urlscan.io logo urlscan.io
SecurityTrails logo

v2bugbounty.myvolusion.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://v2bugbounty.myvolusion.com/
Effective URL: https://v2bugbounty.myvolusion.com/
Submission: On February 19 via manual from EG — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 41 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is v2bugbounty.myvolusion.com. The Cisco Umbrella rank of the primary domain is 595933.
TLS certificate: Issued by E1 on January 4th 2024. Valid for: 3 months.
This is the only time v2bugbounty.myvolusion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 35.186.254.18 15169 (GOOGLE)
6 2a02:26f0:350... 20940 (AKAMAI-ASN1)
9 151.101.1.21 54113 (FASTLY)
6 35.232.115.75 396982 (GOOGLE-CL...)
3 192.229.221.25 15133 (EDGECAST)
2 151.101.1.35 54113 (FASTLY)
41 10
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
v2bugbounty.myvolusion.com
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
v2bugbounty.myvolusion.com
7    2a00:1450:4001:80f::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
3    2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    35.186.254.18 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 18.254.186.35.bc.googleusercontent.com
sdk.v2-prod.volusion.com
6    2a02:26f0:3500:890::523 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
res.cloudinary.com
9    151.101.1.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
6    35.232.115.75 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 75.115.232.35.bc.googleusercontent.com
api.material.com
3    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
2    151.101.1.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
Apex Domain
Subdomains		 Transfer
11 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2925
t.paypal.com — Cisco Umbrella Rank: 3365
241 KB
7 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 398
172 KB
6 material.com
api.material.com
6 KB
6 cloudinary.com
res.cloudinary.com — Cisco Umbrella Rank: 2819
182 KB
3 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2536
33 KB
3 unpkg.com
unpkg.com — Cisco Umbrella Rank: 931
50 KB
3 myvolusion.com
v2bugbounty.myvolusion.com — Cisco Umbrella Rank: 595933
18 KB
1 volusion.com
sdk.v2-prod.volusion.com — Cisco Umbrella Rank: 636783
68 KB
41 8
Domain Requested by
9 www.paypal.com v2bugbounty.myvolusion.com
www.paypal.com
www.paypalobjects.com
7 storage.googleapis.com v2bugbounty.myvolusion.com
6 api.material.com sdk.v2-prod.volusion.com
6 res.cloudinary.com v2bugbounty.myvolusion.com
3 www.paypalobjects.com www.paypal.com
www.paypalobjects.com
3 unpkg.com v2bugbounty.myvolusion.com
3 v2bugbounty.myvolusion.com 1 redirects v2bugbounty.myvolusion.com
2 t.paypal.com
1 sdk.v2-prod.volusion.com v2bugbounty.myvolusion.com
41 9

This site contains no links.

Subject Issuer Validity Valid
myvolusion.com
E1		 2024-01-04 -
2024-04-03		 3 months crt.sh
storage.googleapis.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
sdk.v2-prod.volusion.com
GTS CA 1D4		 2024-02-08 -
2024-05-08		 3 months crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2023-12-18 -
2025-01-13		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2024-02-08 -
2025-02-08		 a year crt.sh
api.material.com
R3		 2024-02-05 -
2024-05-05		 3 months crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2023-09-21 -
2024-10-21		 a year crt.sh

This page contains 3 frames:

Primary Page: https://v2bugbounty.myvolusion.com/
Frame ID: 7148D2456183DF182330E0AE5D0A4EA6
Requests: 32 HTTP requests in this frame

Frame: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_izrxjysaoznxpiqisooecplgayclnm&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWR5YmVHM2hORzN4RHJRMFFORHc5UmJqZjJLTXhxb05uNXZiTlloZ1Fvd3FNSWxzdnZ6MVgzak9zYVRXdS0xVE0wTm52Y1NzTG0xYmtOWEEmY29tcG9uZW50cz1idXR0b25zLG1lc3NhZ2VzJmludGVudD1hdXRob3JpemUmY29tbWl0PWZhbHNlJm1lcmNoYW50LWlkPUpDU1NSOU1BOFhHMzYmZW5hYmxlLWZ1bmRpbmc9dmVubW8mZGlzYWJsZS1mdW5kaW5nPWNhcmQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9penJ4anlzYW96bnhwaXFpc29vZWNwbGdheWNsbm0ifX0&env=production&scriptUID=uid_izrxjysaoznxpiqisooecplgayclnm&version=1.56.0&integrationType=SDK
Frame ID: 37F74246C73D6EFBC5A874E08CFF4D6A
Requests: 4 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 45D28819A61D3F04876EFD5287CAF6E5
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home

Page URL History Show full URLs

  1. http://v2bugbounty.myvolusion.com/ HTTP 301
    https://v2bugbounty.myvolusion.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • paypalobjects\.com

Page Statistics

41
Requests

95 %
HTTPS

50 %
IPv6

8
Domains

9
Subdomains

10
IPs

2
Countries

769 kB
Transfer

2161 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://v2bugbounty.myvolusion.com/ HTTP 301
    https://v2bugbounty.myvolusion.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
v2bugbounty.myvolusion.com/
Redirect Chain
  • http://v2bugbounty.myvolusion.com/
  • https://v2bugbounty.myvolusion.com/
64 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://v2bugbounty.myvolusion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c41e049e78762cb63796e4f01a64ccdd67c95d962005803679b10e0c1009e37
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.volusion.com
Strict-Transport-Security max-age=15552000; includeSubDomains;
X-Content-Security-Policy frame-ancestors 'self' *.volusion.com

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=240, public
cf-cache-status
DYNAMIC
cf-ray
857fbe72b931670b-AMS
content-encoding
br
content-security-policy
frame-ancestors 'self' *.volusion.com
content-type
text/html; charset=utf-8
date
Mon, 19 Feb 2024 16:04:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h2cJCwX%2BEIQbp95JFDLCGBlmbFpzG4ZeV2k%2Bd%2FxgBO1QD9kflA9X18j2yx4S5WI4scmLoiSlQGGaM67oPHHFCHLwzC%2BkoC%2Fs5aXWaDTn8epKmzxj8bJFcQce9zq4iqepxtH4wlijg645QhdQnaqoKDmy%2FVe0l7sJtw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains;
vary
Accept-Encoding
via
1.1 52565866975cd7c0daa261ea0388bad4.cloudfront.net (CloudFront)
x-amz-cf-id
dmg3lTRyZY3SfB4XA8eN7070f-2hKsAqujrzvQckpcd3dxJh-tsPzQ==
x-amz-cf-pop
AMS58-P4
x-cache
Miss from cloudfront
x-content-security-policy
frame-ancestors 'self' *.volusion.com
x-vol-tenant
5c06efb8d8250b001293fbba

Redirect headers

CF-RAY
857fbe723e2ab7bb-AMS
Cache-Control
max-age=3600
Connection
keep-alive
Date
Mon, 19 Feb 2024 16:04:08 GMT
Expires
Mon, 19 Feb 2024 17:04:08 GMT
Location
https://v2bugbounty.myvolusion.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgv0nIrqGeOKYNyz4vUJB0Ukcs%2FpuUsbbWnb6ZuIklvFvbh%2FZPQZGNOEp0Itxwtd8UiMnxRXHCRHi%2FfPLfyLLw3Z%2BTz1QaV0FSg1TWO33d28wODpr%2FfxQbQTua%2FbqCkKTL8K1ELeRiv2AfulIlwWOdpLToFGgCCu2A%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
index-163468492602.js
storage.googleapis.com/volusion-prod-btr/87877411621832316/ 		334 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/volusion-prod-btr/87877411621832316/index-163468492602.js?t=2021-10-19T23:09:01.578Z
Requested by
Host: v2bugbounty.myvolusion.com
URL: https://v2bugbounty.myvolusion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
ba90ff3e111145cc3ca370c514b020cbec77712c4c494b4d34177ba08b624c8a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://v2bugbounty.myvolusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 16:04:09 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ABPtcPpVXxZCL3xxOvw8ucXXkx31kDgoV9B0r3rkcLNgeoRUJcsqGfEtIJxZUO99bLUNqzNMWb19MQWrmA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105431
last-modified
Tue, 19 Oct 2021 23:08:46 GMT
server
UploadServer
etag
"fade14e754ebe9b6dee8e88402d6bf46"
vary
Accept-Encoding
x-goog-generation
1634684926243385
x-goog-hash
crc32c=dJzbhw==, md5=+t4U51Tr6bbe6OiEAta/Rg==
content-type
text/javascript
cache-control
public, max-age=31536000
x-goog-stored-content-length
105431
accept-ranges
bytes
expires
Tue, 18 Feb 2025 16:04:09 GMT
index-162308716794.js
storage.googleapis.com/volusion-prod-btr/177543806944544056/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/volusion-prod-btr/177543806944544056/index-162308716794.js?t=2021-06-07T18:51:08.932Z
Requested by
Host: v2bugbounty.myvolusion.com
URL: https://v2bugbounty.myvolusion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
62009bb17fdcb3a12aaf237fb4f386c7fd05a111e79dc4ac331ccdf8ae9be8c9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://v2bugbounty.myvolusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 16:04:09 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ABPtcPrkHRJGYg0MgwgvGOzJD_BBzgINQmzZGa8t4y7bOFcR6y6gd5jd3XTqYn4a2K4b_OHHcZ9Is5wK6g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4984
last-modified
Mon, 07 Jun 2021 17:32:48 GMT
server
UploadServer
etag
"4c9a5807c75eb6271db28a0f4a148bff"
vary
Accept-Encoding
x-goog-generation
1623087168140511
x-goog-hash
crc32c=ppZpdQ==, md5=TJpYB8deticdsooPShSL/w==
content-type
text/javascript
cache-control
public, max-age=31536000
x-goog-stored-content-length
4984
accept-ranges
bytes
expires
Tue, 18 Feb 2025 16:04:09 GMT
index-158870716383.js
storage.googleapis.com/volusion-prod-btr/248935783929481115/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/volusion-prod-btr/248935783929481115/index-158870716383.js?t=2020-07-07T17:51:59.340Z
Requested by
Host: v2bugbounty.myvolusion.com
URL: https://v2bugbounty.myvolusion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
647ccd25726a04b6cc9a01d6f1527426fe56555fd1f7bec4772c8d365f562b31

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://v2bugbounty.myvolusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 16:04:09 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ABPtcPqrhL1ETC0fZrKG2qRatKd-lhe3nuhU0ksCMYrLkHYhFh0gURRKJOwQENlwFtYZp6mISwASxA3AcQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12598
last-modified
Wed, 06 May 2020 17:47:05 GMT
server
UploadServer
etag
"d33a4b4e9a42223f44f50715826b7a77"
vary
Accept-Encoding
x-goog-generation
1588787225797980
x-goog-hash
crc32c=R7QnaA==, md5=0zpLTppCIj9E9QcVgmt6dw==
content-type
text/javascript
cache-control
public, max-age=31536000
x-goog-stored-content-length
12598
accept-ranges
bytes
expires
Tue, 18 Feb 2025 16:04:09 GMT
index-158896994600.js
storage.googleapis.com/volusion-prod-btr/87847401317992052/ 		37 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/volusion-prod-btr/87847401317992052/index-158896994600.js?t=2023-10-30T19:16:58.982Z
Requested by
Host: v2bugbounty.myvolusion.com
URL: https://v2bugbounty.myvolusion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
558bd3750a3afc0be24a08586fe5b1ce67129b963cb12fc48bd520924e72de82

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://v2bugbounty.myvolusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 16:04:09 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ABPtcPrVSNiPCuGZQoYQ5tUeci0X3T_cO5DzGVqq-G4u14QZ6fjootEHOR1574EMbTHL8I2oBIrtj88mQw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12220
last-modified
Fri, 08 May 2020 20:32:26 GMT
server
UploadServer
etag
"0f9ecfe68a758d9b685dadaaeed24a53"
vary
Accept-Encoding
x-goog-generation
1588969946334564
x-goog-hash
crc32c=Vm70Bw==, md5=D57P5op1jZtoXa2q7tJKUw==
content-type
text/javascript
cache-control
public, max-age=31536000
x-goog-stored-content-length
12220
accept-ranges
bytes
expires
Tue, 18 Feb 2025 16:04:09 GMT
index-159137076004.js
storage.googleapis.com/volusion-prod-btr/98523969467975449/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/volusion-prod-btr/98523969467975449/index-159137076004.js?t=2023-07-28T15:53:16.956Z
Requested by
Host: v2bugbounty.myvolusion.com
URL: https://v2bugbounty.myvolusion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
225b49a3c294b72f09eb108d2ff4b971f76613a6bcb15a2d7d826bff03e624ad

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://v2bugbounty.myvolusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 16:04:09 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpCrwr1Yfw8wBgy4YE5gfR3_SE0RvChCVFC_sh3OJCJiq8giP4VPiu3z1AwsA-U9YxVVKcDu0QYJg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10770
last-modified
Fri, 05 Jun 2020 15:26:00 GMT
server
UploadServer
etag
"3704e22b3cb739da58d6a4d02698a88b"
vary
Accept-Encoding
x-goog-generation
1591370760411149
content-type
text/javascript
x-goog-hash
crc32c=SLSaNw==, md5=NwTiKzy3OdpY1qTQJpioiw==
cache-control
public, max-age=31536000
x-goog-stored-content-length
10770
accept-ranges
bytes
expires
Tue, 18 Feb 2025 16:04:09 GMT
index-159189841619.js
storage.googleapis.com/volusion-prod-btr/90667017895413385/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/volusion-prod-btr/90667017895413385/index-159189841619.js?t=2022-03-31T15:48:19.230Z
Requested by
Host: v2bugbounty.myvolusion.com
URL: https://v2bugbounty.myvolusion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
271ce7894c45b035e9b13682bc5720e0ba8c64b04d53b6c0927899a80c2b12f9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://v2bugbounty.myvolusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 16:04:09 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ABPtcPq3hHB8cMg5Uz4aGhpO_kc8EWz3VK13-yA1-GIxFXKMQmqhKX9iUXQzbA_Hhnx8VcwCa_b6HCHNAQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13468
last-modified
Thu, 11 Jun 2020 18:00:16 GMT
server
UploadServer
etag
"5282349eff20330858756b106dc9e2d3"
vary
Accept-Encoding
x-goog-generation
1591898416426437
x-goog-hash
crc32c=+hY3CQ==, md5=UoI0nv8gMwhYdWsQbcni0w==
content-type
text/javascript
cache-control
public, max-age=31536000
x-goog-stored-content-length
13468
accept-ranges
bytes
expires
Tue, 18 Feb 2025 16:04:09 GMT
index-158870706132.js
storage.googleapis.com/volusion-prod-btr/245011613810165483/ 		45 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/volusion-prod-btr/245011613810165483/index-158870706132.js?t=2020-07-07T15:14:22.327Z
Requested by
Host: v2bugbounty.myvolusion.com
URL: https://v2bugbounty.myvolusion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
35390fe7a6b508acf15bad7a90767417e77a2e2a7b3b80a1aa8fd86e67316c9a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://v2bugbounty.myvolusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 16:04:09 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ABPtcPqc3rOpp9CDYi2xV1YhOtuR5okFTG7oIY07j3YZ8DmSUd52diBykw0erIQ2CKLCx1OKiFFp_XyfrQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14447
last-modified
Wed, 06 May 2020 17:48:48 GMT
server
UploadServer
etag
"c699e8e534430c11d05fd8ae96c66593"
vary
Accept-Encoding
x-goog-generation
1588787328473698
x-goog-hash
crc32c=gsuYlA==, md5=xpno5TRDDBHQX9iulsZlkw==
content-type
text/javascript
cache-control
public, max-age=31536000
x-goog-stored-content-length
14447
accept-ranges
bytes
expires
Tue, 18 Feb 2025 16:04:09 GMT
react.production.min.js
unpkg.com/react@16.14.0/umd/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react@16.14.0/umd/react.production.min.js
Requested by
Host: v2bugbounty.myvolusion.com
URL: https://v2bugbounty.myvolusion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://v2bugbounty.myvolusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 16:04:09 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
7218537
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HG9XM9AMFR1MCN9WRAX7VHTZ-ams
server
cloudflare
etag
W/"30af-G0yLdpwwlM9Jmz5wcsN3bvOe0C0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
857fbe7509fa6562-AMS
react-dom.production.min.js
unpkg.com/react-dom@16.14.0/umd/ 		116 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react-dom@16.14.0/umd/react-dom.production.min.js
Requested by
Host: v2bugbounty.myvolusion.com
URL: https://v2bugbounty.myvolusion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://v2bugbounty.myvolusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 16:04:09 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
7214980
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HGA10T1T7S2APQPN8C0BSYMH-ams
server
cloudflare
etag
W/"1cf80-NADCsuguidx6ZmGXUZs/qIwlw4Q"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
857fbe7509fe6562-AMS
aphrodite.umd.min.js
unpkg.com/aphrodite@2.4.0/dist/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/aphrodite@2.4.0/dist/aphrodite.umd.min.js
Requested by
Host: v2bugbounty.myvolusion.com
URL: https://v2bugbounty.myvolusion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c08212d3b9f8c889ed608bfc01446e9c15fa14b2b32481eeb7bebf0299077bb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://v2bugbounty.myvolusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 16:04:09 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
7200074
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HGAF7P0ZBM7FW9J9AEWTVHCM-ams
server
cloudflare
etag
W/"57ca-l+JNpbd9CUQAY0Fx+kQXCzI+tMo"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
857fbe750a006562-AMS
element-sdk.umd.js
sdk.v2-prod.volusion.com/ 		227 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.v2-prod.volusion.com/element-sdk.umd.js?release=lazy
Requested by
Host: v2bugbounty.myvolusion.com
URL: https://v2bugbounty.myvolusion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.254.18 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
18.254.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
fce43cbbed54308634053a18a4475433709e708fbaf95b58c008352faa1de971

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://v2bugbounty.myvolusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 16:04:09 GMT
content-encoding
gzip
via
1.1 google
age
0
x-guploader-uploadid
ABPtcPrJ4orMGU_eHOoUK48WP3PslP2iGtw3oMeWKfbYISJRiFdsOsJqeDo3cZT7cjwYxAofMYayRcc1ZA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68797
last-modified
Thu, 28 Sep 2023 13:50:18 GMT
server
UploadServer
etag
"afe8b0c4cbc0759090e38516bfc84b1e"
vary
Accept-Encoding
x-goog-generation
1695909017847914
x-goog-hash
crc32c=YsjN4w==, md5=r+iwxMvAdZCQ44UWv8hLHg==
content-type
application/javascript
cache-control
public,max-age=3600
x-goog-stored-content-length
68797
accept-ranges
bytes
gbptqc0ho5haojqcvujs.png
res.cloudinary.com/dyx4yhvoq/image/upload/w_151,h_96,c_limit,f_auto,q_auto:best/v1574799677/5c06efb8d8250b001293fbba/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dyx4yhvoq/image/upload/w_151,h_96,c_limit,f_auto,q_auto:best/v1574799677/5c06efb8d8250b001293fbba/gbptqc0ho5haojqcvujs.png
Requested by
Host: v2bugbounty.myvolusion.com
URL: https://v2bugbounty.myvolusion.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:890::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
a598cb5ddfca8b6c84b3cdaa26e86bed1ea040aa2a102612205300b63fbd12b7
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://v2bugbounty.myvolusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 16:04:09 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Tue, 07 Jul 2020 16:09:25 GMT
server
Cloudinary
etag
"59068a9748b52f6bbcb8676418d22eed"
vary
Accept,User-Agent
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=2592000
server-timing
cld-akam;dur=22;start=2024-02-19T16:04:09.189Z;desc=miss,rtt;dur=24,cloudinary;dur=49;start=2024-02-17T08:24:26.101Z
accept-ranges
bytes
timing-allow-origin
*
content-length
6538
truncated
/ 		95 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e672f0ecc140b0e967384d2550161873a44370f5142c73355a42e2c3ba31827e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0328bebfaa2c0f752e89eb65a814c9918dae527b5e5b2de4b1c4d7ec1ce0502a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2cfa83b0ab76fdb10da46e4a67fb9ef7e49d4f22852fcf413a52e11a07718672

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/svg+xml
rocket-loader.min.js
v2bugbounty.myvolusion.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v2bugbounty.myvolusion.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: v2bugbounty.myvolusion.com
URL: https://v2bugbounty.myvolusion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://v2bugbounty.myvolusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 16:04:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Feb 2024 18:12:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65cbb0fd-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vg8RZmN4nhMi4B76qPrW0ffh76JOaHfEkbsDGG27dpDxlKBPW%2F3KNr0PqmddVU1h%2FfgEaXiL2DGTK7%2BLbJFbQ%2FJTQktf6TnWBFGpqPiWJTnBEQDDySRuQQyK%2F%2B7lHpSSiD3u6NAK9f6nCru8VM0cNzqWivzKaRmvTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
857fbe757ea7670b-AMS
expires
Wed, 21 Feb 2024 16:04:09 GMT
js
www.paypal.com/sdk/ 		413 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AdybeG3hNG3xDrQ0QNDw9Rbjf2KMxqoNn5vbNYhgQowqMIlsvvz1X3jOsaTWu-1TM0NnvcSsLm1bkNXA&components=buttons,messages&intent=authorize&commit=false&merchant-id=JCSSR9MA8XG36&enable-funding=venmo&disable-funding=card
Requested by
Host: v2bugbounty.myvolusion.com
URL: https://v2bugbounty.myvolusion.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b33033bd883076c2801463cc7b967fc8162632c658817b6dca12bff6738999db
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-ivNjF7mhRONgdBDK3EddaeSkHCOD9SPGsxS1lvqZy3LV8Dkl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-ivNjF7mhRONgdBDK3EddaeSkHCOD9SPGsxS1lvqZy3LV8Dkl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://v2bugbounty.myvolusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-ivNjF7mhRONgdBDK3EddaeSkHCOD9SPGsxS1lvqZy3LV8Dkl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-ivNjF7mhRONgdBDK3EddaeSkHCOD9SPGsxS1lvqZy3LV8Dkl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Mon, 19 Feb 2024 16:04:10 GMT
age
0
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS, MISS
p3p
true
paypal-debug-id
f1725950dbc90
server-timing
"traceparent;desc="00-0000000000000000000f1725950dbc90-b7cf2ba84a5b82b2-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
115213
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230127-FRA, cache-ams21057-AMS, cache-ams21057-AMS
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f1725950dbc90-e71671c29c14069e-01
x-timer
S1708358649.273753,VS0,VE837
etag
W/"1c20d-LVbhBwZlNpjIv6s6OryVL61MGC0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0, 0
f4pc3l56fiqt8tlgrihe.png
res.cloudinary.com/dyx4yhvoq/image/upload/w_2000,h_700,c_fill,f_auto,q_auto/w_1500,c_fit/v1513008508/5a2ea573a863c400167007a5/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dyx4yhvoq/image/upload/w_2000,h_700,c_fill,f_auto,q_auto/w_1500,c_fit/v1513008508/5a2ea573a863c400167007a5/f4pc3l56fiqt8tlgrihe.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:890::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
fa260925c5bfc71a3dfd9f1d9ffb42aa844ecc6e312ac7da268740cf84671d00
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://v2bugbounty.myvolusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 16:04:09 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="f4pc3l56fiqt8tlgrihe.webp"
server-timing
cld-akam;dur=24;start=2024-02-19T16:04:09.256Z;desc=hit-near,rtt;dur=24
content-length
75256
last-modified
Wed, 04 Mar 2020 18:50:54 GMT
server
Cloudinary
etag
"ceb4ed046df0918eda1037c3a41ae56d"
vary
Accept,User-Agent,Save-Data
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
tcp-no-image.jpg
res.cloudinary.com/dyx4yhvoq/image/upload/w_360,h_270,c_limit,f_auto,q_auto/v1545428185/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dyx4yhvoq/image/upload/w_360,h_270,c_limit,f_auto,q_auto/v1545428185/images/tcp-no-image.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:890::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
ded070ad80ba9958203c4349d4b2059aa29527cdf52f442560071b4ce5b4749f
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://v2bugbounty.myvolusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 16:04:09 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="tcp-no-image.webp"
server-timing
cld-akam;dur=37;start=2024-02-19T16:04:09.256Z;desc=miss,rtt;dur=24,cloudinary;dur=75;start=2024-02-17T17:09:28.291Z
content-length
1548
last-modified
Thu, 07 May 2020 20:30:45 GMT
server
Cloudinary
etag
"3bfaa2df70e290eb2b0b16f77eb625a2"
vary
Accept,User-Agent,Save-Data
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
ehefj4sxefqf17nslurb.png
res.cloudinary.com/dyx4yhvoq/image/upload/w_450,h_450,c_limit,f_auto,q_auto/v1578516193/5c06efb8d8250b001293fbba/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dyx4yhvoq/image/upload/w_450,h_450,c_limit,f_auto,q_auto/v1578516193/5c06efb8d8250b001293fbba/ehefj4sxefqf17nslurb.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:890::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
0b78967ca9417954e5ae8bafbd41050b85495f3dd7f5c96ffbb9dcfa58c8230e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://v2bugbounty.myvolusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 16:04:09 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
last-modified
Sat, 09 May 2020 19:51:17 GMT
server
Cloudinary
etag
"cdb01439b4dbcfdfe1e8518b1406ff00"
vary
Accept,User-Agent,Save-Data
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=2592000
server-timing
cld-akam;dur=58;start=2024-02-19T16:04:09.256Z;desc=miss,rtt;dur=24,cloudinary;dur=80;start=2024-02-11T09:11:51.254Z
accept-ranges
bytes
timing-allow-origin
*
content-length
22165
ujzwikp3t17kydppzguj.jpg
res.cloudinary.com/dyx4yhvoq/image/upload/w_450,h_450,c_limit,f_auto,q_auto/v1574799535/5c06efb8d8250b001293fbba/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dyx4yhvoq/image/upload/w_450,h_450,c_limit,f_auto,q_auto/v1574799535/5c06efb8d8250b001293fbba/ujzwikp3t17kydppzguj.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:890::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
891f5d9d279540af00d19be858f68ae54a84896a402e3f15381bdd68f2822147
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://v2bugbounty.myvolusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 16:04:09 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="ujzwikp3t17kydppzguj.webp"
server-timing
cld-akam;dur=204;cpu=34;start=2024-02-19T16:04:09.256Z;desc=miss,rtt;dur=24,cloudinary;dur=81;start=2024-02-19T16:04:09.331Z
content-length
8468
last-modified
Sat, 09 May 2020 19:51:17 GMT
server
Cloudinary
etag
"5344ffa648d69112de642b10137b3b45"
vary
Accept,User-Agent,Save-Data
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
jo1wyh2q1cq8kyholkym.jpg
res.cloudinary.com/dyx4yhvoq/image/upload/w_2000,h_700,c_fill,f_auto,q_auto/w_1500,c_fit/v1513024499/5a2ea573a863c400167007a5/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/dyx4yhvoq/image/upload/w_2000,h_700,c_fill,f_auto,q_auto/w_1500,c_fit/v1513024499/5a2ea573a863c400167007a5/jo1wyh2q1cq8kyholkym.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:890::523 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Cloudinary /
Resource Hash
21430d0a7aaa8d140f9bdcf6be57fea8a8694efd11b2f85bdd66495f10420c4c
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://v2bugbounty.myvolusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 16:04:09 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="jo1wyh2q1cq8kyholkym.webp"
server-timing
cld-akam;dur=11;start=2024-02-19T16:04:09.256Z;desc=miss,rtt;dur=24,cloudinary;dur=61;start=2024-02-19T15:38:10.734Z
content-length
69124
last-modified
Tue, 03 Mar 2020 08:42:35 GMT
server
Cloudinary
etag
"d491cf1fc8db575f3318b6614e014ad0"
vary
Accept,User-Agent,Save-Data
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
local
www.paypal.com/credit-presentment/experiments/ Frame 37F7 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_izrxjysaoznxpiqisooecplgayclnm&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWR5YmVHM2hORzN4RHJRMFFORHc5UmJqZjJLTXhxb05uNXZiTlloZ1Fvd3FNSWxzdnZ6MVgzak9zYVRXdS0xVE0wTm52Y1NzTG0xYmtOWEEmY29tcG9uZW50cz1idXR0b25zLG1lc3NhZ2VzJmludGVudD1hdXRob3JpemUmY29tbWl0PWZhbHNlJm1lcmNoYW50LWlkPUpDU1NSOU1BOFhHMzYmZW5hYmxlLWZ1bmRpbmc9dmVubW8mZGlzYWJsZS1mdW5kaW5nPWNhcmQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9penJ4anlzYW96bnhwaXFpc29vZWNwbGdheWNsbm0ifX0&env=production&scriptUID=uid_izrxjysaoznxpiqisooecplgayclnm&version=1.56.0&integrationType=SDK
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AdybeG3hNG3xDrQ0QNDw9Rbjf2KMxqoNn5vbNYhgQowqMIlsvvz1X3jOsaTWu-1TM0NnvcSsLm1bkNXA&components=buttons,messages&intent=authorize&commit=false&merchant-id=JCSSR9MA8XG36&enable-funding=venmo&disable-funding=card
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8f78e0955f6044f006e5d2ae8ef5db371c5dc441368f5914cb10761fe88f1c20
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Referer
https://v2bugbounty.myvolusion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-expose-headers
Server-Timing
age
151785
cache-control
s-maxage=86400, max-age=0
content-encoding
gzip
content-length
1526
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'sha256-RmYTC9iPUTyoPfOBR9rEZcPmA3A8NGQgxJOYYBUb740=' 'sha256-MkvCXwEdBhR/QU6eqGX5THWCtkqlaanwiNzVKNI9Vb8=' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-type
text/html; charset=utf-8
date
Mon, 19 Feb 2024 16:04:10 GMT
dc
ccg11-origin-www-1.paypal.com
edge-cache-tag
up-treatments-zoid
etag
W/"1479-K2mS5eassyfvXXLuuWOBasENhJU"
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f81767920f125
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
"traceparent;desc="00-0000000000000000000f81767920f125-59e45751155488fc-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f81767920f125-278e7af8ccb16598-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
HIT, HIT, MISS
x-cache-hits
25593, 13322, 0
x-served-by
cache-fra-etou8220137-FRA, cache-ams21057-AMS, cache-ams21057-AMS
x-timer
S1708358650.211191,VS0,VE8
x-xss-protection
1; mode=block
pptm.js
www.paypal.com/tagmanager/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=v2bugbounty.myvolusion.com&t=xo&v=5.0.423&source=payments_sdk&mrid=JCSSR9MA8XG36&client_id=AdybeG3hNG3xDrQ0QNDw9Rbjf2KMxqoNn5vbNYhgQowqMIlsvvz1X3jOsaTWu-1TM0NnvcSsLm1bkNXA&comp=buttons,messages&disableSetCookie=true&vault=false
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AdybeG3hNG3xDrQ0QNDw9Rbjf2KMxqoNn5vbNYhgQowqMIlsvvz1X3jOsaTWu-1TM0NnvcSsLm1bkNXA&components=buttons,messages&intent=authorize&commit=false&merchant-id=JCSSR9MA8XG36&enable-funding=venmo&disable-funding=card
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
49870f18beb86b2bf1449533e46ffe30cbd3cd1da7f6e64060a82c3464cbf757
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-kxJHsbbZIaRS6l/ZVeyD469evdL3tFOjvcBZnaI147ojyaus' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://v2bugbounty.myvolusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-kxJHsbbZIaRS6l/ZVeyD469evdL3tFOjvcBZnaI147ojyaus' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 19 Feb 2024 16:04:10 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
0
x-cache
MISS, MISS, MISS
paypal-debug-id
f11065699a642
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4803
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230118-FRA, cache-ams21057-AMS, cache-ams21057-AMS
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f11065699a642-96606e5f15a91e72-01
x-timer
S1708358650.215968,VS0,VE585
etag
W/"36a2-/Ln0YRFT0rDe0yWY3VV3PLEGf84"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://v2bugbounty.myvolusion.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://v2bugbounty.myvolusion.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-length
0
date
Mon, 19 Feb 2024 16:04:10 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f11065657b109
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f11065657b109-447de756149f8ecc-01
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, MISS, MISS
x-cache-hits
0, 0, 0
x-content-type-options
nosniff
x-served-by
cache-fra-eddf8230057-FRA, cache-ams21030-AMS, cache-ams21030-AMS
x-timer
S1708358650.257298,VS0,VE191
logger
www.paypal.com/xoplatform/logger/api/ 		1018 B
925 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AdybeG3hNG3xDrQ0QNDw9Rbjf2KMxqoNn5vbNYhgQowqMIlsvvz1X3jOsaTWu-1TM0NnvcSsLm1bkNXA&components=buttons,messages&intent=authorize&commit=false&merchant-id=JCSSR9MA8XG36&enable-funding=venmo&disable-funding=card
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1f23dbdd8fdd405abd86209e6e986fdeef4e41d6092458da73287d9afc691d2a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
application/json
Referer
https://v2bugbounty.myvolusion.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type
application/json

Response headers

date
Mon, 19 Feb 2024 16:04:10 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cache
MISS, MISS, MISS
paypal-debug-id
f110656164630
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-served-by
cache-fra-etou8220065-FRA, cache-ams21030-AMS, cache-ams21030-AMS
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f110656164630-1d02d5828661991d-01
x-timer
S1708358650.490715,VS0,VE201
etag
W/"3fa-LQgEn/4NXGKTiL51lnYN96VOKjo"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://v2bugbounty.myvolusion.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
none
x-cache-hits
0, 0, 0
js
www.paypal.com/sdk/ Frame 37F7 		413 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/sdk/js?client-id=AdybeG3hNG3xDrQ0QNDw9Rbjf2KMxqoNn5vbNYhgQowqMIlsvvz1X3jOsaTWu-1TM0NnvcSsLm1bkNXA&components=buttons,messages&intent=authorize&commit=false&merchant-id=JCSSR9MA8XG36&enable-funding=venmo&disable-funding=card
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_izrxjysaoznxpiqisooecplgayclnm&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWR5YmVHM2hORzN4RHJRMFFORHc5UmJqZjJLTXhxb05uNXZiTlloZ1Fvd3FNSWxzdnZ6MVgzak9zYVRXdS0xVE0wTm52Y1NzTG0xYmtOWEEmY29tcG9uZW50cz1idXR0b25zLG1lc3NhZ2VzJmludGVudD1hdXRob3JpemUmY29tbWl0PWZhbHNlJm1lcmNoYW50LWlkPUpDU1NSOU1BOFhHMzYmZW5hYmxlLWZ1bmRpbmc9dmVubW8mZGlzYWJsZS1mdW5kaW5nPWNhcmQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9penJ4anlzYW96bnhwaXFpc29vZWNwbGdheWNsbm0ifX0&env=production&scriptUID=uid_izrxjysaoznxpiqisooecplgayclnm&version=1.56.0&integrationType=SDK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b33033bd883076c2801463cc7b967fc8162632c658817b6dca12bff6738999db
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-ivNjF7mhRONgdBDK3EddaeSkHCOD9SPGsxS1lvqZy3LV8Dkl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-ivNjF7mhRONgdBDK3EddaeSkHCOD9SPGsxS1lvqZy3LV8Dkl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_izrxjysaoznxpiqisooecplgayclnm&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWR5YmVHM2hORzN4RHJRMFFORHc5UmJqZjJLTXhxb05uNXZiTlloZ1Fvd3FNSWxzdnZ6MVgzak9zYVRXdS0xVE0wTm52Y1NzTG0xYmtOWEEmY29tcG9uZW50cz1idXR0b25zLG1lc3NhZ2VzJmludGVudD1hdXRob3JpemUmY29tbWl0PWZhbHNlJm1lcmNoYW50LWlkPUpDU1NSOU1BOFhHMzYmZW5hYmxlLWZ1bmRpbmc9dmVubW8mZGlzYWJsZS1mdW5kaW5nPWNhcmQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9penJ4anlzYW96bnhwaXFpc29vZWNwbGdheWNsbm0ifX0&env=production&scriptUID=uid_izrxjysaoznxpiqisooecplgayclnm&version=1.56.0&integrationType=SDK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-ivNjF7mhRONgdBDK3EddaeSkHCOD9SPGsxS1lvqZy3LV8Dkl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-ivNjF7mhRONgdBDK3EddaeSkHCOD9SPGsxS1lvqZy3LV8Dkl' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
disable-set-cookie
true
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Mon, 19 Feb 2024 16:04:10 GMT
age
0
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, HIT, MISS
p3p
true
paypal-debug-id
f1725950dbc90
server-timing
"traceparent;desc="00-0000000000000000000f1725950dbc90-b7cf2ba84a5b82b2-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
115213
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230127-FRA, cache-ams21057-AMS, cache-ams21057-AMS
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f1725950dbc90-e71671c29c14069e-01
x-timer
S1708358650.240543,VS0,VE6
etag
W/"1c20d-LVbhBwZlNpjIv6s6OryVL61MGC0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600, s-maxage=10800
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 1, 0
hash
www.paypal.com/credit-presentment/experiments/ Frame 37F7 		40 B
951 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/credit-presentment/experiments/hash?device_id=uid_3b84086671_mty6mdq6mta&disableSetCookie=true&features=disable-set-cookie
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/credit-presentment/experiments/local?uid=uid_izrxjysaoznxpiqisooecplgayclnm&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWR5YmVHM2hORzN4RHJRMFFORHc5UmJqZjJLTXhxb05uNXZiTlloZ1Fvd3FNSWxzdnZ6MVgzak9zYVRXdS0xVE0wTm52Y1NzTG0xYmtOWEEmY29tcG9uZW50cz1idXR0b25zLG1lc3NhZ2VzJmludGVudD1hdXRob3JpemUmY29tbWl0PWZhbHNlJm1lcmNoYW50LWlkPUpDU1NSOU1BOFhHMzYmZW5hYmxlLWZ1bmRpbmc9dmVubW8mZGlzYWJsZS1mdW5kaW5nPWNhcmQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9penJ4anlzYW96bnhwaXFpc29vZWNwbGdheWNsbm0ifX0&env=production&scriptUID=uid_izrxjysaoznxpiqisooecplgayclnm&version=1.56.0&integrationType=SDK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5eca572cd68aa4afde19d317daf93398ca142c3648214e16b37e054e15c3f9e1
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.paypal.com/credit-presentment/experiments/local?uid=uid_izrxjysaoznxpiqisooecplgayclnm&disableSetCookie=true&features=disable-set-cookie&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QWR5YmVHM2hORzN4RHJRMFFORHc5UmJqZjJLTXhxb05uNXZiTlloZ1Fvd3FNSWxzdnZ6MVgzak9zYVRXdS0xVE0wTm52Y1NzTG0xYmtOWEEmY29tcG9uZW50cz1idXR0b25zLG1lc3NhZ2VzJmludGVudD1hdXRob3JpemUmY29tbWl0PWZhbHNlJm1lcmNoYW50LWlkPUpDU1NSOU1BOFhHMzYmZW5hYmxlLWZ1bmRpbmc9dmVubW8mZGlzYWJsZS1mdW5kaW5nPWNhcmQiLCJhdHRycyI6eyJkYXRhLXVpZCI6InVpZF9penJ4anlzYW96bnhwaXFpc29vZWNwbGdheWNsbm0ifX0&env=production&scriptUID=uid_izrxjysaoznxpiqisooecplgayclnm&version=1.56.0&integrationType=SDK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com https:; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Mon, 19 Feb 2024 16:04:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
0
edge-cache-tag
up-treatments-hash
x-cache
MISS, MISS, MISS
paypal-debug-id
f1106563af1f2
server-timing
"traceparent;desc="00-0000000000000000000f1106563af1f2-17306e1d6ac5732d-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
56
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230110-FRA, cache-ams21057-AMS, cache-ams21057-AMS
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f1106563af1f2-b3574c5f7fbd27c7-01
x-timer
S1708358650.298584,VS0,VE210
etag
W/"28-xz7oeWVj/8B52QKKulWR9ZDQlKU"
vary
Accept-Encoding
content-type
text/html; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
s-maxage=86400, max-age=0
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0, 0
logger
www.paypal.com/xoplatform/logger/api/ Frame 37F7 		0
0
storeinformation
api.material.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.material.com/storeinformation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.232.115.75 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
75.115.232.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-vol-tenant
Access-Control-Request-Method
GET
Origin
https://v2bugbounty.myvolusion.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-headers
x-vol-tenant
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Mon, 19 Feb 2024 16:04:10 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Access-Control-Request-Headers
storeinformation
api.material.com/ 		4 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.material.com/storeinformation
Requested by
Host: sdk.v2-prod.volusion.com
URL: https://sdk.v2-prod.volusion.com/element-sdk.umd.js?release=lazy
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.232.115.75 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
75.115.232.35.bc.googleusercontent.com
Software
/
Resource Hash
85049f56656d476f327484f90c1875f3095e48aa7e157d19305042dae2fe9507
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://v2bugbounty.myvolusion.com/
x-vol-tenant
5c06efb8d8250b001293fbba
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 16:04:10 GMT
x-vol-correlation
405b5856-2c7b-4af7-a6ff-b5a6bb14657e
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"11f9-45p4HiZE4TBtrhsV7JrAapV/uZ4"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
must-revalidate, private
content-length
4601
expires
-1
muse.js
www.paypalobjects.com/muse/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/muse.js
Requested by
Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=v2bugbounty.myvolusion.com&t=xo&v=5.0.423&source=payments_sdk&mrid=JCSSR9MA8XG36&client_id=AdybeG3hNG3xDrQ0QNDw9Rbjf2KMxqoNn5vbNYhgQowqMIlsvvz1X3jOsaTWu-1TM0NnvcSsLm1bkNXA&comp=buttons,messages&disableSetCookie=true&vault=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48DA) /
Resource Hash
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://v2bugbounty.myvolusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 16:04:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
27aba563b081a
dc
ccg11-origin-www-1.paypal.com
content-length
16488
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
server
ECAcc (ama/48DA)
traceparent
00-000000000000000000027aba563b081a-41135e53c5e6494b-01
etag
"64f25363-daa8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Mon, 19 Feb 2024 17:04:10 GMT
ts
t.paypal.com/ 		42 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AJCSSR9MA8XG36-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AJCSSR9MA8XG36-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=e0909247-9a3e-4bd0-a0e1-2676377bf3a1&fltp=analytics&mrid=JCSSR9MA8XG36&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Home&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1708358650816&g=-60&completeurl=https%3A%2F%2Fv2bugbounty.myvolusion.com%2F&disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://v2bugbounty.myvolusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 19 Feb 2024 16:04:11 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
9805d2ac456bb
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-etou8220108-FRA, cache-ams21065-AMS
pragma
no-cache
correlation-id
9805d2ac456bb
traceparent
00-00000000000000000009805d2ac456bb-8505865b33ce01dd-01
x-timer
S1708358651.909520,VS0,VE158
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 19 Feb 2024 16:04:10 GMT
index.html
www.paypalobjects.com/muse/analytics/ Frame 45D2 		55 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/analytics/index.html
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48B6) /
Resource Hash
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://v2bugbounty.myvolusion.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
cache-control
s-maxage=31536000, public,max-age=3600
content-encoding
gzip
content-length
16892
content-type
text/html
date
Mon, 19 Feb 2024 16:04:10 GMT
dc
ccg11-origin-www-1.paypal.com
etag
"64f25363-dacc"
expires
Mon, 19 Feb 2024 17:04:10 GMT
last-modified
Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id
b1da93c8e70ea
server
ECAcc (ama/48B6)
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
traceparent
00-0000000000000000000b1da93c8e70ea-2769d3508a5a61f7-01
vary
Accept-Encoding
x-cache
HIT
x-content-type-options
nosniff
noop.js
www.paypalobjects.com/muse/ Frame 45D2 		18 B
233 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/muse/noop.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (daa/7CCC) /
Resource Hash
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.paypalobjects.com/muse/analytics/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 16:04:11 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
paypal-debug-id
3aaddaa5ce81f
dc
ccg11-origin-www-1.paypal.com
content-length
18
last-modified
Sat, 13 Feb 2021 00:26:56 GMT
server
ECAcc (daa/7CCC)
traceparent
00-00000000000000000003aaddaa5ce81f-e7c33fadf1c2f879-01
etag
"60271cd0-12"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Mon, 19 Feb 2024 16:04:10 GMT
ts
t.paypal.com/ 		42 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AJCSSR9MA8XG36-1&page=muse%3Aoffer%3A%3A%3AJCSSR9MA8XG36-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=e0909247-9a3e-4bd0-a0e1-2676377bf3a1&es=visitorInfoFlowStarted&mrid=JCSSR9MA8XG36&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Home&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1708358650931&g=-60&completeurl=https%3A%2F%2Fv2bugbounty.myvolusion.com%2F&disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://v2bugbounty.myvolusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 19 Feb 2024 16:04:11 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
53e6e1f97fdf4
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-etou8220115-FRA, cache-ams21065-AMS
pragma
no-cache
correlation-id
53e6e1f97fdf4
traceparent
00-000000000000000000053e6e1f97fdf4-0963003db5a80fd8-01
x-timer
S1708358651.937671,VS0,VE183
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 19 Feb 2024 16:04:11 GMT
/
api.material.com/carts/ 		289 B
553 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.material.com/carts/
Requested by
Host: sdk.v2-prod.volusion.com
URL: https://sdk.v2-prod.volusion.com/element-sdk.umd.js?release=lazy
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.232.115.75 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
75.115.232.35.bc.googleusercontent.com
Software
/
Resource Hash
1e25fb339858f08792ffa28fb1b098bf45c8373db76749fa9803ad55585ce7e5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://v2bugbounty.myvolusion.com/
x-mat-tenant
5c06efb8d8250b001293fbba
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 16:04:11 GMT
x-vol-correlation
2e2b1f94-fdd5-401d-a3e7-41655b050cf4
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"121-1Iwpw1owu2KQJCMeZeiKS5v/bxs"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
must-revalidate, private
content-length
289
expires
-1
/
api.material.com/carts/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.material.com/carts/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.232.115.75 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
75.115.232.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-mat-tenant
Access-Control-Request-Method
POST
Origin
https://v2bugbounty.myvolusion.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-headers
x-mat-tenant
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Mon, 19 Feb 2024 16:04:11 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Access-Control-Request-Headers
graphql
www.paypal.com/targeting/ Frame 45D2 		435 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql?disableSetCookie=true
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3c5edab4f4430b278c20dc1dd17155c92fd0dbeeabde188afe15fc958cee59eb
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-u+KHNlVnoGiYpPleuiFsCMbrfe6OqOLKmdnTPeD/zfawo93p' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paypalobjects.com/
disable-set-cookie
true
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-u+KHNlVnoGiYpPleuiFsCMbrfe6OqOLKmdnTPeD/zfawo93p' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Mon, 19 Feb 2024 16:04:11 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS, MISS
paypal-debug-id
f201594b1a2c6
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-fra-eddf8230020-FRA, cache-ams21057-AMS, cache-ams21057-AMS
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f201594b1a2c6-e6b154e2ec954609-01
x-timer
S1708358651.343743,VS0,VE267
etag
W/"1b3-sfWbkFjQhHRM9f6M3f3ORKlqtOg"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0, 0
graphql
www.paypal.com/targeting/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/targeting/graphql?disableSetCookie=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,disable-set-cookie
Access-Control-Request-Method
POST
Origin
https://www.paypalobjects.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type,disable-set-cookie
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.paypalobjects.com
access-control-expose-headers
Paypal-Debug-Id
cache-control
max-age=0, no-cache, no-store, must-revalidate
date
Mon, 19 Feb 2024 16:04:11 GMT
dc
ccg11-origin-www-1.paypal.com
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f201594afc86f
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f201594afc86f-9870461d6367056e-01
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, MISS, MISS
x-cache-hits
0, 0, 0
x-served-by
cache-fra-eddf8230092-FRA, cache-ams21030-AMS, cache-ams21030-AMS
x-timer
S1708358651.118791,VS0,VE207
client
api.material.com/shoppers/ 		32 B
295 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.material.com/shoppers/client
Requested by
Host: sdk.v2-prod.volusion.com
URL: https://sdk.v2-prod.volusion.com/element-sdk.umd.js?release=lazy
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.232.115.75 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
75.115.232.35.bc.googleusercontent.com
Software
/
Resource Hash
ecbd1883728762f7ae2be496a325a8a861d5806482f847806c1701312a8d4a9f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://v2bugbounty.myvolusion.com/
x-vol-tenant
5c06efb8d8250b001293fbba
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 16:04:11 GMT
x-vol-correlation
5071ba0d-2e76-41c9-ba09-0bbc4b82d9bc
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"20-GPH69nIloE8hF2rzdCeBrKC9pTo"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
must-revalidate, private
content-length
32
expires
-1
client
api.material.com/shoppers/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.material.com/shoppers/client
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.232.115.75 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
75.115.232.35.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-vol-tenant
Access-Control-Request-Method
GET
Origin
https://v2bugbounty.myvolusion.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-headers
x-vol-tenant
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
date
Mon, 19 Feb 2024 16:04:11 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Access-Control-Request-Headers
565e3f16-11aa-4e4c-b9ba-8f3629aab59c
https://v2bugbounty.myvolusion.com/ 		28 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://v2bugbounty.myvolusion.com/565e3f16-11aa-4e4c-b9ba-8f3629aab59c
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a14f0af294983454c88a311ef085cd43fc57d8ebb61721683eb14c51006ae5d3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length
29048
Content-Type
application/javascript

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.paypal.com
URL
https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __cfQR function| lazyLoadImages function| prepareSourceElementsIfAvailable object| React object| ReactDOM object| aphrodite object| ElementSdk object| PubSub object| aphrodite/no-important object| aphroditeScript object| globalStyles object| rehydrate boolean| __cfRLUnblockHandlers object| __post_robot_11_0_0___uid_izrxjysaoznxpiqisooecplgayclnm object| paypal object| __zoid_10_3_3___uid_izrxjysaoznxpiqisooecplgayclnm object| volBlock_87877411621832316_1 object| volBlock_248935783929481115_1 object| volBlock_87847401317992052_1 object| volBlock_98523969467975449_1 object| volBlock_90667017895413385_1 object| volBlock_245011613810165483_1 object| paypalDDL string| PaypalOffersObject function| ppq object| __post_robot_10_0_44__ object| PAYPAL

1 Cookies

Domain/Path Name / Value
.myvolusion.com/ Name: __cf_bm
Value: Zgjnva8SFQNEXvC_9LJ7U.RaWBeaY1eRoTnAhTc9dcU-1708358649-1.0-AasELbYe1RSk2tgd8zOOPH8riicywGIcS3/f36rst5lBMz1z7LuBThREMEgVtGo3r9bqhxEqfTxqQp21XioN4NI=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' *.volusion.com
Strict-Transport-Security max-age=15552000; includeSubDomains;
X-Content-Security-Policy frame-ancestors 'self' *.volusion.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.material.com
res.cloudinary.com
sdk.v2-prod.volusion.com
storage.googleapis.com
t.paypal.com
unpkg.com
v2bugbounty.myvolusion.com
www.paypal.com
www.paypalobjects.com
www.paypal.com
151.101.1.21
151.101.1.35
192.229.221.25
2606:4700::6810:7aaf
2a00:1450:4001:80f::201b
2a02:26f0:3500:890::523
2a06:98c1:3120::3
2a06:98c1:3121::3
35.186.254.18
35.232.115.75
0328bebfaa2c0f752e89eb65a814c9918dae527b5e5b2de4b1c4d7ec1ce0502a
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
0b78967ca9417954e5ae8bafbd41050b85495f3dd7f5c96ffbb9dcfa58c8230e
1e25fb339858f08792ffa28fb1b098bf45c8373db76749fa9803ad55585ce7e5
1f23dbdd8fdd405abd86209e6e986fdeef4e41d6092458da73287d9afc691d2a
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
21430d0a7aaa8d140f9bdcf6be57fea8a8694efd11b2f85bdd66495f10420c4c
225b49a3c294b72f09eb108d2ff4b971f76613a6bcb15a2d7d826bff03e624ad
271ce7894c45b035e9b13682bc5720e0ba8c64b04d53b6c0927899a80c2b12f9
2cfa83b0ab76fdb10da46e4a67fb9ef7e49d4f22852fcf413a52e11a07718672
35390fe7a6b508acf15bad7a90767417e77a2e2a7b3b80a1aa8fd86e67316c9a
3c5edab4f4430b278c20dc1dd17155c92fd0dbeeabde188afe15fc958cee59eb
4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87
49870f18beb86b2bf1449533e46ffe30cbd3cd1da7f6e64060a82c3464cbf757
558bd3750a3afc0be24a08586fe5b1ce67129b963cb12fc48bd520924e72de82
5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf
5eca572cd68aa4afde19d317daf93398ca142c3648214e16b37e054e15c3f9e1
62009bb17fdcb3a12aaf237fb4f386c7fd05a111e79dc4ac331ccdf8ae9be8c9
647ccd25726a04b6cc9a01d6f1527426fe56555fd1f7bec4772c8d365f562b31
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
7c41e049e78762cb63796e4f01a64ccdd67c95d962005803679b10e0c1009e37
85049f56656d476f327484f90c1875f3095e48aa7e157d19305042dae2fe9507
891f5d9d279540af00d19be858f68ae54a84896a402e3f15381bdd68f2822147
8f78e0955f6044f006e5d2ae8ef5db371c5dc441368f5914cb10761fe88f1c20
a14f0af294983454c88a311ef085cd43fc57d8ebb61721683eb14c51006ae5d3
a598cb5ddfca8b6c84b3cdaa26e86bed1ea040aa2a102612205300b63fbd12b7
b33033bd883076c2801463cc7b967fc8162632c658817b6dca12bff6738999db
ba90ff3e111145cc3ca370c514b020cbec77712c4c494b4d34177ba08b624c8a
c08212d3b9f8c889ed608bfc01446e9c15fa14b2b32481eeb7bebf0299077bb9
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ded070ad80ba9958203c4349d4b2059aa29527cdf52f442560071b4ce5b4749f
e672f0ecc140b0e967384d2550161873a44370f5142c73355a42e2c3ba31827e
ecbd1883728762f7ae2be496a325a8a861d5806482f847806c1701312a8d4a9f
fa260925c5bfc71a3dfd9f1d9ffb42aa844ecc6e312ac7da268740cf84671d00
fce43cbbed54308634053a18a4475433709e708fbaf95b58c008352faa1de971