www.ivisa.com Open in urlscan Pro
2606:4700::6812:1a85 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://trk.klclick.com/ls/click?upn=GmGvr7tnTRBNUNCyA0opD4hVWval5bekBhvfJ0G-2Bc-2BNPpLQam3GAhTNPYJtt1wvPBVGDzBjhWTPBv01...
Effective URL:
https://www.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium...
Submission: On November 14 via api (November 14th 2023, 7:03:04 am UTC) from BE — Scanned from DE

Summary HTTP 176 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 30 IPs in 5 countries across 22 domains to perform 176 HTTP transactions. The main IP is 2606:4700::6812:1a85, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ivisa.com. The Cisco Umbrella rank of the primary domain is 342708.
TLS certificate: Issued by GTS CA 1P5 on September 17th 2023. Valid for: 3 months.

This is the only time www.ivisa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:223... 2600:9000:223c:d200:14:c8fd:7700:93a1	16509 (AMAZON-02) (AMAZON-02)
13	2606:4700::68... 2606:4700::6812:1a85	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:710... 2a02:26f0:7100:993::14a9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
30	2600:9000:211... 2600:9000:211e:2800:a:e993:9140:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	143.204.98.95 143.204.98.95	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400c:c1f::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
10	35.81.31.24 35.81.31.24	16509 (AMAZON-02) (AMAZON-02)
1	151.101.130.182 151.101.130.182	54113 (FASTLY) (FASTLY)
2	13.248.139.42 13.248.139.42	16509 (AMAZON-02) (AMAZON-02)
17	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
12	3.66.115.140 3.66.115.140	16509 (AMAZON-02) (AMAZON-02)
6	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
10	151.101.193.21 151.101.193.21	54113 (FASTLY) (FASTLY)
4	2a00:1450:401... 2a00:1450:4010:c09::5c	15169 (GOOGLE) (GOOGLE)
31	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
1	34.252.74.21 34.252.74.21	16509 (AMAZON-02) (AMAZON-02)
3	54.201.135.255 54.201.135.255	16509 (AMAZON-02) (AMAZON-02)
3	151.101.129.35 151.101.129.35	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	18.66.112.72 18.66.112.72	16509 (AMAZON-02) (AMAZON-02)
1	18.245.86.84 18.245.86.84	16509 (AMAZON-02) (AMAZON-02)
1	67.225.220.126 67.225.220.126	32244 (LIQUIDWEB) (LIQUIDWEB)
12	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:b800:0:f8d:b880:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
176	30

1 2600:9000:223c:d200:14:c8fd:7700:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

trk.klclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6812:1a85 (United States)

ASN13335 (CLOUDFLARENET, US)

www.ivisa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:993::14a9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn-4.convertexperiments.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2600:9000:211e:2800:a:e993:9140:21 (United States)

ASN16509 (AMAZON-02, US)

d16zz69zs6o3lx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-95.fra50.r.cloudfront.net

sdk.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c1f::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.81.31.24 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-31-24.us-west-2.compute.amazonaws.com

ssl.kaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.182 (United States)

ASN54113 (FASTLY, US)

core.spreedly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.139.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae1d37305401c759d.awsglobalaccelerator.com

payments.braintree-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 151.101.0.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 3.66.115.140 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-115-140.eu-central-1.compute.amazonaws.com

client-analytics.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

checkout.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.193.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4010:c09::5c (Finland)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.74.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-74-21.eu-west-1.compute.amazonaws.com

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.201.135.255 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-201-135-255.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.129.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-72.fra56.r.cloudfront.net

container.pepperjam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.86.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-84.fra60.r.cloudfront.net

customs.affilired.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.225.220.126 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host.rtb123.com

www.rtb123.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:b800:0:f8d:b880:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.denomatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

11653119.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	stripe.com js.stripe.com — Cisco Umbrella Rank: 1287 q.stripe.com — Cisco Umbrella Rank: 7148 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 5203 m.stripe.com — Cisco Umbrella Rank: 1249 r.stripe.com — Cisco Umbrella Rank: 3546	743 KB
30	cloudfront.net d16zz69zs6o3lx.cloudfront.net	430 KB
18	google.com www.google.com — Cisco Umbrella Rank: 2 pay.google.com — Cisco Umbrella Rank: 2685 play.google.com — Cisco Umbrella Rank: 28 adservice.google.com — Cisco Umbrella Rank: 105	422 KB
14	paypal.com checkout.paypal.com — Cisco Umbrella Rank: 13501 www.paypal.com — Cisco Umbrella Rank: 2811 t.paypal.com — Cisco Umbrella Rank: 3468	275 KB
13	braintreegateway.com client-analytics.braintreegateway.com — Cisco Umbrella Rank: 8897 assets.braintreegateway.com — Cisco Umbrella Rank: 17170	26 KB
13	ivisa.com www.ivisa.com — Cisco Umbrella Rank: 342708	131 KB
10	kaptcha.com ssl.kaptcha.com — Cisco Umbrella Rank: 8876	25 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	117 KB
6	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 78 11653119.fls.doubleclick.net — Cisco Umbrella Rank: 527762	1 KB
4	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2612	35 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1354	16 KB
2	braintree-api.com payments.braintree-api.com — Cisco Umbrella Rank: 9569	2 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 14376	515 B
1	denomatic.com cdn.denomatic.com — Cisco Umbrella Rank: 119383	1 KB
1	rtb123.com www.rtb123.com — Cisco Umbrella Rank: 24250	229 B
1	affilired.com customs.affilired.com — Cisco Umbrella Rank: 109150	8 KB
1	pepperjam.com container.pepperjam.com — Cisco Umbrella Rank: 10044	10 KB
1	spreedly.com core.spreedly.com — Cisco Umbrella Rank: 35082	80 KB
1	amazonaws.com sdk.amazonaws.com — Cisco Umbrella Rank: 12660	224 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	902 B
1	convertexperiments.com cdn-4.convertexperiments.com — Cisco Umbrella Rank: 10446	70 KB
1	klclick.com 1 redirects trk.klclick.com — Cisco Umbrella Rank: 12832	486 B
176	22

	Domain	Requested by
30	d16zz69zs6o3lx.cloudfront.net	www.ivisa.com d16zz69zs6o3lx.cloudfront.net
23	r.stripe.com	js.stripe.com
15	js.stripe.com	d16zz69zs6o3lx.cloudfront.net js.stripe.com
13	www.ivisa.com	www.ivisa.com d16zz69zs6o3lx.cloudfront.net
12	play.google.com	www.gstatic.com
12	client-analytics.braintreegateway.com	d16zz69zs6o3lx.cloudfront.net
10	www.paypal.com	d16zz69zs6o3lx.cloudfront.net www.paypal.com www.paypalobjects.com
10	ssl.kaptcha.com	d16zz69zs6o3lx.cloudfront.net ssl.kaptcha.com
8	q.stripe.com	www.ivisa.com
4	www.gstatic.com	pay.google.com www.gstatic.com
4	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
4	pay.google.com	js.stripe.com pay.google.com www.ivisa.com www.gstatic.com
4	stats.g.doubleclick.net	www.ivisa.com
3	t.paypal.com
3	m.stripe.com	m.stripe.network
2	11653119.fls.doubleclick.net	1 redirects cdn.denomatic.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	payments.braintree-api.com	d16zz69zs6o3lx.cloudfront.net
2	fonts.gstatic.com	fonts.googleapis.com
1	adservice.google.de	adservice.google.com
1	adservice.google.com	11653119.fls.doubleclick.net
1	cdn.denomatic.com	customs.affilired.com
1	www.rtb123.com	container.pepperjam.com
1	customs.affilired.com	www.ivisa.com
1	container.pepperjam.com	www.ivisa.com
1	merchant-ui-api.stripe.com	js.stripe.com
1	assets.braintreegateway.com	d16zz69zs6o3lx.cloudfront.net
1	checkout.paypal.com	d16zz69zs6o3lx.cloudfront.net
1	core.spreedly.com	d16zz69zs6o3lx.cloudfront.net
1	www.google.com	www.ivisa.com
1	sdk.amazonaws.com	www.ivisa.com
1	fonts.googleapis.com	www.ivisa.com
1	cdn-4.convertexperiments.com	www.ivisa.com
1	trk.klclick.com	1 redirects
176	34

This site contains links to these domains. Also see Links.

Domain
apple.co
es.ivisa.com
fr.ivisa.com
de.ivisa.com
ja.ivisa.com
it.ivisa.com
ko.ivisa.com
nl.ivisa.com
pl.ivisa.com
pt.ivisa.com
ru.ivisa.com
sv.ivisa.com
tr.ivisa.com
ivisa.cn
www.digitaltrends.com
help.ivisa.com

Subject Issuer	Validity	Valid
ivisa.com GTS CA 1P5	`2023-09-17` - `2023-12-16`	3 months	crt.sh
*.convertexperiments.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-06` - `2024-01-07`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
sdk.amazonaws.com Amazon RSA 2048 M03	`2023-10-24` - `2024-11-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
ssl.kaptcha.com Sectigo RSA Organization Validation Secure Server CA	`2023-08-16` - `2024-08-15`	a year	crt.sh
core.spreedly.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-10-16` - `2024-11-16`	a year	crt.sh
payments.braintree-api.com DigiCert SHA2 Extended Validation Server CA	`2023-08-23` - `2024-09-22`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-10-30` - `2024-01-25`	3 months	crt.sh
client-analytics.braintreegateway.com DigiCert SHA2 High Assurance Server CA	`2023-02-24` - `2024-03-26`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-10-12` - `2024-10-31`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-09` - `2024-01-18`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-05` - `2024-01-18`	3 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-09-21` - `2024-10-21`	a year	crt.sh
*.pepperjam.com Go Daddy Secure Certificate Authority - G2	`2023-01-29` - `2024-03-01`	a year	crt.sh
www.affilired.com GeoTrust EV RSA CA 2018	`2023-08-29` - `2024-09-28`	a year	crt.sh
rtb123.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.denomatic.com Sectigo RSA Domain Validation Secure Server CA	`2023-11-06` - `2024-12-06`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://www.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_campaign=FL_Transactional_PaymentIssue_EN_TP2%20%28Wyg9yC%29&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
Frame ID: 83E464BE3F62190F0D7EE905D0ED86C1
Requests: 69 HTTP requests in this frame

Frame: https://ssl.kaptcha.com/logo.htm?m=171528&s=ha0zf68sv3loxzl2nf9wyn7tpcj8qlox&sv=1.1.4
Frame ID: CD0BA974A8945F70DA5627DFBFA9A293
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 73F7731C3F87734AFFD2798BD99FD099
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-a8dcbde36df3a5cbaf61ee9d95aac34a.html
Frame ID: D3C2A6F18E999E423BE5A9E33C15ED69
Requests: 30 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-76c2b2d17d0114d29362d64f66ce1a53.html
Frame ID: 198CBCB0A71219709F4CBE31FF40A53F
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-70f7a34a114fda3bb0ab100dce4f2737.html
Frame ID: 4D2C037649E143E1AD044612D23A7C2A
Requests: 5 HTTP requests in this frame

Frame: https://checkout.paypal.com/web/3.97.1/html/dispatch-frame.min.html
Frame ID: ED5D3A9E3C7A0521AA344555C6F4F441
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: EAA4EB0B581F2F5355AD19BF6D325C09
Requests: 6 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&sdkVersion=5.0.409&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMmY3VycmVuY3k9VVNEJmludGVudD1jYXB0dXJlJmNsaWVudC1pZD1BUmk0V2UyYmJmdTR1ZzJaYUlVWlpLMF9tQWgxaGpXNG03ajNWTlJJTzdwN1kwcWU4S2c1MUFsb3o0amV3cENSRXAwZFBXMUQ2WWFHZEVzayIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX3VxbXF6eHdjZGhnd3ZiaWlza3p6eGxkeGdrZHh4ciJ9fQ&clientID=ARi4We2bbfu4ug2ZaIUZZK0_mAh1hjW4m7j3VNRIO7p7Y0qe8Kg51Aloz4jewpCREp0dPW1D6YaGdEsk&sdkCorrelationID=06b475109a5a9&storageID=uid_4985a84864_mdc6mdi6ntg&sessionID=uid_64487811a9_mdc6mdi6ntg&buttonSessionID=uid_2bd1edd2e8_mdc6mdi6ntg&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOnRydWV9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjp0cnVlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612
Frame ID: E7634197E9167D6EBDF7E5566981BF51
Requests: 5 HTTP requests in this frame

Frame: https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg
Frame ID: 58F0C808EF7613EDFCBB249CAD9C3D36
Requests: 1 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.97.1/html/venmo-desktop-frame.html
Frame ID: CCC34470762A4BAE7C2C4BCF8355C60B
Requests: 1 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 891ADC5B521A0CD84C8A567326949184
Requests: 13 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 789313DA674C3417273872EE7447EF98
Requests: 3 HTTP requests in this frame

Frame: https://11653119.fls.doubleclick.net/activityi;dc_pre=CMn07YP2woIDFULAOwIdytgCnw;src=11653119;type=visit0;cat=visit0;u1=visitor;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=13948329250249.281
Frame ID: 163EF148174A49AF2E89740778FB4A69
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CMn07YP2woIDFULAOwIdytgCnw;src=11653119;type=visit0;cat=visit0;u1=visitor;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=13948329250249.281;~oref=https://www.ivisa.com/
Frame ID: DBD03EB9BD5E91295B5F7F1571E0C69F
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CMn07YP2woIDFULAOwIdytgCnw;src=11653119;type=visit0;cat=visit0;u1=visitor;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=13948329250249.281;~oref=https://www.ivisa.com/
Frame ID: 14F0B68A306420748493ECB0FC63F92A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Apply Now for Uganda Travel Documents | iVisa

Page URL History Show full URLs

https://trk.klclick.com/ls/click?upn=GmGvr7tnTRBNUNCyA0opD4hVWval5bekBhvfJ0G-2Bc-2BNPpLQam3GAhTNPYJt... HTTP 302
https://www.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_sourc... Page URL

Detected technologies

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

176
Requests

100 %
HTTPS

47 %
IPv6

22
Domains

34
Subdomains

30
IPs

5
Countries

2617 kB
Transfer

9785 kB
Size

26
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://apple.co/3cvfYRU
Title: Download the iVisa App

Search URL Search Domain Scan URL

URL: https://es.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
Title: Español

Search URL Search Domain Scan URL

URL: https://fr.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
Title: Français

Search URL Search Domain Scan URL

URL: https://de.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://ja.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
Title: 日本語

Search URL Search Domain Scan URL

URL: https://it.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
Title: Italiano

Search URL Search Domain Scan URL

URL: https://ko.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
Title: 한국어

Search URL Search Domain Scan URL

URL: https://nl.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
Title: Nederlandse

Search URL Search Domain Scan URL

URL: https://pl.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
Title: Polski

Search URL Search Domain Scan URL

URL: https://pt.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
Title: Português

Search URL Search Domain Scan URL

URL: https://ru.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
Title: Pусский

Search URL Search Domain Scan URL

URL: https://sv.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
Title: Svenska

Search URL Search Domain Scan URL

URL: https://tr.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
Title: Türkçe

Search URL Search Domain Scan URL

URL: https://ivisa.cn/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
Title: 中文 (Zhōngwén), 汉语, 漢語

Search URL Search Domain Scan URL

URL: https://www.digitaltrends.com/computing/how-to-enable-cookies/
Title: Enable cookies

Search URL Search Domain Scan URL

URL: https://help.ivisa.com/en/articles/6112152-what-is-ivisa-s-refund-policy
Title: Refund Policy.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://trk.klclick.com/ls/click?upn=GmGvr7tnTRBNUNCyA0opD4hVWval5bekBhvfJ0G-2Bc-2BNPpLQam3GAhTNPYJtt1wvPBVGDzBjhWTPBv01eJ2jw3mqE5aRktZjcezGvhBEj17m1F7D3c9LPvHBhNZHRN97tJJUYlQvzul8L878P3w8QHkWqmdLdTJCr99Uy4TyrkHUYLfvchvDDFqkXHgT0Jx8jHu3HT51m3U9iNYfcyRX5bi3aREM5voVpbwJcFTf3W-2FgOSQuwhmIeSf7TuhPrRtZPKY0Xcpv4bND0cbD2fJFBAcocIx7jOKnM2zDtoCSkZGnbdpZp1mFGO1Hh7-2B1TPV9bzbiKgyKsXUc9PcqEEuk7Zp3TzMWrM9-2BDC61bSiwC8W2ZpThSSHDCzNhaFdc7JP3kUO7NL3DwXDcU6c-2Frs1m5-2FodaH7wO82TUyctHduchrTs-3DH6Y3_cEcYfdQwTQp1MC80RxFO3lLnRLfHxCIQsAeicjmxDPxo01Y6LU07iU8fe1fqnT4SjYGR6T2u3jV6cXdInecmBGCjAD6EmgydADWjLLw48CyjiaQZnRNSBWj0aQtwsEK6Yk1pnGpCKquHXuCg7EyMiJ7u88xeqo9zmujJRacMHWAQNJxpi44gGdP-2FmTr9fRoFBTqaDMjcQwX-2BojSTJiJsw32lBTfmE-2BJKbpSzjSJXl3uI17CJS5wICmnFPm3omGvHHQoU2dFiYPOFtHJwtnA3QnGM7ZM7M7vwBGXLZaZhlL3xwGW3IIlt33rTiOsT8rnUK3CM4zbFd8uh-2FcPnKCEYjMhodWEI54BvHZLOCefMdc6BCIfpIsgfI2c9tw7x9RULD3H6-2B-2FdO-2FnKnDXaJpTaaeEM1NilS-2BJOMaqGw6u2IGJf5bXT20U5EIkm2YsPmJJ2W HTTP 302
https://www.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_campaign=FL_Transactional_PaymentIssue_EN_TP2%20%28Wyg9yC%29&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 172

https://11653119.fls.doubleclick.net/activityi;src=11653119;type=visit0;cat=visit0;u1=visitor;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=13948329250249.281 HTTP 302
https://11653119.fls.doubleclick.net/activityi;dc_pre=CMn07YP2woIDFULAOwIdytgCnw;src=11653119;type=visit0;cat=visit0;u1=visitor;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=13948329250249.281

176 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request apply-now Show response
www.ivisa.com/uganda/
Redirect Chain

https://trk.klclick.com/ls/click?upn=GmGvr7tnTRBNUNCyA0opD4hVWval5bekBhvfJ0G-2Bc-2BNPpLQam3GAhTNPYJtt1wvPBVGDzBjhWTPBv01eJ2jw3mqE5aRktZjcezGvhBEj17m1F7D3c9LPvHBhNZHRN97tJJUYlQvzul8L878P3w8QHkWqmdLd...
https://www.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_campaign=FL_Transactional_PaymentIssue_EN_TP2%20%28Wyg9yC%29&utm_id=...

548 KB
120 KB

1182ms
1128ms

Document
text/html

2606:4700::6812:1a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_campaign=FL_Transactional_PaymentIssue_EN_TP2%20%28Wyg9yC%29&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af536264885338145660c5258f8c87b72d8d710d3545af9c1debb7376ca0442e

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=14400, public, stale-while-revalidate=61440
cf-cache-status: MISS
cf-ray: 825d643cee7c8fc8-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 14 Nov 2023 07:02:55 GMT
expires: Tue, 14 Nov 2023 11:02:55 GMT
last-modified: Tue, 14 Nov 2023 07:02:55 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: sameorigin

Redirect headers

content-length: 347
content-type: text/html; charset=utf-8
date: Tue, 14 Nov 2023 07:02:54 GMT
location: https://www.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_campaign=FL_Transactional_PaymentIssue_EN_TP2%20%28Wyg9yC%29&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
server: nginx
via: 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront)
x-amz-cf-id: NZsqFQOq4GhS-hUmjG6_nweXN-EOMNPuzGgbVzclyBMa8B9o8AngRw==
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
x-robots-tag: noindex, nofollow

GET
H2 200 10007419-10006767.js Show response
cdn-4.convertexperiments.com/js/ 256 KB
70 KB 107ms
46ms Script
application/javascript 2a02:26f0:7100:993::14a9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-4.convertexperiments.com/js/10007419-10006767.js
Requested by: Host: www.ivisa.com
URL: https://www.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_campaign=FL_Transactional_PaymentIssue_EN_TP2%20%28Wyg9yC%29&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:993::14a9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c7405ea5937200d15fd145ea4db3f817d2526aa96516f13a0d6d82dea6319b94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 14 Nov 2023 07:02:55 GMT
content-encoding: gzip
cache-control: public, max-age=300
content-type: application/javascript
vary: Accept-Encoding
expires: Tue, 14 Nov 2023 07:07:55 GMT

GET
H2 200 compiled-app.js Show response
d16zz69zs6o3lx.cloudfront.net/compiled/js/ 156 KB
52 KB 114ms
8ms Script
application/javascript 2600:9000:211e:2800:a:e993:9140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/compiled-app.js?id=d65626f2f87fac269c469c618671259c
Requested by: Host: www.ivisa.com
URL: https://www.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_campaign=FL_Transactional_PaymentIssue_EN_TP2%20%28Wyg9yC%29&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2800:a:e993:9140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2209d10caced1fe6143b2b7a6c2643dfc4ed445fb804b4abfc8e55c5539e945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:37:59 GMT
content-encoding: br
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 23:36:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 26697
etag: W/"d65626f2f87fac269c469c618671259c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: kdoEs__pG_trKUVk0c1dyKsX60VxwdnTCWs_RuWgmCxqnLGfN9pJ7A==

GET
H2 200 ivisa-logo-bars.svg
d16zz69zs6o3lx.cloudfront.net/img/ 4 KB
2 KB 109ms
8ms Image
image/svg+xml 2600:9000:211e:2800:a:e993:9140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d16zz69zs6o3lx.cloudfront.net/img/ivisa-logo-bars.svg
Requested by: Host: www.ivisa.com
URL: https://www.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_campaign=FL_Transactional_PaymentIssue_EN_TP2%20%28Wyg9yC%29&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2800:a:e993:9140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c393154e5f00fd05f4e0d13f7fc62a4ca353cbc0d432a9604d0b924e96223158

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 07:42:47 GMT
content-encoding: gzip
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
last-modified: Thu, 09 Nov 2023 19:50:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 84009
etag: W/"8ef1a640aa83888eeea99b0cc09f86ed"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=1296000
x-amz-cf-id: 034dleJY1BTlcf78WMhWvzEdOSNq9JaK-U3nfnHnHQPaOMSsTHGHGQ==

GET
H2 200 compiled-record-page-view.js Show response
d16zz69zs6o3lx.cloudfront.net/compiled/js/ 3 KB
2 KB 11ms
8ms Script
application/javascript 2600:9000:211e:2800:a:e993:9140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/compiled-record-page-view.js?id=015db50382ce3b82e21cb6c441a7379f
Requested by: Host: www.ivisa.com
URL: https://www.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_campaign=FL_Transactional_PaymentIssue_EN_TP2%20%28Wyg9yC%29&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2800:a:e993:9140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: db64b270914998324648ceaead73944cc5ad44e145a322ee06358bf0da8d37ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 06:24:06 GMT
content-encoding: gzip
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
last-modified: Thu, 09 Nov 2023 19:50:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 2330
x-amz-server-side-encryption: AES256
etag: W/"015db50382ce3b82e21cb6c441a7379f"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: xr1HDz-b9y1Iaz4P3_hfLmQ99_2AC_YW6FnOGhH19UCik52rmyEl7Q==

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
902 B 189ms
62ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;700&display=swap

Requested by

Host: www.ivisa.com
URL: https://www.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_campaign=FL_Transactional_PaymentIssue_EN_TP2%20%28Wyg9yC%29&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dd8cd8c7dc16f30b6d6e738d78747ed2b2c151bebdbf9f5c12d23c5dd6ac4c82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 14 Nov 2023 07:02:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:28:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 14 Nov 2023 07:02:55 GMT

GET
H2 200 z-main.js Show response
www.ivisa.com/zulu/ 6 KB
4 KB 48ms
45ms Script
text/javascript 2606:4700::6812:1a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ivisa.com/zulu/z-main.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJjJTIyJTNBJTIyY29ob3J0JTNEYiUyMiUyQyUyMnQlMjIlM0ElMjJBcHBseSUyME5vdyUyMGZvciUyMFVnYW5kYSUyMFRyYXZlbCUyMERvY3VtZW50cyUyMCU3QyUyMGlWaXNhJTIyJTJDJTIyeCUyMiUzQTAuNDgwNTcxNjUwOTQ1MDgzOSUyQyUyMnclMjIlM0ExNjAwJTJDJTIyaCUyMiUzQTEyMDAlMkMlMjJqJTIyJTNBMTIwMCUyQyUyMmUlMjIlM0ExNjAwJTJDJTIybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGd3d3Lml2aXNhLmNvbSUyRnVnYW5kYSUyRmFwcGx5LW5vdyUzRnBhcnRpYWxfb3JkZXIlM0RhY181YTJjNjI5ODE1OTk5MTNiZjU1YTM3ZTM3ZWVlMjMzZSUyNnV0bV9zb3VyY2UlM0RLbGF2aXlvJTI2dXRtX21lZGl1bSUzRGVtYWlsJTI2dXRtX2NhbXBhaWduJTNERkxfVHJhbnNhY3Rpb25hbF9QYXltZW50SXNzdWVfRU5fVFAyJTI1MjAlMjUyOFd5Zzl5QyUyNTI5JTI2dXRtX2lkJTNEVEtGVlI1JTI2dXRtX3Rlcm0lM0RUcnklMjUyMGFnYWluJTI2X2t4JTNEZXVoYTA3T19qcDBma0V0dnFmWkpsWjd0ZmhBTzUxWkhKS0EtbkJZTnBWbTMwVGhVODJ3dVpIU3luc0Jabzh6TS5ZOEtMVVYlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQS02MCUyQyUyMnElMjIlM0ElNUIlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMmRvbWFpbiUyMiUyQyUyMml2aXNhLmNvbSUyMiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIydmlzaXRvcl9pcCUyMiUyQ251bGwlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlMkMlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMnByb2R1Y3RfY291bnRyeSUyMiUyQyUyMlVHJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJuYXRpb25hbGl0eSUyMiUyQ251bGwlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlMkMlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMnByb2R1Y3RfaWQlMjIlMkMxMDEzNiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIycHJvZHVjdF9uYW1lJTIyJTJDJTIyVWdhbmRhJTIwVG91cmlzdCUyMGVWaXNhJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJwcm9kdWN0X2NsYXNzaWZpY2F0aW9uJTIyJTJDJTIydmlzYSUyMiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIydHJhdmVsX2RvY19jbGFzc2lmaWNhdGlvbiUyMiUyQyUyMmV2aXNhJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJwYWdlX3R5cGUlMjIlMkMlMjJhcHBsaWNhdGlvbl9wYWdlJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJibG9nX3BhZ2VfaWQlMjIlMkNudWxsJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJ1c2VyX2lkJTIyJTJDbnVsbCUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCU1RCU3RA==
Requested by: Host: www.ivisa.com
URL: https://www.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_campaign=FL_Transactional_PaymentIssue_EN_TP2%20%28Wyg9yC%29&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfd13309e01a36007b7e3c538d1ef060437f42a3cf732302c1a9610ffb395727

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 07:02:55 GMT
content-encoding: gzip
server: cloudflare
access-control-max-age: 600
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.ivisa.com
content-type: text/javascript; charset=utf-8
access-control-allow-credentials: true
cf-ray: 825d64458c288fc8-FRA
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control

GET
H2 200 product-application.8da666.569b7f.js Show response
d16zz69zs6o3lx.cloudfront.net/compiled/js/splits/ 686 KB
189 KB 12ms
6ms Script
application/javascript 2600:9000:211e:2800:a:e993:9140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/splits/product-application.8da666.569b7f.js
Requested by: Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/compiled-app.js?id=d65626f2f87fac269c469c618671259c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2800:a:e993:9140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c3a7a26e20662981b11aa3b0b7b850e5313ee542eb3d53626aa51f6b071e7a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:38:47 GMT
content-encoding: gzip
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 23:36:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 26649
etag: W/"51b2a5f6840da53305c1bf1d2d393664"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: mujlCG_2vPTI81jt0i-qq4WOrvU6jMU6Oi1z-789tp3c3oXYiDg0LA==

GET
H/1.1 200
OK aws-sdk-2.154.0.min.js Show response
sdk.amazonaws.com/js/ 1 MB
224 KB 72ms
8ms Script
application/javascript 143.204.98.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.amazonaws.com/js/aws-sdk-2.154.0.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-95.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2be51e0488c0258a1327e6d5e794d38f3dd9e37faa72c7cc97ea0e620d278b63

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; script-src 'self' 'unsafe-inline' .awsstatic.com .cdn.uis.awsstatic.com *.cdn.console.awsstatic.com docs.aws.amazon.com; object-src 'none'; frame-ancestors 'self'; base-uri 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 04:22:40 GMT
Content-Encoding: gzip
Via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
Content-Security-Policy: upgrade-insecure-requests; script-src 'self' 'unsafe-inline' *.awsstatic.com *.cdn.uis.awsstatic.com *.cdn.console.awsstatic.com docs.aws.amazon.com; object-src 'none'; frame-ancestors 'self'; base-uri 'none'
Strict-Transport-Security: max-age=31536000
X-Amz-Cf-Pop: FRA50-C1
Age: 9616
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 20 Nov 2017 23:44:37 GMT
Server: AmazonS3
ETag: W/"80fe22eb871df21feb0b5ead8db5a90b"
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
X-Amz-Cf-Id: fBTP6zziPwdHRXBg2bkdSdH85t2MvGWPYtfqBZfT-U035zEviMpiEQ==

GET
H2 200 kcollect.js Show response
d16zz69zs6o3lx.cloudfront.net/vendor/ 179 KB
48 KB 14ms
10ms Script
application/javascript 2600:9000:211e:2800:a:e993:9140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d16zz69zs6o3lx.cloudfront.net/vendor/kcollect.js
Requested by: Host: www.ivisa.com
URL: https://www.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_campaign=FL_Transactional_PaymentIssue_EN_TP2%20%28Wyg9yC%29&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2800:a:e993:9140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 168d61b53db7778ef090e71ed529a794c29e7d35de306f5f6e083701ad532339

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:09:14 GMT
content-encoding: gzip
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
last-modified: Thu, 09 Nov 2023 19:50:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 82422
x-amz-server-side-encryption: AES256
etag: W/"93303ddbc37176aa1ee48fd6e7de4405"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: E_T7XPhhrlu55wEKD7lztwkUV_Np6d9Gvx9A9Bq0HS5-2tZYxC3g5w==

GET
H2 200 axios.455a39.441c3a.js Show response
d16zz69zs6o3lx.cloudfront.net/compiled/js/splits/ 54 KB
19 KB 25ms
13ms Script
application/javascript 2600:9000:211e:2800:a:e993:9140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/splits/axios.455a39.441c3a.js
Requested by: Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/compiled-app.js?id=d65626f2f87fac269c469c618671259c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2800:a:e993:9140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18d1385bf82d2814a45b3b745804f304507f7fb7a08c27e12976f90c54f5ba10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:33:40 GMT
content-encoding: gzip
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
last-modified: Thu, 09 Nov 2023 19:50:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 80956
etag: W/"24494cafcd00f96532347da2dd9de9ee"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: Q-aFa0yDsofqhFF_5WWi7bnh1f2muOLOlol9i4npwAJjaR9BjWOMtQ==

POST
H2 204 collect Show response
stats.g.doubleclick.net/g/ 0
253 B 173ms
55ms XHR
text/plain 2a00:1450:400c:c1f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=G-7SH41H6HMK&cid=b495956a-287f-40e8-bfa8-d8cab5cca815&_u=KGDAAEADQAAAAC%7E&z=498440441
Requested by: Host: www.ivisa.com
URL: https://www.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_campaign=FL_Transactional_PaymentIssue_EN_TP2%20%28Wyg9yC%29&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1f::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 07:02:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ivisa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
0 206ms
62ms Fetch
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&v=1&_v=j86&tid=G-7SH41H6HMK&cid=b495956a-287f-40e8-bfa8-d8cab5cca815&_u=KGDAAEADQAAAAC%7E&z=498440441&slf_rd=1

Requested by

Host: www.ivisa.com
URL: https://www.ivisa.com/zulu/z-main.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJjJTIyJTNBJTIyY29ob3J0JTNEYiUyMiUyQyUyMnQlMjIlM0ElMjJBcHBseSUyME5vdyUyMGZvciUyMFVnYW5kYSUyMFRyYXZlbCUyMERvY3VtZW50cyUyMCU3QyUyMGlWaXNhJTIyJTJDJTIyeCUyMiUzQTAuNDgwNTcxNjUwOTQ1MDgzOSUyQyUyMnclMjIlM0ExNjAwJTJDJTIyaCUyMiUzQTEyMDAlMkMlMjJqJTIyJTNBMTIwMCUyQyUyMmUlMjIlM0ExNjAwJTJDJTIybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGd3d3Lml2aXNhLmNvbSUyRnVnYW5kYSUyRmFwcGx5LW5vdyUzRnBhcnRpYWxfb3JkZXIlM0RhY181YTJjNjI5ODE1OTk5MTNiZjU1YTM3ZTM3ZWVlMjMzZSUyNnV0bV9zb3VyY2UlM0RLbGF2aXlvJTI2dXRtX21lZGl1bSUzRGVtYWlsJTI2dXRtX2NhbXBhaWduJTNERkxfVHJhbnNhY3Rpb25hbF9QYXltZW50SXNzdWVfRU5fVFAyJTI1MjAlMjUyOFd5Zzl5QyUyNTI5JTI2dXRtX2lkJTNEVEtGVlI1JTI2dXRtX3Rlcm0lM0RUcnklMjUyMGFnYWluJTI2X2t4JTNEZXVoYTA3T19qcDBma0V0dnFmWkpsWjd0ZmhBTzUxWkhKS0EtbkJZTnBWbTMwVGhVODJ3dVpIU3luc0Jabzh6TS5ZOEtMVVYlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQS02MCUyQyUyMnElMjIlM0ElNUIlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMmRvbWFpbiUyMiUyQyUyMml2aXNhLmNvbSUyMiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIydmlzaXRvcl9pcCUyMiUyQ251bGwlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlMkMlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMnByb2R1Y3RfY291bnRyeSUyMiUyQyUyMlVHJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJuYXRpb25hbGl0eSUyMiUyQ251bGwlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlMkMlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMnByb2R1Y3RfaWQlMjIlMkMxMDEzNiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIycHJvZHVjdF9uYW1lJTIyJTJDJTIyVWdhbmRhJTIwVG91cmlzdCUyMGVWaXNhJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJwcm9kdWN0X2NsYXNzaWZpY2F0aW9uJTIyJTJDJTIydmlzYSUyMiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIydHJhdmVsX2RvY19jbGFzc2lmaWNhdGlvbiUyMiUyQyUyMmV2aXNhJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJwYWdlX3R5cGUlMjIlMkMlMjJhcHBsaWNhdGlvbl9wYWdlJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJibG9nX3BhZ2VfaWQlMjIlMkNudWxsJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJ1c2VyX2lkJTIyJTJDbnVsbCUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCU1RCU3RA==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 07:02:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://www.ivisa.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 collect
stats.g.doubleclick.net/g/ 0
0 174ms
58ms Fetch
text/plain 2a00:1450:400c:c1f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=G-7SH41H6HMK&cid=b495956a-287f-40e8-bfa8-d8cab5cca815&_u=KGDAAEADQAAAAC%7E&z=939958575
Requested by: Host: www.ivisa.com
URL: https://www.ivisa.com/zulu/z-main.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJjJTIyJTNBJTIyY29ob3J0JTNEYiUyMiUyQyUyMnQlMjIlM0ElMjJBcHBseSUyME5vdyUyMGZvciUyMFVnYW5kYSUyMFRyYXZlbCUyMERvY3VtZW50cyUyMCU3QyUyMGlWaXNhJTIyJTJDJTIyeCUyMiUzQTAuNDgwNTcxNjUwOTQ1MDgzOSUyQyUyMnclMjIlM0ExNjAwJTJDJTIyaCUyMiUzQTEyMDAlMkMlMjJqJTIyJTNBMTIwMCUyQyUyMmUlMjIlM0ExNjAwJTJDJTIybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGd3d3Lml2aXNhLmNvbSUyRnVnYW5kYSUyRmFwcGx5LW5vdyUzRnBhcnRpYWxfb3JkZXIlM0RhY181YTJjNjI5ODE1OTk5MTNiZjU1YTM3ZTM3ZWVlMjMzZSUyNnV0bV9zb3VyY2UlM0RLbGF2aXlvJTI2dXRtX21lZGl1bSUzRGVtYWlsJTI2dXRtX2NhbXBhaWduJTNERkxfVHJhbnNhY3Rpb25hbF9QYXltZW50SXNzdWVfRU5fVFAyJTI1MjAlMjUyOFd5Zzl5QyUyNTI5JTI2dXRtX2lkJTNEVEtGVlI1JTI2dXRtX3Rlcm0lM0RUcnklMjUyMGFnYWluJTI2X2t4JTNEZXVoYTA3T19qcDBma0V0dnFmWkpsWjd0ZmhBTzUxWkhKS0EtbkJZTnBWbTMwVGhVODJ3dVpIU3luc0Jabzh6TS5ZOEtMVVYlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQS02MCUyQyUyMnElMjIlM0ElNUIlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMmRvbWFpbiUyMiUyQyUyMml2aXNhLmNvbSUyMiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIydmlzaXRvcl9pcCUyMiUyQ251bGwlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlMkMlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMnByb2R1Y3RfY291bnRyeSUyMiUyQyUyMlVHJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJuYXRpb25hbGl0eSUyMiUyQ251bGwlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlMkMlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMnByb2R1Y3RfaWQlMjIlMkMxMDEzNiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIycHJvZHVjdF9uYW1lJTIyJTJDJTIyVWdhbmRhJTIwVG91cmlzdCUyMGVWaXNhJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJwcm9kdWN0X2NsYXNzaWZpY2F0aW9uJTIyJTJDJTIydmlzYSUyMiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIydHJhdmVsX2RvY19jbGFzc2lmaWNhdGlvbiUyMiUyQyUyMmV2aXNhJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJwYWdlX3R5cGUlMjIlMkMlMjJhcHBsaWNhdGlvbl9wYWdlJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJibG9nX3BhZ2VfaWQlMjIlMkNudWxsJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJ1c2VyX2lkJTIyJTJDbnVsbCUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCU1RCU3RA==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1f::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 07:02:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 CNN_small.png
d16zz69zs6o3lx.cloudfront.net/img/ 2 KB
3 KB 17ms
9ms Image
image/png 2600:9000:211e:2800:a:e993:9140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d16zz69zs6o3lx.cloudfront.net/img/CNN_small.png
Requested by: Host: www.ivisa.com
URL: https://www.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_campaign=FL_Transactional_PaymentIssue_EN_TP2%20%28Wyg9yC%29&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2800:a:e993:9140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33925d175b43f7cd918fa64fea74d446e2fcbaa5b8227489fed14b9cff755056

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 05:03:39 GMT
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
last-modified: Thu, 09 Nov 2023 19:50:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 7251
x-amz-server-side-encryption: AES256
etag: "48543fc74dde9a1d4f55a93b69ec67f9"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 2355
x-amz-cf-id: LOIipA2ZZhY28b6ueSLSrgAmVeRHpfRM5uEdSU--g9bjnkGitz0Jgw==

GET
H2 200 asset-status Show response
www.ivisa.com/ 16 B
1 KB 472ms
471ms XHR
application/json 2606:4700::6812:1a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ivisa.com/asset-status?utm_source=Klaviyo&entry_url=https%3A%2F%2Fwww.ivisa.com%2Fuganda%2Fapply-now%3Fpartial_order%3Dac_5a2c62981599913bf55a37e37eee233e%26utm_source%3DKlaviyo%26utm_medium%3Demail%26utm_campaign%3DFL_Transactional_PaymentIssue_EN_TP2%2520%2528Wyg9yC%2529%26utm_id%3DTKFVR5%26utm_term%3DTry%2520again%26_kx%3Deuha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV

Requested by

Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/splits/axios.455a39.441c3a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_campaign=FL_Transactional_PaymentIssue_EN_TP2%20%28Wyg9yC%29&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
X-Requested-With: XMLHttpRequest
X-CSRF-TOKEN
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 07:02:56 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 14 Nov 2023 07:02:56 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json
cache-control: no-cache, private
cf-ray: 825d64464ca98fc8-FRA

POST
H2 200 calculate_price Show response
www.ivisa.com/product/ 765 B
521 B 1043ms
1043ms XHR
application/json 2606:4700::6812:1a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ivisa.com/product/calculate_price

Requested by

Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/splits/axios.455a39.441c3a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d21471bf6af908783b35b38b26ca55a6da0cac5690425c4e87caf1eee7b29c3

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_campaign=FL_Transactional_PaymentIssue_EN_TP2%20%28Wyg9yC%29&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
X-CSRF-TOKEN
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 14 Nov 2023 07:02:56 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, no-cache, no-store, private
cf-ray: 825d64474d418fc8-FRA
access-control-allow-headers: *
expires: -1

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 194ms
51ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ivisa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 19:33:17 GMT
x-content-type-options: nosniff
age: 300579
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Nov 2024 19:33:17 GMT

OPTIONS
H/1.1 200
OK ha0zf68sv3loxzl2nf9wyn7tpcj8qlox
ssl.kaptcha.com/session/ Frame 0
0 572ms
175ms Preflight 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/session/ha0zf68sv3loxzl2nf9wyn7tpcj8qlox
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: client-id
Access-Control-Request-Method: POST
Origin: https://www.ivisa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Access-Control-Allow-Headers: Content-Type, client-id
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Tue, 14 Nov 2023 07:02:56 GMT
X-Correlation-Id: df7dc8de-1ddf-4a6f-9391-5e958258186a

POST
H/1.1 200
OK ha0zf68sv3loxzl2nf9wyn7tpcj8qlox Show response
ssl.kaptcha.com/session/ 0
427 B 180ms
179ms XHR
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/session/ha0zf68sv3loxzl2nf9wyn7tpcj8qlox
Requested by: Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/vendor/kcollect.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.ivisa.com/
accept-language: de-DE,de;q=0.9
client-id: 171528
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 14 Nov 2023 07:02:56 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: 077f1c13-a6cc-4f39-abba-1be473ad01dc
Content-Length: 0
Expires: 0

GET
H/1.1 200
OK config Show response
ssl.kaptcha.com/cs/ 149 B
491 B 581ms
184ms Fetch
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/cs/config?m=171528&s=ha0zf68sv3loxzl2nf9wyn7tpcj8qlox&sv=1.1.4
Requested by: Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/vendor/kcollect.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 0fe19bf27667e50de4fcda374b966a0ce1001ea42c7dd0077eb3de21c081f517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Nov 2023 07:02:56 GMT
X-Correlation-Id: 1d042ce5-bb47-4f99-8e05-7e49633bbfef
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Content-Length: 149
Expires: 0

GET
H2 200 get_logo Show response
www.ivisa.com/affiliate/ 20 B
99 B 487ms
486ms XHR
application/json 2606:4700::6812:1a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ivisa.com/affiliate/get_logo

Requested by

Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/splits/axios.455a39.441c3a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22b8978e8c27efdc86d8d9a59c991bb76ec26f283b0bc3ce76f33fd5f9e40475

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_campaign=FL_Transactional_PaymentIssue_EN_TP2%20%28Wyg9yC%29&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
X-Requested-With: XMLHttpRequest
X-CSRF-TOKEN
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 07:02:56 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 14 Nov 2023 07:02:56 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json
cache-control: no-cache, private
cf-ray: 825d64497e7f8fc8-FRA

GET
H/1.1 200
OK generatecookie Show response
ssl.kaptcha.com/cs/ 323 B
665 B 181ms
176ms Fetch
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/cs/generatecookie?m=171528&s=ha0zf68sv3loxzl2nf9wyn7tpcj8qlox&sv=1.1.4
Requested by: Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/vendor/kcollect.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 3569b88886c1311ea0fae90963e606c7624d1299d960ee5dc7567237f05985f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Nov 2023 07:02:56 GMT
X-Correlation-Id: a4479127-2bf5-4a8b-aee1-06c0fb2dbee5
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Content-Length: 323
Expires: 0

GET
H/1.1 200
OK logo.htm Show response
ssl.kaptcha.com/ Frame CD0B 22 KB
22 KB 524ms
171ms Document
text/html 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/logo.htm?m=171528&s=ha0zf68sv3loxzl2nf9wyn7tpcj8qlox&sv=1.1.4
Requested by: Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/vendor/kcollect.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: d7040c66276e587956cee7a9f5d3513c8ac721693df7f4b8a2ef3ca4523f8bd1

Request headers

Referer: https://www.ivisa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache no-store must-revalidate private
Content-Type: text/html
Date: Tue, 14 Nov 2023 07:02:57 GMT
Expires: 0
Pragma: no-cache
Transfer-Encoding: chunked
X-Correlation-Id: 9c6ccbff-1d2d-4702-b749-6fa616fc726e

OPTIONS
H2 200 check.svg
d16zz69zs6o3lx.cloudfront.net/vendor/icons-fontawesome/solid/ Frame 0
0 40ms
13ms Preflight 2600:9000:211e:2800:a:e993:9140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d16zz69zs6o3lx.cloudfront.net/vendor/icons-fontawesome/solid/check.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2800:a:e993:9140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-csrf-token,x-requested-with
Access-Control-Request-Method: GET
Origin: https://www.ivisa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
access-control-max-age: 6000
age: 61161
cache-control: max-age=1296000
content-length: 0
date: Mon, 13 Nov 2023 14:03:37 GMT
server: AmazonS3
vary: Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-id: ueyuxbNDVXiKiBvXmo6hXo7jiGrtJF83wau91B0qy2623oC4rKLagA==
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront

OPTIONS
H2 200 check.svg
d16zz69zs6o3lx.cloudfront.net/vendor/icons-fontawesome/solid/ Frame 0
0 40ms
15ms Preflight 2600:9000:211e:2800:a:e993:9140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d16zz69zs6o3lx.cloudfront.net/vendor/icons-fontawesome/solid/check.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2800:a:e993:9140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-csrf-token,x-requested-with
Access-Control-Request-Method: GET
Origin: https://www.ivisa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
access-control-max-age: 6000
age: 61161
cache-control: max-age=1296000
content-length: 0
date: Mon, 13 Nov 2023 14:03:37 GMT
server: AmazonS3
vary: Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-id: lz9O1cMoPE7VVvG6eu4nezgP-O5zjSGUP31sggCDplXgOoMqczupPw==
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront

OPTIONS
H2 200 check.svg
d16zz69zs6o3lx.cloudfront.net/vendor/icons-fontawesome/solid/ Frame 0
0 38ms
14ms Preflight 2600:9000:211e:2800:a:e993:9140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d16zz69zs6o3lx.cloudfront.net/vendor/icons-fontawesome/solid/check.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2800:a:e993:9140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-csrf-token,x-requested-with
Access-Control-Request-Method: GET
Origin: https://www.ivisa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
access-control-max-age: 6000
age: 61161
cache-control: max-age=1296000
content-length: 0
date: Mon, 13 Nov 2023 14:03:37 GMT
server: AmazonS3
vary: Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-id: mD-NrzP-4017oWPoPR1YSoL0cf3Q7THTDCCjg8NfyK0u2yNU2oiy7Q==
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront

POST
H2 200 z Show response
www.ivisa.com/zulu/ 1 KB
1 KB 54ms
53ms Fetch
application/json 2606:4700::6812:1a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ivisa.com/zulu/z
Requested by: Host: www.ivisa.com
URL: https://www.ivisa.com/zulu/z-main.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJjJTIyJTNBJTIyY29ob3J0JTNEYiUyMiUyQyUyMnQlMjIlM0ElMjJBcHBseSUyME5vdyUyMGZvciUyMFVnYW5kYSUyMFRyYXZlbCUyMERvY3VtZW50cyUyMCU3QyUyMGlWaXNhJTIyJTJDJTIyeCUyMiUzQTAuNDgwNTcxNjUwOTQ1MDgzOSUyQyUyMnclMjIlM0ExNjAwJTJDJTIyaCUyMiUzQTEyMDAlMkMlMjJqJTIyJTNBMTIwMCUyQyUyMmUlMjIlM0ExNjAwJTJDJTIybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGd3d3Lml2aXNhLmNvbSUyRnVnYW5kYSUyRmFwcGx5LW5vdyUzRnBhcnRpYWxfb3JkZXIlM0RhY181YTJjNjI5ODE1OTk5MTNiZjU1YTM3ZTM3ZWVlMjMzZSUyNnV0bV9zb3VyY2UlM0RLbGF2aXlvJTI2dXRtX21lZGl1bSUzRGVtYWlsJTI2dXRtX2NhbXBhaWduJTNERkxfVHJhbnNhY3Rpb25hbF9QYXltZW50SXNzdWVfRU5fVFAyJTI1MjAlMjUyOFd5Zzl5QyUyNTI5JTI2dXRtX2lkJTNEVEtGVlI1JTI2dXRtX3Rlcm0lM0RUcnklMjUyMGFnYWluJTI2X2t4JTNEZXVoYTA3T19qcDBma0V0dnFmWkpsWjd0ZmhBTzUxWkhKS0EtbkJZTnBWbTMwVGhVODJ3dVpIU3luc0Jabzh6TS5ZOEtMVVYlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQS02MCUyQyUyMnElMjIlM0ElNUIlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMmRvbWFpbiUyMiUyQyUyMml2aXNhLmNvbSUyMiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIydmlzaXRvcl9pcCUyMiUyQ251bGwlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlMkMlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMnByb2R1Y3RfY291bnRyeSUyMiUyQyUyMlVHJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJuYXRpb25hbGl0eSUyMiUyQ251bGwlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlMkMlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMnByb2R1Y3RfaWQlMjIlMkMxMDEzNiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIycHJvZHVjdF9uYW1lJTIyJTJDJTIyVWdhbmRhJTIwVG91cmlzdCUyMGVWaXNhJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJwcm9kdWN0X2NsYXNzaWZpY2F0aW9uJTIyJTJDJTIydmlzYSUyMiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIydHJhdmVsX2RvY19jbGFzc2lmaWNhdGlvbiUyMiUyQyUyMmV2aXNhJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJwYWdlX3R5cGUlMjIlMkMlMjJhcHBsaWNhdGlvbl9wYWdlJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJibG9nX3BhZ2VfaWQlMjIlMkNudWxsJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJ1c2VyX2lkJTIyJTJDbnVsbCUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCU1RCU3RA==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f8504ae4200ba0908bfce4e389236b6d84419eae3a21be48c2ff6417c55e1f5

Request headers

Referer: https://www.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_campaign=FL_Transactional_PaymentIssue_EN_TP2%20%28Wyg9yC%29&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 14 Nov 2023 07:02:56 GMT
content-encoding: gzip
server: cloudflare
access-control-max-age: 600
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.ivisa.com
content-type: application/json
access-control-allow-credentials: true
cf-ray: 825d644de9a08fc8-FRA
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control

GET
H2 200 apply-payment.69e99c.496f00.js Show response
d16zz69zs6o3lx.cloudfront.net/compiled/js/splits/ 375 KB
83 KB 11ms
10ms Script
application/javascript 2600:9000:211e:2800:a:e993:9140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/splits/apply-payment.69e99c.496f00.js
Requested by: Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/compiled-app.js?id=d65626f2f87fac269c469c618671259c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2800:a:e993:9140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91bcdf6b87499d9cab4a7e0419ba7a95c7409298ebbd9ed0c620c2c01da34665

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 05:10:22 GMT
content-encoding: br
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
last-modified: Thu, 09 Nov 2023 19:50:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 6802
x-amz-server-side-encryption: AES256
etag: W/"7512076d5a8996ebfb3ce5697ce2f3c7"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 4Z9ncp4JjqakGq2_Af-Gwpyj-eveNVVoqedYWn1P4NQda1cGQBZ8CQ==

POST
H2 200 calculate_price Show response
www.ivisa.com/product/ 765 B
487 B 1059ms
1057ms XHR
application/json 2606:4700::6812:1a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ivisa.com/product/calculate_price

Requested by

Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/splits/axios.455a39.441c3a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d21471bf6af908783b35b38b26ca55a6da0cac5690425c4e87caf1eee7b29c3

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_campaign=FL_Transactional_PaymentIssue_EN_TP2%20%28Wyg9yC%29&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
X-CSRF-TOKEN
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 14 Nov 2023 07:02:58 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, no-cache, no-store, private
cf-ray: 825d644e8a1a8fc8-FRA
access-control-allow-headers: *
expires: -1

POST
H2 200 z Show response
www.ivisa.com/zulu/ 124 B
245 B 49ms
47ms Fetch
application/json 2606:4700::6812:1a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ivisa.com/zulu/z
Requested by: Host: www.ivisa.com
URL: https://www.ivisa.com/zulu/z-main.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJjJTIyJTNBJTIyY29ob3J0JTNEYiUyMiUyQyUyMnQlMjIlM0ElMjJBcHBseSUyME5vdyUyMGZvciUyMFVnYW5kYSUyMFRyYXZlbCUyMERvY3VtZW50cyUyMCU3QyUyMGlWaXNhJTIyJTJDJTIyeCUyMiUzQTAuNDgwNTcxNjUwOTQ1MDgzOSUyQyUyMnclMjIlM0ExNjAwJTJDJTIyaCUyMiUzQTEyMDAlMkMlMjJqJTIyJTNBMTIwMCUyQyUyMmUlMjIlM0ExNjAwJTJDJTIybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGd3d3Lml2aXNhLmNvbSUyRnVnYW5kYSUyRmFwcGx5LW5vdyUzRnBhcnRpYWxfb3JkZXIlM0RhY181YTJjNjI5ODE1OTk5MTNiZjU1YTM3ZTM3ZWVlMjMzZSUyNnV0bV9zb3VyY2UlM0RLbGF2aXlvJTI2dXRtX21lZGl1bSUzRGVtYWlsJTI2dXRtX2NhbXBhaWduJTNERkxfVHJhbnNhY3Rpb25hbF9QYXltZW50SXNzdWVfRU5fVFAyJTI1MjAlMjUyOFd5Zzl5QyUyNTI5JTI2dXRtX2lkJTNEVEtGVlI1JTI2dXRtX3Rlcm0lM0RUcnklMjUyMGFnYWluJTI2X2t4JTNEZXVoYTA3T19qcDBma0V0dnFmWkpsWjd0ZmhBTzUxWkhKS0EtbkJZTnBWbTMwVGhVODJ3dVpIU3luc0Jabzh6TS5ZOEtMVVYlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQS02MCUyQyUyMnElMjIlM0ElNUIlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMmRvbWFpbiUyMiUyQyUyMml2aXNhLmNvbSUyMiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIydmlzaXRvcl9pcCUyMiUyQ251bGwlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlMkMlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMnByb2R1Y3RfY291bnRyeSUyMiUyQyUyMlVHJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJuYXRpb25hbGl0eSUyMiUyQ251bGwlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlMkMlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMnByb2R1Y3RfaWQlMjIlMkMxMDEzNiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIycHJvZHVjdF9uYW1lJTIyJTJDJTIyVWdhbmRhJTIwVG91cmlzdCUyMGVWaXNhJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJwcm9kdWN0X2NsYXNzaWZpY2F0aW9uJTIyJTJDJTIydmlzYSUyMiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIydHJhdmVsX2RvY19jbGFzc2lmaWNhdGlvbiUyMiUyQyUyMmV2aXNhJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJwYWdlX3R5cGUlMjIlMkMlMjJhcHBsaWNhdGlvbl9wYWdlJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJibG9nX3BhZ2VfaWQlMjIlMkNudWxsJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJ1c2VyX2lkJTIyJTJDbnVsbCUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCU1RCU3RA==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95e5255bb50833034ebf678147c136ab3669cf6ec365b466cb51c6aad335a96c

Request headers

Referer: https://www.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_campaign=FL_Transactional_PaymentIssue_EN_TP2%20%28Wyg9yC%29&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 14 Nov 2023 07:02:57 GMT
content-encoding: gzip
server: cloudflare
access-control-max-age: 600
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.ivisa.com
content-type: application/json
access-control-allow-credentials: true
cf-ray: 825d644e9a288fc8-FRA
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control

GET
H2 200 check.svg Show response
d16zz69zs6o3lx.cloudfront.net/vendor/icons-fontawesome/solid/ 554 B
990 B 15ms
9ms XHR
image/svg+xml 2600:9000:211e:2800:a:e993:9140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d16zz69zs6o3lx.cloudfront.net/vendor/icons-fontawesome/solid/check.svg
Requested by: Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/splits/axios.455a39.441c3a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2800:a:e993:9140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 434cfb74ddbd505cbcf99cbc2bd26ffc95c664c3f72233be142d10e8aeac2bf0

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ivisa.com/
X-Requested-With: XMLHttpRequest
X-CSRF-TOKEN
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 13:05:23 GMT
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 64655
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 554
last-modified: Thu, 09 Nov 2023 19:50:30 GMT
server: AmazonS3
etag: "314addbce5697a69c3adf41310aa6b16"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=1296000
accept-ranges: bytes
x-amz-cf-id: U8zWCipZKodA2nK2WWvVBh4y_xGjOdLUsy8Y3fXURFWtHXdjUDvDsg==

POST
H2 200 processing_time Show response
www.ivisa.com/product/ 1 KB
553 B 735ms
722ms XHR
application/json 2606:4700::6812:1a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ivisa.com/product/processing_time

Requested by

Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/splits/axios.455a39.441c3a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af7fbbfa42f4b57b0b4e830cbffff2abca31596ab8ddbf387d37367fa0857c86

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_campaign=FL_Transactional_PaymentIssue_EN_TP2%20%28Wyg9yC%29&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
X-CSRF-TOKEN
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 14 Nov 2023 07:02:57 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, no-cache, no-store, private
cf-ray: 825d644eda628fc8-FRA
access-control-allow-headers: *
expires: -1

GET
H2 200 check.svg Show response
d16zz69zs6o3lx.cloudfront.net/vendor/icons-fontawesome/solid/ 554 B
989 B 16ms
12ms XHR
image/svg+xml 2600:9000:211e:2800:a:e993:9140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d16zz69zs6o3lx.cloudfront.net/vendor/icons-fontawesome/solid/check.svg
Requested by: Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/splits/axios.455a39.441c3a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2800:a:e993:9140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 434cfb74ddbd505cbcf99cbc2bd26ffc95c664c3f72233be142d10e8aeac2bf0

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ivisa.com/
X-Requested-With: XMLHttpRequest
X-CSRF-TOKEN
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 13:05:23 GMT
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 64655
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 554
last-modified: Thu, 09 Nov 2023 19:50:30 GMT
server: AmazonS3
etag: "314addbce5697a69c3adf41310aa6b16"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=1296000
accept-ranges: bytes
x-amz-cf-id: CpIpJcY4Bmy0Gov1mD3MpL3VdeQGHPS4jnhU5uFuo0dOrTwTib5NnQ==

GET
H2 200 check.svg Show response
d16zz69zs6o3lx.cloudfront.net/vendor/icons-fontawesome/solid/ 554 B
988 B 16ms
11ms XHR
image/svg+xml 2600:9000:211e:2800:a:e993:9140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d16zz69zs6o3lx.cloudfront.net/vendor/icons-fontawesome/solid/check.svg
Requested by: Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/splits/axios.455a39.441c3a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2800:a:e993:9140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 434cfb74ddbd505cbcf99cbc2bd26ffc95c664c3f72233be142d10e8aeac2bf0

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ivisa.com/
X-Requested-With: XMLHttpRequest
X-CSRF-TOKEN
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 13:05:23 GMT
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 64655
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 554
last-modified: Thu, 09 Nov 2023 19:50:30 GMT
server: AmazonS3
etag: "314addbce5697a69c3adf41310aa6b16"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=1296000
accept-ranges: bytes
x-amz-cf-id: ew6FGzrnPFy-8oVzL01L-GUG_tHDc6yl5uabbmncxTu5KB_ouNd-yA==

GET
H2 200 s-shield-check.svg Show response
d16zz69zs6o3lx.cloudfront.net/vendor/icons-heroicon/ 433 B
869 B 16ms
12ms XHR
image/svg+xml 2600:9000:211e:2800:a:e993:9140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d16zz69zs6o3lx.cloudfront.net/vendor/icons-heroicon/s-shield-check.svg
Requested by: Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/splits/axios.455a39.441c3a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2800:a:e993:9140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 57c64bc149099ca8df51175396525930dfa7baeb8d25c51f98bca0434698e847

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ivisa.com/
X-Requested-With: XMLHttpRequest
X-CSRF-TOKEN
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:21:17 GMT
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 81701
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 433
last-modified: Thu, 09 Nov 2023 19:50:44 GMT
server: AmazonS3
etag: "b890077a9d05290cb1eaf5d1e05e1864"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=1296000
accept-ranges: bytes
x-amz-cf-id: zaro_e6pPA_-Gy8rAoj04TJm_ZF64FYjWcPU3kYaP6xxxVkgSULp3A==

GET
H2 200 s-x.svg Show response
d16zz69zs6o3lx.cloudfront.net/vendor/icons-heroicon/ 356 B
796 B 440ms
437ms XHR
image/svg+xml 2600:9000:211e:2800:a:e993:9140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d16zz69zs6o3lx.cloudfront.net/vendor/icons-heroicon/s-x.svg
Requested by: Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/splits/axios.455a39.441c3a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2800:a:e993:9140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f9f74d79e18d073c1f8f27842b2c4b4b58145ff662c93eded82ff0e4b3a58db1

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ivisa.com/
X-Requested-With: XMLHttpRequest
X-CSRF-TOKEN
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 07:02:58 GMT
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 356
last-modified: Thu, 09 Nov 2023 19:50:44 GMT
server: AmazonS3
etag: "3129dc82fe272b993c55312b4eaa54ad"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=1296000
accept-ranges: bytes
x-amz-cf-id: 314Ph-4f9_W_pdoq2P9SFVGTG3wwywexI8f_ua4WI44ozAY1N-G_gQ==

GET
H2 200 s-shield-check.svg Show response
d16zz69zs6o3lx.cloudfront.net/vendor/icons-heroicon/ 433 B
869 B 14ms
13ms XHR
image/svg+xml 2600:9000:211e:2800:a:e993:9140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d16zz69zs6o3lx.cloudfront.net/vendor/icons-heroicon/s-shield-check.svg
Requested by: Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/splits/axios.455a39.441c3a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2800:a:e993:9140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 57c64bc149099ca8df51175396525930dfa7baeb8d25c51f98bca0434698e847

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ivisa.com/
X-Requested-With: XMLHttpRequest
X-CSRF-TOKEN
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:21:17 GMT
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 81701
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 433
last-modified: Thu, 09 Nov 2023 19:50:44 GMT
server: AmazonS3
etag: "b890077a9d05290cb1eaf5d1e05e1864"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=1296000
accept-ranges: bytes
x-amz-cf-id: jryv_YHyE_tSbOPmvsBsLmah0Eiif7Nm78QUQGLVTey6Zj7bPULA6Q==

GET
H2 200 arrow-left.svg Show response
d16zz69zs6o3lx.cloudfront.net/vendor/icons-fontawesome/solid/ 528 B
970 B 430ms
428ms XHR
image/svg+xml 2600:9000:211e:2800:a:e993:9140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d16zz69zs6o3lx.cloudfront.net/vendor/icons-fontawesome/solid/arrow-left.svg
Requested by: Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/splits/axios.455a39.441c3a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2800:a:e993:9140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4c7b6e8c81d7c4967975aebfd3e4379897440325f598471af30355b395a47b5c

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ivisa.com/
X-Requested-With: XMLHttpRequest
X-CSRF-TOKEN
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 07:02:58 GMT
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 528
last-modified: Thu, 09 Nov 2023 19:50:29 GMT
server: AmazonS3
etag: "4f55495d4d4d45d151fcead8e5bcf33d"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=1296000
accept-ranges: bytes
x-amz-cf-id: fM6SoWXV3KDTFLDwJVkZqmtEUWgPVzsytnlXasHyq1zjezv6Zkc_Aw==

OPTIONS
H2 200 s-shield-check.svg
d16zz69zs6o3lx.cloudfront.net/vendor/icons-heroicon/ Frame 0
0 31ms
14ms Preflight 2600:9000:211e:2800:a:e993:9140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d16zz69zs6o3lx.cloudfront.net/vendor/icons-heroicon/s-shield-check.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2800:a:e993:9140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-csrf-token,x-requested-with
Access-Control-Request-Method: GET
Origin: https://www.ivisa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
access-control-max-age: 6000
age: 76904
cache-control: max-age=1296000
content-length: 0
date: Mon, 13 Nov 2023 09:41:14 GMT
server: AmazonS3
vary: Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-id: eo-0QQGMAtdegTlGy1UJPG-e1MpS4bfR6eXJ5wA3pvEptnxGwUkVSA==
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront

OPTIONS
H2 200 s-x.svg
d16zz69zs6o3lx.cloudfront.net/vendor/icons-heroicon/ Frame 0
0 32ms
15ms Preflight 2600:9000:211e:2800:a:e993:9140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d16zz69zs6o3lx.cloudfront.net/vendor/icons-heroicon/s-x.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2800:a:e993:9140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-csrf-token,x-requested-with
Access-Control-Request-Method: GET
Origin: https://www.ivisa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
access-control-max-age: 6000
age: 58703
cache-control: max-age=1296000
content-length: 0
date: Mon, 13 Nov 2023 14:44:35 GMT
server: AmazonS3
vary: Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-id: uwXubPSV1ia7SthDYRnuSJqaclCHt6YXo4ZNtsrK5Ao4S02CRfn6fg==
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront

OPTIONS
H2 200 s-shield-check.svg
d16zz69zs6o3lx.cloudfront.net/vendor/icons-heroicon/ Frame 0
0 32ms
16ms Preflight 2600:9000:211e:2800:a:e993:9140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d16zz69zs6o3lx.cloudfront.net/vendor/icons-heroicon/s-shield-check.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2800:a:e993:9140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-csrf-token,x-requested-with
Access-Control-Request-Method: GET
Origin: https://www.ivisa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
access-control-max-age: 6000
age: 76904
cache-control: max-age=1296000
content-length: 0
date: Mon, 13 Nov 2023 09:41:14 GMT
server: AmazonS3
vary: Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-id: myV6GnOBA3yDZIDo0wLQrS_d6X1t5DVR6I1Vcd03ukGCrUPjaw6FVg==
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront

OPTIONS
H2 200 arrow-left.svg
d16zz69zs6o3lx.cloudfront.net/vendor/icons-fontawesome/solid/ Frame 0
0 32ms
16ms Preflight 2600:9000:211e:2800:a:e993:9140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d16zz69zs6o3lx.cloudfront.net/vendor/icons-fontawesome/solid/arrow-left.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2800:a:e993:9140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-csrf-token,x-requested-with
Access-Control-Request-Method: GET
Origin: https://www.ivisa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
access-control-max-age: 6000
age: 58703
cache-control: max-age=1296000
content-length: 0
date: Mon, 13 Nov 2023 14:44:35 GMT
server: AmazonS3
vary: Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-id: 7yWNr__fPUqS4L2o0_YWZTdX7_mORMBOpTP41UV7azp2FAf72sSNCw==
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront

GET
DATA 200
OK truncated
/ 212 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ca272b5c51f5790821b50ebfb5f2868f20230a839431baf92f45bfff38861ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 53ms
51ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ivisa.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 23:30:12 GMT
x-content-type-options: nosniff
age: 27165
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Nov 2024 23:30:12 GMT

GET
H2 204 collect
stats.g.doubleclick.net/g/ 0
0 55ms
53ms Fetch
text/plain 2a00:1450:400c:c1f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=G-7SH41H6HMK&cid=b495956a-287f-40e8-bfa8-d8cab5cca815&_u=KGDAAEADQAAAAC%7E&z=1945375090
Requested by: Host: www.ivisa.com
URL: https://www.ivisa.com/zulu/z-main.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJjJTIyJTNBJTIyY29ob3J0JTNEYiUyMiUyQyUyMnQlMjIlM0ElMjJBcHBseSUyME5vdyUyMGZvciUyMFVnYW5kYSUyMFRyYXZlbCUyMERvY3VtZW50cyUyMCU3QyUyMGlWaXNhJTIyJTJDJTIyeCUyMiUzQTAuNDgwNTcxNjUwOTQ1MDgzOSUyQyUyMnclMjIlM0ExNjAwJTJDJTIyaCUyMiUzQTEyMDAlMkMlMjJqJTIyJTNBMTIwMCUyQyUyMmUlMjIlM0ExNjAwJTJDJTIybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGd3d3Lml2aXNhLmNvbSUyRnVnYW5kYSUyRmFwcGx5LW5vdyUzRnBhcnRpYWxfb3JkZXIlM0RhY181YTJjNjI5ODE1OTk5MTNiZjU1YTM3ZTM3ZWVlMjMzZSUyNnV0bV9zb3VyY2UlM0RLbGF2aXlvJTI2dXRtX21lZGl1bSUzRGVtYWlsJTI2dXRtX2NhbXBhaWduJTNERkxfVHJhbnNhY3Rpb25hbF9QYXltZW50SXNzdWVfRU5fVFAyJTI1MjAlMjUyOFd5Zzl5QyUyNTI5JTI2dXRtX2lkJTNEVEtGVlI1JTI2dXRtX3Rlcm0lM0RUcnklMjUyMGFnYWluJTI2X2t4JTNEZXVoYTA3T19qcDBma0V0dnFmWkpsWjd0ZmhBTzUxWkhKS0EtbkJZTnBWbTMwVGhVODJ3dVpIU3luc0Jabzh6TS5ZOEtMVVYlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQS02MCUyQyUyMnElMjIlM0ElNUIlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMmRvbWFpbiUyMiUyQyUyMml2aXNhLmNvbSUyMiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIydmlzaXRvcl9pcCUyMiUyQ251bGwlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlMkMlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMnByb2R1Y3RfY291bnRyeSUyMiUyQyUyMlVHJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJuYXRpb25hbGl0eSUyMiUyQ251bGwlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlMkMlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMnByb2R1Y3RfaWQlMjIlMkMxMDEzNiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIycHJvZHVjdF9uYW1lJTIyJTJDJTIyVWdhbmRhJTIwVG91cmlzdCUyMGVWaXNhJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJwcm9kdWN0X2NsYXNzaWZpY2F0aW9uJTIyJTJDJTIydmlzYSUyMiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIydHJhdmVsX2RvY19jbGFzc2lmaWNhdGlvbiUyMiUyQyUyMmV2aXNhJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJwYWdlX3R5cGUlMjIlMkMlMjJhcHBsaWNhdGlvbl9wYWdlJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJibG9nX3BhZ2VfaWQlMjIlMkNudWxsJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJ1c2VyX2lkJTIyJTJDbnVsbCUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCU1RCU3RA==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1f::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 07:02:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 collect
stats.g.doubleclick.net/g/ 0
0 55ms
54ms Fetch
text/plain 2a00:1450:400c:c1f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=G-7SH41H6HMK&cid=b495956a-287f-40e8-bfa8-d8cab5cca815&_u=KGDAAEADQAAAAC%7E&z=608559432
Requested by: Host: www.ivisa.com
URL: https://www.ivisa.com/zulu/z-main.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJjJTIyJTNBJTIyY29ob3J0JTNEYiUyMiUyQyUyMnQlMjIlM0ElMjJBcHBseSUyME5vdyUyMGZvciUyMFVnYW5kYSUyMFRyYXZlbCUyMERvY3VtZW50cyUyMCU3QyUyMGlWaXNhJTIyJTJDJTIyeCUyMiUzQTAuNDgwNTcxNjUwOTQ1MDgzOSUyQyUyMnclMjIlM0ExNjAwJTJDJTIyaCUyMiUzQTEyMDAlMkMlMjJqJTIyJTNBMTIwMCUyQyUyMmUlMjIlM0ExNjAwJTJDJTIybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGd3d3Lml2aXNhLmNvbSUyRnVnYW5kYSUyRmFwcGx5LW5vdyUzRnBhcnRpYWxfb3JkZXIlM0RhY181YTJjNjI5ODE1OTk5MTNiZjU1YTM3ZTM3ZWVlMjMzZSUyNnV0bV9zb3VyY2UlM0RLbGF2aXlvJTI2dXRtX21lZGl1bSUzRGVtYWlsJTI2dXRtX2NhbXBhaWduJTNERkxfVHJhbnNhY3Rpb25hbF9QYXltZW50SXNzdWVfRU5fVFAyJTI1MjAlMjUyOFd5Zzl5QyUyNTI5JTI2dXRtX2lkJTNEVEtGVlI1JTI2dXRtX3Rlcm0lM0RUcnklMjUyMGFnYWluJTI2X2t4JTNEZXVoYTA3T19qcDBma0V0dnFmWkpsWjd0ZmhBTzUxWkhKS0EtbkJZTnBWbTMwVGhVODJ3dVpIU3luc0Jabzh6TS5ZOEtMVVYlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQS02MCUyQyUyMnElMjIlM0ElNUIlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMmRvbWFpbiUyMiUyQyUyMml2aXNhLmNvbSUyMiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIydmlzaXRvcl9pcCUyMiUyQ251bGwlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlMkMlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMnByb2R1Y3RfY291bnRyeSUyMiUyQyUyMlVHJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJuYXRpb25hbGl0eSUyMiUyQ251bGwlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlMkMlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMnByb2R1Y3RfaWQlMjIlMkMxMDEzNiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIycHJvZHVjdF9uYW1lJTIyJTJDJTIyVWdhbmRhJTIwVG91cmlzdCUyMGVWaXNhJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJwcm9kdWN0X2NsYXNzaWZpY2F0aW9uJTIyJTJDJTIydmlzYSUyMiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIydHJhdmVsX2RvY19jbGFzc2lmaWNhdGlvbiUyMiUyQyUyMmV2aXNhJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJwYWdlX3R5cGUlMjIlMkMlMjJhcHBsaWNhdGlvbl9wYWdlJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJibG9nX3BhZ2VfaWQlMjIlMkNudWxsJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJ1c2VyX2lkJTIyJTJDbnVsbCUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCU1RCU3RA==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1f::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 07:02:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe-v1.min.js Show response
core.spreedly.com/iframe/ 79 KB
80 KB 61ms
7ms Script
text/javascript 151.101.130.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://core.spreedly.com/iframe/iframe-v1.min.js

Requested by

Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/splits/product-application.8da666.569b7f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.182 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

653095bfafeac8eb7ccc598530897d9c9a654ddaba15d44926df6f85814cd710

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 varnish, 1.1 varnish
date: Tue, 14 Nov 2023 07:02:57 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: 7TDPQYA64EP5JXN5
age: 543
x-cache: MISS, HIT
content-length: 81116
x-amz-id-2: DBdQ/m4A7eg9dZbEKqYyKLFAkVuesmIPDybtWoeQSEp3+RjNXQk7G0iJYuvRRuFaggZWkwxjXwg=
x-served-by: cache-fra-eddf8230061-FRA, cache-fra-eddf8230068-FRA
last-modified: Wed, 08 Nov 2023 17:00:48 GMT
server: AmazonS3
x-timer: S1699945377.225487,VS0,VE0
etag: "9c38743838a19e0ad3eab8350196e3bb"
content-type: text/javascript
accept-ranges: bytes
x-cache-hits: 0, 2

GET
H2 200 credit_card_icons.png
d16zz69zs6o3lx.cloudfront.net/img/payment/ 2 KB
3 KB 10ms
9ms Image
image/png 2600:9000:211e:2800:a:e993:9140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d16zz69zs6o3lx.cloudfront.net/img/payment/credit_card_icons.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2800:a:e993:9140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e710394921d2c67287f930b48ac31546515bf6653c1246ab77ddbcd2c9359419

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 09:20:27 GMT
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
last-modified: Thu, 09 Nov 2023 19:50:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 78874
x-amz-server-side-encryption: AES256
etag: "daa1258699dd9b3bfd9ed2364eca6bbc"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 2327
x-amz-cf-id: Q3iGenezG5qmOmul3nknNUEx-r115vUc-bHuuO11DGQsFC118gS_5Q==

GET
H2 200 safe-checkout.png
d16zz69zs6o3lx.cloudfront.net/img/payment/ 12 KB
13 KB 9ms
8ms Image
image/png 2600:9000:211e:2800:a:e993:9140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d16zz69zs6o3lx.cloudfront.net/img/payment/safe-checkout.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2800:a:e993:9140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c88f7c5938f923386c9046a71e44ed8d172bc549f8e2f724e6acc86da1f7dc74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 04:23:20 GMT
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
last-modified: Thu, 09 Nov 2023 19:50:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 10563
x-amz-server-side-encryption: AES256
etag: "be6373ac3de985d5fd38ef576487ca59"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 12743
x-amz-cf-id: 1tH387b_Y584p2-xfI5LEHFGvcwRKMdhjB108DZHj389om9z28768w==

POST
H2 200 denial_protection Show response
www.ivisa.com/product/ 514 B
363 B 522ms
520ms XHR
application/json 2606:4700::6812:1a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ivisa.com/product/denial_protection

Requested by

Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/splits/axios.455a39.441c3a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c170759160559738f4f1c49867b6c30aebc23847a6f9fe45f2e1b3d36bbbb226

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_campaign=FL_Transactional_PaymentIssue_EN_TP2%20%28Wyg9yC%29&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
X-CSRF-TOKEN
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 14 Nov 2023 07:02:57 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, no-cache, no-store, private
cf-ray: 825d644f5aab8fc8-FRA
access-control-allow-headers: *
expires: -1

POST
H2 200 braintree_token Show response
www.ivisa.com/product/ 3 KB
2 KB 586ms
585ms XHR
application/json 2606:4700::6812:1a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ivisa.com/product/braintree_token

Requested by

Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/splits/axios.455a39.441c3a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4f9ddd3c0010d30a8679cc7c9d23a703557f3171d73fd3bd0933ca6682fa991

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_campaign=FL_Transactional_PaymentIssue_EN_TP2%20%28Wyg9yC%29&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
X-Requested-With: XMLHttpRequest
X-CSRF-TOKEN
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 07:02:57 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, no-cache, no-store, private
cf-ray: 825d644f5aad8fc8-FRA
access-control-allow-headers: *
expires: -1

POST
H2 200 stripe_token Show response
www.ivisa.com/product/ 171 B
217 B 621ms
620ms XHR
application/json 2606:4700::6812:1a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ivisa.com/product/stripe_token

Requested by

Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/splits/axios.455a39.441c3a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b8dc2445ef5d2b35bf7c93ece8ce74eb9146cb870878b2d4a7cb73779a5a5e3

Security Headers

Name	Value
X-Frame-Options	sameorigin

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_campaign=FL_Transactional_PaymentIssue_EN_TP2%20%28Wyg9yC%29&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
X-CSRF-TOKEN
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 14 Nov 2023 07:02:57 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, no-cache, no-store, private
cf-ray: 825d644f5aae8fc8-FRA
access-control-allow-headers: *
expires: -1

POST
H/1.1 200
OK md Show response
ssl.kaptcha.com/ Frame CD0B 0
299 B 172ms
171ms XHR
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/md
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=171528&s=ha0zf68sv3loxzl2nf9wyn7tpcj8qlox&sv=1.1.4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=171528&s=ha0zf68sv3loxzl2nf9wyn7tpcj8qlox&sv=1.1.4
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 14 Nov 2023 07:02:57 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: 2816f4c6-5d55-4f70-b429-a9d09c37b57a
Content-Length: 0
Expires: 0

OPTIONS
H2 200 times.svg
d16zz69zs6o3lx.cloudfront.net/vendor/icons-fontawesome/solid/ Frame 0
0 8ms
8ms Preflight 2600:9000:211e:2800:a:e993:9140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d16zz69zs6o3lx.cloudfront.net/vendor/icons-fontawesome/solid/times.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2800:a:e993:9140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-csrf-token,x-requested-with
Access-Control-Request-Method: GET
Origin: https://www.ivisa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
access-control-max-age: 6000
age: 83583
cache-control: max-age=1296000
content-length: 0
date: Mon, 13 Nov 2023 07:49:55 GMT
server: AmazonS3
vary: Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-id: mwE4Hk0Bvk3qsMquFccqU1CqIgWVfPu9yGamt4xTlVsEhUO_cb9TZA==
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront

GET
H2 200 safe-checkout-primary.svg
d16zz69zs6o3lx.cloudfront.net/img/payment/ 15 KB
7 KB 8ms
7ms Image
image/svg+xml 2600:9000:211e:2800:a:e993:9140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d16zz69zs6o3lx.cloudfront.net/img/payment/safe-checkout-primary.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2800:a:e993:9140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23ace3d006f2b5cfff04a38e801bada688f3db274457ae3eb9c89373b90de41a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 07:49:55 GMT
content-encoding: gzip
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
last-modified: Thu, 09 Nov 2023 19:50:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 83583
x-amz-server-side-encryption: AES256
etag: W/"ef7d73487ae7d2aeb8df8151faa6b95e"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=1296000
x-amz-cf-id: XEiAF1EINS9ERcrg2HvfFJX91zqO79XVzGt6OVuhaZ2R3g9bYz8G5w==

GET
H2 200 times.svg Show response
d16zz69zs6o3lx.cloudfront.net/vendor/icons-fontawesome/solid/ 695 B
1 KB 9ms
9ms XHR
image/svg+xml 2600:9000:211e:2800:a:e993:9140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d16zz69zs6o3lx.cloudfront.net/vendor/icons-fontawesome/solid/times.svg
Requested by: Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/splits/axios.455a39.441c3a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2800:a:e993:9140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d23a25944d9aeb4ff1207bf222363efc472521a709d63d26b86b57649a3ea7cc

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ivisa.com/
X-Requested-With: XMLHttpRequest
X-CSRF-TOKEN
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 07:49:56 GMT
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 83582
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 695
last-modified: Thu, 09 Nov 2023 19:50:36 GMT
server: AmazonS3
etag: "a42db7ec4a38b4675f7ae4ae193100d9"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=1296000
accept-ranges: bytes
x-amz-cf-id: qBInidJ1ntTFN_75zrS6ZYLpFOkotJRgIsbdjlihWBoacfyAULkhjg==

OPTIONS
H2 200 graphql
payments.braintree-api.com/ Frame 0
0 68ms
15ms Preflight 13.248.139.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.139.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,braintree-version,content-type
Access-Control-Request-Method: POST
Origin: https://www.ivisa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers: authorization,braintree-version,content-type
access-control-allow-methods: GET,DELETE,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.ivisa.com
access-control-max-age: 1800
date: Tue, 14 Nov 2023 07:02:57 GMT
paypal-debug-id: 4259ab764a704
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: DENY

POST
H2 200 graphql Show response
payments.braintree-api.com/ 2 KB
2 KB 62ms
60ms XHR
application/json 13.248.139.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Requested by

Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/splits/apply-payment.69e99c.496f00.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.139.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

nginx /

Resource Hash

779575557612a1b531e5b2abd2621b5f316a880f221f3bdaea35cc1881020c46

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.ivisa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE3MDAwMzE3NzcsImp0aSI6IjYwYWMwZWU5LWEyNWItNDNmZi04ZmRkLTcwZWFiNjRlNGE3ZiIsInN1YiI6Inc5ejlnajZjM2hyczY2NDkiLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6Inc5ejlnajZjM2hyczY2NDkiLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0IjpmYWxzZX0sInJpZ2h0cyI6WyJtYW5hZ2VfdmF1bHQiXSwic2NvcGUiOlsiQnJhaW50cmVlOlZhdWx0Il0sIm9wdGlvbnMiOnt9fQ.75MrfGTeQC_KgK0702whGskT9vFNLnM26a393rdwFHOX7lC3tt3yKPwSoSfdLM4c4989J7YgZWo2YWNlfX6REQ
Braintree-Version: 2018-05-10
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 07:02:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
server: nginx
vary: Braintree-Version, Accept-Encoding
braintree-version: 2016-10-07
content-type: application/json
access-control-allow-origin: https://www.ivisa.com
paypal-debug-id: 285c9ec8727d4
cache-control: no-cache, no-store
x-frame-options: DENY
content-length: 1309

POST
H/1.1 200
OK md Show response
ssl.kaptcha.com/ Frame CD0B 0
299 B 213ms
172ms XHR
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/md
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=171528&s=ha0zf68sv3loxzl2nf9wyn7tpcj8qlox&sv=1.1.4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=171528&s=ha0zf68sv3loxzl2nf9wyn7tpcj8qlox&sv=1.1.4
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 14 Nov 2023 07:02:57 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: c3cbf1e2-b675-4646-99b5-9a3d947af8dc
Content-Length: 0
Expires: 0

GET
H2 200 v3 Show response
js.stripe.com/ 552 KB
153 KB 46ms
7ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/splits/apply-payment.69e99c.496f00.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b2f9d40677eaea428eb387e6eddf9d171187e9a7a6fc23865fea6652a11f9a5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 14 Nov 2023 07:02:57 GMT
via: 1.1 varnish
age: 3
x-cache: HIT
content-length: 156301
x-request-id: be9920e0-2506-4fab-a86d-7376c58ddd03
x-served-by: cache-fra-eddf8230134-FRA
last-modified: Mon, 13 Nov 2023 21:47:06 GMT
server: Fastly
etag: "745e82fbcfeb5b677809d10fe5a0146a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

OPTIONS
H2 200 s-exclamation-triangle.svg
d16zz69zs6o3lx.cloudfront.net/vendor/icons-heroicon/ Frame 0
0 10ms
10ms Preflight 2600:9000:211e:2800:a:e993:9140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d16zz69zs6o3lx.cloudfront.net/vendor/icons-heroicon/s-exclamation-triangle.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2800:a:e993:9140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-csrf-token,x-requested-with
Access-Control-Request-Method: GET
Origin: https://www.ivisa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET,HEAD
access-control-allow-origin: *
access-control-max-age: 6000
age: 49553
cache-control: max-age=1296000
content-length: 0
date: Mon, 13 Nov 2023 17:17:05 GMT
server: AmazonS3
vary: Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-id: V1Nv9iG8Gyw3TAme0h-oFuXW-8_qQB92L6tsb0jjFZjcDunVKjmtNQ==
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront

GET
H2 200 s-exclamation-triangle.svg Show response
d16zz69zs6o3lx.cloudfront.net/vendor/icons-heroicon/ 395 B
841 B 10ms
9ms XHR
image/svg+xml 2600:9000:211e:2800:a:e993:9140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d16zz69zs6o3lx.cloudfront.net/vendor/icons-heroicon/s-exclamation-triangle.svg
Requested by: Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/splits/axios.455a39.441c3a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2800:a:e993:9140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71056f529020ebf2d0953b63d5710d07ce0c3c1e38a88ea7054a75f05d8c8ba7

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.ivisa.com/
X-Requested-With: XMLHttpRequest
X-CSRF-TOKEN
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:15:50 GMT
via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 82028
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 395
last-modified: Thu, 09 Nov 2023 19:50:43 GMT
server: AmazonS3
etag: "6f78908f8b10a4a79975bc178f0ba51b"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=1296000
accept-ranges: bytes
x-amz-cf-id: R-7BJCkBdtJ9GVToA7hapLkOmp1pIHB9Ihv24VoQZzjMad03PMdheg==

POST
H/1.1 200
OK md Show response
ssl.kaptcha.com/ Frame CD0B 0
299 B 321ms
171ms XHR
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/md
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=171528&s=ha0zf68sv3loxzl2nf9wyn7tpcj8qlox&sv=1.1.4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=171528&s=ha0zf68sv3loxzl2nf9wyn7tpcj8qlox&sv=1.1.4
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 14 Nov 2023 07:02:58 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: 8621846e-3978-4a22-b37b-76de274b7d2f
Content-Length: 0
Expires: 0

POST
H/1.1 200
OK md Show response
ssl.kaptcha.com/ Frame CD0B 0
299 B 444ms
172ms XHR
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/md
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=171528&s=ha0zf68sv3loxzl2nf9wyn7tpcj8qlox&sv=1.1.4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=171528&s=ha0zf68sv3loxzl2nf9wyn7tpcj8qlox&sv=1.1.4
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 14 Nov 2023 07:02:58 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: 62e5aaf7-d300-4b49-89f0-e43582bd4429
Content-Length: 0
Expires: 0

POST
H/1.1 200
OK fin Show response
ssl.kaptcha.com/ Frame CD0B 0
299 B 486ms
172ms XHR
text/plain 35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/fin
Requested by: Host: ssl.kaptcha.com
URL: https://ssl.kaptcha.com/logo.htm?m=171528&s=ha0zf68sv3loxzl2nf9wyn7tpcj8qlox&sv=1.1.4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssl.kaptcha.com/logo.htm?m=171528&s=ha0zf68sv3loxzl2nf9wyn7tpcj8qlox&sv=1.1.4
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 14 Nov 2023 07:02:58 GMT
Cache-Control: no-cache, no-store, must-revalidate, private
X-Correlation-Id: e90fc0f5-5081-40b7-8649-33fac36ffd93
Content-Length: 0
Expires: 0

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame 73F7 200 B
818 B 8ms
7ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ivisa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 5737099
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 14 Nov 2023 07:02:57 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Fri, 08 Sep 2023 21:23:50 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 903251
x-content-type-options: nosniff
x-request-id: 14ec9a13-fb7a-4085-8b17-36f14f8d78cb
x-served-by: cache-fra-eddf8230134-FRA

GET
H2 200 controller-a8dcbde36df3a5cbaf61ee9d95aac34a.html Show response
js.stripe.com/v3/ Frame D3C2 325 B
692 B 7ms
6ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-a8dcbde36df3a5cbaf61ee9d95aac34a.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f5f7b331cdba995ab78f1ca78e74559cb2c853815533412fc789909953a1058e

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ivisa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 57
cache-control: max-age=60
content-encoding: br
content-length: 188
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 14 Nov 2023 07:02:57 GMT
etag: "a8dcbde36df3a5cbaf61ee9d95aac34a"
last-modified: Mon, 13 Nov 2023 21:03:15 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 22
x-content-type-options: nosniff
x-request-id: 966320d7-a24d-494c-871a-c28b25e563dc
x-served-by: cache-fra-eddf8230134-FRA

GET
H2 200 payment-request-inner-google-pay-76c2b2d17d0114d29362d64f66ce1a53.html Show response
js.stripe.com/v3/ Frame 198C 408 B
1 KB 7ms
7ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-76c2b2d17d0114d29362d64f66ce1a53.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

626fb9152e15a8d1c059e9f75da743ed90d86b2d13c02a86eb3223d78b449bcd

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ivisa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 35785
cache-control: max-age=31536000
content-encoding: br
content-length: 221
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 14 Nov 2023 07:02:57 GMT
etag: "76c2b2d17d0114d29362d64f66ce1a53"
last-modified: Mon, 13 Nov 2023 21:03:31 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 233
x-content-type-options: nosniff
x-request-id: dcb03cbf-a848-4087-a578-1c77a3d68bac
x-served-by: cache-fra-eddf8230134-FRA

GET
H2 200 payment-request-inner-browser-70f7a34a114fda3bb0ab100dce4f2737.html Show response
js.stripe.com/v3/ Frame 4D2C 344 B
1005 B 7ms
7ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-70f7a34a114fda3bb0ab100dce4f2737.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

98a4ef8a8b28b618d04c546de814e719438bf5e9b859d40e6d55b61b5d2b876d

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ivisa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 36
cache-control: max-age=60
content-encoding: br
content-length: 203
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 14 Nov 2023 07:02:57 GMT
etag: "70f7a34a114fda3bb0ab100dce4f2737"
last-modified: Mon, 13 Nov 2023 21:03:31 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-content-type-options: nosniff
x-request-id: 62a31f62-e8cf-4b79-8b4f-afd6f323c14c
x-served-by: cache-fra-eddf8230134-FRA

OPTIONS
H/1.1 200
OK w9z9gj6c3hrs6649
client-analytics.braintreegateway.com/ Frame 0
0 62ms
10ms Preflight 3.66.115.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/w9z9gj6c3hrs6649

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.66.115.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-66-115-140.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ivisa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://www.ivisa.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Tue, 14 Nov 2023 07:02:58 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

OPTIONS
H/1.1 200
OK w9z9gj6c3hrs6649
client-analytics.braintreegateway.com/ Frame 0
0 61ms
10ms Preflight 3.66.115.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/w9z9gj6c3hrs6649

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.66.115.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-66-115-140.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ivisa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://www.ivisa.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Tue, 14 Nov 2023 07:02:58 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK w9z9gj6c3hrs6649 Show response
client-analytics.braintreegateway.com/ 0
348 B 14ms
11ms XHR
text/plain 3.66.115.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/w9z9gj6c3hrs6649

Requested by

Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/splits/apply-payment.69e99c.496f00.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.66.115.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-66-115-140.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ivisa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 14 Nov 2023 07:02:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://www.ivisa.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK w9z9gj6c3hrs6649 Show response
client-analytics.braintreegateway.com/ 0
348 B 14ms
11ms XHR
text/plain 3.66.115.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/w9z9gj6c3hrs6649

Requested by

Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/splits/apply-payment.69e99c.496f00.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.66.115.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-66-115-140.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ivisa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 14 Nov 2023 07:02:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://www.ivisa.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

GET
H2 200 dispatch-frame.min.html Show response
checkout.paypal.com/web/3.97.1/html/ Frame ED5D 11 KB
4 KB 128ms
45ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.paypal.com/web/3.97.1/html/dispatch-frame.min.html

Requested by

Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/splits/apply-payment.69e99c.496f00.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4D04) /

Resource Hash

1431e6de5a0cacd4b4900a569f718b5784a1f3db13b72dfbbfebe495093b7428

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.ivisa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=86400
content-encoding: gzip
content-length: 3725
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-type: text/html
date: Tue, 14 Nov 2023 07:02:58 GMT
etag: "65441b1c-2d7d+gzip"
expires: Wed, 15 Nov 2023 07:02:58 GMT
last-modified: Thu, 02 Nov 2023 21:56:44 GMT
server: ECAcc (frc/4D04)
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: HIT

POST
H/1.1 200
OK w9z9gj6c3hrs6649 Show response
client-analytics.braintreegateway.com/ 0
348 B 16ms
12ms XHR
text/plain 3.66.115.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/w9z9gj6c3hrs6649

Requested by

Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/splits/apply-payment.69e99c.496f00.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.66.115.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-66-115-140.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ivisa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 14 Nov 2023 07:02:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://www.ivisa.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

GET
H2 200 js Show response
www.paypal.com/sdk/ 290 KB
79 KB 61ms
8ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?components=buttons&currency=USD&intent=capture&client-id=ARi4We2bbfu4ug2ZaIUZZK0_mAh1hjW4m7j3VNRIO7p7Y0qe8Kg51Aloz4jewpCREp0dPW1D6YaGdEsk

Requested by

Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/splits/apply-payment.69e99c.496f00.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a90b74b4ebbe05de080bb7b10eef3df0535d37bb1d6fbaa00ee04bfcd80c560d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-4tHvQLFgM5WqYioaJEAULbs8O3H62UbilkXmW1ANJ0eWWxgt' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-4tHvQLFgM5WqYioaJEAULbs8O3H62UbilkXmW1ANJ0eWWxgt' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-4tHvQLFgM5WqYioaJEAULbs8O3H62UbilkXmW1ANJ0eWWxgt' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-4tHvQLFgM5WqYioaJEAULbs8O3H62UbilkXmW1ANJ0eWWxgt' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Tue, 14 Nov 2023 07:02:58 GMT
age: 10741
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT, MISS
p3p: true
paypal-debug-id: f305301812cc8
server-timing: "traceparent;desc="00-0000000000000000000f305301812cc8-ca928b86517dc929-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 79304
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230064-FRA, cache-fra-eddf8230064-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f305301812cc8-2fca5db0e08e2c04-01
x-timer: S1699945378.073371,VS0,VE4
etag: W/"135c8-X7E23H5ZUMFIC8VNAJpl+cv7wR0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 73F7 631 B
592 B 10ms
6ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 14 Nov 2023 07:02:58 GMT
via: 1.1 varnish
age: 5737100
x-cache: HIT
content-length: 399
x-request-id: 6da78203-470e-40ff-a3e6-ec0bd0fcd45c
x-served-by: cache-fra-eddf8230134-FRA
last-modified: Fri, 08 Sep 2023 21:23:49 GMT
server: Fastly
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 862080

GET
H2 200 shared-a4abbc3be830c05aef34559e51ded131.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D3C2 533 KB
129 KB 9ms
7ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-a4abbc3be830c05aef34559e51ded131.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8dcbde36df3a5cbaf61ee9d95aac34a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d700f6d0e37d23d95ae3365aa8b1ff2a2e3f31d87504dc276840dba7fe2ffba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-a8dcbde36df3a5cbaf61ee9d95aac34a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 14 Nov 2023 07:02:58 GMT
via: 1.1 varnish
age: 35820
x-cache: HIT
content-length: 131906
x-request-id: dd0a9278-0151-4c6c-8046-4f8283ff096f
x-served-by: cache-fra-eddf8230134-FRA
last-modified: Mon, 13 Nov 2023 21:03:30 GMT
server: Fastly
etag: "e39128966218bf3235c29b6095bdd12b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2713

GET
H2 200 controller-cbf034730e79b4cd9d5b375d7e15886a.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D3C2 660 KB
172 KB 10ms
8ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-cbf034730e79b4cd9d5b375d7e15886a.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-a8dcbde36df3a5cbaf61ee9d95aac34a.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

bf818fda6d572aefa65158fe10a2a7ccf3f932c1b28631045472a8ef65a59833

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-a8dcbde36df3a5cbaf61ee9d95aac34a.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 14 Nov 2023 07:02:58 GMT
via: 1.1 varnish
age: 35819
x-cache: HIT
content-length: 175669
x-request-id: 8fdbbcd6-922d-49cd-8b1a-f4448a55c0eb
x-served-by: cache-fra-eddf8230134-FRA
last-modified: Mon, 13 Nov 2023 21:03:27 GMT
server: Fastly
etag: "b35332058c2fce3778d63b40d4c8e6b9"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2867

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 198C 118 KB
37 KB 135ms
53ms Script
application/javascript 2a00:1450:4010:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-76c2b2d17d0114d29362d64f66ce1a53.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4010:c09::5c , Finland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

81b3cfec8709a5844f547eae1fc0966ca4db5ec5c762a371b31954967cbda57b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rNOd36bi3I4LICBFOzMjhQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 07:02:58 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-rNOd36bi3I4LICBFOzMjhQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Tue, 14 Nov 2023 07:02:58 GMT

GET
H2 200 shared-a4abbc3be830c05aef34559e51ded131.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 198C 533 KB
129 KB 7ms
6ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-a4abbc3be830c05aef34559e51ded131.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-76c2b2d17d0114d29362d64f66ce1a53.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d700f6d0e37d23d95ae3365aa8b1ff2a2e3f31d87504dc276840dba7fe2ffba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-76c2b2d17d0114d29362d64f66ce1a53.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 14 Nov 2023 07:02:58 GMT
via: 1.1 varnish
age: 35820
x-cache: HIT
content-length: 131906
x-request-id: 8b5be508-d0f4-4345-811e-65cb13884f3f
x-served-by: cache-fra-eddf8230134-FRA
last-modified: Mon, 13 Nov 2023 21:03:30 GMT
server: Fastly
etag: "e39128966218bf3235c29b6095bdd12b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2713

GET
H2 200 payment-request-inner-google-pay-6c6158356aa2fb0fad6988bd4dd189af.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 198C 10 KB
4 KB 8ms
6ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-6c6158356aa2fb0fad6988bd4dd189af.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-76c2b2d17d0114d29362d64f66ce1a53.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

fc42bb69e9975dc74d50c5bda8cb36384bcd0bc7f6b1a54991c6f2a92251df0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-76c2b2d17d0114d29362d64f66ce1a53.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 14 Nov 2023 07:02:58 GMT
via: 1.1 varnish
age: 1777259
x-cache: HIT
content-length: 4272
x-request-id: 8427e391-cb41-45d0-a2d8-e371938cf760
x-served-by: cache-fra-eddf8230134-FRA
last-modified: Tue, 24 Oct 2023 17:19:12 GMT
server: Fastly
etag: "947a5566a308873ad0fd8dbfdd9c81cf"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 22037

GET
H2 200 shared-a4abbc3be830c05aef34559e51ded131.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4D2C 533 KB
129 KB 29ms
28ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-a4abbc3be830c05aef34559e51ded131.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-70f7a34a114fda3bb0ab100dce4f2737.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d700f6d0e37d23d95ae3365aa8b1ff2a2e3f31d87504dc276840dba7fe2ffba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-70f7a34a114fda3bb0ab100dce4f2737.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 14 Nov 2023 07:02:58 GMT
via: 1.1 varnish
age: 35820
x-cache: HIT
content-length: 131906
x-request-id: 910ae250-0580-4c9b-a589-e5188e0b6bec
x-served-by: cache-fra-eddf8230134-FRA
last-modified: Mon, 13 Nov 2023 21:03:30 GMT
server: Fastly
etag: "e39128966218bf3235c29b6095bdd12b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2714

GET
H2 200 payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4D2C 12 KB
5 KB 29ms
29ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-70f7a34a114fda3bb0ab100dce4f2737.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

2cd5192ff8b020b1b320397711a8d5fb40be5e2954fff09a707e092713b7fc03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-70f7a34a114fda3bb0ab100dce4f2737.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 14 Nov 2023 07:02:58 GMT
via: 1.1 varnish
age: 3038248
x-cache: HIT
content-length: 4877
x-request-id: 9ef2e1bc-566a-402a-9e16-5d2c96794fa6
x-served-by: cache-fra-eddf8230134-FRA
last-modified: Mon, 09 Oct 2023 20:07:19 GMT
server: Fastly
etag: "330666bb238cf77ae96a867563ebc09a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 48960

POST
H2 200 csp-report
q.stripe.com/ Frame 73F7 0
716 B 747ms
355ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 14 Nov 2023 07:02:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699945378680761
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699945378680281
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 73F7 0
717 B 736ms
345ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 14 Nov 2023 07:02:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699945378680082
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699945378679661
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

OPTIONS
H/1.1 200
OK w9z9gj6c3hrs6649
client-analytics.braintreegateway.com/ Frame 0
0 53ms
9ms Preflight 3.66.115.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/w9z9gj6c3hrs6649

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.66.115.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-66-115-140.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ivisa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://www.ivisa.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Tue, 14 Nov 2023 07:02:58 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

POST
H2 200 csp-report
q.stripe.com/ Frame D3C2 0
716 B 740ms
354ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 14 Nov 2023 07:02:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699945378680696
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699945378679695
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 198C 0
716 B 749ms
367ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 14 Nov 2023 07:02:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699945378682353
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699945378681921
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 198C 0
716 B 730ms
348ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 14 Nov 2023 07:02:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699945378680681
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699945378680282
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 4D2C 0
716 B 745ms
366ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 14 Nov 2023 07:02:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699945378682313
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699945378681928
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 4D2C 0
716 B 734ms
355ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 14 Nov 2023 07:02:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699945378680726
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1699945378680300
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame EAA4 930 B
1 KB 27ms
4ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 61
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 14 Nov 2023 07:02:58 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 63
x-content-type-options: nosniff
x-request-id: 2220ebf1-68e8-4ed5-b4fe-1e6ac1dddd60
x-served-by: cache-fra-eddf8230134-FRA
x-timer: S1699945378.079091,VS0,VE0

POST
H2 200 csp-report
q.stripe.com/ Frame EAA4 0
490 B 677ms
352ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 14 Nov 2023 07:02:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699945378680230
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1699945378679731
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame EAA4 87 KB
15 KB 8ms
7ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Tue, 14 Nov 2023 07:02:58 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 294
x-cache: HIT
content-length: 15509
x-request-id: 214c7fc0-548c-48b1-b0b8-780371fd1c9d
x-served-by: cache-fra-eddf8230134-FRA
server: Fastly
x-timer: S1699945378.104339,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 214

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame D3C2 474 B
614 B 21ms
6ms Fetch
application/json 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a4abbc3be830c05aef34559e51ded131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9efe681c9855077a32a8568d5c8267067987975be3aa1a9bfa476515ef86f4aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-a8dcbde36df3a5cbaf61ee9d95aac34a.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 14 Nov 2023 07:02:58 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 33
x-cache: HIT
content-length: 299
x-request-id: b32adf1b-fb9a-4cad-a268-054a91bc74f1
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Mon, 13 Nov 2023 21:47:09 GMT
server: Fastly
etag: "adedbe643229c01aedd217364da0d5f4"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 12

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame D3C2 474 B
374 B 6ms
6ms Fetch
application/json 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a4abbc3be830c05aef34559e51ded131.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9efe681c9855077a32a8568d5c8267067987975be3aa1a9bfa476515ef86f4aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-a8dcbde36df3a5cbaf61ee9d95aac34a.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 14 Nov 2023 07:02:58 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 33
x-cache: HIT
content-length: 299
x-request-id: 60d11ddc-8732-48e6-8933-014b662668a4
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Mon, 13 Nov 2023 21:47:09 GMT
server: Fastly
etag: "adedbe643229c01aedd217364da0d5f4"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 13

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 14 KB
5 KB 11ms
11ms Script
application/x-javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=www.ivisa.com&t=xo&v=5.0.409&source=payments_sdk&client_id=ARi4We2bbfu4ug2ZaIUZZK0_mAh1hjW4m7j3VNRIO7p7Y0qe8Kg51Aloz4jewpCREp0dPW1D6YaGdEsk&comp=buttons&disableSetCookie=true&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?components=buttons&currency=USD&intent=capture&client-id=ARi4We2bbfu4ug2ZaIUZZK0_mAh1hjW4m7j3VNRIO7p7Y0qe8Kg51Aloz4jewpCREp0dPW1D6YaGdEsk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3f6c35e12fe2479e56472ff6fe94a821f97d1e1a02325fa09d6f7569a44dbc43

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-dBIhYlQWeC+OV7yrmecoVDxz4HdKUnbrQs1ielJyL5etk9Mh' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-dBIhYlQWeC+OV7yrmecoVDxz4HdKUnbrQs1ielJyL5etk9Mh' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 14 Nov 2023 07:02:58 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 5118
x-cache: HIT, MISS
paypal-debug-id: f56167311e046
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 4788
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230064-FRA, cache-fra-eddf8230064-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f56167311e046-5f6f5b5286b26a2b-01
x-timer: S1699945378.242065,VS0,VE4
etag: W/"367c-1D/ZLnBnlamekoHhm2bxrxiFtJk"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame E763 400 KB
102 KB 514ms
513ms Document
text/html 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?fundingSource=paypal&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&sdkVersion=5.0.409&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMmY3VycmVuY3k9VVNEJmludGVudD1jYXB0dXJlJmNsaWVudC1pZD1BUmk0V2UyYmJmdTR1ZzJaYUlVWlpLMF9tQWgxaGpXNG03ajNWTlJJTzdwN1kwcWU4S2c1MUFsb3o0amV3cENSRXAwZFBXMUQ2WWFHZEVzayIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX3VxbXF6eHdjZGhnd3ZiaWlza3p6eGxkeGdrZHh4ciJ9fQ&clientID=ARi4We2bbfu4ug2ZaIUZZK0_mAh1hjW4m7j3VNRIO7p7Y0qe8Kg51Aloz4jewpCREp0dPW1D6YaGdEsk&sdkCorrelationID=06b475109a5a9&storageID=uid_4985a84864_mdc6mdi6ntg&sessionID=uid_64487811a9_mdc6mdi6ntg&buttonSessionID=uid_2bd1edd2e8_mdc6mdi6ntg&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOnRydWV9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjp0cnVlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8eecf82c23c9c9de419fd65c7d605fd37ec4eee4b2350ba8eb0ebbcec332a74d

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ivisa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: gzip
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Tue, 14 Nov 2023 07:02:58 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"63e3c-8jtUvv+CV5MHh0EgyTO3K+OeJWQ"
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
p3p: true
paypal-debug-id: f109887d819d1
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: "traceparent;desc="00-0000000000000000000f109887d819d1-b532d1936992c10b-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f109887d819d1-86956984f7ec52e7-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-served-by: cache-fra-eddf8230064-FRA, cache-fra-eddf8230064-FRA
x-timer: S1699945378.304671,VS0,VE507
x-xss-protection: 1; mode=block

OPTIONS
H/1.1 200
OK w9z9gj6c3hrs6649
client-analytics.braintreegateway.com/ Frame 0
0 9ms
9ms Preflight 3.66.115.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/w9z9gj6c3hrs6649

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.66.115.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-66-115-140.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ivisa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://www.ivisa.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Tue, 14 Nov 2023 07:02:58 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 paypal-blue.svg
www.paypalobjects.com/js-sdk-logos/2.2.7/ Frame 58F0 3 KB
2 KB 16ms
7ms Image
image/svg+xml 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/js-sdk-logos/2.2.7/paypal-blue.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CC8) /

Resource Hash

25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 07:02:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 1867a673a7a0f
dc: ccg11-origin-www-1.paypal.com
content-length: 1217
last-modified: Tue, 04 Apr 2023 21:46:19 GMT
server: ECAcc (frc/4CC8)
traceparent: 00-00000000000000000001867a673a7a0f-f3dfb61d7baab926-01
etag: W/"642c9aab-cc2"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 14 Nov 2023 08:02:58 GMT

POST
H/1.1 200
OK w9z9gj6c3hrs6649 Show response
client-analytics.braintreegateway.com/ 0
348 B 9ms
9ms XHR
text/plain 3.66.115.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/w9z9gj6c3hrs6649

Requested by

Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/splits/apply-payment.69e99c.496f00.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.66.115.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-66-115-140.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ivisa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 14 Nov 2023 07:02:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://www.ivisa.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

GET
H2 200 venmo-desktop-frame.html Show response
assets.braintreegateway.com/web/3.97.1/html/ Frame CCC3 104 KB
24 KB 30ms
8ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/3.97.1/html/venmo-desktop-frame.html

Requested by

Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/splits/apply-payment.69e99c.496f00.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CEE) /

Resource Hash

87559507214465beb4e9ac776b011ef9abb7534e77852f25f1e571e9a318a1de

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.ivisa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=86400
content-encoding: gzip
content-length: 24342
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-type: text/html
date: Tue, 14 Nov 2023 07:02:58 GMT
etag: "65441b1b-19f86+gzip"
expires: Wed, 15 Nov 2023 07:02:58 GMT
last-modified: Thu, 02 Nov 2023 21:56:43 GMT
server: ECAcc (frc/4CEE)
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: HIT

POST
H/1.1 200
OK w9z9gj6c3hrs6649 Show response
client-analytics.braintreegateway.com/ 0
348 B 12ms
10ms XHR
text/plain 3.66.115.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/w9z9gj6c3hrs6649

Requested by

Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/splits/apply-payment.69e99c.496f00.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.66.115.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-66-115-140.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ivisa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 14 Nov 2023 07:02:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://www.ivisa.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

GET
H2 200 venmo.png
d16zz69zs6o3lx.cloudfront.net/img/payment/ 1 KB
2 KB 9ms
9ms Image
image/png 2600:9000:211e:2800:a:e993:9140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d16zz69zs6o3lx.cloudfront.net/img/payment/venmo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2800:a:e993:9140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f5e6392eeee598c3482fbd6b64df49edfdcbe819a75b25077357153b19ff137b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 08:02:30 GMT
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
last-modified: Thu, 09 Nov 2023 19:50:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 82829
x-amz-server-side-encryption: AES256
etag: "6a7d1eea589cbf498f58ba3a5550c697"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1277
x-amz-cf-id: wmvZHrvfSWUp4pcsDHvvgXgWpV1Yw-tpclk2MS1JpvWLdn_HOgn5WQ==

OPTIONS
H/1.1 200
OK w9z9gj6c3hrs6649
client-analytics.braintreegateway.com/ Frame 0
0 10ms
9ms Preflight 3.66.115.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/w9z9gj6c3hrs6649

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.66.115.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-66-115-140.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ivisa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://www.ivisa.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Tue, 14 Nov 2023 07:02:58 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 995 B
864 B 215ms
214ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

acd4efd25afef0314124024bb72b7125d7212b47af148e7f2e6f3287df6226ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.ivisa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type: application/json

Response headers

date: Tue, 14 Nov 2023 07:02:58 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f152760a54755
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-eddf8230022-FRA, cache-fra-eddf8230022-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f152760a54755-b9bddffad9f056fe-01
x-timer: S1699945379.655984,VS0,VE207
etag: W/"3e3-TBv53e+eXfE2dJsZMgo1V+wY57c"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.ivisa.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 212ms
197ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ivisa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.ivisa.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 0
date: Tue, 14 Nov 2023 07:02:58 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f10988707c8e4
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f10988707c8e4-1ba8e8bf6e8e9aac-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-fra-eddf8230022-FRA, cache-fra-eddf8230022-FRA
x-timer: S1699945378.457231,VS0,VE190

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame D3C2 2 KB
3 KB 318ms
232ms Fetch
application/json 34.252.74.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a4abbc3be830c05aef34559e51ded131.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.252.74.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-252-74-21.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

5bc8d94fcc152481cd99c3c1644dfaf29d6daa190fe7fc26e28edefce0203fde

Security Headers

Name	Value
Content-Security-Policy	report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 14 Nov 2023 07:02:58 GMT
content-security-policy: report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 2211
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
cross-origin-opener-policy-report-only: same-origin; report-to=https://q.stripe.com/coop-report
expires: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame EAA4 156 B
670 B 562ms
178ms XHR
application/json 54.201.135.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.201.135.255 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-201-135-255.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

890ae2b7ba453b16ece0ae2610c4da0ecd9a563522426b293db6aeff1b5746c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 14 Nov 2023 07:02:58 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699945378992659
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1699945378992145
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 0 Show response
r.stripe.com/ Frame D3C2 0
273 B 269ms
255ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a4abbc3be830c05aef34559e51ded131.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 14 Nov 2023 07:02:58 GMT
x-stripe-server-envoy-start-time-us: 1699945378682493
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699945378682313
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D3C2 0
273 B 269ms
256ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a4abbc3be830c05aef34559e51ded131.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 14 Nov 2023 07:02:58 GMT
x-stripe-server-envoy-start-time-us: 1699945378682530
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699945378681980
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D3C2 0
273 B 263ms
250ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a4abbc3be830c05aef34559e51ded131.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 14 Nov 2023 07:02:58 GMT
x-stripe-server-envoy-start-time-us: 1699945378682175
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699945378682008
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D3C2 0
273 B 270ms
257ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a4abbc3be830c05aef34559e51ded131.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 14 Nov 2023 07:02:58 GMT
x-stripe-server-envoy-start-time-us: 1699945378683044
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699945378682376
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D3C2 0
273 B 269ms
256ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a4abbc3be830c05aef34559e51ded131.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 14 Nov 2023 07:02:58 GMT
x-stripe-server-envoy-start-time-us: 1699945378682534
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699945378682284
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D3C2 0
273 B 270ms
258ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a4abbc3be830c05aef34559e51ded131.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 14 Nov 2023 07:02:58 GMT
x-stripe-server-envoy-start-time-us: 1699945378682908
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699945378682260
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D3C2 0
273 B 276ms
265ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a4abbc3be830c05aef34559e51ded131.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 14 Nov 2023 07:02:58 GMT
x-stripe-server-envoy-start-time-us: 1699945378683106
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699945378682256
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D3C2 0
273 B 256ms
245ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a4abbc3be830c05aef34559e51ded131.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 14 Nov 2023 07:02:58 GMT
x-stripe-server-envoy-start-time-us: 1699945378682335
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699945378682178
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D3C2 0
273 B 265ms
254ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a4abbc3be830c05aef34559e51ded131.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 14 Nov 2023 07:02:58 GMT
x-stripe-server-envoy-start-time-us: 1699945378682186
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699945378682034
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D3C2 0
273 B 263ms
252ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a4abbc3be830c05aef34559e51ded131.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 14 Nov 2023 07:02:58 GMT
x-stripe-server-envoy-start-time-us: 1699945378682647
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699945378682068
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D3C2 0
273 B 265ms
254ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a4abbc3be830c05aef34559e51ded131.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 14 Nov 2023 07:02:58 GMT
x-stripe-server-envoy-start-time-us: 1699945378682227
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699945378682055
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D3C2 0
273 B 266ms
257ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a4abbc3be830c05aef34559e51ded131.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 14 Nov 2023 07:02:58 GMT
x-stripe-server-envoy-start-time-us: 1699945378682468
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699945378682295
access-control-allow-credentials: true
content-length: 0

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
16 KB 16ms
16ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=www.ivisa.com&t=xo&v=5.0.409&source=payments_sdk&client_id=ARi4We2bbfu4ug2ZaIUZZK0_mAh1hjW4m7j3VNRIO7p7Y0qe8Kg51Aloz4jewpCREp0dPW1D6YaGdEsk&comp=buttons&disableSetCookie=true&vault=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CA9) /

Resource Hash

20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 07:02:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
paypal-debug-id: 57055828291c0
dc: ccg11-origin-www-1.paypal.com
content-length: 16488
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
server: ECAcc (frc/4CA9)
traceparent: 00-000000000000000000057055828291c0-8aa426a5925256ff-01
etag: "64f25363-daa8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 14 Nov 2023 08:02:58 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
513 B 203ms
179ms Image
image/gif 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3A4CCTC8GNBPMY2-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3A4CCTC8GNBPMY2-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=fee59d72-f579-4b3f-ace5-567001e69fd1&fltp=analytics&mrid=4CCTC8GNBPMY2&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Apply%20Now%20for%20Uganda%20Travel%20Documents%20%7C%20iVisa&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1699945378544&g=-60&completeurl=https%3A%2F%2Fwww.ivisa.com%2Fuganda%2Fapply-now%3Fpartial_order%3Dac_5a2c62981599913bf55a37e37eee233e%26utm_source%3DKlaviyo%26utm_medium%3Demail%26utm_campaign%3DFL_Transactional_PaymentIssue_EN_TP2%2520%2528Wyg9yC%2529%26utm_id%3DTKFVR5%26utm_term%3DTry%2520again%26_kx%3Deuha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV&disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 14 Nov 2023 07:02:58 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: ae97bf349d870
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230079-FRA
pragma: no-cache
correlation-id: ae97bf349d870
traceparent: 00-0000000000000000000ae97bf349d870-3153b413d0dd48b8-01
x-timer: S1699945379.571690,VS0,VE172
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 07:02:58 GMT

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 891A 19 KB
8 KB 63ms
62ms Document
text/html 2a00:1450:4010:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4010:c09::5c , Finland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

354919de0e24469270a4546aae5d75d416e6f646973afab5b6f0430198a839ab

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-0qt4dCAFOMzpML-gYNHAZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-0qt4dCAFOMzpML-gYNHAZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Tue, 14 Nov 2023 07:02:58 GMT
expires: Tue, 14 Nov 2023 07:02:58 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H/1.1 200
OK w9z9gj6c3hrs6649 Show response
client-analytics.braintreegateway.com/ 0
348 B 10ms
10ms XHR
text/plain 3.66.115.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/w9z9gj6c3hrs6649

Requested by

Host: d16zz69zs6o3lx.cloudfront.net
URL: https://d16zz69zs6o3lx.cloudfront.net/compiled/js/splits/apply-payment.69e99c.496f00.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.66.115.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-66-115-140.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.ivisa.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 14 Nov 2023 07:02:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://www.ivisa.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

OPTIONS
H/1.1 200
OK w9z9gj6c3hrs6649
client-analytics.braintreegateway.com/ Frame 0
0 9ms
9ms Preflight 3.66.115.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/w9z9gj6c3hrs6649

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.66.115.140 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-66-115-140.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.ivisa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://www.ivisa.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Tue, 14 Nov 2023 07:02:58 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

POST
H2 200 0 Show response
r.stripe.com/ Frame D3C2 0
273 B 255ms
254ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a4abbc3be830c05aef34559e51ded131.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 14 Nov 2023 07:02:58 GMT
x-stripe-server-envoy-start-time-us: 1699945378682923
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699945378682333
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D3C2 0
273 B 236ms
236ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a4abbc3be830c05aef34559e51ded131.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 14 Nov 2023 07:02:58 GMT
x-stripe-server-envoy-start-time-us: 1699945378682506
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699945378682335
access-control-allow-credentials: true
content-length: 0

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame 7893 55 KB
17 KB 8ms
7ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBF) /

Resource Hash

7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ivisa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 16892
content-type: text/html
date: Tue, 14 Nov 2023 07:02:58 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "64f25363-dacc"
expires: Tue, 14 Nov 2023 08:02:58 GMT
last-modified: Fri, 01 Sep 2023 21:10:59 GMT
paypal-debug-id: d6e1adc139b19
server: ECAcc (frc/4CBF)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000d6e1adc139b19-dfbc882e6d0f4b13-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

GET
H2 200 noop.js Show response
www.paypalobjects.com/muse/ Frame 7893 18 B
209 B 156ms
155ms Fetch
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/noop.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (daa/7D8C) /

Resource Hash

0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/muse/analytics/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 07:02:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
paypal-debug-id: 9c146cc400cdb
dc: ccg11-origin-www-1.paypal.com
content-length: 18
last-modified: Sat, 13 Feb 2021 00:26:56 GMT
server: ECAcc (daa/7D8C)
traceparent: 00-00000000000000000009c146cc400cdb-be749507c5e36fbe-01
etag: "60271cd0-12"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Tue, 14 Nov 2023 07:02:57 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
167 B 200ms
200ms Image
image/gif 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A4CCTC8GNBPMY2-1&page=muse%3Aoffer%3A%3A%3A4CCTC8GNBPMY2-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=fee59d72-f579-4b3f-ace5-567001e69fd1&es=visitorInfoFlowStarted&mrid=4CCTC8GNBPMY2&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Apply%20Now%20for%20Uganda%20Travel%20Documents%20%7C%20iVisa&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1699945378606&g=-60&completeurl=https%3A%2F%2Fwww.ivisa.com%2Fuganda%2Fapply-now%3Fpartial_order%3Dac_5a2c62981599913bf55a37e37eee233e%26utm_source%3DKlaviyo%26utm_medium%3Demail%26utm_campaign%3DFL_Transactional_PaymentIssue_EN_TP2%2520%2528Wyg9yC%2529%26utm_id%3DTKFVR5%26utm_term%3DTry%2520again%26_kx%3Deuha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV&disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 14 Nov 2023 07:02:58 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 581453d731c03
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230079-FRA
pragma: no-cache
correlation-id: 581453d731c03
traceparent: 00-0000000000000000000581453d731c03-a2dc4808ce83ec74-01
x-timer: S1699945379.609243,VS0,VE193
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 07:02:58 GMT

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.I4tlhdcaBEM.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 891A 158 KB
57 KB 173ms
56ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.I4tlhdcaBEM.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfri_68ml-L0Mgq1cNSNAUk_BVoikww/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08b4cbb4f42e7d7141285e660e85588438ae55bb7666f523e1d45c909b2538dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 17:52:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57372
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 23:47:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Nov 2024 17:52:41 GMT

POST
H2 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 891A 2 KB
2 KB 138ms
137ms Other
text/html 2a00:1450:4010:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: www.ivisa.com
URL: https://www.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_campaign=FL_Transactional_PaymentIssue_EN_TP2%20%28Wyg9yC%29&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4010:c09::5c , Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 14 Nov 2023 07:02:58 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

POST
H2 200 z Show response
www.ivisa.com/zulu/ 1 KB
688 B 42ms
41ms Fetch
application/json 2606:4700::6812:1a85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ivisa.com/zulu/z
Requested by: Host: www.ivisa.com
URL: https://www.ivisa.com/zulu/z-main.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJjJTIyJTNBJTIyY29ob3J0JTNEYiUyMiUyQyUyMnQlMjIlM0ElMjJBcHBseSUyME5vdyUyMGZvciUyMFVnYW5kYSUyMFRyYXZlbCUyMERvY3VtZW50cyUyMCU3QyUyMGlWaXNhJTIyJTJDJTIyeCUyMiUzQTAuNDgwNTcxNjUwOTQ1MDgzOSUyQyUyMnclMjIlM0ExNjAwJTJDJTIyaCUyMiUzQTEyMDAlMkMlMjJqJTIyJTNBMTIwMCUyQyUyMmUlMjIlM0ExNjAwJTJDJTIybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGd3d3Lml2aXNhLmNvbSUyRnVnYW5kYSUyRmFwcGx5LW5vdyUzRnBhcnRpYWxfb3JkZXIlM0RhY181YTJjNjI5ODE1OTk5MTNiZjU1YTM3ZTM3ZWVlMjMzZSUyNnV0bV9zb3VyY2UlM0RLbGF2aXlvJTI2dXRtX21lZGl1bSUzRGVtYWlsJTI2dXRtX2NhbXBhaWduJTNERkxfVHJhbnNhY3Rpb25hbF9QYXltZW50SXNzdWVfRU5fVFAyJTI1MjAlMjUyOFd5Zzl5QyUyNTI5JTI2dXRtX2lkJTNEVEtGVlI1JTI2dXRtX3Rlcm0lM0RUcnklMjUyMGFnYWluJTI2X2t4JTNEZXVoYTA3T19qcDBma0V0dnFmWkpsWjd0ZmhBTzUxWkhKS0EtbkJZTnBWbTMwVGhVODJ3dVpIU3luc0Jabzh6TS5ZOEtMVVYlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQS02MCUyQyUyMnElMjIlM0ElNUIlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMmRvbWFpbiUyMiUyQyUyMml2aXNhLmNvbSUyMiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIydmlzaXRvcl9pcCUyMiUyQ251bGwlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlMkMlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMnByb2R1Y3RfY291bnRyeSUyMiUyQyUyMlVHJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJuYXRpb25hbGl0eSUyMiUyQ251bGwlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlMkMlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMnByb2R1Y3RfaWQlMjIlMkMxMDEzNiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIycHJvZHVjdF9uYW1lJTIyJTJDJTIyVWdhbmRhJTIwVG91cmlzdCUyMGVWaXNhJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJwcm9kdWN0X2NsYXNzaWZpY2F0aW9uJTIyJTJDJTIydmlzYSUyMiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIydHJhdmVsX2RvY19jbGFzc2lmaWNhdGlvbiUyMiUyQyUyMmV2aXNhJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJwYWdlX3R5cGUlMjIlMkMlMjJhcHBsaWNhdGlvbl9wYWdlJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJibG9nX3BhZ2VfaWQlMjIlMkNudWxsJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjJ1c2VyX2lkJTIyJTJDbnVsbCUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCU1RCU3RA==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1a85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 088ad7ddae2b5453dc21619fddbdd530568f58ea2ef0461236c56735fbb6cf90

Request headers

Referer: https://www.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_campaign=FL_Transactional_PaymentIssue_EN_TP2%20%28Wyg9yC%29&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 14 Nov 2023 07:02:58 GMT
content-encoding: gzip
server: cloudflare
access-control-max-age: 600
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://www.ivisa.com
content-type: application/json
access-control-allow-credentials: true
cf-ray: 825d6458b8c48fc8-FRA
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control

GET
H2 200 593501756.js Show response
container.pepperjam.com/ 10 KB
10 KB 141ms
8ms Script
application/x-javascript 18.66.112.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://container.pepperjam.com/593501756.js
Requested by: Host: www.ivisa.com
URL: https://www.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_campaign=FL_Transactional_PaymentIssue_EN_TP2%20%28Wyg9yC%29&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-72.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c9d6301679bae2a9059b0a86372b9af314861c66b329eccf1104e56682fa3d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: h4aJw7ukE5DWpkAu2HD52bcbTd4moVIF
date: Tue, 14 Nov 2023 07:01:53 GMT
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
last-modified: Mon, 17 Aug 2020 18:05:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 91
etag: "697ca6fdb3d973fcb3279c997f93b63d"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=900
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 9927
x-amz-cf-id: J073E_yL_zDlDJcyWhrCrdzFiwF0241So9PSCD12hQsy2I3RmxW46g==

GET
H2 200 / Show response
customs.affilired.com/track/ 26 KB
8 KB 339ms
281ms Script
text/javascript 18.245.86.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://customs.affilired.com/track/?merchant=4843
Requested by: Host: www.ivisa.com
URL: https://www.ivisa.com/uganda/apply-now?partial_order=ac_5a2c62981599913bf55a37e37eee233e&utm_source=Klaviyo&utm_medium=email&utm_campaign=FL_Transactional_PaymentIssue_EN_TP2%20%28Wyg9yC%29&utm_id=TKFVR5&utm_term=Try%20again&_kx=euha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-84.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: b636385f94710f7d3d9748df3b47a788fdce95e58958093f8f4d9e6ed0a2cf78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Tue, 21 Nov 2023 07:02:21 GMT
date: Tue, 14 Nov 2023 07:02:59 GMT
content-encoding: gzip
via: 1.1 18fab39b23fb6b3013058d6df5faf0bc.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P6
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="IVA SAM IND NON COR"
content-type: text/javascript; charset=utf-8
cache-control: max-age=604800
alt-svc: h3=":443"; ma=86400
content-length: 7322
x-amz-cf-id: M5w6N42zZ4w1rRE2t1HoSZYxS_v_qrSI9tzKDNsWV5eD3JxEhsEt1g==
jb-x-cache: HIT

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame 7893 442 B
1 KB 431ms
430ms Fetch
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql?disableSetCookie=true

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0018fb1d0668d07c30f04cba8ee8d39a8257ec21a3f7e9ded3f78cf613ba2923

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-7FbyoLNNrYwP9SYnhLdfobQnfR6A4/tl0pP1IvjMLclkJgUg' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
disable-set-cookie: true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-7FbyoLNNrYwP9SYnhLdfobQnfR6A4/tl0pP1IvjMLclkJgUg' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 14 Nov 2023 07:02:59 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f15276089e5e1
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230064-FRA, cache-fra-eddf8230064-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f15276089e5e1-5445d218c334431e-01
x-timer: S1699945379.954942,VS0,VE424
etag: W/"1ba-YeKWSjZ3IOAPpCjh/QuJKD6j8bg"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 0, 0

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 185ms
185ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql?disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,disable-set-cookie
Access-Control-Request-Method: POST
Origin: https://www.paypalobjects.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type,disable-set-cookie
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Tue, 14 Nov 2023 07:02:58 GMT
dc: ccg11-origin-www-1.paypal.com
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
paypal-debug-id: f1527609fc275
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f1527609fc275-8df7a29a12701591-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-served-by: cache-fra-eddf8230022-FRA, cache-fra-eddf8230022-FRA
x-timer: S1699945379.768970,VS0,VE177

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame E763 290 KB
79 KB 14ms
13ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?components=buttons&currency=USD&intent=capture&client-id=ARi4We2bbfu4ug2ZaIUZZK0_mAh1hjW4m7j3VNRIO7p7Y0qe8Kg51Aloz4jewpCREp0dPW1D6YaGdEsk

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&sdkVersion=5.0.409&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMmY3VycmVuY3k9VVNEJmludGVudD1jYXB0dXJlJmNsaWVudC1pZD1BUmk0V2UyYmJmdTR1ZzJaYUlVWlpLMF9tQWgxaGpXNG03ajNWTlJJTzdwN1kwcWU4S2c1MUFsb3o0amV3cENSRXAwZFBXMUQ2WWFHZEVzayIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX3VxbXF6eHdjZGhnd3ZiaWlza3p6eGxkeGdrZHh4ciJ9fQ&clientID=ARi4We2bbfu4ug2ZaIUZZK0_mAh1hjW4m7j3VNRIO7p7Y0qe8Kg51Aloz4jewpCREp0dPW1D6YaGdEsk&sdkCorrelationID=06b475109a5a9&storageID=uid_4985a84864_mdc6mdi6ntg&sessionID=uid_64487811a9_mdc6mdi6ntg&buttonSessionID=uid_2bd1edd2e8_mdc6mdi6ntg&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOnRydWV9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjp0cnVlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a90b74b4ebbe05de080bb7b10eef3df0535d37bb1d6fbaa00ee04bfcd80c560d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-4tHvQLFgM5WqYioaJEAULbs8O3H62UbilkXmW1ANJ0eWWxgt' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-4tHvQLFgM5WqYioaJEAULbs8O3H62UbilkXmW1ANJ0eWWxgt' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&sdkVersion=5.0.409&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMmY3VycmVuY3k9VVNEJmludGVudD1jYXB0dXJlJmNsaWVudC1pZD1BUmk0V2UyYmJmdTR1ZzJaYUlVWlpLMF9tQWgxaGpXNG03ajNWTlJJTzdwN1kwcWU4S2c1MUFsb3o0amV3cENSRXAwZFBXMUQ2WWFHZEVzayIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX3VxbXF6eHdjZGhnd3ZiaWlza3p6eGxkeGdrZHh4ciJ9fQ&clientID=ARi4We2bbfu4ug2ZaIUZZK0_mAh1hjW4m7j3VNRIO7p7Y0qe8Kg51Aloz4jewpCREp0dPW1D6YaGdEsk&sdkCorrelationID=06b475109a5a9&storageID=uid_4985a84864_mdc6mdi6ntg&sessionID=uid_64487811a9_mdc6mdi6ntg&buttonSessionID=uid_2bd1edd2e8_mdc6mdi6ntg&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOnRydWV9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjp0cnVlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-4tHvQLFgM5WqYioaJEAULbs8O3H62UbilkXmW1ANJ0eWWxgt' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-4tHvQLFgM5WqYioaJEAULbs8O3H62UbilkXmW1ANJ0eWWxgt' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
disable-set-cookie: true
via: 1.1 varnish, 1.1 varnish
date: Tue, 14 Nov 2023 07:02:58 GMT
age: 10742
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT, MISS
p3p: true
paypal-debug-id: f305301812cc8
server-timing: "traceparent;desc="00-0000000000000000000f305301812cc8-ca928b86517dc929-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 79304
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230064-FRA, cache-fra-eddf8230064-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f305301812cc8-2fca5db0e08e2c04-01
x-timer: S1699945379.832633,VS0,VE6
etag: W/"135c8-X7E23H5ZUMFIC8VNAJpl+cv7wR0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 2, 0

GET
DATA 200
OK truncated
/ Frame E763 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 0 Show response
r.stripe.com/ Frame D3C2 0
273 B 176ms
176ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a4abbc3be830c05aef34559e51ded131.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 14 Nov 2023 07:02:58 GMT
x-stripe-server-envoy-start-time-us: 1699945378921995
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699945378921747
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D3C2 0
273 B 177ms
176ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a4abbc3be830c05aef34559e51ded131.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 14 Nov 2023 07:02:58 GMT
x-stripe-server-envoy-start-time-us: 1699945378923551
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699945378922926
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D3C2 0
273 B 176ms
175ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a4abbc3be830c05aef34559e51ded131.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 14 Nov 2023 07:02:58 GMT
x-stripe-server-envoy-start-time-us: 1699945378929397
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699945378929249
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D3C2 0
273 B 180ms
179ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a4abbc3be830c05aef34559e51ded131.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 14 Nov 2023 07:02:58 GMT
x-stripe-server-envoy-start-time-us: 1699945378932085
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699945378931472
access-control-allow-credentials: true
content-length: 0

GET
H2 200 btp.js Show response
www.rtb123.com/tags/c1d55699-ae5d-bdca-85de-e606194db528/ 7 B
229 B 368ms
116ms Script
application/javascript 67.225.220.126
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rtb123.com/tags/c1d55699-ae5d-bdca-85de-e606194db528/btp.js
Requested by: Host: container.pepperjam.com
URL: https://container.pepperjam.com/593501756.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.225.220.126 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.rtb123.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 76fb66f147ef61948f90316de4fcc0f63ae6c6ff98f94b71ef34931008ff07de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Tue, 14 Nov 2023 07:02:58 GMT
content-encoding: gzip
last-modified: Fri, 08 Mar 2019 15:29:33 GMT
server: Microsoft-IIS/10.0
etag: "ee2cbbc3d5d41:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 30

GET
H2 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.I4tlhdcaBEM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5ynhXe... Frame 891A 73 KB
27 KB 56ms
51ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.I4tlhdcaBEM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5ynhXeM-tFw.L.B1.O/am=EIYY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgWXyv7g8_quWscHcibprqbkXqfMA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.I4tlhdcaBEM.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfri_68ml-L0Mgq1cNSNAUk_BVoikww/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

356b731ebed13ee262a0cf8725b0c0ee46139fd529638019603bddfa760e8d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:47:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27321
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 09:02:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Nov 2024 18:47:55 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 891A 1 MB
374 KB 54ms
53ms XHR
text/html 2a00:1450:4010:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4010:c09::5c , Finland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

366353ffa144e4653493ea6b880275153514ba01eb673c6703b6d97c41e0b0ca

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-1msCwT3Bd5Vsxd4rBOsopg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 07:02:59 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-1msCwT3Bd5Vsxd4rBOsopg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Tue, 14 Nov 2023 07:02:59 GMT

GET
H2 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.I4tlhdcaBEM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5ynhXe... Frame 891A 9 KB
4 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.I4tlhdcaBEM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5ynhXeM-tFw.L.B1.O/am=EIYY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgWXyv7g8_quWscHcibprqbkXqfMA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddc5dccc18c6ca2ffbd2e51637a33f111a8e882abe5679c787753f7f6ba9cc34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:47:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3727
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 09:02:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Nov 2024 18:47:55 GMT

GET
H2 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.I4tlhdcaBEM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5ynhXe... Frame 891A 37 KB
14 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.I4tlhdcaBEM.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5ynhXeM-tFw.L.B1.O/am=EIYY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrgWXyv7g8_quWscHcibprqbkXqfMA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

035a5440b3b72fe82c1ec7b12820554abaec41998561f8333511bcae5f596746

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 18:47:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14126
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 09:02:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Nov 2024 18:47:55 GMT

POST
H3 200 log Show response
play.google.com/ Frame 891A 131 B
155 B 217ms
101ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 14 Nov 2023 07:02:59 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 Nov 2023 07:02:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 176ms
58ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 14 Nov 2023 07:02:59 GMT
expires: Tue, 14 Nov 2023 07:02:59 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 891A 131 B
155 B 214ms
100ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 14 Nov 2023 07:02:59 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 Nov 2023 07:02:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 176ms
60ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 14 Nov 2023 07:02:59 GMT
expires: Tue, 14 Nov 2023 07:02:59 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 891A 131 B
155 B 206ms
95ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 14 Nov 2023 07:02:59 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 Nov 2023 07:02:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 178ms
64ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 14 Nov 2023 07:02:59 GMT
expires: Tue, 14 Nov 2023 07:02:59 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 891A 131 B
155 B 202ms
96ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 14 Nov 2023 07:02:59 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 Nov 2023 07:02:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 179ms
68ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 14 Nov 2023 07:02:59 GMT
expires: Tue, 14 Nov 2023 07:02:59 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 891A 131 B
155 B 213ms
100ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 14 Nov 2023 07:02:59 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 Nov 2023 07:02:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 170ms
60ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 14 Nov 2023 07:02:59 GMT
expires: Tue, 14 Nov 2023 07:02:59 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 891A 131 B
155 B 206ms
99ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 14 Nov 2023 07:02:59 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 Nov 2023 07:02:59 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 174ms
68ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 14 Nov 2023 07:02:59 GMT
expires: Tue, 14 Nov 2023 07:02:59 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D3C2 0
273 B 178ms
178ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a4abbc3be830c05aef34559e51ded131.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 14 Nov 2023 07:02:59 GMT
x-stripe-server-envoy-start-time-us: 1699945379122525
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699945379121930
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D3C2 0
273 B 179ms
178ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a4abbc3be830c05aef34559e51ded131.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 14 Nov 2023 07:02:59 GMT
x-stripe-server-envoy-start-time-us: 1699945379122842
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699945379122230
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D3C2 0
273 B 178ms
178ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a4abbc3be830c05aef34559e51ded131.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 14 Nov 2023 07:02:59 GMT
x-stripe-server-envoy-start-time-us: 1699945379127443
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1699945379126797
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D3C2 0
273 B 177ms
177ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a4abbc3be830c05aef34559e51ded131.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 14 Nov 2023 07:02:59 GMT
x-stripe-server-envoy-start-time-us: 1699945379127757
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699945379127446
access-control-allow-credentials: true
content-length: 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame E763 1022 B
1 KB 188ms
188ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

db9278e16f973bdccaf0e3f499e02dc9d33ca5d830082cdfbf2f9e5d3d6187be

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&sdkVersion=5.0.409&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMmY3VycmVuY3k9VVNEJmludGVudD1jYXB0dXJlJmNsaWVudC1pZD1BUmk0V2UyYmJmdTR1ZzJaYUlVWlpLMF9tQWgxaGpXNG03ajNWTlJJTzdwN1kwcWU4S2c1MUFsb3o0amV3cENSRXAwZFBXMUQ2WWFHZEVzayIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX3VxbXF6eHdjZGhnd3ZiaWlza3p6eGxkeGdrZHh4ciJ9fQ&clientID=ARi4We2bbfu4ug2ZaIUZZK0_mAh1hjW4m7j3VNRIO7p7Y0qe8Kg51Aloz4jewpCREp0dPW1D6YaGdEsk&sdkCorrelationID=06b475109a5a9&storageID=uid_4985a84864_mdc6mdi6ntg&sessionID=uid_64487811a9_mdc6mdi6ntg&buttonSessionID=uid_2bd1edd2e8_mdc6mdi6ntg&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOnRydWV9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjp0cnVlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
content-type: application/json

Response headers

date: Tue, 14 Nov 2023 07:02:59 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f1527609efea3
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-eddf8230064-FRA, cache-fra-eddf8230064-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f1527609efea3-c7fb4d39cb55c0c6-01
x-timer: S1699945379.048519,VS0,VE180
etag: W/"3fe-S15M0MmDgW/64Uz9P/XeyjSyNZY"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

POST
H2 200 0 Show response
r.stripe.com/ Frame D3C2 0
273 B 176ms
176ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a4abbc3be830c05aef34559e51ded131.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: blue
date: Tue, 14 Nov 2023 07:02:59 GMT
x-stripe-server-envoy-start-time-us: 1699945379131146
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1699945379130968
access-control-allow-credentials: true
content-length: 0

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame E763 1022 B
1 KB 231ms
231ms Ping
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger?disableSetCookie=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f406c8b8e51f81d97822d09a88d35aa18cbafebcf0272094920fbbb81fc01de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.label=paypal&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.height=40&style.menuPlacement=below&sdkVersion=5.0.409&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMmY3VycmVuY3k9VVNEJmludGVudD1jYXB0dXJlJmNsaWVudC1pZD1BUmk0V2UyYmJmdTR1ZzJaYUlVWlpLMF9tQWgxaGpXNG03ajNWTlJJTzdwN1kwcWU4S2c1MUFsb3o0amV3cENSRXAwZFBXMUQ2WWFHZEVzayIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX3VxbXF6eHdjZGhnd3ZiaWlza3p6eGxkeGdrZHh4ciJ9fQ&clientID=ARi4We2bbfu4ug2ZaIUZZK0_mAh1hjW4m7j3VNRIO7p7Y0qe8Kg51Aloz4jewpCREp0dPW1D6YaGdEsk&sdkCorrelationID=06b475109a5a9&storageID=uid_4985a84864_mdc6mdi6ntg&sessionID=uid_64487811a9_mdc6mdi6ntg&buttonSessionID=uid_2bd1edd2e8_mdc6mdi6ntg&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOnRydWV9LCJlcHMiOnsiZWxpZ2libGUiOmZhbHNlfSwic29mb3J0Ijp7ImVsaWdpYmxlIjp0cnVlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ3ZWNoYXRwYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwicGF5dSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJibGlrIjp7ImVsaWdpYmxlIjpmYWxzZX0sInRydXN0bHkiOnsiZWxpZ2libGUiOmZhbHNlfSwib3h4byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYWlkeSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true&disableSetCookie=true&experimentation.experience=107634&experimentation.treatment=135612
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 14 Nov 2023 07:02:59 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cache: MISS, MISS
paypal-debug-id: f152760693697
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-fra-eddf8230064-FRA, cache-fra-eddf8230064-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f152760693697-3ec8be7cd648b232-01
x-timer: S1699945379.053598,VS0,VE224
etag: W/"3fe-rGE4s/aD3731ZI4jekegb9ryle8"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 346-982f361f013c.js Show response
cdn.denomatic.com/drs/ 3 KB
1 KB 260ms
92ms Script
application/javascript 2600:9000:206f:b800:0:f8d:b880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.denomatic.com/drs/346-982f361f013c.js?rnd=20220224
Requested by: Host: customs.affilired.com
URL: https://customs.affilired.com/track/?merchant=4843
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:b800:0:f8d:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7049ce73765234128432f4c2ecf135644a15304dc3cb2460e921227c188fae8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 07:02:59 GMT
content-encoding: gzip
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
last-modified: Thu, 24 Feb 2022 14:56:56 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: "a6a-5d8c4cb1e8014-gzip"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: public, max-age=600, s-maxage=86400
accept-ranges: bytes
content-length: 804
x-amz-cf-id: R1Zf84EPtpACybvJrchxSMeoo8f3K_1gZk6jQMZUxsRCAFlKoCe87g==
jb-x-cache: HIT

POST
H2 200 6 Show response
m.stripe.com/ Frame EAA4 156 B
669 B 177ms
177ms XHR
application/json 54.201.135.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.201.135.255 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-201-135-255.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

890ae2b7ba453b16ece0ae2610c4da0ecd9a563522426b293db6aeff1b5746c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 14 Nov 2023 07:02:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699945379183650
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1699945379183334
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame EAA4 156 B
669 B 226ms
226ms XHR
application/json 54.201.135.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.201.135.255 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-201-135-255.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

890ae2b7ba453b16ece0ae2610c4da0ecd9a563522426b293db6aeff1b5746c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 14 Nov 2023 07:02:59 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1699945379233594
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1699945379233244
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2

200

activityi;dc_pre=CMn07YP2woIDFULAOwIdytgCnw;src=11653119;type=visit0;cat=visit0;u1=visitor;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=13948329250249.281 Show response
11653119.fls.doubleclick.net/ Frame 163E
Redirect Chain

https://11653119.fls.doubleclick.net/activityi;src=11653119;type=visit0;cat=visit0;u1=visitor;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=13948329250249.281?
https://11653119.fls.doubleclick.net/activityi;dc_pre=CMn07YP2woIDFULAOwIdytgCnw;src=11653119;type=visit0;cat=visit0;u1=visitor;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=13...

510 B
440 B

73ms
72ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11653119.fls.doubleclick.net/activityi;dc_pre=CMn07YP2woIDFULAOwIdytgCnw;src=11653119;type=visit0;cat=visit0;u1=visitor;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=13948329250249.281?

Requested by

Host: cdn.denomatic.com
URL: https://cdn.denomatic.com/drs/346-982f361f013c.js?rnd=20220224

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

fa4d6f19955f8c28b895d9bc9f61c8fd387cea8789d4e9d0c877e6670ef9048a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ivisa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 264
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 07:02:59 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 07:02:59 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11653119.fls.doubleclick.net/activityi;dc_pre=CMn07YP2woIDFULAOwIdytgCnw;src=11653119;type=visit0;cat=visit0;u1=visitor;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=13948329250249.281?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ts
t.paypal.com/ 42 B
212 B 157ms
156ms Image
image/gif 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A4CCTC8GNBPMY2-1&page=muse%3Aoffer%3A%3A%3A4CCTC8GNBPMY2-1%3A%3AvisitorInfo%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=fee59d72-f579-4b3f-ace5-567001e69fd1&es=visitorInfo&cust=identified&mrid=4CCTC8GNBPMY2&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Apply%20Now%20for%20Uganda%20Travel%20Documents%20%7C%20iVisa&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&unsc=6&identifier_used=DFP&e=im&t=1699945379386&g=-60&completeurl=https%3A%2F%2Fwww.ivisa.com%2Fuganda%2Fapply-now%3Fpartial_order%3Dac_5a2c62981599913bf55a37e37eee233e%26utm_source%3DKlaviyo%26utm_medium%3Demail%26utm_campaign%3DFL_Transactional_PaymentIssue_EN_TP2%2520%2528Wyg9yC%2529%26utm_id%3DTKFVR5%26utm_term%3DTry%2520again%26_kx%3Deuha07O_jp0fkEtvqfZJlZ7tfhAO51ZHJKA-nBYNpVm30ThU82wuZHSynsBZo8zM.Y8KLUV&disableSetCookie=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 14 Nov 2023 07:02:59 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: c31629690970a
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230079-FRA
pragma: no-cache
correlation-id: c31629690970a
traceparent: 00-0000000000000000000c31629690970a-633f85b668ba68f7-01
x-timer: S1699945379.390105,VS0,VE150
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 07:02:59 GMT

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CMn07YP2woIDFULAOwIdytgCnw;src=11653119;type=visit0;cat=visit0;u1=visitor;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=13948329250249.281... Frame DBD0 509 B
640 B 231ms
93ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CMn07YP2woIDFULAOwIdytgCnw;src=11653119;type=visit0;cat=visit0;u1=visitor;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=13948329250249.281;~oref=https://www.ivisa.com/

Requested by

Host: 11653119.fls.doubleclick.net
URL: https://11653119.fls.doubleclick.net/activityi;dc_pre=CMn07YP2woIDFULAOwIdytgCnw;src=11653119;type=visit0;cat=visit0;u1=visitor;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=13948329250249.281?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fced8e1c63071cb0ce63848e6dd075793624ec88b17e424d59bb1fffd7fcac8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11653119.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 265
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 07:02:59 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CMn07YP2woIDFULAOwIdytgCnw;src=11653119;type=visit0;cat=visit0;u1=visitor;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=13948329250249.281;... Frame 14F0 194 B
515 B 246ms
89ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CMn07YP2woIDFULAOwIdytgCnw;src=11653119;type=visit0;cat=visit0;u1=visitor;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=13948329250249.281;~oref=https://www.ivisa.com/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CMn07YP2woIDFULAOwIdytgCnw;src=11653119;type=visit0;cat=visit0;u1=visitor;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=13948329250249.281;~oref=https://www.ivisa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Nov 2023 07:03:00 GMT
expires: Tue, 14 Nov 2023 07:03:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js Show response
js.stripe.com/v3/fingerprinted/js/ 295 B
366 B 13ms
11ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ivisa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 14 Nov 2023 07:03:03 GMT
via: 1.1 varnish
age: 606115
x-cache: HIT
content-length: 209
x-request-id: 753f6167-e809-4d9b-89d5-848754f9eb62
x-served-by: cache-fra-eddf8230134-FRA
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
etag: "477956b204dfd45e10334fc060914d4b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1675

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ivisa.com/	1969-12-31 23:59:59	Name: cohort Value: b
.ivisa.com/	1970-01-20 16:12:26	Name: _conv_s Value: si%3A1sh%3A1699945375628-0.0679116000512261pv%3A1
.ivisa.com/	1970-01-20 20:31:37	Name: _conv_r Value: s%3Aklaviyom%3Aemailt%3Atry%20again*c%3Afl_transactional_paymentissue_
.ivisa.com/	1970-01-20 16:12:27	Name: google-analytics_v4_bbe7__ga4sid Value: 138715388
.ivisa.com/	1970-01-21 01:48:25	Name: google-analytics_v4_bbe7__session_counter Value: 1
.ivisa.com/	1970-01-21 01:48:25	Name: google-analytics_v4_bbe7__ga4 Value: b495956a-287f-40e8-bfa8-d8cab5cca815
.ivisa.com/	1970-01-21 01:48:25	Name: google-analytics_v4_bbe7___z_ga_audiences Value: b495956a-287f-40e8-bfa8-d8cab5cca815
.ivisa.com/	1970-01-21 01:48:25	Name: facebook-pixel_50e8__fb-pixel Value: fb.2.1699945375610.1360534536
.ivisa.com/	1970-01-21 01:48:25	Name: egtt Value: f818eyJpdiI6IlM0enBoK1FkRmRzL0tYWW90RTdOa1E9PSIsInZhbHVlIjoiTHM5SHpYb1M5b1NGcUd1R2NwQTBVemhnMDNjQTdZYklZSzdpT0ZwWlYrV3QxRnhQb1dzQ3ErQTJmdmNtRHRDZzk4UFErMmxjeWo3cVhZZHBtZVFHN1E9PSIsIm1hYyI6IjFlYTEyYWQ0ZDBjYTg3YTEzZTIyY2IzYzg2MGY3Mjc1YzdiNTcyODNkMTU3YTg1NTQ1M2Q2ZWZmZDJlNTQzNWUiLCJ0YWciOiIifQ%3D%3D
.ivisa.com/	1970-01-21 01:48:25	Name: ceui Value: f818eyJpdiI6InZHdzlMb3owb2RiMitjZ1p1TUpnaXc9PSIsInZhbHVlIjoiVjE5NkhhYkJRVmwrM3VOY0YzY1BlTDVFblZCMUZnOWNVZUdLL2dPTHhWZ200Z0wvdFVmNVd1dUMzKzBvT2NBT25rS3d5dmFXaHg1QUtuNGo0R0o4dWxCd1Y1SjVqSkoyRGZjckxacE9NSW94WGRpWHpKNnRDODJpd3JxRkc2R0w5RTRLa1paRjlvWnZGSHlQK0c0SGdUZTNTck9Qd09GdjBkUU9GZVl5eGtyeVVLVUI4M0VVRCs4OWM3aUt3bjg5VlBuSDAvV2hRUG02R3RURXJYY2xxcU85VjQwMHpSUkcxSXVsUFY3L3RXdz0iLCJtYWMiOiI2MDdjMDQyOGQ1MWMxYTgwNzg3ZjllY2ExYjgzMzUyYWVjMTE3Mzk4NWZiNjFmMTBiNzRiOTk2ZjI3NTc1MGIxIiwidGFnIjoiIn0%3D
.ivisa.com/	1970-01-21 01:48:25	Name: ceul Value: f818eyJpdiI6Imp2dUo0Q3UyZm9FSUJrL3FXVU5CRlE9PSIsInZhbHVlIjoibFJwZWRuS2ZydmNkWXcwZHd1WXp4VUx4VE5SSmRVK284ME5BSC9FV3VxdE9vWGpkMlBPczIyQ2ZOZGZEbUZlUFY3endGS2hWcTNzbThKbDg5R2VLcWd2R09xdW9SRWdsWjZYQmgzMFg5eXRMZGRYdU1nR0c4TzFZYzhKV2lKL05mT3hWVnFteXVYZ01qbU51MTBDaGRsWlRseldpTWhxeU9Eb2xDL2FsLy9QWndxZDVOUnZ1NThWak8vYlRjSVJqZ3owb3AwRURDSjluS1RQNEszSm5yQnlaMkxTN3dHOHBSMXFWMk9uWnFZOD0iLCJtYWMiOiJmNjhkY2RkZGMxYjg2MzRhMDE3ZTg2OTE5MWM1M2VkYmZjMzNlYmNkZWI1YzNjMDA3ZGI3ODlhZmIyZWRkYWY1IiwidGFnIjoiIn0%3D
www.ivisa.com/	1970-01-21 00:58:01	Name: clientside-cookie Value: 852ba0d7f4a48b702f767fe0ea3d9f12ea1abf38bdf2711ed73190523c2d3739258fc18ccf9adfcc2208a9446aa51930b626fa3ab680b09687269241f20bd2fb9a504140fa1a7bcde3434a03fef06aaf8b0ede67496fad20e259b81a324342fc5913f3d6fd0c9d96ef470f50e1eb6e67cff3bc6c0995a08664b938103b18d79a0a6e23f7896ee1a2bf19b651551bcbbffc9ad2deb5aadf335e713d
.ivisa.com/	1970-01-21 01:48:25	Name: google-analytics_v4_bbe7__engagementStart Value: 1699945376953
.ivisa.com/	1970-01-21 01:48:25	Name: google-analytics_v4_bbe7__counter Value: 4
.ivisa.com/	1970-01-21 01:48:25	Name: google-analytics_v4_bbe7__let Value: 1699945376953
.ivisa.com/	1970-01-20 20:35:13	Name: _conv_v Value: vi%3A1sc%3A1cs%3A1699945376fs%3A1699945376pv%3A1*exp%3A%7B%7D
ssl.kaptcha.com/	1970-01-20 18:22:01	Name: k Value: e88299f3e14c46b2ab3053f2d3a5b093
.google.com/	1970-01-20 20:35:56	Name: NID Value: 511=LgBqC2MGoDq7JOB5CBGD03HY7gs0vE0TjRA7BpFr3WEhT1mH9NqJoV4qCinGj0Q_1ZDONcb05KxCi2YWY1i8FrBhj9SbeBSB-jQviluVuz8QECB4sdOi2XAJIe1VhsCrm-Hp1mXXGd4nAfeGdQ1vEHZX2NP3OGsNKSLlbXSNpLs
.paypal.com/	1970-01-20 16:16:44	Name: tsrce Value: smartcomponentnodeweb
.paypal.com/	1970-01-20 16:12:27	Name: l7_az Value: dcg16.slc
.paypal.com/	1970-01-21 01:48:25	Name: ts Value: vreXpYrS%3D1794639778%26vteXpYrS%3D1699947178%26vr%3Dcca3f25518b0aa301871ccb6ffd7fefb%26vt%3Dcca3f25518b0aa301871ccb6ffd7fefa%26vtyp%3Dnew
.paypal.com/	1970-01-21 01:48:25	Name: ts_c Value: vr%3Dcca3f25518b0aa301871ccb6ffd7fefb%26vt%3Dcca3f25518b0aa301871ccb6ffd7fefa
m.stripe.com/	1970-01-21 01:48:25	Name: m Value: d1880c38-29fe-47a9-8278-5e85d2aa3d93ee3d9b
.www.ivisa.com/	1970-01-21 00:58:01	Name: __stripe_mid Value: 9bef7bc2-a505-47d1-8975-8666496a20375829d6
.www.ivisa.com/	1970-01-20 16:12:27	Name: __stripe_sid Value: c53f3a3b-8bf5-4a0e-af04-3d2312a0606f2681bc
.doubleclick.net/	1970-01-20 16:12:26	Name: test_cookie Value: CheckForPermission

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11653119.fls.doubleclick.net
adservice.google.com
adservice.google.de
assets.braintreegateway.com
cdn-4.convertexperiments.com
cdn.denomatic.com
checkout.paypal.com
client-analytics.braintreegateway.com
container.pepperjam.com
core.spreedly.com
customs.affilired.com
d16zz69zs6o3lx.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
m.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
pay.google.com
payments.braintree-api.com
play.google.com
q.stripe.com
r.stripe.com
sdk.amazonaws.com
ssl.kaptcha.com
stats.g.doubleclick.net
t.paypal.com
trk.klclick.com
www.google.com
www.gstatic.com
www.ivisa.com
www.paypal.com
www.paypalobjects.com
www.rtb123.com
13.248.139.42
142.250.186.166
143.204.98.95
151.101.0.176
151.101.129.35
151.101.130.182
151.101.193.21
18.245.86.84
18.66.112.72
192.229.221.25
2600:9000:206f:b800:0:f8d:b880:93a1
2600:9000:211e:2800:a:e993:9140:21
2600:9000:223c:d200:14:c8fd:7700:93a1
2606:4700::6812:1a85
2a00:1450:4001:80b::2004
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2003
2a00:1450:4001:827::200a
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c1f::9b
2a00:1450:4010:c09::5c
2a02:26f0:7100:993::14a9
3.66.115.140
34.252.74.21
35.81.31.24
54.186.23.98
54.201.135.255
67.225.220.126
0018fb1d0668d07c30f04cba8ee8d39a8257ec21a3f7e9ded3f78cf613ba2923
035a5440b3b72fe82c1ec7b12820554abaec41998561f8333511bcae5f596746
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
088ad7ddae2b5453dc21619fddbdd530568f58ea2ef0461236c56735fbb6cf90
08b4cbb4f42e7d7141285e660e85588438ae55bb7666f523e1d45c909b2538dc
0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849
0fe19bf27667e50de4fcda374b966a0ce1001ea42c7dd0077eb3de21c081f517
1431e6de5a0cacd4b4900a569f718b5784a1f3db13b72dfbbfebe495093b7428
168d61b53db7778ef090e71ed529a794c29e7d35de306f5f6e083701ad532339
18d1385bf82d2814a45b3b745804f304507f7fb7a08c27e12976f90c54f5ba10
20029e526c0674dd1f99d02142bbf324bd8ee217ca43705fa6fe1a64bd90ee0c
22b8978e8c27efdc86d8d9a59c991bb76ec26f283b0bc3ce76f33fd5f9e40475
23ace3d006f2b5cfff04a38e801bada688f3db274457ae3eb9c89373b90de41a
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
2be51e0488c0258a1327e6d5e794d38f3dd9e37faa72c7cc97ea0e620d278b63
2cd5192ff8b020b1b320397711a8d5fb40be5e2954fff09a707e092713b7fc03
33925d175b43f7cd918fa64fea74d446e2fcbaa5b8227489fed14b9cff755056
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
354919de0e24469270a4546aae5d75d416e6f646973afab5b6f0430198a839ab
3569b88886c1311ea0fae90963e606c7624d1299d960ee5dc7567237f05985f4
356b731ebed13ee262a0cf8725b0c0ee46139fd529638019603bddfa760e8d60
366353ffa144e4653493ea6b880275153514ba01eb673c6703b6d97c41e0b0ca
3d21471bf6af908783b35b38b26ca55a6da0cac5690425c4e87caf1eee7b29c3
3f6c35e12fe2479e56472ff6fe94a821f97d1e1a02325fa09d6f7569a44dbc43
434cfb74ddbd505cbcf99cbc2bd26ffc95c664c3f72233be142d10e8aeac2bf0
4c7b6e8c81d7c4967975aebfd3e4379897440325f598471af30355b395a47b5c
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
57c64bc149099ca8df51175396525930dfa7baeb8d25c51f98bca0434698e847
5bc8d94fcc152481cd99c3c1644dfaf29d6daa190fe7fc26e28edefce0203fde
5c3a7a26e20662981b11aa3b0b7b850e5313ee542eb3d53626aa51f6b071e7a7
5ca272b5c51f5790821b50ebfb5f2868f20230a839431baf92f45bfff38861ea
626fb9152e15a8d1c059e9f75da743ed90d86b2d13c02a86eb3223d78b449bcd
653095bfafeac8eb7ccc598530897d9c9a654ddaba15d44926df6f85814cd710
6b8dc2445ef5d2b35bf7c93ece8ce74eb9146cb870878b2d4a7cb73779a5a5e3
6c9d6301679bae2a9059b0a86372b9af314861c66b329eccf1104e56682fa3d8
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6f8504ae4200ba0908bfce4e389236b6d84419eae3a21be48c2ff6417c55e1f5
7049ce73765234128432f4c2ecf135644a15304dc3cb2460e921227c188fae8d
71056f529020ebf2d0953b63d5710d07ce0c3c1e38a88ea7054a75f05d8c8ba7
7247ab83a30fbd92bf8425aca87dbb9f3f44c1b7facc6f7fd80df157ea6b5e03
76fb66f147ef61948f90316de4fcc0f63ae6c6ff98f94b71ef34931008ff07de
779575557612a1b531e5b2abd2621b5f316a880f221f3bdaea35cc1881020c46
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
81b3cfec8709a5844f547eae1fc0966ca4db5ec5c762a371b31954967cbda57b
87559507214465beb4e9ac776b011ef9abb7534e77852f25f1e571e9a318a1de
890ae2b7ba453b16ece0ae2610c4da0ecd9a563522426b293db6aeff1b5746c1
8eecf82c23c9c9de419fd65c7d605fd37ec4eee4b2350ba8eb0ebbcec332a74d
91bcdf6b87499d9cab4a7e0419ba7a95c7409298ebbd9ed0c620c2c01da34665
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
95e5255bb50833034ebf678147c136ab3669cf6ec365b466cb51c6aad335a96c
98a4ef8a8b28b618d04c546de814e719438bf5e9b859d40e6d55b61b5d2b876d
9efe681c9855077a32a8568d5c8267067987975be3aa1a9bfa476515ef86f4aa
a90b74b4ebbe05de080bb7b10eef3df0535d37bb1d6fbaa00ee04bfcd80c560d
acd4efd25afef0314124024bb72b7125d7212b47af148e7f2e6f3287df6226ae
af536264885338145660c5258f8c87b72d8d710d3545af9c1debb7376ca0442e
af7fbbfa42f4b57b0b4e830cbffff2abca31596ab8ddbf387d37367fa0857c86
b2209d10caced1fe6143b2b7a6c2643dfc4ed445fb804b4abfc8e55c5539e945
b2f9d40677eaea428eb387e6eddf9d171187e9a7a6fc23865fea6652a11f9a5e
b636385f94710f7d3d9748df3b47a788fdce95e58958093f8f4d9e6ed0a2cf78
bf818fda6d572aefa65158fe10a2a7ccf3f932c1b28631045472a8ef65a59833
c170759160559738f4f1c49867b6c30aebc23847a6f9fe45f2e1b3d36bbbb226
c393154e5f00fd05f4e0d13f7fc62a4ca353cbc0d432a9604d0b924e96223158
c4f9ddd3c0010d30a8679cc7c9d23a703557f3171d73fd3bd0933ca6682fa991
c7405ea5937200d15fd145ea4db3f817d2526aa96516f13a0d6d82dea6319b94
c88f7c5938f923386c9046a71e44ed8d172bc549f8e2f724e6acc86da1f7dc74
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cfd13309e01a36007b7e3c538d1ef060437f42a3cf732302c1a9610ffb395727
d23a25944d9aeb4ff1207bf222363efc472521a709d63d26b86b57649a3ea7cc
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d700f6d0e37d23d95ae3365aa8b1ff2a2e3f31d87504dc276840dba7fe2ffba0
d7040c66276e587956cee7a9f5d3513c8ac721693df7f4b8a2ef3ca4523f8bd1
db64b270914998324648ceaead73944cc5ad44e145a322ee06358bf0da8d37ba
db9278e16f973bdccaf0e3f499e02dc9d33ca5d830082cdfbf2f9e5d3d6187be
dd8cd8c7dc16f30b6d6e738d78747ed2b2c151bebdbf9f5c12d23c5dd6ac4c82
ddc5dccc18c6ca2ffbd2e51637a33f111a8e882abe5679c787753f7f6ba9cc34
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e710394921d2c67287f930b48ac31546515bf6653c1246ab77ddbcd2c9359419
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f406c8b8e51f81d97822d09a88d35aa18cbafebcf0272094920fbbb81fc01de2
f5e6392eeee598c3482fbd6b64df49edfdcbe819a75b25077357153b19ff137b
f5f7b331cdba995ab78f1ca78e74559cb2c853815533412fc789909953a1058e
f9f74d79e18d073c1f8f27842b2c4b4b58145ff662c93eded82ff0e4b3a58db1
fa4d6f19955f8c28b895d9bc9f61c8fd387cea8789d4e9d0c877e6670ef9048a
fc42bb69e9975dc74d50c5bda8cb36384bcd0bc7f6b1a54991c6f2a92251df0e
fced8e1c63071cb0ce63848e6dd075793624ec88b17e424d59bb1fffd7fcac8f

www.ivisa.com Open in urlscan Pro 2606:4700::6812:1a85 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

176 Requests

100 %HTTPS

47 %IPv6

22 Domains

34 Subdomains

30 IPs

5 Countries

2617 kBTransfer

9785 kBSize

26 Cookies

16 Outgoing links

Page URL History

Redirected requests

176 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ivisa.com Open in urlscan Pro
2606:4700::6812:1a85 Public Scan

Screenshot
Live screenshot

Full Image

176
Requests

100 %
HTTPS

47 %
IPv6

22
Domains

34
Subdomains

30
IPs

5
Countries

2617 kB
Transfer

9785 kB
Size

26
Cookies

176 HTTP transactions
2 data transactions