bestamericanhealthed.com Open in urlscan Pro
2606:4700::6811:c849 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://r20.rs6.net/tn.jsp?f=001OAZZOpb5CQ030kJervPcLhsL0-ND3Ixq0AvPTtxLs5AnxuKoNPQ_EyVPjixVZUf7UuejzJUV6bK_muhNNOsu...
Effective URL:
https://bestamericanhealthed.com/programs
Submission Tags: falconsandbox
Submission: On July 07 via api (July 7th 2022, 3:54:51 pm UTC) from US — Scanned from DE

Summary HTTP 34 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 10 domains to perform 34 HTTP transactions. The main IP is 2606:4700::6811:c849, located in United States and belongs to CLOUDFLARENET, US. The main domain is bestamericanhealthed.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 10th 2022. Valid for: a year.

This is the only time bestamericanhealthed.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	208.75.122.11 208.75.122.11	40444 (ASN-CC) (ASN-CC)
5	2606:4700::68... 2606:4700::6811:c849	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	151.101.193.21 151.101.193.21	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	52.216.204.83 52.216.204.83	16509 (AMAZON-02) (AMAZON-02)
2	13.225.78.90 13.225.78.90	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:d054	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:440e::6812:2fe6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.65.35 151.101.65.35	54113 (FASTLY) (FASTLY)
1	54.158.254.182 54.158.254.182	14618 (AMAZON-AES) (AMAZON-AES)
6	151.101.193.35 151.101.193.35	54113 (FASTLY) (FASTLY)
1 2	64.4.245.84 64.4.245.84	17012 (PAYPAL) (PAYPAL)
34	14

1 208.75.122.11 (United States) 1 redirects

ASN40444 (ASN-CC, US)
PTR: rs6.net

r20.rs6.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:c849 (United States)

ASN13335 (CLOUDFLARENET, US)

bestamericanhealthed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.193.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.204.83 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

vp-digital-tower-etc.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-90.fra2.r.cloudfront.net

imageprocessor.digital.vistaprint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:d054 (United States)

ASN13335 (CLOUDFLARENET, US)

static.websimages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.158.254.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-254-182.compute-1.amazonaws.com

statscollector.digital.vistaprint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.193.35 (United States)

ASN54113 (FASTLY, US)

c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.245.84 (United States) 1 redirects

ASN17012 (PAYPAL, US)

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	paypal.com 1 redirects www.paypal.com — Cisco Umbrella Rank: 2229 t.paypal.com — Cisco Umbrella Rank: 3103 c.paypal.com — Cisco Umbrella Rank: 5726 b.stats.paypal.com — Cisco Umbrella Rank: 5095 dub.stats.paypal.com — Cisco Umbrella Rank: 20429 c6.paypal.com — Cisco Umbrella Rank: 6513	395 KB
5	bestamericanhealthed.com bestamericanhealthed.com	134 KB
3	gstatic.com fonts.gstatic.com	81 KB
3	vistaprint.com imageprocessor.digital.vistaprint.com — Cisco Umbrella Rank: 91386 statscollector.digital.vistaprint.com — Cisco Umbrella Rank: 97140	1 MB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	19 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1325	5 KB
1	websimages.com static.websimages.com — Cisco Umbrella Rank: 81960	1 KB
1	amazonaws.com vp-digital-tower-etc.s3.amazonaws.com — Cisco Umbrella Rank: 178244	11 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	1 KB
1	rs6.net 1 redirects r20.rs6.net — Cisco Umbrella Rank: 6207	359 B
34	10

	Domain	Requested by
10	www.paypal.com	bestamericanhealthed.com www.paypal.com cdnjs.cloudflare.com
5	c.paypal.com	www.paypal.com c.paypal.com
5	bestamericanhealthed.com	bestamericanhealthed.com cdnjs.cloudflare.com
3	fonts.gstatic.com	fonts.googleapis.com
2	imageprocessor.digital.vistaprint.com	bestamericanhealthed.com
1	c6.paypal.com
1	dub.stats.paypal.com	www.paypal.com
1	b.stats.paypal.com	1 redirects
1	statscollector.digital.vistaprint.com	bestamericanhealthed.com
1	t.paypal.com	bestamericanhealthed.com
1	cdnjs.cloudflare.com	bestamericanhealthed.com
1	static.cloudflareinsights.com	bestamericanhealthed.com
1	static.websimages.com	bestamericanhealthed.com
1	vp-digital-tower-etc.s3.amazonaws.com	bestamericanhealthed.com
1	fonts.googleapis.com	bestamericanhealthed.com
1	r20.rs6.net	1 redirects
34	16

This site contains links to these domains. Also see Links.

Domain
americancrisispreventionandmanagementassociation.com
www.cnabooksonline.com
dignitycollegeofhealthcare.skyprepapp.com
facebook.com
youtube.com

Subject Issuer	Validity	Valid
bestamericanhealthed.com Cloudflare Inc ECC CA-3	`2022-05-10` - `2023-05-10`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-04-12` - `2023-04-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh
imageprocessor.digital.vistaprint.com Amazon	`2022-04-11` - `2023-05-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-03-04` - `2022-11-23`	9 months	crt.sh
statscollector.digital.vistaprint.com Amazon	`2021-12-20` - `2023-01-17`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://bestamericanhealthed.com/programs
Frame ID: 8CF3E49D1492C9FF85B0E07F1AF58178
Requests: 21 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?sdkVersion=5.0.322&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpfaHZNVXBFQVAzbzB2SjRoZEFmTC02eFpqZzU3ZUp2SzVSeUZFNEI4ck5nMHFEQ2ZWcnFXemdFSkNOaEZrSWpacUJwVm42bl85U3FOY0gmbWVyY2hhbnQtaWQ9Y2hpam9obm53YW5rd28lNDB5YWhvby5jb20mY3VycmVuY3k9VVNEJmRpc2FibGUtZnVuZGluZz1iYW5jb250YWN0JTJDYmxpayUyQ2VwcyUyQ2dpcm9wYXklMkNpZGVhbCUyQ21lcmNhZG9wYWdvJTJDbXliYW5rJTJDcDI0JTJDc2VwYSUyQ3NvZm9ydCIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xwZnZ0cHl5cG5va3NpcWlzYWh0cmJqaGlvemJqeCJ9fQ&clientID=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&sdkCorrelationID=f918219112117&storageID=uid_6ac613a223_mtu6ntq6ndu&sessionID=uid_16be61ee1f_mtu6ntq6ndu&buttonSessionID=uid_f4dc59cf12_mtu6ntq6ndu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&merchantID.0=chijohnnwankwo%40yahoo.com&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Frame ID: 285371B9D7C16A0CC83D79AE444467D3
Requests: 7 HTTP requests in this frame

Frame: data://truncated
Frame ID: 38E359C4D41E60D96601E2ECA45B3E83
Requests: 2 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 8495E85A25DA41375AD22D2A2814CCD0
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_16be61ee1f_mtu6ntq6ndu&s=SMART_PAYMENT_BUTTONS
Frame ID: A20B3303B1B4EAA6903E8D258A210C59
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ProgramsChevronChevronChevronChevron

Page URL History Show full URLs

https://r20.rs6.net/tn.jsp?f=001OAZZOpb5CQ030kJervPcLhsL0-ND3Ixq0AvPTtxLs5AnxuKoNPQ_EyVPjixVZUf7... HTTP 302
https://bestamericanhealthed.com/programs Page URL

Detected technologies

Rollbar (Issue trackers) Expand

Overall confidence: 100%
Detected patterns

rollbar\.js/([0-9.]+)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

34
Requests

97 %
HTTPS

43 %
IPv6

10
Domains

16
Subdomains

14
IPs

2
Countries

2170 kB
Transfer

3501 kB
Size

10
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://americancrisispreventionandmanagementassociation.com/become-an-instructor/
Title: Management of Assaultive Behavior Instructor Workshop

Search URL Search Domain Scan URL

URL: http://www.cnabooksonline.com/
Title: www.cnabooksonline.com

Search URL Search Domain Scan URL

URL: https://dignitycollegeofhealthcare.skyprepapp.com/pay?user_type=regular&nologo=1&course_id=30805&payment_mode=paypal
Title: NIH Stroke Scale Certification (NIHSS)

Search URL Search Domain Scan URL

URL: https://facebook.com/BestAmericanHealthcareUniversity/

Search URL Search Domain Scan URL

URL: https://youtube.com/channel/UCSJ0_I7ZQuh7t_H8rfmsAdQ

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://r20.rs6.net/tn.jsp?f=001OAZZOpb5CQ030kJervPcLhsL0-ND3Ixq0AvPTtxLs5AnxuKoNPQ_EyVPjixVZUf7UuejzJUV6bK_muhNNOsunhf2-ycNOIlHBa2exMwtszPT7C7z_tAWKwcG94BDx2SbFp1UgrZcoujPwJBGgo9-BMI41ATi9x7az_4-OgltJ5s%3D&c=13X7wfpSbi8ukUyim6mcm2wWWOemdzhQpa4oPQGkqyg-ZLWYcfXjhg%3D%3D&ch=5wdfmeelxOCEPxiULr6v-FM_7uUkAATTM_d3UKHaq0fIHMqbyyooUA%3D%3D HTTP 302
https://bestamericanhealthed.com/programs Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://b.stats.paypal.com/v2/counter.cgi?p=uid_16be61ee1f_mtu6ntq6ndu&s=SMART_PAYMENT_BUTTONS HTTP 302
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_16be61ee1f_mtu6ntq6ndu&s=SMART_PAYMENT_BUTTONS

34 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request programs Show response
bestamericanhealthed.com/
Redirect Chain

https://r20.rs6.net/tn.jsp?f=001OAZZOpb5CQ030kJervPcLhsL0-ND3Ixq0AvPTtxLs5AnxuKoNPQ_EyVPjixVZUf7UuejzJUV6bK_muhNNOsunhf2-ycNOIlHBa2exMwtszPT7C7z_tAWKwcG94BDx2SbFp1UgrZcoujPwJBGgo9-BMI41ATi9x7az_4-O...
https://bestamericanhealthed.com/programs

119 KB
23 KB

1053ms
1001ms

Document
text/html

2606:4700::6811:c849
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bestamericanhealthed.com/programs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c849 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 842a8da330e74d524e2518ad840e8c5aba1b35154b4ccc466849cf3d3cc1ec86

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: https://developer.cimpress.io
cache-control: public, s-maxage=43200, max-age=60
cf-cache-status: MISS
cf-ray: 7271c2a48bc7bb9b-FRA
content-encoding: gzip
content-language: de_de
content-type: text/html; charset=utf-8
date: Thu, 07 Jul 2022 15:54:44 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

Redirect headers

Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate, no-cache="Set-Cookie"
Connection: close
Content-Length: 0
Content-Type: text/html;charset=ISO-8859-1
Date: Thu, 07 Jul 2022 15:54:43 GMT
Location: https://bestamericanhealthed.com/programs
P3P: CP="CAO DSP TAIa OUR NOR UNI"
Pragma: no-cache
Server: Apache

GET
H2 200 programs
bestamericanhealthed.com/.css/ 204 KB
32 KB 1239ms
1238ms Stylesheet
text/css 2606:4700::6811:c849
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bestamericanhealthed.com/.css/programs?cacheId=1657054764419
Requested by: Host: bestamericanhealthed.com
URL: https://bestamericanhealthed.com/programs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c849 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4260f98f17b3b5fa8a5d6e39cbe81d29efbffe9b833440dd6de134d7c64dbeeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bestamericanhealthed.com/programs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 7271c2aad826bb9b-FRA
date: Thu, 07 Jul 2022 15:54:45 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
server: cloudflare
etag: W/"32f20-jAk3Tl5vBJQbZvkn6Dji/8M62d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: de_de
access-control-allow-origin: https://developer.cimpress.io
cache-control: public, s-maxage=43200, max-age=60
content-type: text/css; charset=utf-8

GET
H2 200 programs Show response
bestamericanhealthed.com/.js/ 344 KB
79 KB 996ms
995ms Script
application/javascript 2606:4700::6811:c849
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bestamericanhealthed.com/.js/programs?cacheId=1657054764419&locale=de-DE
Requested by: Host: bestamericanhealthed.com
URL: https://bestamericanhealthed.com/programs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:c849 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e9a53b9d043e43f8f0854cb3dd30cb1efde93ada615c417b2ee0b28c01a69e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bestamericanhealthed.com/programs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 7271c2aad829bb9b-FRA
date: Thu, 07 Jul 2022 15:54:45 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
etag: W/"55f4b-8+5kZWWotkS69ettixblF9BLhRg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: de_de
access-control-allow-origin: https://developer.cimpress.io
cache-control: public, s-maxage=43200, max-age=60
content-type: application/javascript; charset=utf-8

GET
H2 200 js Show response
www.paypal.com/sdk/ 309 KB
94 KB 125ms
26ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&merchant-id=chijohnnwankwo%40yahoo.com&currency=USD&disable-funding=bancontact%2Cblik%2Ceps%2Cgiropay%2Cideal%2Cmercadopago%2Cmybank%2Cp24%2Csepa%2Csofort

Requested by

Host: bestamericanhealthed.com
URL: https://bestamericanhealthed.com/programs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fcdfcbb16e269dd4b79e98fead154068440c4b040590cebf59f23a4deacd2734

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-aAnuCDP+lAJD9WiCJyT6FrdSu9JuBd9Spib81+6DcVtdrBeg' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-aAnuCDP+lAJD9WiCJyT6FrdSu9JuBd9Spib81+6DcVtdrBeg' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bestamericanhealthed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-aAnuCDP+lAJD9WiCJyT6FrdSu9JuBd9Spib81+6DcVtdrBeg' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-aAnuCDP+lAJD9WiCJyT6FrdSu9JuBd9Spib81+6DcVtdrBeg' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
age: 895
via: 1.1 varnish
x-cache: HIT
p3p: true
paypal-debug-id: f897061b55f39
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 94615
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4064-HHN
traceparent: 00-0000000000000000000f897061b55f39-b8646a0df8b7c9fe-01
x-timer: S1657209284.395351,VS0,VE3
x-frame-options: SAMEORIGIN
date: Thu, 07 Jul 2022 15:54:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"17197-B74ax8BD5B4yDKhqmw2cheVX+EY"
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 75ms
30ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Libre%20Baskerville%3A100%2C400%2C700%7CJosefin%20Sans%3A100%2C400%2C700

Requested by

Host: bestamericanhealthed.com
URL: https://bestamericanhealthed.com/programs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

774ec105789f62bf9688e283ac1ab4df1d5ba369121d08836aecad5d81f48ee4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bestamericanhealthed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 07 Jul 2022 15:54:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 07 Jul 2022 15:54:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Jul 2022 15:54:44 GMT

GET
H/1.1 200
OK celebrate.png
vp-digital-tower-etc.s3.amazonaws.com/stock-assets/ 10 KB
11 KB 461ms
132ms Image
image/png 52.216.204.83
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vp-digital-tower-etc.s3.amazonaws.com/stock-assets/celebrate.png
Requested by: Host: bestamericanhealthed.com
URL: https://bestamericanhealthed.com/programs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.204.83 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d4cff8de2398964e05c8efe129c043b5a9c1863201e4054ec0b20ac92a4191af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bestamericanhealthed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 07 Jul 2022 15:54:46 GMT
Last-Modified: Thu, 12 Nov 2020 18:43:33 GMT
Server: AmazonS3
x-amz-request-id: MM807FN56JV9YBGF
ETag: "704e4ac5de30951d68ade8ea443aeca6"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 10443
x-amz-id-2: vcdig1il1Qy7jt5FSALUZ/1+LZadYPZmnSYrYSBo1aZIKI7PP9Xa082ZlkUiiDPuDdGy/dBrrQI=

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/0,0,4030x3927/width/1100/maxWidth/2000/https://uploads.documents.cimpress.io/v1/uploads/9e4d0fd2-60b7-4d4d-a2f8-ffb90d74e173~110/ 1 MB
1 MB 112ms
22ms Image
image/png 13.225.78.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/0,0,4030x3927/width/1100/maxWidth/2000/https://uploads.documents.cimpress.io/v1/uploads/9e4d0fd2-60b7-4d4d-a2f8-ffb90d74e173~110/original?tenant=vbu-digital
Requested by: Host: bestamericanhealthed.com
URL: https://bestamericanhealthed.com/programs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-90.fra2.r.cloudfront.net
Software: / Express
Resource Hash: f207874461513352ce247fb77818f69e87c7b8e4def92d577e488be697d429f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bestamericanhealthed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 05 Jul 2022 11:59:24 GMT
Via: 1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
Connection: keep-alive
Age: 186921
X-Powered-By: Express
ETag: W/"139c10-H+w0EQGtTuVtNKwJIHQDnjI4HPk"
RequestId: 1020e100-48f2-4da6-89f2-a25a95e28b01
X-Cache: Hit from cloudfront
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, s-maxage=604800,max-age=604800
X-Amz-Cf-Pop: FRA2-C2
Content-Length: 1285136
X-Amz-Cf-Id: 9FK-TYXl6BdgzXkM_NcfV-Qb-Je282ACvx05oCSX4dp7Pe7O7TgATQ==

GET
H2 200 email-decode.min.js Show response
bestamericanhealthed.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
848 B 24ms
24ms Script
application/javascript 2606:4700::6811:c849
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bestamericanhealthed.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: bestamericanhealthed.com
URL: https://bestamericanhealthed.com/programs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c849 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bestamericanhealthed.com/programs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 15:54:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 06 Jul 2022 12:55:25 GMT
server: cloudflare
etag: W/"62c5863d-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7271c2b1de39bb9b-FRA
vary: Accept-Encoding
expires: Sat, 09 Jul 2022 15:54:45 GMT

GET
H2 200 collector.js Show response
static.websimages.com/active-static/target/stats/ 1 KB
1 KB 79ms
28ms Script
application/javascript 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.websimages.com/active-static/target/stats/collector.js
Requested by: Host: bestamericanhealthed.com
URL: https://bestamericanhealthed.com/programs
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098618125383f339b61490acd432891e79d7ce980dfcc6e0261e93fab5500d89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bestamericanhealthed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 15:54:45 GMT
content-encoding: br
cf-cache-status: HIT
age: 430484
cf-polished: origSize=1803
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 16 Mar 2022 14:08:29 GMT
server: cloudflare
etag: W/"70b-5da5672a4d140-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18000
cf-ray: 7271c2b30f46917c-FRA
expires: Sat, 02 Jul 2022 21:20:01 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 118ms
70ms Script
text/javascript 2606:4700:440e::6812:2fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: bestamericanhealthed.com
URL: https://bestamericanhealthed.com/programs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://bestamericanhealthed.com/
Origin: https://bestamericanhealthed.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 15:54:45 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7271c2b30ed79bc8-FRA

GET
H2 200 rollbar.min.js Show response
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/ 69 KB
19 KB 67ms
25ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Requested by

Host: bestamericanhealthed.com
URL: https://bestamericanhealthed.com/programs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b140f87ff144db782e0cddbdd64decbaa35b5c7c890f1e45b05fe2d8478b42e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://bestamericanhealthed.com/
Origin: https://bestamericanhealthed.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 15:54:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2497404
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18862
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fc1-112f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shTXHj981z1E3HMKO1H5dq%2BdkEMH4BExLNgxL79nDCyWgyUmBe9u4EeyaldbymohvBMQy2TDoUxDcg%2BLb%2FtC0fyYTCi4%2FD%2F%2BSt1UJbdlZkGo%2BfKdZ8bGyYL84jMxhVCCM167Ox9%2B2e7SV4gWRU6TZ3N2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7271c2b2fc9f5b62-FRA
expires: Tue, 27 Jun 2023 15:54:45 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
5 KB 23ms
23ms Script
application/x-javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=bestamericanhealthed.com&t=xo&v=5.0.322&source=payments_sdk&mrid=chijohnnwankwo@yahoo.com&client_id=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&merchant-id=chijohnnwankwo%40yahoo.com&currency=USD&disable-funding=bancontact%2Cblik%2Ceps%2Cgiropay%2Cideal%2Cmercadopago%2Cmybank%2Cp24%2Csepa%2Csofort

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-SL2RFq1mAAWhM8D92pIyWTz7B85FJMYtBhfPdG8ThqL/Dwm6' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bestamericanhealthed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-SL2RFq1mAAWhM8D92pIyWTz7B85FJMYtBhfPdG8ThqL/Dwm6' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
age: 64101
x-cache: HIT
paypal-debug-id: f8829504b7cdf
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 4299
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4064-HHN
traceparent: 00-0000000000000000000f8829504b7cdf-35271c44be6a8e52-01
x-timer: S1657209286.557928,VS0,VE2
x-frame-options: SAMEORIGIN
date: Thu, 07 Jul 2022 15:54:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/x-javascript; charset=utf-8
via: 1.1 varnish
cache-control: public, max-age=3600
etag: W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/maxWidth/2000/progressive/http://uploads.documents.cimpress.io/v1/uploads/eec0060d-44e6-4b61-a4f9-8b859a3732c6~110/ 267 KB
268 KB 75ms
33ms Image
image/jpeg 13.225.78.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/maxWidth/2000/progressive/http://uploads.documents.cimpress.io/v1/uploads/eec0060d-44e6-4b61-a4f9-8b859a3732c6~110/original?tenant=vbu-digital
Requested by: Host: bestamericanhealthed.com
URL: https://bestamericanhealthed.com/programs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-90.fra2.r.cloudfront.net
Software: / Express
Resource Hash: 4bb6a45c6b844b5c5eda92cdbfed08210fcfd8ea233acf3b3676d727722580c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bestamericanhealthed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 06 Jul 2022 18:46:29 GMT
Via: 1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
Connection: keep-alive
Age: 76096
X-Powered-By: Express
ETag: W/"42c63-XecaL8i24PGShE+L5Mht0uZL9kI"
RequestId: aabb014d-cd2e-46cd-a687-237209ad92f7
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, s-maxage=604800,max-age=604800
X-Amz-Cf-Pop: FRA2-C2
Content-Length: 273507
X-Amz-Cf-Id: hCewhvjkaF390yMhVvJpzjZm9UYRFqvXmHYaWl9Sdx5hvijLqi2q3w==

GET
H2 200 kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
fonts.gstatic.com/s/librebaskerville/v14/ 26 KB
27 KB 87ms
38ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre%20Baskerville%3A100%2C400%2C700%7CJosefin%20Sans%3A100%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bestamericanhealthed.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 18:01:54 GMT
x-content-type-options: nosniff
age: 165171
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27120
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:42:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jul 2023 18:01:54 GMT

GET
H2 200 Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
fonts.gstatic.com/s/josefinsans/v24/ 26 KB
27 KB 69ms
20ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/josefinsans/v24/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre%20Baskerville%3A100%2C400%2C700%7CJosefin%20Sans%3A100%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa1c72e44c5aa91d24fc6ef2966a7d68363dd342bc325989e9f4dfaae39f54f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bestamericanhealthed.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 17:29:11 GMT
x-content-type-options: nosniff
age: 167134
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26696
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:28:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jul 2023 17:29:11 GMT

GET
H2 200 kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2
fonts.gstatic.com/s/librebaskerville/v14/ 27 KB
27 KB 97ms
48ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librebaskerville/v14/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre%20Baskerville%3A100%2C400%2C700%7CJosefin%20Sans%3A100%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

658cbf469e751ade6d30b701fc7ca00b3403329481955d30acb721ca38b45d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bestamericanhealthed.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 18:38:12 GMT
x-content-type-options: nosniff
age: 162993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27976
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:45:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jul 2023 18:38:12 GMT

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame 2853 377 KB
154 KB 387ms
387ms Document
text/html 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?sdkVersion=5.0.322&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpfaHZNVXBFQVAzbzB2SjRoZEFmTC02eFpqZzU3ZUp2SzVSeUZFNEI4ck5nMHFEQ2ZWcnFXemdFSkNOaEZrSWpacUJwVm42bl85U3FOY0gmbWVyY2hhbnQtaWQ9Y2hpam9obm53YW5rd28lNDB5YWhvby5jb20mY3VycmVuY3k9VVNEJmRpc2FibGUtZnVuZGluZz1iYW5jb250YWN0JTJDYmxpayUyQ2VwcyUyQ2dpcm9wYXklMkNpZGVhbCUyQ21lcmNhZG9wYWdvJTJDbXliYW5rJTJDcDI0JTJDc2VwYSUyQ3NvZm9ydCIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xwZnZ0cHl5cG5va3NpcWlzYWh0cmJqaGlvemJqeCJ9fQ&clientID=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&sdkCorrelationID=f918219112117&storageID=uid_6ac613a223_mtu6ntq6ndu&sessionID=uid_16be61ee1f_mtu6ntq6ndu&buttonSessionID=uid_f4dc59cf12_mtu6ntq6ndu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&merchantID.0=chijohnnwankwo%40yahoo.com&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5bcd2d024f84690254dd207e2aa6bc5c297df2777747651c0b4076ff2226abc8

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bestamericanhealthed.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: none
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: br
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Thu, 07 Jul 2022 15:54:46 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/W/"5e3bb-tFnk1RzAh8avBmKa5146TqXi9OI"
p3p: true
paypal-debug-id: f6536372760a8
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f6536372760a8-baef2d713a9ce0d6-01
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-served-by: cache-hhn4064-HHN
x-timer: S1657209286.666952,VS0,VE366
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 38E3 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 38E3 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1015 B
2 KB 203ms
203ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8b471173e9dd49c3e6ca90f125740b4b5785aa2d62f5a4e50dbcbfe9648c1936

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://bestamericanhealthed.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: application/json

Response headers

date: Thu, 07 Jul 2022 15:54:46 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f653637dd3fee
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn4075-HHN
traceparent: 00-0000000000000000000f653637dd3fee-a2f90740d1137dd6-01
x-timer: S1657209286.903350,VS0,VE181
etag: W/W/"3f7-IabUt/Nmb4oSbZbDh9OoiO6z+q8"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bestamericanhealthed.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 225ms
180ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bestamericanhealthed.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://bestamericanhealthed.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Thu, 07 Jul 2022 15:54:45 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f653637b80c08
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f653637b80c08-fad89f70e8240e5a-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn4075-HHN
x-timer: S1657209286.722018,VS0,VE158

GET
H2 200 ts
t.paypal.com/ 42 B
812 B 268ms
200ms Image
image/gif 151.101.65.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Programs&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1657209285667&g=0&completeurl=https%3A%2F%2Fbestamericanhealthed.com%2Fprograms&ru=https%3A%2F%2Fbestamericanhealthed.com%2Fprograms&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

Requested by

Host: bestamericanhealthed.com
URL: https://bestamericanhealthed.com/programs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bestamericanhealthed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 15:54:45 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: b16522511548f
x-cache-hits: 0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 42
x-served-by: cache-hhn4038-HHN
pragma: no-cache
traceparent: 00-0000000000000000000b16522511548f-36d2d3fea90e630b-01
x-timer: S1657209286.749689,VS0,VE172
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Jul 2022 15:54:45 GMT

GET
H2 200 record
statscollector.digital.vistaprint.com/ 0
115 B 331ms
110ms Image
text/plain 54.158.254.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://statscollector.digital.vistaprint.com/record?siteId=2684813909&pageId=1629829361560984&pageTitle=Programs&parentPageId=&builderType=tower&premium=true&referrer=&location=https%3A%2F%2Fbestamericanhealthed.com%2Fprograms&visitorId=898999453
Requested by: Host: bestamericanhealthed.com
URL: https://bestamericanhealthed.com/programs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.158.254.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-158-254-182.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bestamericanhealthed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://developer.cimpress.io
date: Thu, 07 Jul 2022 15:54:45 GMT
x-powered-by: Express
content-type: text/plain

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 2853 309 KB
93 KB 23ms
22ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?sdkVersion=5.0.322&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpfaHZNVXBFQVAzbzB2SjRoZEFmTC02eFpqZzU3ZUp2SzVSeUZFNEI4ck5nMHFEQ2ZWcnFXemdFSkNOaEZrSWpacUJwVm42bl85U3FOY0gmbWVyY2hhbnQtaWQ9Y2hpam9obm53YW5rd28lNDB5YWhvby5jb20mY3VycmVuY3k9VVNEJmRpc2FibGUtZnVuZGluZz1iYW5jb250YWN0JTJDYmxpayUyQ2VwcyUyQ2dpcm9wYXklMkNpZGVhbCUyQ21lcmNhZG9wYWdvJTJDbXliYW5rJTJDcDI0JTJDc2VwYSUyQ3NvZm9ydCIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xwZnZ0cHl5cG5va3NpcWlzYWh0cmJqaGlvemJqeCJ9fQ&clientID=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&sdkCorrelationID=f918219112117&storageID=uid_6ac613a223_mtu6ntq6ndu&sessionID=uid_16be61ee1f_mtu6ntq6ndu&buttonSessionID=uid_f4dc59cf12_mtu6ntq6ndu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&merchantID.0=chijohnnwankwo%40yahoo.com&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fcdfcbb16e269dd4b79e98fead154068440c4b040590cebf59f23a4deacd2734

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-aAnuCDP+lAJD9WiCJyT6FrdSu9JuBd9Spib81+6DcVtdrBeg' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-aAnuCDP+lAJD9WiCJyT6FrdSu9JuBd9Spib81+6DcVtdrBeg' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/smart/buttons?sdkVersion=5.0.322&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpfaHZNVXBFQVAzbzB2SjRoZEFmTC02eFpqZzU3ZUp2SzVSeUZFNEI4ck5nMHFEQ2ZWcnFXemdFSkNOaEZrSWpacUJwVm42bl85U3FOY0gmbWVyY2hhbnQtaWQ9Y2hpam9obm53YW5rd28lNDB5YWhvby5jb20mY3VycmVuY3k9VVNEJmRpc2FibGUtZnVuZGluZz1iYW5jb250YWN0JTJDYmxpayUyQ2VwcyUyQ2dpcm9wYXklMkNpZGVhbCUyQ21lcmNhZG9wYWdvJTJDbXliYW5rJTJDcDI0JTJDc2VwYSUyQ3NvZm9ydCIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xwZnZ0cHl5cG5va3NpcWlzYWh0cmJqaGlvemJqeCJ9fQ&clientID=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&sdkCorrelationID=f918219112117&storageID=uid_6ac613a223_mtu6ntq6ndu&sessionID=uid_16be61ee1f_mtu6ntq6ndu&buttonSessionID=uid_f4dc59cf12_mtu6ntq6ndu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&merchantID.0=chijohnnwankwo%40yahoo.com&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-aAnuCDP+lAJD9WiCJyT6FrdSu9JuBd9Spib81+6DcVtdrBeg' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-aAnuCDP+lAJD9WiCJyT6FrdSu9JuBd9Spib81+6DcVtdrBeg' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
age: 897
via: 1.1 varnish
x-cache: HIT
p3p: true
paypal-debug-id: f897061b55f39
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 94615
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4064-HHN
traceparent: 00-0000000000000000000f897061b55f39-b8646a0df8b7c9fe-01
x-timer: S1657209286.094861,VS0,VE2
x-frame-options: SAMEORIGIN
date: Thu, 07 Jul 2022 15:54:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"17197-B74ax8BD5B4yDKhqmw2cheVX+EY"
accept-ranges: bytes
x-cache-hits: 2

GET
DATA 200
OK truncated
/ Frame 2853 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2853 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 2853 56 KB
20 KB 97ms
21ms Script
application/javascript 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ECAcc (frc/8FDD) /

Resource Hash

72c99b1de87499b425e697b2e0e0a8e4e36363506c68e08a7e8d5db555c1db43

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 15:54:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1194102
x-cache: HIT, HIT
paypal-debug-id: 686a8f6bf83d0
x-cache-hits: 3249049
access-control-allow-methods: GET
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 19745
via: 1.1 varnish
x-served-by: cache-hhn4076-HHN
last-modified: Tue, 21 Jun 2022 22:04:47 GMT
server: ECAcc (frc/8FDD)
x-timer: S1657209287.890972,VS0,VE1
etag: W/"62b2407f-e12a"
access-control-max-age: 86400
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Jul 2022 15:54:46 GMT

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 2853 1012 B
2 KB 268ms
267ms Ping
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d0feab0153cd0bca22ce4bb663c41c7048046928f6024eeaca09eb4eccd64e6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?sdkVersion=5.0.322&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpfaHZNVXBFQVAzbzB2SjRoZEFmTC02eFpqZzU3ZUp2SzVSeUZFNEI4ck5nMHFEQ2ZWcnFXemdFSkNOaEZrSWpacUJwVm42bl85U3FOY0gmbWVyY2hhbnQtaWQ9Y2hpam9obm53YW5rd28lNDB5YWhvby5jb20mY3VycmVuY3k9VVNEJmRpc2FibGUtZnVuZGluZz1iYW5jb250YWN0JTJDYmxpayUyQ2VwcyUyQ2dpcm9wYXklMkNpZGVhbCUyQ21lcmNhZG9wYWdvJTJDbXliYW5rJTJDcDI0JTJDc2VwYSUyQ3NvZm9ydCIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xwZnZ0cHl5cG5va3NpcWlzYWh0cmJqaGlvemJqeCJ9fQ&clientID=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&sdkCorrelationID=f918219112117&storageID=uid_6ac613a223_mtu6ntq6ndu&sessionID=uid_16be61ee1f_mtu6ntq6ndu&buttonSessionID=uid_f4dc59cf12_mtu6ntq6ndu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&merchantID.0=chijohnnwankwo%40yahoo.com&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 07 Jul 2022 15:54:47 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f226679133618
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn4064-HHN
traceparent: 00-0000000000000000000f226679133618-ed1454b40f93d015-01
x-timer: S1657209287.884056,VS0,VE239
etag: W/W/"3f4-cRJUPkiDBGdQKW8WC1vvY+2Tw0M"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame 8495 160 B
1 KB 161ms
161ms Document
text/html 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA
accept-ranges: none
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
correlation-id: 59f146bab4d0a
date: Thu, 07 Jul 2022 15:54:47 GMT
paypal-debug-id: 59f146bab4d0a
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-000000000000000000059f146bab4d0a-7f34e94261ba2657-01
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn4076-HHN
x-timer: S1657209287.967705,VS0,VE141
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/v2/ Frame A20B
Redirect Chain

https://b.stats.paypal.com/v2/counter.cgi?p=uid_16be61ee1f_mtu6ntq6ndu&s=SMART_PAYMENT_BUTTONS
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_16be61ee1f_mtu6ntq6ndu&s=SMART_PAYMENT_BUTTONS

42 B
299 B

144ms
46ms

Image
image/jpeg

64.4.245.84
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_16be61ee1f_mtu6ntq6ndu&s=SMART_PAYMENT_BUTTONS
Requested by: Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?sdkVersion=5.0.322&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpfaHZNVXBFQVAzbzB2SjRoZEFmTC02eFpqZzU3ZUp2SzVSeUZFNEI4ck5nMHFEQ2ZWcnFXemdFSkNOaEZrSWpacUJwVm42bl85U3FOY0gmbWVyY2hhbnQtaWQ9Y2hpam9obm53YW5rd28lNDB5YWhvby5jb20mY3VycmVuY3k9VVNEJmRpc2FibGUtZnVuZGluZz1iYW5jb250YWN0JTJDYmxpayUyQ2VwcyUyQ2dpcm9wYXklMkNpZGVhbCUyQ21lcmNhZG9wYWdvJTJDbXliYW5rJTJDcDI0JTJDc2VwYSUyQ3NvZm9ydCIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xwZnZ0cHl5cG5va3NpcWlzYWh0cmJqaGlvemJqeCJ9fQ&clientID=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&sdkCorrelationID=f918219112117&storageID=uid_6ac613a223_mtu6ntq6ndu&sessionID=uid_16be61ee1f_mtu6ntq6ndu&buttonSessionID=uid_f4dc59cf12_mtu6ntq6ndu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&merchantID.0=chijohnnwankwo%40yahoo.com&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Protocol: HTTP/1.1
Server: 64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 07 Jul 2022 15:54:47 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_16be61ee1f_mtu6ntq6ndu&s=SMART_PAYMENT_BUTTONS
Date: Thu, 07 Jul 2022 15:54:47 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 8495 56 KB
20 KB 38ms
38ms Script
application/javascript 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ECAcc (frc/8FDD) /

Resource Hash

72c99b1de87499b425e697b2e0e0a8e4e36363506c68e08a7e8d5db555c1db43

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 15:54:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1194103
x-cache: HIT, HIT
paypal-debug-id: 686a8f6bf83d0
x-cache-hits: 3249052
access-control-allow-methods: GET
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 19745
via: 1.1 varnish
x-served-by: cache-hhn4076-HHN
last-modified: Tue, 21 Jun 2022 22:04:47 GMT
server: ECAcc (frc/8FDD)
x-timer: S1657209287.170726,VS0,VE1
etag: W/"62b2407f-e12a"
access-control-max-age: 86400
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Jul 2022 15:54:47 GMT

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame 8495 125 B
728 B 223ms
223ms XHR
application/json 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f7262c30fcf63683d0795ab5f61870f13ebfa7854fd3c17127b0bbaaf33c91cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 07 Jul 2022 15:54:47 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: 17f1195091cbd
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
content-length: 125
x-served-by: cache-hhn4076-HHN
correlation-id: 17f1195091cbd
traceparent: 00-000000000000000000017f1195091cbd-0fced67603c352ba-01
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0

POST
H2 204 e Show response
c.paypal.com/v1/r/d/b/ Frame 8495 0
214 B 183ms
183ms XHR
text/plain 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 07 Jul 2022 15:54:47 GMT
via: 1.1 varnish
correlation-id: 60ab2c3c2aa10
traceparent: 00-000000000000000000060ab2c3c2aa10-96238a7de1b13149-01
x-served-by: cache-hhn4076-HHN
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
paypal-debug-id: 60ab2c3c2aa10
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame 8495 0
123 B 206ms
184ms Image
text/plain 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=uid_16be61ee1f_mtu6ntq6ndu&s=SMART_PAYMENT_BUTTONS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 15:54:47 GMT
via: 1.1 varnish
correlation-id: 4339e209727f7
traceparent: 00-00000000000000000004339e209727f7-0909d1a604e12288-01
x-timer: S1657209287.252194,VS0,VE162
x-served-by: cache-hhn4076-HHN
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
paypal-debug-id: 4339e209727f7
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges: bytes
timing-allow-origin: *
content-length: 0
x-cache-hits: 0

POST
H2 200 rum Show response
bestamericanhealthed.com/cdn-cgi/ 0
219 B 22ms
22ms XHR
text/plain 2606:4700::6811:c849
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bestamericanhealthed.com/cdn-cgi/rum?

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c849 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://bestamericanhealthed.com/programs
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: application/json

Response headers

date: Thu, 07 Jul 2022 15:54:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://bestamericanhealthed.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 7271c2bd3b84bb9b-FRA
vary: Origin

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame 2853 1015 B
1 KB 220ms
220ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aaeec91ea62b62a555f77fe64ade510116c689d1b6c6cc453e11f5b271968286

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?sdkVersion=5.0.322&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpfaHZNVXBFQVAzbzB2SjRoZEFmTC02eFpqZzU3ZUp2SzVSeUZFNEI4ck5nMHFEQ2ZWcnFXemdFSkNOaEZrSWpacUJwVm42bl85U3FOY0gmbWVyY2hhbnQtaWQ9Y2hpam9obm53YW5rd28lNDB5YWhvby5jb20mY3VycmVuY3k9VVNEJmRpc2FibGUtZnVuZGluZz1iYW5jb250YWN0JTJDYmxpayUyQ2VwcyUyQ2dpcm9wYXklMkNpZGVhbCUyQ21lcmNhZG9wYWdvJTJDbXliYW5rJTJDcDI0JTJDc2VwYSUyQ3NvZm9ydCIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xwZnZ0cHl5cG5va3NpcWlzYWh0cmJqaGlvemJqeCJ9fQ&clientID=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&sdkCorrelationID=f918219112117&storageID=uid_6ac613a223_mtu6ntq6ndu&sessionID=uid_16be61ee1f_mtu6ntq6ndu&buttonSessionID=uid_f4dc59cf12_mtu6ntq6ndu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&merchantID.0=chijohnnwankwo%40yahoo.com&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: application/json

Response headers

date: Thu, 07 Jul 2022 15:54:47 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f226679d46918
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn4064-HHN
traceparent: 00-0000000000000000000f226679d46918-3101c0633ab4ad8c-01
x-timer: S1657209287.264241,VS0,VE197
etag: W/W/"3f7-gAGXQD4Lif/N8FL/SJiAVTMc/Pc"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1002 B
2 KB 201ms
196ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aad56fbebced28ea731d9e0018cc1c301dc09f2e06f0293d8c30bb47ab6ad059

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://bestamericanhealthed.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
content-type: application/json

Response headers

date: Thu, 07 Jul 2022 15:54:47 GMT
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS
paypal-debug-id: f2266798841cf
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn4075-HHN
traceparent: 00-0000000000000000000f2266798841cf-a2a83ef196547d64-01
x-timer: S1657209287.487723,VS0,VE175
etag: W/W/"3ea-E7DEGw7haPJDO90dMfy5Z1gUAyM"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bestamericanhealthed.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 216ms
216ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bestamericanhealthed.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://bestamericanhealthed.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Thu, 07 Jul 2022 15:54:47 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: f226679a216e4
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
traceparent: 00-0000000000000000000f226679a216e4-f1f8fece186daf2d-01
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn4075-HHN
x-timer: S1657209287.266681,VS0,VE192

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bestamericanhealthed.com/	1970-01-20 04:21:35	Name: webs-stats-visitor-id Value: 898999453
.paypal.com/	1970-01-20 04:20:11	Name: l7_az Value: dcg15.slc
.paypal.com/	1970-01-21 06:36:57	Name: ts_c Value: vr%3Dd95eec8b1810a2d0853d9867ff08b2d8%26vt%3Dd95eec8b1810a2d0853d9867ff08b2d7
.paypal.com/	1970-01-20 13:05:45	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1970-01-20 04:20:40	Name: LANG Value: de_DE%3BDE
.paypal.com/	1970-01-20 04:24:28	Name: tsrce Value: loggernodeweb
.c.paypal.com/	1970-01-22 00:08:09	Name: sc_f Value: 2C7pjy8ElrUuqDjIk9Wl49mWo8r0Chni-iO2jq7qevpnUtVZpNGgKSsRZSrkIlY2ZmeQHNnZQ2VNxzXYuBIF9oAN6OUYN7bI3Uywd0
.paypal.com/	1970-01-27 11:32:09	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: PuxUHnTGEHPPp2pSoAwKo-tvOFC5RwL2lu9NOO-y0gmLInIKwXiU5qEooreqhO-BG6KPubboyt3Sj08M
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY1NzIwOTI4NzM5MCIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/	1970-01-21 06:36:57	Name: ts Value: vreXpYrS%3D1751903687%26vteXpYrS%3D1657211087%26vr%3Dd95eec8b1810a2d0853d9867ff08b2d8%26vt%3Dd95eec8b1810a2d0853d9867ff08b2d7%26vtyp%3Dnew

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.stats.paypal.com
bestamericanhealthed.com
c.paypal.com
c6.paypal.com
cdnjs.cloudflare.com
dub.stats.paypal.com
fonts.googleapis.com
fonts.gstatic.com
imageprocessor.digital.vistaprint.com
r20.rs6.net
static.cloudflareinsights.com
static.websimages.com
statscollector.digital.vistaprint.com
t.paypal.com
vp-digital-tower-etc.s3.amazonaws.com
www.paypal.com
13.225.78.90
151.101.193.21
151.101.193.35
151.101.65.35
208.75.122.11
2606:4700:440e::6812:2fe6
2606:4700::6811:180e
2606:4700::6811:c849
2606:4700::6812:d054
2a00:1450:4001:80b::2003
2a00:1450:4001:828::200a
52.216.204.83
54.158.254.182
64.4.245.84
098618125383f339b61490acd432891e79d7ce980dfcc6e0261e93fab5500d89
0b140f87ff144db782e0cddbdd64decbaa35b5c7c890f1e45b05fe2d8478b42e
1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
4260f98f17b3b5fa8a5d6e39cbe81d29efbffe9b833440dd6de134d7c64dbeeb
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4bb6a45c6b844b5c5eda92cdbfed08210fcfd8ea233acf3b3676d727722580c4
4e9a53b9d043e43f8f0854cb3dd30cb1efde93ada615c417b2ee0b28c01a69e3
5bcd2d024f84690254dd207e2aa6bc5c297df2777747651c0b4076ff2226abc8
658cbf469e751ade6d30b701fc7ca00b3403329481955d30acb721ca38b45d99
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
72c99b1de87499b425e697b2e0e0a8e4e36363506c68e08a7e8d5db555c1db43
774ec105789f62bf9688e283ac1ab4df1d5ba369121d08836aecad5d81f48ee4
842a8da330e74d524e2518ad840e8c5aba1b35154b4ccc466849cf3d3cc1ec86
8b471173e9dd49c3e6ca90f125740b4b5785aa2d62f5a4e50dbcbfe9648c1936
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
aa1c72e44c5aa91d24fc6ef2966a7d68363dd342bc325989e9f4dfaae39f54f0
aad56fbebced28ea731d9e0018cc1c301dc09f2e06f0293d8c30bb47ab6ad059
aaeec91ea62b62a555f77fe64ade510116c689d1b6c6cc453e11f5b271968286
d0feab0153cd0bca22ce4bb663c41c7048046928f6024eeaca09eb4eccd64e6a
d4cff8de2398964e05c8efe129c043b5a9c1863201e4054ec0b20ac92a4191af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f207874461513352ce247fb77818f69e87c7b8e4def92d577e488be697d429f3
f7262c30fcf63683d0795ab5f61870f13ebfa7854fd3c17127b0bbaaf33c91cf
fcdfcbb16e269dd4b79e98fead154068440c4b040590cebf59f23a4deacd2734
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

bestamericanhealthed.com Open in urlscan Pro 2606:4700::6811:c849 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

34 Requests

97 %HTTPS

43 %IPv6

10 Domains

16 Subdomains

14 IPs

2 Countries

2170 kBTransfer

3501 kBSize

10 Cookies

5 Outgoing links

Page URL History

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bestamericanhealthed.com Open in urlscan Pro
2606:4700::6811:c849 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

97 %
HTTPS

43 %
IPv6

10
Domains

16
Subdomains

14
IPs

2
Countries

2170 kB
Transfer

3501 kB
Size

10
Cookies

34 HTTP transactions
4 data transactions