: Fri, 28 Oct 2022 09:12:45 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f2120909cf242
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-iad-kcgs7200120-IAD, cache-ewr18132-EWR
traceparent: 00-0000000000000000000f2120909cf242-6232898ced7ab3d3-01
x-timer: S1666948365.407002,VS0,VE125
etag: W/W/"3f9-ejzgkAkI9yvrFFtiGbUpqp/Vr9g"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: http://mail.elegantresearchservice.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 131ms
131ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://mail.elegantresearchservice.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.68 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: http://mail.elegantresearchservice.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Fri, 28 Oct 2022 09:12:45 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f21209042c060
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f21209042c060-1179543d293983a3-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-iad-kcgs7200161-IAD, cache-ewr18132-EWR
x-timer: S1666948365.276502,VS0,VE124

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: systems.qodewire.com
URL: https://systems.qodewire.com/academic/wp-content/plugins/opskill-widgets/css/jquery.min.js?ver=12.0

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.paypal.com/	1970-01-20 07:02:30	Name: l7_az Value: dcg14.slc
.apps.elfsight.com/	1970-01-20 07:02:28	Name: _p_hfp_client_id Value: 2967621061
.paypal.com/	1970-01-20 15:48:04	Name: enforce_policy Value: ccpa
.paypal.com/	1970-01-20 07:02:59	Name: LANG Value: en_US%3BUS
.paypal.com/	1970-01-20 07:06:47	Name: tsrce Value: loggernodeweb
.c.paypal.com/	1970-01-20 16:38:28	Name: sc_f Value: 7nw6rmkkXYw4DJrynwpkrFjrwHqMQpTDEkJrL8axxVwpYMmHlB8e2ryYf3rb_zCLCMNG-UNII8bCN7t2EV8OhV3MwQqjFEftOVTcjm
.paypal.com/	1970-01-20 16:38:28	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: -IC_a0taHBDMHbF1k7boJu3aD6OJbXrr_t35YTw1AB30Dp8xBzvIplRXJqGYhMsTGq9XZ1aoyJQZ1W3j
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY2Njk0ODM2MjI2OCIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/	1970-01-20 16:38:28	Name: ts Value: vreXpYrS%3D1761642762%26vteXpYrS%3D1666950162%26vr%3D1ddd6fe51840a1d308e31433ffaec593%26vt%3D1ddd6fe51840a1d308e31433ffaec592%26vtyp%3Dnew
.paypal.com/	1970-01-20 16:38:28	Name: ts_c Value: vr%3D1ddd6fe51840a1d308e31433ffaec593%26vt%3D1ddd6fe51840a1d308e31433ffaec592

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://systems.qodewire.com/academic/wp-content/plugins/opskill-widgets/css/jquery.min.js?ver=12.0 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apps.elfsight.com
b.stats.paypal.com
c.paypal.com
c6.paypal.com
cdnjs.cloudflare.com
chd.stats.paypal.com
elfsight.com
files.elfsight.com
files.elfsightcdn.com
fonts.googleapis.com
mail.elegantresearchservice.com
p.typekit.net
static.elfsight.com
systems.qodewire.com
t.paypal.com
unpkg.com
use.typekit.net
www.paypal.com
systems.qodewire.com
136.243.149.233
151.101.193.21
151.101.193.35
192.229.210.155
2600:1400:d::6878:d28b
2600:1400:d::6878:d293
2606:4700:20::681a:4f7
2606:4700:20::681a:76b
2606:4700::6810:7eaf
2606:4700::6811:190e
2607:f8b0:4006:81c::200a
64.4.251.12
09c6bdbc252355240537e7c5aa1ecf07104ffa7cc4227ee4953e05bd2e968696
10db64b99226bf4f9cb87cc5086ec39825fc0b411c91ebdd5e352209c77e4918
196966b15e2890fa4665a043b384fa45e524455a1e2725c45f8519b233531d67
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
2699316cb83af2502422d101e81564b0492785cab2fdfbdc256f90e1c4ad5606
27c9435734c09a8c62f037d1193ee138686976d71d8ce9983ef351b5a04f23fe
2d0591c949a5600771a16c2d220264165bc9dd84944821e88db32bee375d4226
2fb79688ef6e8f5db5e0a0bf5a149b3808b2d4fcf9d2e9954cd3c003e28d6449
305716e9edeeca68bfcdbf3d061230bc8f8c986a23141756512a5b5b3522137b
3ea2386004d026938ef0f644a75fc9fa38a79f9f813286883e47bdae3624e11e
3f8c62b36198124e39fe0d48535fef486d0eb6174159c5c72b0fcaede72222f2
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4eabd79f6ea14aa587cf68791fd8d923a55ff33e5be720e6dc378efbfdc05ee9
4fc89b0c376bb37f904f4a63ef38e27ba939b1b2da6df77d127d533bb9d167f7
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
581bee577fae17418b3dfe7029f24428dd12003319205a6d960072ae5c7157b0
5eb6fb5ba9d4a9647619bd22ba3b96413f1490f29c07d760b73d8cd3e614cafe
6496c571a1e14681e3dd0cc3650ddcb1a4abadb5747ee0a4a4c44a3a79d5adb8
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
673cb5d13e4c3804168b4335decbc8db20bef38620f13f8c0a9c5cdf84342119
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7243ee75b7776dd4e7801f450e3ca5621ba071037e0d0e811c91c4082984dc99
7688c4876529ca690969d35db89ae148ff3415d5196722b768b90f35f079ae7b
817eca338041ebc43877e97523d6b03bc0bdc5a2c27c411d2767c4f1202e7ada
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
9ada913557497704d2e56f0d8ca48e959fad72b28c62d12527d32a6de1e9be1b
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a68b2c081b7c633da8f68328b4e9e3a9c81cb4828f177640ef8782da13e35804
a9b1ff79bdc44b9cd35dc3a1d9b89306a535a0f2d60073ba7bead203152f30e4
b2521d8ae3dd0aff3c5f4d17c73b5e1bac76b8954bfae0cf2412b99304f8c935
b4337246a1f691749e882f8b73b552373e832ec02728ac3b70c27a3fe493ed2f
b7f69ac7f1d926b7c6702fbc419537a0030643f25dc7330f9be5dc20b0a48569
c2c9baf02f6a272b1d0ae3bf7b63bb88a71703ef56390dda4385b6c29a1fd256
c95b29c5c13e0cd438ff5a1f78a601abe7f81280ba5c3c4fe5d42361cf2143a0
c9841568d51b19a0ede7d10e05f5fbdb02b73874afb7e978c0d4e958ecf0455e
cf1af485688f44dd5557125faf6f871885f4a212c798fee17fcfc1645de536ca
cfc391e34328c09f0680ae8ff3d63e86224ae7e71c973147ccb84540b2fdd9b8
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
db5150b10f05fe45eeaf2a5bf4aad891df8403556156dffe05b181facfed1c47
de698f771f908f6249a14b16e6c5e46c7bb7fd7477be0d48253a6c27481eb7e6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e560d581ed6a8c168699938f8e85479245e1fc465c09ac8034acf5a1e3d72736
e87230ace2232c6eb1e8f465162b97e498a4af0e794bd3b8189d286886bdaa08
eab48476fe71441a108bd425d9ed5075ab8429443836a25a6741606aec50c4e7
f5b11429063644fbd2aec4bdc63e07d946460e71682f91fe9e884c544cea7078
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

mail.elegantresearchservice.com Open in urlscan Pro 136.243.149.233 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

50 Requests

66 %HTTPS

58 %IPv6

9 Domains

18 Subdomains

13 IPs

2 Countries

12233 kBTransfer

13738 kBSize

10 Cookies

2 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mail.elegantresearchservice.com Open in urlscan Pro
136.243.149.233 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

66 %
HTTPS

58 %
IPv6

9
Domains

18
Subdomains

13
IPs

2
Countries

12233 kB
Transfer

13738 kB
Size

10
Cookies

50 HTTP transactions
5 data transactions