Submitted URL: https://clicktime.cloud.postoffice.net/clicktime.php?U=https%3A%2F%2Fvenmo.com%2Flegal%2Fus-licenses%2F&E=sheila.fortin%40jdcu.com&X=XI...
Effective URL: https://venmo.com/legal/us-licenses/
Submission: On April 24 via manual from US — Scanned from DE

Summary

This website contacted 14 IPs in 2 countries across 11 domains to perform 50 HTTP transactions. The main IP is 52.84.150.34, located in United States and belongs to AMAZON-02, US. The main domain is venmo.com. The Cisco Umbrella rank of the primary domain is 13083.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on April 21st 2023. Valid for: a year.
This is the only time venmo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
20 venmo.com
venmo.com — Cisco Umbrella Rank: 13083
2 MB
9 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2924
t.paypal.com — Cisco Umbrella Rank: 3505
10 KB
5 ctfassets.net
images.ctfassets.net — Cisco Umbrella Rank: 3594
9 KB
5 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2623
44 KB
3 mparticle.com
jssdkcdns.mparticle.com — Cisco Umbrella Rank: 6359
identity.mparticle.com — Cisco Umbrella Rank: 3143
45 KB
2 optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 902
76 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
91 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
146 KB
1 amazonaws.com
venmo.s3.amazonaws.com — Cisco Umbrella Rank: 168411
10 KB
1 postoffice.net
clicktime.cloud.postoffice.net — Cisco Umbrella Rank: 369603
342 B
50 11
Domain Requested by
20 venmo.com 1 redirects venmo.com
7 t.paypal.com
5 images.ctfassets.net venmo.com
5 www.paypalobjects.com venmo.com
www.paypalobjects.com
2 cdn.optimizely.com venmo.com
2 identity.mparticle.com jssdkcdns.mparticle.com
2 connect.facebook.net venmo.com
connect.facebook.net
2 www.paypal.com www.paypalobjects.com
2 www.google-analytics.com venmo.com
www.google-analytics.com
2 www.googletagmanager.com venmo.com
www.googletagmanager.com
1 venmo.s3.amazonaws.com
1 jssdkcdns.mparticle.com venmo.com
1 clicktime.cloud.postoffice.net 1 redirects
50 13
Subject Issuer Validity Valid
ops.venmo.com
DigiCert SHA2 Extended Validation Server CA
2023-04-21 -
2024-05-21
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2024-03-18 -
2024-06-10
3 months crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA
2023-10-12 -
2024-10-31
a year crt.sh
images.ctfassets.net
Amazon RSA 2048 M02
2023-12-19 -
2025-01-16
a year crt.sh
jssdkcdns.mparticle.com
Go Daddy Secure Certificate Authority - G2
2023-05-02 -
2024-06-02
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-02-02 -
2024-05-02
3 months crt.sh
identity.mparticle.com
Go Daddy Secure Certificate Authority - G2
2024-02-08 -
2024-06-08
4 months crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA
2023-09-21 -
2024-10-21
a year crt.sh
cdn.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1
2023-09-01 -
2024-09-04
a year crt.sh

This page contains 1 frames:

Primary Page: https://venmo.com/legal/us-licenses/
Frame ID: 2342F402E2B737DA661BBFAA8851439C
Requests: 51 HTTP requests in this frame

Screenshot

Page Title

Venmo - Share Payments

Page URL History Show full URLs

  1. https://clicktime.cloud.postoffice.net/clicktime.php?U=https%3A%2F%2Fvenmo.com%2Flegal%2Fus-licenses%2F&E=sheila.fo... HTTP 307
    https://venmo.com/legal/us-licenses/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+(?:https?:)?//(?:assets|downloads|images|videos)\.(?:ct?fassets\.net|contentful\.com)

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js

Page Statistics

50
Requests

98 %
HTTPS

50 %
IPv6

11
Domains

13
Subdomains

14
IPs

2
Countries

2068 kB
Transfer

7500 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://clicktime.cloud.postoffice.net/clicktime.php?U=https%3A%2F%2Fvenmo.com%2Flegal%2Fus-licenses%2F&E=sheila.fortin%40jdcu.com&X=XID411CDXRGc1345Xd1&T=JDCU&HV=U,E,X,T&H=fef2f03e9d4188e22150a485e750f24fe12d6ad2 HTTP 307
    https://venmo.com/legal/us-licenses/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://venmo.com/favicon.ico HTTP 302
  • https://venmo.s3.amazonaws.com/favicon.ico

50 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
venmo.com/legal/us-licenses/
Redirect Chain
  • https://clicktime.cloud.postoffice.net/clicktime.php?U=https%3A%2F%2Fvenmo.com%2Flegal%2Fus-licenses%2F&E=sheila.fortin%40jdcu.com&X=XID411CDXRGc1345Xd1&T=JDCU&HV=U,E,X,T&H=fef2f03e9d4188e22150a485...
  • https://venmo.com/legal/us-licenses/
524 KB
89 KB
Document
General
Full URL
https://venmo.com/legal/us-licenses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a77919522cec166c00eb6a67f6f9f5906ed62a00c51d1ce859d039c87f95ab88
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.venmo.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
public, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
frame-ancestors 'self' *.venmo.com;
content-type
text/html; charset=utf-8
date
Wed, 24 Apr 2024 18:39:02 GMT
etag
W/"0fadd4327026942474b5890ce70aeaa2"
last-modified
Tue, 23 Apr 2024 19:49:41 GMT
server
nginx
strict-transport-security
max-age=31536000
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-id
uZN8Z1VNoESVFoXfwedU9FUqHxcQdjQvNSfAiYf-jXusdENq2BNHtQ==
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
59
x-frame-options
SAMEORIGIN

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Wed, 24 Apr 2024 18:39:02 GMT
Expires
0
Keep-Alive
timeout=15, max=100
Location
https://venmo.com/legal/us-licenses/
Server
Apache
X-Powered-By
PHP/8.2.16
js
www.googletagmanager.com/gtag/
122 KB
47 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?G-NM9TNT36E1
Requested by
Host: venmo.com
URL: https://venmo.com/legal/us-licenses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5930495084fc0c1a9448d392b99ac704c8fa7e925ae3c90e30e62ce5e1ad966c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 18:39:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48159
x-xss-protection
0
last-modified
Wed, 24 Apr 2024 18:10:11 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 24 Apr 2024 18:39:02 GMT
ncs.js
www.paypalobjects.com/ncs/
15 KB
4 KB
Script
General
Full URL
https://www.paypalobjects.com/ncs/ncs.js
Requested by
Host: venmo.com
URL: https://venmo.com/legal/us-licenses/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC9) /
Resource Hash
4673c229c2c1d356b98c232c599afdb44c85e7279c63c3ef962b4ba677378ba9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 18:39:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
6b126ff4ec7c8
dc
ccg11-origin-www-1.paypal.com
content-length
3913
last-modified
Tue, 19 Mar 2024 19:04:12 GMT
server
ECAcc (frc/4CC9)
traceparent
00-00000000000000000006b126ff4ec7c8-d7f2a7ad62d59de5-01
etag
W/"65f9e1ac-3a48"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Wed, 24 Apr 2024 19:39:02 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: venmo.com
URL: https://venmo.com/legal/us-licenses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 Apr 2024 17:48:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3054
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 24 Apr 2024 19:48:08 GMT
mapping.js
www.paypalobjects.com/ncs/venmo/
646 B
565 B
Script
General
Full URL
https://www.paypalobjects.com/ncs/venmo/mapping.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ncs/ncs.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CCA) /
Resource Hash
a5fbbc45491760741144b2d841b6cfc6a44719b155039c439ad74338b2f4346e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 18:39:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
e69fb1180e44d
dc
ccg11-origin-www-1.paypal.com
content-length
373
last-modified
Fri, 23 Jun 2023 20:10:02 GMT
server
ECAcc (frc/4CCA)
traceparent
00-0000000000000000000e69fb1180e44d-67a2d9f521092f65-01
etag
W/"6495fc1a-286"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Wed, 24 Apr 2024 19:39:03 GMT
getBanner
www.paypal.com/myaccount/privacy/cookieprefs/
17 KB
7 KB
XHR
General
Full URL
https://www.paypal.com/myaccount/privacy/cookieprefs/getBanner?showBanner=true&country=US&language=en&policyType=CookieBanner&originalHeaders={%22cookie%22:%22%22}&tenant=venmo&tenantData={}
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ncs/ncs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
50d8b6a8f78cfb3dd6f7201a8cb9cf01a3930c9ea5705d3af0f1a01ecaed8aad
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-nrnwj6jZPYREWcsYOfSQCPR5GS/FtUuev0edkhMnHSdKM0su' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Access-Control-Allow-Origin
*
Accept
*/*
Referer
https://venmo.com/
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-nrnwj6jZPYREWcsYOfSQCPR5GS/FtUuev0edkhMnHSdKM0su' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 Apr 2024 18:39:03 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS, MISS
paypal-debug-id
f328596c72b8b
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220052-FRA, cache-fra-etou8220052-FRA
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f328596c72b8b-e6437d0876f7db63-01
x-timer
S1713983943.218851,VS0,VE240
etag
W/"45c1-QoOhwUbd6qf9dFOofkv24EuzgY8"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://venmo.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0
getBanner
www.paypal.com/myaccount/privacy/cookieprefs/
0
0
Preflight
General
Full URL
https://www.paypal.com/myaccount/privacy/cookieprefs/getBanner?showBanner=true&country=US&language=en&policyType=CookieBanner&originalHeaders={%22cookie%22:%22%22}&tenant=venmo&tenantData={}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-8jBd+QOihPAPLNFZ3zetMV9mRWe6h25Dkmvzk1QI+9YgwVJN' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type
Access-Control-Request-Method
GET
Origin
https://venmo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges
none
access-control-allow-credentials
true
access-control-allow-headers
access-control-allow-origin, Content-Type, Accept, X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
https://venmo.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-8jBd+QOihPAPLNFZ3zetMV9mRWe6h25Dkmvzk1QI+9YgwVJN' 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://recaptcha.net/; img-src 'self' * data:; object-src 'none'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com; frame-src 'self' https://*.paypalobjects.com https://*.paypal.com https://recaptcha.net/ https://*.qualtrics.com; connect-src 'self' 'unsafe-inline' https://*.paypal.com https://*.paypalobjects.com https://id.venmo.com https://venmo.com/ https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/plain; charset=utf-8
date
Wed, 24 Apr 2024 18:39:03 GMT
dc
ccg11-origin-www-1.paypal.com
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id
f3285964ea064
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing
content-encoding;desc="br",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
traceparent
00-0000000000000000000f3285964ea064-25af362dce08ad98-01
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-served-by
cache-fra-etou8220091-FRA, cache-fra-etou8220091-FRA
x-timer
S1713983943.997579,VS0,VE189
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/
294 KB
98 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NM9TNT36E1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?G-NM9TNT36E1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a6c125fb1b4548b312d07d679ee4342130c36eac5e556b1042c08289c55ae868
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 18:39:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100520
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 Apr 2024 18:39:03 GMT
fonts.css
venmo.com/static-assets/fonts/
3 KB
960 B
Stylesheet
General
Full URL
https://venmo.com/static-assets/fonts/fonts.css
Requested by
Host: venmo.com
URL: https://venmo.com/legal/us-licenses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
fa24c41496d012f8ccdccbff17a904952e2fbb4102356b29c0b0a692b41365eb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.venmo.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/legal/us-licenses/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 18 Feb 2024 20:35:31 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
frame-ancestors 'self' *.venmo.com;
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
5695412
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
21
last-modified
Fri, 07 Oct 2022 01:22:39 GMT
server
nginx
etag
W/"3256bacbf1e1526b73eb422ae8319cf9"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
V2LowRT-84z3SSU_hOq061vdh7-qtgkbmNsC1mWeGiS77PgCLb0DiA==
91a44210-06d0-4304-b0da-411cc5e66917_app-store-icon.svg
images.ctfassets.net/gkyt4bl1j2fs/5yRidqdbuOKk7K0V29FCdJ/888b7572a363f3186dfaff7e08dc17c0/
5 KB
2 KB
Image
General
Full URL
https://images.ctfassets.net/gkyt4bl1j2fs/5yRidqdbuOKk7K0V29FCdJ/888b7572a363f3186dfaff7e08dc17c0/91a44210-06d0-4304-b0da-411cc5e66917_app-store-icon.svg
Requested by
Host: venmo.com
URL: https://venmo.com/legal/us-licenses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:f000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
c6c2b97d2c79c372dc75854ace40979e531eddea89b8d137c1b513e4fbe85398

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 02:35:24 GMT
content-encoding
gzip
via
1.1 db85cac9bd06b81c92694774b9b6f520.cloudfront.net (CloudFront)
last-modified
Thu, 23 Jul 2020 02:14:59 GMT
server
Contentful Images API
x-amz-cf-pop
AMS58-P2
age
57820
etag
W/"cfcc87c27175bbc1df90ead8169e3a2e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
daBk8jWXUDUdFXzfu_u1LelzCGZ-Uz7NfAhb1U9Ac_9ZVzlp04mTCg==
e01b9c58-a73a-4d18-ae2b-2d81cc537c7a_google-play-icon.svg
images.ctfassets.net/gkyt4bl1j2fs/4elL6z7sEJbFubKUU7uwv7/ee2688b999e8da3cff3009d5f56f5d73/
5 KB
2 KB
Image
General
Full URL
https://images.ctfassets.net/gkyt4bl1j2fs/4elL6z7sEJbFubKUU7uwv7/ee2688b999e8da3cff3009d5f56f5d73/e01b9c58-a73a-4d18-ae2b-2d81cc537c7a_google-play-icon.svg
Requested by
Host: venmo.com
URL: https://venmo.com/legal/us-licenses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:f000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
cbfb2a7d4ad8f71faa905cc2dd71f7bc2913cc5fd50d10c0e20e53de828fcf82

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 05:10:24 GMT
content-encoding
gzip
via
1.1 db85cac9bd06b81c92694774b9b6f520.cloudfront.net (CloudFront)
last-modified
Thu, 23 Jul 2020 02:15:46 GMT
server
Contentful Images API
x-amz-cf-pop
AMS58-P2
age
48520
etag
W/"446e18ca3767a3b9c9bf347d004f003c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
7qYBr6zPV5zXzgoKeHxCNfuGdGT8SKLTpCt4fe1hTeiN6ugGC7HTOA==
ebb370be-e241-4600-949a-4f6710b1b142_instagram-icon.svg
images.ctfassets.net/gkyt4bl1j2fs/5a1jYA8djo9ilD72T9fVm5/2a6ff67c8a89ae2ec823abd826f566a8/
3 KB
2 KB
Image
General
Full URL
https://images.ctfassets.net/gkyt4bl1j2fs/5a1jYA8djo9ilD72T9fVm5/2a6ff67c8a89ae2ec823abd826f566a8/ebb370be-e241-4600-949a-4f6710b1b142_instagram-icon.svg
Requested by
Host: venmo.com
URL: https://venmo.com/legal/us-licenses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:f000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
a6926e747f18e3e8d82ffade4e18191b5e5b784ef44cf8c7aa10fd6885dc5718

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 02:46:24 GMT
content-encoding
gzip
via
1.1 db85cac9bd06b81c92694774b9b6f520.cloudfront.net (CloudFront)
last-modified
Thu, 23 Jul 2020 02:19:15 GMT
server
Contentful Images API
x-amz-cf-pop
AMS58-P2
age
57160
etag
W/"4223adb8dab2d52edcdd0254d6010866"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
SxZP63AyP8sXDa_kyFwI-xGVamIS6HU-w3NuUT4b4iY7AHmwShx_DQ==
64e29ead-c913-4ac2-b39d-c0a03b61cb6a_twitter-icon.svg
images.ctfassets.net/gkyt4bl1j2fs/1Xnb0FQsxsETwn52uJjqmH/547b5cde0b90489e9de1adf379f69168/
1 KB
1 KB
Image
General
Full URL
https://images.ctfassets.net/gkyt4bl1j2fs/1Xnb0FQsxsETwn52uJjqmH/547b5cde0b90489e9de1adf379f69168/64e29ead-c913-4ac2-b39d-c0a03b61cb6a_twitter-icon.svg
Requested by
Host: venmo.com
URL: https://venmo.com/legal/us-licenses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:f000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
c09bf62c2d46708a1fd605812b522232111ea99d68a17fd835bcaf8ff816486c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 05:10:24 GMT
content-encoding
gzip
via
1.1 db85cac9bd06b81c92694774b9b6f520.cloudfront.net (CloudFront)
last-modified
Thu, 23 Jul 2020 02:18:39 GMT
server
Contentful Images API
x-amz-cf-pop
AMS58-P2
age
48520
etag
W/"5166c0d79bae42ff989c186869dc25c0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
N13ZQCZcv1UIuqrR0YXimfGH9tf7Wrx_49FjyDon1we9reia9iG4rQ==
757a8c1a-d41a-4a53-8fb3-cac665c2bd89_facebook-icon.svg
images.ctfassets.net/gkyt4bl1j2fs/p9L2SKCwCmCkWSOrv7P3N/c7f77485b0aa297256d3428a97e7492b/
413 B
790 B
Image
General
Full URL
https://images.ctfassets.net/gkyt4bl1j2fs/p9L2SKCwCmCkWSOrv7P3N/c7f77485b0aa297256d3428a97e7492b/757a8c1a-d41a-4a53-8fb3-cac665c2bd89_facebook-icon.svg
Requested by
Host: venmo.com
URL: https://venmo.com/legal/us-licenses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:f000:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
99fa45e18dfeeea65e5e02f72bce972f99e7d03898a1512db322650ba3b7fc3c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 04:52:45 GMT
via
1.1 db85cac9bd06b81c92694774b9b6f520.cloudfront.net (CloudFront)
last-modified
Thu, 23 Jul 2020 02:16:37 GMT
server
Contentful Images API
x-amz-cf-pop
AMS58-P2
age
49579
etag
"518021e3dd69af49a601e3900511518c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
413
x-amz-cf-id
gaJWBteqwieeGYu2QB9QDe0zq32CgaRpsmB2PsAZPrw8GE6n_iS2_A==
pa_venmo.js
www.paypalobjects.com/pa/js/
38 KB
14 KB
Script
General
Full URL
https://www.paypalobjects.com/pa/js/pa_venmo.js
Requested by
Host: venmo.com
URL: https://venmo.com/legal/us-licenses/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D09) /
Resource Hash
a70daa1ecb6fdd37c71466675790d54b8bb70227cd2e397db7ebcde9d1432fb9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 18:39:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
9828c38568079
dc
ccg11-origin-www-1.paypal.com
content-length
14377
last-modified
Tue, 16 Apr 2024 20:38:44 GMT
server
ECAcc (frc/4D09)
traceparent
00-00000000000000000009828c38568079-0bbe5f9545a777f4-01
etag
"661ee1d4-9656+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Wed, 24 Apr 2024 19:39:03 GMT
feature-toggles.js
venmo.com/
0
0
Script
General
Full URL
https://venmo.com/feature-toggles.js
Requested by
Host: venmo.com
URL: https://venmo.com/legal/us-licenses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/legal/us-licenses/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 18:39:03 GMT
strict-transport-security
max-age=31536000
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P2
x-powered-by
Express
x-frame-options
SAMEORIGIN
x-cache
Error from cloudfront
cache-control
no-cache
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
NHeViy8E3KIYOPABB7bZI1QnHBn91_izwn5Y54HvCLYCeXVoOXvqCA==
app-658-vd8aeb6998c383dd3adfee9b9a9f37e51.js
venmo.com/static-assets/
4 KB
2 KB
Script
General
Full URL
https://venmo.com/static-assets/app-658-vd8aeb6998c383dd3adfee9b9a9f37e51.js
Requested by
Host: venmo.com
URL: https://venmo.com/legal/us-licenses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
295745d5a4059665abe537b05a8357803e4dfa246e4c690720305d9383a794db
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.venmo.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/legal/us-licenses/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 19:52:23 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
frame-ancestors 'self' *.venmo.com;
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
82000
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
36
last-modified
Tue, 23 Apr 2024 19:49:39 GMT
server
nginx
etag
W/"cc83af749e67359e9fd492fc463517e0"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
zLlSZgGD7vzzMzN5rAOTk5IsWscIe6PDo3Ry38DgDxkNlAh5VWiB6w==
app-774-vd8aeb6998c383dd3adfee9b9a9f37e51.js
venmo.com/static-assets/
205 KB
66 KB
Script
General
Full URL
https://venmo.com/static-assets/app-774-vd8aeb6998c383dd3adfee9b9a9f37e51.js
Requested by
Host: venmo.com
URL: https://venmo.com/legal/us-licenses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a2dbbd9cf31f7ea0704f2c24183ffae5f936f10727e249f41e630491906bb2d5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.venmo.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/legal/us-licenses/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 19:52:23 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
frame-ancestors 'self' *.venmo.com;
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
82000
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
18
last-modified
Tue, 23 Apr 2024 19:49:40 GMT
server
nginx
etag
W/"47437be6e445aa4021bd0cf8d8942913"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
K5aQ9grDiFeebn7WalCdmFC9UajQAbJl9wlB9sRwZ09Rfm0pH_Fbdw==
app-143-vd8aeb6998c383dd3adfee9b9a9f37e51.js
venmo.com/static-assets/
1 MB
594 KB
Script
General
Full URL
https://venmo.com/static-assets/app-143-vd8aeb6998c383dd3adfee9b9a9f37e51.js
Requested by
Host: venmo.com
URL: https://venmo.com/legal/us-licenses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f75758197c8ceabe28cd7c2e9ae93b711500d1dbc321255d5dd3a62303f01fba
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.venmo.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/legal/us-licenses/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 19:52:22 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
frame-ancestors 'self' *.venmo.com;
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
82001
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
13
last-modified
Tue, 23 Apr 2024 19:49:39 GMT
server
nginx
etag
W/"5eb72ea5100c032ac317b8d9318696d9"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
uYEE-EKDBY-KgdC3Q2kq3lZcWw3F2NTOexgyfa_9NcOP46-uRcUJ5w==
mparticle.js
jssdkcdns.mparticle.com/js/v2/40433222e815b743853a4bb6b7a86058/
177 KB
45 KB
Script
General
Full URL
https://jssdkcdns.mparticle.com/js/v2/40433222e815b743853a4bb6b7a86058/mparticle.js
Requested by
Host: venmo.com
URL: https://venmo.com/legal/us-licenses/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e69e6074b3e838a4bbeb4a20f2a96e77be67703ea606415aedee2fa073b634c4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kjyo7100080-IAD, cache-fra-etou8220104-FRA
date
Wed, 24 Apr 2024 18:39:03 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
server
Kestrel
age
119
x-timer
S1713983943.048780,VS0,VE6
x-origin-name
fastlyshield--shield_ssl_cache_iad_kjyo7100080_IAD
x-cache
HIT, HIT
content-type
application/javascript
vary
Accept, Accept-Encoding
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
45853
x-cache-hits
39, 1
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
18d5602336d307ace25fcc5634c552a1ebfd3d7a34a4a65dc9d621ae65d96955

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
sdk.js
connect.facebook.net/en_US/
3 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: venmo.com
URL: https://venmo.com/legal/us-licenses/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0ab87b4b5e357a75a70684edc2cb1f7e45ab46a6c41c0c11551b0963473ea214
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 Apr 2024 18:39:03 GMT
content-md5
4urTUVBSsrxYGBCyft83PA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1294, tbw=2778, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
AgPGnGtDjaUVJWa3DBOmrbdL8/a4Do9aawXgr8jZIQv/6/IDjNbA+m9X9IrUb3xR/L8QL/VOPM+SAI3tcGqvBQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
33df81f7c13f76d5a944eadc5387b0f5
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"19b27dd47fa66ede1a29eaec0e640923"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Wed, 24 Apr 2024 18:57:50 GMT
SctoGrotesk-Regular.ttf
venmo.com/static-assets/fonts/SctoGrotesk/
84 KB
39 KB
Font
General
Full URL
https://venmo.com/static-assets/fonts/SctoGrotesk/SctoGrotesk-Regular.ttf
Requested by
Host: venmo.com
URL: https://venmo.com/static-assets/fonts/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
828e97526157986d3d01257a8c38b1f7b8f70ca0367a68225ceb21b25a086e5c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.venmo.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/static-assets/fonts/fonts.css
Origin
https://venmo.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 09:47:41 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
frame-ancestors 'self' *.venmo.com;
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
31882
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
29
last-modified
Tue, 29 Sep 2020 14:47:17 GMT
server
nginx
etag
W/"c11532d8af656ed3d4d0d6d1a366d676"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
font/ttf
access-control-allow-origin
https://venmo.com
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
vary
Accept-Encoding
x-amz-cf-id
u2ZvXkIhBY3NTsSeww0OzB84x9Zd-cqVYF7vTXBxx5TAzXun-Y75LQ==
Athletics-Medium.ttf
venmo.com/static-assets/fonts/Athletics/
92 KB
40 KB
Font
General
Full URL
https://venmo.com/static-assets/fonts/Athletics/Athletics-Medium.ttf
Requested by
Host: venmo.com
URL: https://venmo.com/static-assets/fonts/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
78c382fba05d713f8767a7c7f3d901973cd8c9ba122eceac45b2ad36ce5740fe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.venmo.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/static-assets/fonts/fonts.css
Origin
https://venmo.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 03:36:28 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
frame-ancestors 'self' *.venmo.com;
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
54155
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
41
last-modified
Tue, 29 Sep 2020 14:47:17 GMT
server
nginx
etag
W/"8c519f30b3ec4d8c2de3964ca2bb3a58"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
font/ttf
access-control-allow-origin
https://venmo.com
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
vary
Accept-Encoding
x-amz-cf-id
CwRNVRwkhzVRBRMSOLIARXjyjycbQL1CjOulzPYzKVJaG2QLzCTfeg==
SctoGrotesk-Medium.ttf
venmo.com/static-assets/fonts/SctoGrotesk/
90 KB
45 KB
Font
General
Full URL
https://venmo.com/static-assets/fonts/SctoGrotesk/SctoGrotesk-Medium.ttf
Requested by
Host: venmo.com
URL: https://venmo.com/static-assets/fonts/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0ecbb60a55806073d10ad4fe26da9ebede5afe35ef0417bd206e43ea716d2c08
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.venmo.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/static-assets/fonts/fonts.css
Origin
https://venmo.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 09:51:07 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
frame-ancestors 'self' *.venmo.com;
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
31676
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
27
last-modified
Tue, 29 Sep 2020 14:47:17 GMT
server
nginx
etag
W/"b1f56b151f3067d341668f81909ef216"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
font/ttf
access-control-allow-origin
https://venmo.com
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
vary
Accept-Encoding
x-amz-cf-id
h9UZKRnw4SpcOLRz7bFS97GORoW1SaqJ8A-7j7wZlpFKSGYuUq4U8w==
SctoGrotesk-Bold.ttf
venmo.com/static-assets/fonts/SctoGrotesk/
89 KB
45 KB
Font
General
Full URL
https://venmo.com/static-assets/fonts/SctoGrotesk/SctoGrotesk-Bold.ttf
Requested by
Host: venmo.com
URL: https://venmo.com/static-assets/fonts/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ee64e1424f312ba149b68f5c0e5e2b46937805d24e48b601942c327c8b0d8cb7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.venmo.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/static-assets/fonts/fonts.css
Origin
https://venmo.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 03:02:42 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
frame-ancestors 'self' *.venmo.com;
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
56181
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
48
last-modified
Tue, 29 Sep 2020 14:47:17 GMT
server
nginx
etag
W/"f885d4b3a61fd803ee90c36349ec947e"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
font/ttf
access-control-allow-origin
https://venmo.com
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
vary
Accept-Encoding
x-amz-cf-id
hnY01SAwKyZoNejPhWdpiNqy838wzuj3JN56bB3UqVQt8SamPBQMyQ==
sdk.js
connect.facebook.net/en_US/
304 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=77e43d18eda7c420d5a1938a4fb7261c
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
c0b4f1b5c9a90cacec336302056b890ef14b8fb8e2c0e644eef1371b12839f39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/
Origin
https://venmo.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 Apr 2024 18:39:03 GMT
content-md5
XcvbfjZUEcxOiZxygV0Lqg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
89017
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4324, tp=9, tpl=0, uplat=1, ullat=-1
x-fb-debug
OEP9+ZJfqGzjvBHNzqT6RZjvojd3/u5wWgO1zke45Rf1kaUgPK8VMPd7udEskIULLxkihiuC7GPFBdE8O+XopA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
b2166a8b63ec3c3010778679b8ca3628
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"9b498916f40b6ceeb65011cf1c7685af"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Thu, 24 Apr 2025 15:09:55 GMT
identify
identity.mparticle.com/v1/
0
0
Preflight
General
Full URL
https://identity.mparticle.com/v1/identify
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-mp-key
Access-Control-Request-Method
POST
Origin
https://venmo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-mp-key
access-control-allow-methods
POST
access-control-allow-origin
*
age
2376
date
Wed, 24 Apr 2024 18:39:03 GMT
server
Kestrel
strict-transport-security
max-age=900
via
1.1 varnish
x-cache
HIT
x-cache-hits
1025
x-fastly-trace-id
1143816357
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by
cache-fra-eddf8230042-FRA
x-timer
S1713983943.125067,VS0,VE0
identify
identity.mparticle.com/v1/
176 B
345 B
XHR
General
Full URL
https://identity.mparticle.com/v1/identify
Requested by
Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/40433222e815b743853a4bb6b7a86058/mparticle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Kestrel /
Resource Hash
bbf78219d588567dd047c58980cda090d36b2b843be3967aa70ba94de3d2d843
Security Headers
Name Value
Strict-Transport-Security max-age=900

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
x-mp-key
40433222e815b743853a4bb6b7a86058
Referer
https://venmo.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 18:39:03 GMT
content-encoding
gzip
via
1.1 varnish
x-mp-max-age
86400
strict-transport-security
max-age=900
x-origin-name
4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache
MISS
x-served-by
cache-fra-eddf8230042-FRA
server
Kestrel
x-timer
S1713983943.134629,VS0,VE110
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-MP-Max-Age
x-fastly-trace-id
1143816477
accept-ranges
bytes
x-cache-hits
0
app-data.json
venmo.com/static-assets/page-data/
50 B
522 B
XHR
General
Full URL
https://venmo.com/static-assets/page-data/app-data.json
Requested by
Host: venmo.com
URL: https://venmo.com/static-assets/app-143-vd8aeb6998c383dd3adfee9b9a9f37e51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d89c3345c7e1386f0cb42a951ae72358188217a38c692714b117b0a41b6391a6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.venmo.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/legal/us-licenses/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 20:46:20 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
frame-ancestors 'self' *.venmo.com;
last-modified
Tue, 23 Apr 2024 19:49:42 GMT
server
nginx
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/"8996f96e4e5dfe3e1e9ee4b3def4525b"
age
78763
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
application/json
x-envoy-upstream-service-time
16
x-amz-cf-id
wy01GOG1-ScRS0OF-r4-PJm8rOUIq8XdJwnEZwdex0GCyF24F9jtTQ==
page-data.json
venmo.com/static-assets/page-data/legal/us-licenses/
805 KB
181 KB
XHR
General
Full URL
https://venmo.com/static-assets/page-data/legal/us-licenses/page-data.json?v=87fcb5333852bd321d71da7ee12ceed3
Requested by
Host: venmo.com
URL: https://venmo.com/static-assets/app-143-vd8aeb6998c383dd3adfee9b9a9f37e51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d0349e78c233d81a25f73b479620a3b5c94aa5b8fecf2e4bfed722b85cb79f42
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.venmo.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/legal/us-licenses/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 19:53:17 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
frame-ancestors 'self' *.venmo.com;
last-modified
Tue, 23 Apr 2024 19:49:46 GMT
server
nginx
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/"39d41f4ddf8e9a9afb7186b86614c313"
age
81946
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
application/json
x-envoy-upstream-service-time
23
x-amz-cf-id
8wDb52Fa5NWwgJSdxetjBVQXKXCppLuiJqlOaXeKRnbkFplqWNcaMA==
favicon.ico
venmo.s3.amazonaws.com/
Redirect Chain
  • https://venmo.com/favicon.ico
  • https://venmo.s3.amazonaws.com/favicon.ico
10 KB
10 KB
Other
General
Full URL
https://venmo.s3.amazonaws.com/favicon.ico
Protocol
HTTP/1.1
Server
3.5.24.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
9947bfe04c94202fed5069ca20226954234e4115ae238322a8f9a31e3dae90f7

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://venmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date
Wed, 24 Apr 2024 18:39:04 GMT
Last-Modified
Thu, 25 Jan 2024 21:12:33 GMT
Server
AmazonS3
x-amz-request-id
MCTDYKJAQ4QVGCJA
ETag
"6b67413391a8214594511d9b3413ebfd"
x-amz-server-side-encryption
AES256
Content-Type
image/vnd.microsoft.icon
Accept-Ranges
bytes
Content-Length
9854
x-amz-id-2
kYTUJSbJnqHKofinlxx83AgS/8OOs50bc5rmJ6eV18vOvGzr63+3OYsbD+Y57e49JtuOzkGqCqVnhcBddNgYh2GPGd3lc9xF42qsqgMguuU=

Redirect headers

date
Wed, 24 Apr 2024 18:39:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
content-type
text/html
location
https://venmo.s3.amazonaws.com/favicon.ico
content-length
138
x-xss-protection
1; mode=block
x-amz-cf-id
FeVG4hVUSf2gjPS9l27h2CZ8HDY4KoySzaL4PAAGQ71e1YR0caMRFw==
app-351-vd8aeb6998c383dd3adfee9b9a9f37e51.js
venmo.com/static-assets/
38 KB
14 KB
Script
General
Full URL
https://venmo.com/static-assets/app-351-vd8aeb6998c383dd3adfee9b9a9f37e51.js
Requested by
Host: venmo.com
URL: https://venmo.com/static-assets/app-658-vd8aeb6998c383dd3adfee9b9a9f37e51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cd9d35f028192bcfd152548465595a8a6ecc59dfa761d15f5e0762d10969904a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.venmo.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/legal/us-licenses/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 14:34:23 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
frame-ancestors 'self' *.venmo.com;
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
14680
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
35
last-modified
Tue, 23 Apr 2024 19:49:39 GMT
server
nginx
etag
W/"329f41fd8520f00d92a281f1c06684eb"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
35gV4deCqs8Dr1K8Ikxw5ZTY4Kok4DQgyZqTku7hvsRiF9U8KMcSYA==
app-228-vd8aeb6998c383dd3adfee9b9a9f37e51.js
venmo.com/static-assets/
1 MB
397 KB
Script
General
Full URL
https://venmo.com/static-assets/app-228-vd8aeb6998c383dd3adfee9b9a9f37e51.js
Requested by
Host: venmo.com
URL: https://venmo.com/static-assets/app-658-vd8aeb6998c383dd3adfee9b9a9f37e51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
70c08ccf563804d7503d8042aa4d313aa72149b4366fc167961a9a3400ea739a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.venmo.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/legal/us-licenses/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 14:34:23 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
frame-ancestors 'self' *.venmo.com;
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
14680
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
64
last-modified
Tue, 23 Apr 2024 19:49:40 GMT
server
nginx
etag
W/"7fcee7613027d568ea6c11efc70a62fe"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
qPYEYMRYZlJ7RxZHpS5M5rP6qBlnz3HjzuJKuoLj1mQnM3KMmkK41g==
app-341-vd8aeb6998c383dd3adfee9b9a9f37e51.js
venmo.com/static-assets/
1 KB
1 KB
Script
General
Full URL
https://venmo.com/static-assets/app-341-vd8aeb6998c383dd3adfee9b9a9f37e51.js
Requested by
Host: venmo.com
URL: https://venmo.com/static-assets/app-658-vd8aeb6998c383dd3adfee9b9a9f37e51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
07bf88c519c0856ec2b131c59f1069e6f2d65cda265d5336ed6345a363677c9d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.venmo.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/legal/us-licenses/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 14:34:23 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
frame-ancestors 'self' *.venmo.com;
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
14680
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
33
last-modified
Tue, 23 Apr 2024 19:49:39 GMT
server
nginx
etag
W/"66762937fc4c4bc2bb56ab2de2e97467"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
7HRw_41UnO6WjlQ_Unt0lu98yABf6R4DoLqO2DIYKPB5VglT5G63QQ==
2502162017.json
venmo.com/static-assets/page-data/sq/d/
222 B
607 B
XHR
General
Full URL
https://venmo.com/static-assets/page-data/sq/d/2502162017.json
Requested by
Host: venmo.com
URL: https://venmo.com/static-assets/app-143-vd8aeb6998c383dd3adfee9b9a9f37e51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e1c44215a37e4a5535b70e4a4bd4e53d931036d21af5dbe65e335585dee5b603
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.venmo.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/legal/us-licenses/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 14:34:23 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
frame-ancestors 'self' *.venmo.com;
last-modified
Thu, 10 Dec 2020 16:17:16 GMT
server
nginx
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/"405cb37c0a23b0d210a8ec92f7f337d3"
age
14680
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
application/json
x-envoy-upstream-service-time
20
x-amz-cf-id
rh4WE13whzXbDkG-Q80QRbhyNQX4EzSWZpxEhBHV4RBYU1xl4NKENQ==
660320548.json
venmo.com/static-assets/page-data/sq/d/
77 B
528 B
XHR
General
Full URL
https://venmo.com/static-assets/page-data/sq/d/660320548.json
Requested by
Host: venmo.com
URL: https://venmo.com/static-assets/app-143-vd8aeb6998c383dd3adfee9b9a9f37e51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
31ec257227730b7ba40942602ce3d37fcff0472bb8a3a2977d6d1f9e27bf14e1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.venmo.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/legal/us-licenses/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 14:34:23 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
frame-ancestors 'self' *.venmo.com;
last-modified
Thu, 18 Jan 2024 22:55:26 GMT
server
nginx
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/"b07c7bdf405cf2fcdaea824bb6e75ddc"
age
14680
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
application/json
x-envoy-upstream-service-time
13
x-amz-cf-id
IimSiBK1yLIAupVdW78xB9agOPpwkVrYiA5vKCnu2Fq4Rke8pyg5kw==
ts
t.paypal.com/
42 B
812 B
Image
General
Full URL
https://t.paypal.com/ts?v=1.8.16&t=1713983943497&g=-120&page=main%3Aprivacy%3Apolicy%3Accpa&pgrp=main%3Aprivacy%3Apolicy&displaypage=Venmo%20-%20Share%20Payments&ppage=privacy_banner&bannertype=cookiebanner&ccpg=US&flag=ccpa&bannerversion=v4&bannersource=ConsentNodeServ&xe=108814&xt=142081&eligibility_reason=true&cookie_disabled=false&tenant_code=venmo&event_name=venmo_cookie_banner_shown&e=ac&tenant_name=venmo&3p_vid=621754102ea1e1a7&3p_fpti=3f91a4ee17ade9d8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/legal/us-licenses/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Wed, 24 Apr 2024 18:39:03 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
e33991c1d0c2f
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-etou8220046-FRA
pragma
no-cache
correlation-id
e33991c1d0c2f
traceparent
00-0000000000000000000e33991c1d0c2f-09e6d4980fdc4bab-01
x-timer
S1713983944.549752,VS0,VE150
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 Apr 2024 18:39:03 GMT
PayPalSansBig-Regular.woff2
www.paypalobjects.com/paypal-ui/fonts/
25 KB
25 KB
Font
General
Full URL
https://www.paypalobjects.com/paypal-ui/fonts/PayPalSansBig-Regular.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D0A) /
Resource Hash
1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/
Origin
https://venmo.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 18:39:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
ef6a377fde798
dc
ccg11-origin-www-1.paypal.com
content-length
25368
last-modified
Sat, 13 Feb 2021 00:27:06 GMT
server
ECAcc (frc/4D0A)
traceparent
00-0000000000000000000ef6a377fde798-3861cb9b5718f706-01
etag
"60271cda-6318"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Wed, 24 Apr 2024 19:39:03 GMT
XEQMPVUNK7sdt5H4mJXAQ.json
cdn.optimizely.com/datafiles/
684 KB
76 KB
XHR
General
Full URL
https://cdn.optimizely.com/datafiles/XEQMPVUNK7sdt5H4mJXAQ.json
Requested by
Host: venmo.com
URL: https://venmo.com/static-assets/app-143-vd8aeb6998c383dd3adfee9b9a9f37e51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:883::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
14c23f87cce055e7c705fec6ac0a1ffb67d1f5233b8d5b5e25c21dd6ba6ee706
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
iLZsHMzl_zpxXphVQNgEjmOwT35.1YjI
content-encoding
gzip
date
Wed, 24 Apr 2024 18:39:03 GMT
strict-transport-security
max-age=15768000
x-amz-request-id
A7R9Z28KDYSNJ0VD
x-amz-server-side-encryption
AES256
x-amz-meta-revision
12471
x-amz-replication-status
PENDING
server-timing
cdn-cache; desc=HIT, edge; dur=8, origin; dur=0, cdn;desc="AkamaiION";dur=0,rtt;desc="7";dur=0,cdnip;desc="2a02:26f0:3500:883::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1713983943543_388276615_1976325937_807_1199_6_11_219";dur=1
content-length
76672
x-amz-id-2
WWNxrnNXgmYRF+steSznYnKgTFDAqb4PK1xWqGbF0TxbI0OFnHMGA+9LXwG+196CQTQV0VBHiBg=
last-modified
Wed, 24 Apr 2024 14:09:41 GMT
server
AmazonS3
etag
"59d7fd7b0c9355c4a44749dd5d3827db"
vary
Accept-Encoding
access-control-max-age
604800
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD, OPTIONS
cache-control
max-age=118
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
XEQMPVUNK7sdt5H4mJXAQ.json
cdn.optimizely.com/datafiles/
684 KB
0
XHR
General
Full URL
https://cdn.optimizely.com/datafiles/XEQMPVUNK7sdt5H4mJXAQ.json
Requested by
Host: venmo.com
URL: https://venmo.com/static-assets/app-143-vd8aeb6998c383dd3adfee9b9a9f37e51.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:883::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
14c23f87cce055e7c705fec6ac0a1ffb67d1f5233b8d5b5e25c21dd6ba6ee706

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
iLZsHMzl_zpxXphVQNgEjmOwT35.1YjI
content-encoding
gzip
date
Wed, 24 Apr 2024 18:39:03 GMT
x-amz-request-id
A7R9Z28KDYSNJ0VD
x-amz-server-side-encryption
AES256
x-amz-meta-revision
12471
x-amz-replication-status
PENDING
server-timing
cdn-cache; desc=HIT, edge; dur=8, origin; dur=0, cdn;desc="AkamaiION";dur=0,rtt;desc="7";dur=0,cdnip;desc="2a02:26f0:3500:883::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1713983943543_388276615_1976325937_807_1199_6_11_219";dur=1
content-length
76672
x-amz-id-2
WWNxrnNXgmYRF+steSznYnKgTFDAqb4PK1xWqGbF0TxbI0OFnHMGA+9LXwG+196CQTQV0VBHiBg=
last-modified
Wed, 24 Apr 2024 14:09:41 GMT
server
AmazonS3
etag
"59d7fd7b0c9355c4a44749dd5d3827db"
vary
Accept-Encoding
access-control-max-age
604800
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD, OPTIONS
cache-control
max-age=118
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
truncated
/
41 KB
41 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58f03520078f42b5339bf2dc379a7426bd432bc8902fd47f577e5a0def8331d9

Request headers

Referer
Origin
https://venmo.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
font/woff
truncated
/
41 KB
41 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90f0cce3f3192a5892efc25005621a32285a1398fad3f51c1486325124af30c5

Request headers

Referer
Origin
https://venmo.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
font/woff
ts
t.paypal.com/
42 B
778 B
Image
General
Full URL
https://t.paypal.com/ts?v=1.8.16&t=1713983943580&g=-120&e=err&erpg=Minified%20React%20error%20%23418%3B%20visit%20https%3A%2F%2Freactjs.org%2Fdocs%2Ferror-decoder.html%3Finvariant%3D418%20for%20the%20full%20message%20or%20use%20the%20non-minified%20dev%20environment%20for%20full%20errors%20and%20additional%20helpful%20warnings.&error_type=WINDOW_ONERROR&error_description=Error%3A%20Minified%20React%20error%20%23418%3B%20visit%20_%2Ferror-decoder.html%3Finvariant%3D418%20for%20the%20full%20message%20or%20use%20the%20non-minified%20dev%20environment%20for%20full%20errors%20and%20additional%20helpful%20warnings.%0A%20%20%20%20at%20sl%20(_%2Fapp-774-vd8aeb6998c383dd3adfee9b9a9f37e51.js%3A2%3A118437)%0A%20%20%20%20at%20Ei%20(_%2Fapp-774-vd8aeb6998c383dd3adfee9b9a9f37e51.js%3A2%3A191603)%0A%20%20%20%20at%20ks%20(_%2Fapp-774-vd8aeb6998c383dd3adfee9b9a9f37e51.js%3A2%3A179077)%0A%20%20%20%20at%20ys%20(_%2Fapp-774-vd8aeb6998c383dd3adfee9b9a9f37e51.js%3A2%3A179005)%0A%20%20%20%20at%20vs%20(_%2Fapp-774-vd8aeb6998c383dd3adfee&error_source=https%3A%2F%2Fvenmo.com%2Fstatic-assets%2Fapp-774-vd8aeb6998c383dd3adfee9b9a9f37e51.js%202%3A118437&tenant_name=venmo&3p_vid=621754102ea1e1a7&3p_fpti=3f91a4ee17ade9d8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/legal/us-licenses/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Wed, 24 Apr 2024 18:39:03 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
0cab191e330a7
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-etou8220046-FRA
pragma
no-cache
correlation-id
0cab191e330a7
traceparent
00-00000000000000000000cab191e330a7-653c140f22793282-01
x-timer
S1713983944.590198,VS0,VE179
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 Apr 2024 18:39:03 GMT
ts
t.paypal.com/
42 B
169 B
Image
General
Full URL
https://t.paypal.com/ts?v=1.8.16&t=1713983943580&g=-120&e=err&erpg=Minified%20React%20error%20%23425%3B%20visit%20https%3A%2F%2Freactjs.org%2Fdocs%2Ferror-decoder.html%3Finvariant%3D425%20for%20the%20full%20message%20or%20use%20the%20non-minified%20dev%20environment%20for%20full%20errors%20and%20additional%20helpful%20warnings.&error_type=WINDOW_ONERROR&error_description=Error%3A%20Minified%20React%20error%20%23425%3B%20visit%20_%2Ferror-decoder.html%3Finvariant%3D425%20for%20the%20full%20message%20or%20use%20the%20non-minified%20dev%20environment%20for%20full%20errors%20and%20additional%20helpful%20warnings.%0A%20%20%20%20at%20Zr%20(_%2Fapp-774-vd8aeb6998c383dd3adfee9b9a9f37e51.js%3A2%3A113736)%0A%20%20%20%20at%20Ku%20(_%2Fapp-774-vd8aeb6998c383dd3adfee9b9a9f37e51.js%3A2%3A155102)%0A%20%20%20%20at%20ws%20(_%2Fapp-774-vd8aeb6998c383dd3adfee9b9a9f37e51.js%3A2%3A179256)%0A%20%20%20%20at%20ks%20(_%2Fapp-774-vd8aeb6998c383dd3adfee9b9a9f37e51.js%3A2%3A179138)%0A%20%20%20%20at%20ys%20(_%2Fapp-774-vd8aeb6998c383dd3adfee&error_source=https%3A%2F%2Fvenmo.com%2Fstatic-assets%2Fapp-774-vd8aeb6998c383dd3adfee9b9a9f37e51.js%202%3A113736&tenant_name=venmo&3p_vid=621754102ea1e1a7&3p_fpti=3f91a4ee17ade9d8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/legal/us-licenses/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Wed, 24 Apr 2024 18:39:03 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
33a3da812b475
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-etou8220046-FRA
pragma
no-cache
correlation-id
33a3da812b475
traceparent
00-000000000000000000033a3da812b475-f46da5710efa1f7c-01
x-timer
S1713983944.591043,VS0,VE162
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 Apr 2024 18:39:03 GMT
ts
t.paypal.com/
42 B
169 B
Image
General
Full URL
https://t.paypal.com/ts?v=1.8.16&t=1713983943581&g=-120&e=err&erpg=Minified%20React%20error%20%23418%3B%20visit%20https%3A%2F%2Freactjs.org%2Fdocs%2Ferror-decoder.html%3Finvariant%3D418%20for%20the%20full%20message%20or%20use%20the%20non-minified%20dev%20environment%20for%20full%20errors%20and%20additional%20helpful%20warnings.&error_type=WINDOW_ONERROR&error_description=Error%3A%20Minified%20React%20error%20%23418%3B%20visit%20_%2Ferror-decoder.html%3Finvariant%3D418%20for%20the%20full%20message%20or%20use%20the%20non-minified%20dev%20environment%20for%20full%20errors%20and%20additional%20helpful%20warnings.%0A%20%20%20%20at%20sl%20(_%2Fapp-774-vd8aeb6998c383dd3adfee9b9a9f37e51.js%3A2%3A118557)%0A%20%20%20%20at%20Ei%20(_%2Fapp-774-vd8aeb6998c383dd3adfee9b9a9f37e51.js%3A2%3A191603)%0A%20%20%20%20at%20ks%20(_%2Fapp-774-vd8aeb6998c383dd3adfee9b9a9f37e51.js%3A2%3A179077)%0A%20%20%20%20at%20ys%20(_%2Fapp-774-vd8aeb6998c383dd3adfee9b9a9f37e51.js%3A2%3A179005)%0A%20%20%20%20at%20vs%20(_%2Fapp-774-vd8aeb6998c383dd3adfee&error_source=https%3A%2F%2Fvenmo.com%2Fstatic-assets%2Fapp-774-vd8aeb6998c383dd3adfee9b9a9f37e51.js%202%3A118557&tenant_name=venmo&3p_vid=621754102ea1e1a7&3p_fpti=3f91a4ee17ade9d8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/legal/us-licenses/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Wed, 24 Apr 2024 18:39:03 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
632fd2197dcef
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-etou8220046-FRA
pragma
no-cache
correlation-id
632fd2197dcef
traceparent
00-0000000000000000000632fd2197dcef-9218da9530c40bf7-01
x-timer
S1713983944.590617,VS0,VE162
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 Apr 2024 18:39:03 GMT
ts
t.paypal.com/
42 B
167 B
Image
General
Full URL
https://t.paypal.com/ts?v=1.8.16&t=1713983943582&g=-120&comp=venmo&pgrp=venmo%3Astatic-site&ccpg=us&tenant_name=venmo&product=web_static_site&tenant=braintree&page_title=Venmo%20-%20Share%20Payments&page_location=https%3A%2F%2Fvenmo.com%2Flegal%2Fus-licenses%2F&page_path=%2Flegal%2Fus-licenses%2F&isMobile=false&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F124.0.0.0%20Safari%2F537.36&e=im&c_prefs=T%3D0%2CP%3D0%2CF%3D0%2Ctype%3Dinitial&pt=Venmo%20-%20Share%20Payments&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&3p_vid=621754102ea1e1a7&3p_fpti=3f91a4ee17ade9d8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/legal/us-licenses/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Wed, 24 Apr 2024 18:39:03 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
165028c8eeabf
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-etou8220046-FRA
pragma
no-cache
correlation-id
165028c8eeabf
traceparent
00-0000000000000000000165028c8eeabf-21a50f134f8c91c9-01
x-timer
S1713983944.590532,VS0,VE153
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 Apr 2024 18:39:03 GMT
collect
www.google-analytics.com/j/
3 B
204 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1188987071&t=pageview&_s=1&dl=https%3A%2F%2Fvenmo.com%2Flegal%2Fus-licenses%2F&dp=%2Flegal%2Fus-licenses%2F&ul=de-de&de=UTF-8&dt=Venmo%20-%20Share%20Payments&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACAAI~&jid=2013615346&gjid=2015912355&cid=1244181322.1713983943&tid=G-NM9TNT36E1&_gid=1399198429.1713983943&_r=1&_slc=1&z=1580053775
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://venmo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 24 Apr 2024 18:39:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://venmo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
ts
t.paypal.com/
42 B
516 B
Image
General
Full URL
https://t.paypal.com/ts?v=1.8.16&t=1713983943941&g=-120&comp=venmo&page=_legal_us-licenses_&pgrp=venmo%3Astatic-site&ccpg=us&tenant_name=venmo&e=im&c_prefs=T%3D0%2CP%3D0%2CF%3D0%2Ctype%3Dinitial&imsrc=setup&view=%7B%22t10%22%3A47%2C%22t11%22%3A1983%2C%22tcp%22%3A1313%2C%22et%22%3A%224g%22%2C%22nt%22%3A%22navigate%22%2C%22bt%22%3A50%7D&pt=Venmo%20-%20Share%20Payments&cd=24&sw=1600&sh=1200&dw=1600&dh=1200&bw=1600&bh=1200&ce=1&t1=47&t1c=47&t1d=0&t1s=11&t2=452&t3=93&t4d=0&t4=0&t4e=0&tt=1642&rdc=0&protocol=h2&res=%7B%7D&rtt=171&3p_vid=621754102ea1e1a7&3p_fpti=3f91a4ee17ade9d8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/legal/us-licenses/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Wed, 24 Apr 2024 18:39:04 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
0a913698d75bb
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-etou8220046-FRA
pragma
no-cache
correlation-id
0a913698d75bb
traceparent
00-00000000000000000000a913698d75bb-3c5d20132193f988-01
x-timer
S1713983944.941999,VS0,VE151
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 Apr 2024 18:39:04 GMT
ts
t.paypal.com/
42 B
167 B
Image
General
Full URL
https://t.paypal.com/ts?v=1.8.16&t=1713983944582&g=-120&comp=venmo&page=_legal_us-licenses_&pgrp=venmo%3Astatic-site&ccpg=us&tenant_name=venmo&event_name=t_paypal_cpl&t1=0&t1c=0&t1d=0&t1s=0&t2=158&t3=1&tt=159&protocol=h2&cdn=fastly&tmpl=%2F%2Ft.paypal.&view=%7B%22t10%22%3A0%2C%22t11%22%3A159%2C%22nt%22%3A%22res%22%7D&e=pf&3p_vid=621754102ea1e1a7&3p_fpti=3f91a4ee17ade9d8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/legal/us-licenses/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Wed, 24 Apr 2024 18:39:04 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
7cc8003d05ade
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
x-served-by
cache-fra-etou8220046-FRA
pragma
no-cache
correlation-id
7cc8003d05ade
traceparent
00-00000000000000000007cc8003d05ade-6c4863f1561ff9ca-01
x-timer
S1713983945.585450,VS0,VE159
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 Apr 2024 18:39:04 GMT
mapping.js
www.paypalobjects.com/ncs/venmo/
646 B
0
Script
General
Full URL
https://www.paypalobjects.com/ncs/venmo/mapping.js
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/ncs/ncs.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CCA) /
Resource Hash
a5fbbc45491760741144b2d841b6cfc6a44719b155039c439ad74338b2f4346e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 18:39:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT
paypal-debug-id
e69fb1180e44d
dc
ccg11-origin-www-1.paypal.com
content-length
373
last-modified
Fri, 23 Jun 2023 20:10:02 GMT
server
ECAcc (frc/4CCA)
traceparent
00-0000000000000000000e69fb1180e44d-67a2d9f521092f65-01
etag
W/"6495fc1a-286"
vary
Accept-Encoding
content-type
application/javascript
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
expires
Wed, 24 Apr 2024 19:39:03 GMT
page-data.json
venmo.com/static-assets/page-data/index/
0
20 KB
Other
General
Full URL
https://venmo.com/static-assets/page-data/index/page-data.json?v=87fcb5333852bd321d71da7ee12ceed3
Requested by
Host: venmo.com
URL: https://venmo.com/static-assets/app-143-vd8aeb6998c383dd3adfee9b9a9f37e51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.venmo.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/legal/us-licenses/
Origin
https://venmo.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 01:09:41 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
frame-ancestors 'self' *.venmo.com;
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
62965
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
49
last-modified
Tue, 23 Apr 2024 19:49:44 GMT
server
nginx
etag
W/"f5ac791727bc93eecf05af4a0023a6e1"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
https://venmo.com
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
x-amz-cf-id
EyvBbGnzrELPrOfuIZ9Z4uOXZJ-nortrM1kcQf4B3FvD5nWD_4g0jw==
page-data.json
venmo.com/static-assets/page-data/index/
143 KB
0
XHR
General
Full URL
https://venmo.com/static-assets/page-data/index/page-data.json?v=87fcb5333852bd321d71da7ee12ceed3
Requested by
Host: venmo.com
URL: https://venmo.com/static-assets/app-143-vd8aeb6998c383dd3adfee9b9a9f37e51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
97b86f3d90992fcf3bd85a9df664391d65207af8cde3f15362d29d3ba0370486
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.venmo.com;
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://venmo.com/legal/us-licenses/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 01:09:41 GMT
content-security-policy
frame-ancestors 'self' *.venmo.com;
content-encoding
gzip
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
62965
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
49
last-modified
Tue, 23 Apr 2024 19:49:44 GMT
server
nginx
etag
W/"f5ac791727bc93eecf05af4a0023a6e1"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
https://venmo.com
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
x-amz-cf-id
EyvBbGnzrELPrOfuIZ9Z4uOXZJ-nortrM1kcQf4B3FvD5nWD_4g0jw==

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer string| GoogleAnalyticsObject function| ga object| cookiePrefsValue function| triggerncs function| cookieFilter function| triggerCookieFilter function| manageCookiePreferences object| google_tag_manager object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| cookiemapping object| mParticle function| fbAsyncInit object| PAYPAL object| fpti string| fptiserverurl object| FB object| __buffer function| onYouTubeIframeAPIReady string| pagePath string| ___chunkMapping string| ___webpackCompilationHash object| webpackChunkweb_static_site number| 2f1acc6c3a606b082e5eef5e54414ffb function| applyFocusVisiblePolyfill object| asyncRequires object| ___emitter object| ___loader function| ___push function| ___replace function| ___navigate object| gsapVersions object| regeneratorRuntime object| cssElement function| bindGdprEvents function| hideGdprBanner function| showGdprBanner object| _ifpti

9 Cookies

Domain/Path Name / Value
.paypal.com/ Name: enforce_policy
Value: gdpr_v2.1
.paypal.com/ Name: LANG
Value: de_DE%3BDE
.paypal.com/ Name: tsrce
Value: privacynodeweb
.paypal.com/ Name: x-pp-s
Value: eyJ0IjoiMTcxMzk4Mzk0MzM3MCIsImwiOiIwIiwibSI6IjAifQ
www.paypal.com/ Name: nsid
Value: s%3Ae-cvIXOHrZJ6K1XqdSZKJUzs4Rrrx2vW.kHxIF5QZ7NXwq53Urx2%2FkEyN8HFg7PiO3eP0pTZOK14
.paypal.com/ Name: l7_az
Value: dcg14.slc
.paypal.com/ Name: ts_c
Value: vr%3D1167728518f0a552884927d1fd0fc2da%26vt%3D1167728518f0a552884927d1fd0fc2d9
.venmo.com/ Name: cookie_prefs
Value: T%3D0%2CP%3D0%2CF%3D0%2Ctype%3Dinitial
.paypal.com/ Name: ts
Value: vreXpYrS%3D1808591944%26vteXpYrS%3D1713985744%26vr%3D1167728518f0a552884927d1fd0fc2da%26vt%3D1167728518f0a552884927d1fd0fc2d9%26vtyp%3Dnew

72 Console Messages

Source Level URL
Text
network error URL: https://venmo.com/feature-toggles.js
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://venmo.com/legal/us-licenses/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' *.venmo.com;
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.optimizely.com
clicktime.cloud.postoffice.net
connect.facebook.net
identity.mparticle.com
images.ctfassets.net
jssdkcdns.mparticle.com
t.paypal.com
venmo.com
venmo.s3.amazonaws.com
www.google-analytics.com
www.googletagmanager.com
www.paypal.com
www.paypalobjects.com
151.101.1.35
151.101.65.21
157.240.252.13
165.212.65.140
192.229.221.25
2600:9000:20a0:f000:12:94b3:c380:93a1
2a00:1450:4001:812::2008
2a00:1450:4001:831::200e
2a02:26f0:3500:883::13b8
2a03:2880:f083:100:face:b00c:0:3
2a04:4e42:600::645
2a04:4e42::645
3.5.24.139
52.84.150.34
07bf88c519c0856ec2b131c59f1069e6f2d65cda265d5336ed6345a363677c9d
0ab87b4b5e357a75a70684edc2cb1f7e45ab46a6c41c0c11551b0963473ea214
0ecbb60a55806073d10ad4fe26da9ebede5afe35ef0417bd206e43ea716d2c08
14c23f87cce055e7c705fec6ac0a1ffb67d1f5233b8d5b5e25c21dd6ba6ee706
18d5602336d307ace25fcc5634c552a1ebfd3d7a34a4a65dc9d621ae65d96955
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f70ff447ed799a34f4c3ae37ef1f49ed4af71123ba2c2aefe354565354284be
295745d5a4059665abe537b05a8357803e4dfa246e4c690720305d9383a794db
31ec257227730b7ba40942602ce3d37fcff0472bb8a3a2977d6d1f9e27bf14e1
4673c229c2c1d356b98c232c599afdb44c85e7279c63c3ef962b4ba677378ba9
50d8b6a8f78cfb3dd6f7201a8cb9cf01a3930c9ea5705d3af0f1a01ecaed8aad
58f03520078f42b5339bf2dc379a7426bd432bc8902fd47f577e5a0def8331d9
5930495084fc0c1a9448d392b99ac704c8fa7e925ae3c90e30e62ce5e1ad966c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
70c08ccf563804d7503d8042aa4d313aa72149b4366fc167961a9a3400ea739a
78c382fba05d713f8767a7c7f3d901973cd8c9ba122eceac45b2ad36ce5740fe
828e97526157986d3d01257a8c38b1f7b8f70ca0367a68225ceb21b25a086e5c
90f0cce3f3192a5892efc25005621a32285a1398fad3f51c1486325124af30c5
97b86f3d90992fcf3bd85a9df664391d65207af8cde3f15362d29d3ba0370486
9947bfe04c94202fed5069ca20226954234e4115ae238322a8f9a31e3dae90f7
99fa45e18dfeeea65e5e02f72bce972f99e7d03898a1512db322650ba3b7fc3c
a2dbbd9cf31f7ea0704f2c24183ffae5f936f10727e249f41e630491906bb2d5
a5fbbc45491760741144b2d841b6cfc6a44719b155039c439ad74338b2f4346e
a6926e747f18e3e8d82ffade4e18191b5e5b784ef44cf8c7aa10fd6885dc5718
a6c125fb1b4548b312d07d679ee4342130c36eac5e556b1042c08289c55ae868
a70daa1ecb6fdd37c71466675790d54b8bb70227cd2e397db7ebcde9d1432fb9
a77919522cec166c00eb6a67f6f9f5906ed62a00c51d1ce859d039c87f95ab88
bbf78219d588567dd047c58980cda090d36b2b843be3967aa70ba94de3d2d843
c09bf62c2d46708a1fd605812b522232111ea99d68a17fd835bcaf8ff816486c
c0b4f1b5c9a90cacec336302056b890ef14b8fb8e2c0e644eef1371b12839f39
c6c2b97d2c79c372dc75854ace40979e531eddea89b8d137c1b513e4fbe85398
cbfb2a7d4ad8f71faa905cc2dd71f7bc2913cc5fd50d10c0e20e53de828fcf82
cd9d35f028192bcfd152548465595a8a6ecc59dfa761d15f5e0762d10969904a
d0349e78c233d81a25f73b479620a3b5c94aa5b8fecf2e4bfed722b85cb79f42
d89c3345c7e1386f0cb42a951ae72358188217a38c692714b117b0a41b6391a6
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1c44215a37e4a5535b70e4a4bd4e53d931036d21af5dbe65e335585dee5b603
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69e6074b3e838a4bbeb4a20f2a96e77be67703ea606415aedee2fa073b634c4
ee64e1424f312ba149b68f5c0e5e2b46937805d24e48b601942c327c8b0d8cb7
f75758197c8ceabe28cd7c2e9ae93b711500d1dbc321255d5dd3a62303f01fba
fa24c41496d012f8ccdccbff17a904952e2fbb4102356b29c0b0a692b41365eb