gv142.infusionsoft.app Open in urlscan Pro
2606:4700::6812:7ad Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://gv142.infusionsoft.app/app/manageCart/addProduct?return=aHR0cHM6Ly9ndjE0Mi5pbmZ1c2lvbnNvZnQuY29tL2FwcC9tYW5hZ2VDYXJ0L2F...
Effective URL:
https://gv142.infusionsoft.app/app/manageCart/showManageOrder
Submission: On November 18 via manual (November 18th 2021, 3:57:00 pm UTC) from US — Scanned from DE

Summary HTTP 80 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 13 domains to perform 80 HTTP transactions. The main IP is 2606:4700::6812:7ad, located in United States and belongs to CLOUDFLARENET, US. The main domain is gv142.infusionsoft.app.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 1st 2021. Valid for: a year.

This is the only time gv142.infusionsoft.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 34	2606:4700::68... 2606:4700::6812:7ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2606:4700::68... 2606:4700::6812:f74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	151.101.193.21 151.101.193.21	54113 (FASTLY) (FASTLY)
1	52.217.77.22 52.217.77.22	16509 (AMAZON-02) (AMAZON-02)
4	34.102.253.235 34.102.253.235	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
3	104.111.228.123 104.111.228.123	16625 (AKAMAI-AS) (AKAMAI-AS)
2	151.101.193.35 151.101.193.35	54113 (FASTLY) (FASTLY)
2	2a02:26f0:170... 2a02:26f0:1700:f::1737:a1ce	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
10	23.45.107.81 23.45.107.81	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	64.4.245.84 64.4.245.84	17012 (PAYPAL) (PAYPAL)
2	2a04:4e42::291 2a04:4e42::291	54113 (FASTLY) (FASTLY)
80	18

34 2606:4700::6812:7ad (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

gv142.infusionsoft.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:f74 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

gv142.infusionsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 151.101.193.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.77.22 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.102.253.235 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 235.253.102.34.bc.googleusercontent.com

gv142.files.keap.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.228.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:1700:f::1737:a1ce (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ds-aksb-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.45.107.81 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-107-81.deploy.static.akamaitechnologies.com

c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.4.245.84 (United States) 2 redirects

ASN17012 (PAYPAL, US)

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::291 (United States)

ASN54113 (FASTLY, US)

c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	infusionsoft.app 3 redirects gv142.infusionsoft.app	273 KB
32	paypal.com 2 redirects www.paypal.com t.paypal.com c.paypal.com b.stats.paypal.com dub.stats.paypal.com c6.paypal.com	634 KB
4	keap.app gv142.files.keap.app	11 KB
3	paypalobjects.com www.paypalobjects.com	34 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	akamaihd.net ds-aksb-a.akamaihd.net	5 KB
2	gstatic.com fonts.gstatic.com www.gstatic.com	181 KB
2	google.com www.google.com	1 KB
2	infusionsoft.com 2 redirects gv142.infusionsoft.com	805 B
1	google.de www.google.de	502 B
1	doubleclick.net stats.g.doubleclick.net	448 B
1	googleapis.com fonts.googleapis.com	1 KB
1	amazonaws.com s3.amazonaws.com	6 KB
80	13

	Domain	Requested by
34	gv142.infusionsoft.app	3 redirects gv142.infusionsoft.app
14	www.paypal.com	gv142.infusionsoft.app www.paypal.com www.paypalobjects.com
10	c.paypal.com	www.paypal.com c.paypal.com
4	gv142.files.keap.app	gv142.infusionsoft.app
3	www.paypalobjects.com	www.paypal.com www.paypalobjects.com
2	c6.paypal.com	gv142.infusionsoft.app c.paypal.com
2	dub.stats.paypal.com	www.paypal.com
2	b.stats.paypal.com	2 redirects
2	www.google-analytics.com	gv142.infusionsoft.app
2	ds-aksb-a.akamaihd.net	www.paypalobjects.com gv142.infusionsoft.app
2	t.paypal.com	gv142.infusionsoft.app
2	www.google.com	gv142.infusionsoft.app
2	gv142.infusionsoft.com	2 redirects
1	www.google.de	gv142.infusionsoft.app
1	stats.g.doubleclick.net	gv142.infusionsoft.app
1	www.gstatic.com	www.google.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	gv142.infusionsoft.app
1	s3.amazonaws.com	gv142.infusionsoft.app
80	19

This site contains links to these domains. Also see Links.

Domain
wallstreetprep.com
gv142.infusionsoft.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-01` - `2022-09-30`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2021-11-02` - `2022-03-15`	4 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
files.keap.app R3	`2021-10-15` - `2022-01-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2021-09-21` - `2022-10-22`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
c.paypal.com DigiCert SHA2 Extended Validation Server CA	`2021-11-03` - `2022-12-04`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
Frame ID: 4A7DFC7CFFEE2FC8B230C72578BDD69E
Requests: 50 HTTP requests in this frame

Frame: https://www.paypalobjects.com/muse/analytics/index.html
Frame ID: 4A5BC0A1F4DAD2C5E8507AA9E7804770
Requests: 5 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21taXQ9ZmFsc2UmY3VycmVuY3k9VVNEJmNsaWVudC1pZD1BWXJ0MXRfUm5fQ2UtOTg4RFJFcDVic1B3R0NvQ2RJTFBzT0ViMEphcF9MQldkYy1FNmowQUo0alIyNm8tQmh1NkhCOXJod19YZE80U19LYyZtZXJjaGFudC1pZD03NUVON0RSNlA3RzcyIiwiYXR0cnMiOnsiZGF0YS1wYXJ0bmVyLWF0dHJpYnV0aW9uLWlkIjoiS2VhcF9QQ1AiLCJkYXRhLXVpZCI6InVpZF96Zmx2YWtodnpwemJ1aXVtYW1yYmxkeGxwdHdlaGoifX0&clientID=AYrt1t_Rn_Ce-988DREp5bsPwGCoCdILPsOEb0Jap_LBWdc-E6j0AJ4jR26o-Bhu6HB9rhw_XdO4S_Kc&sdkCorrelationID=a90771762f624&storageID=uid_8a52298709_mtu6nty6nty&sessionID=uid_28d9a6d09d_mtu6nty6nty&buttonSessionID=uid_b8ce1f9257_mtu6nty6nty&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiZDQ1YzZlMWYxY2UwM2IzM2JjNTEyMjQ3YTJjY2M0NTRlNDgyNDVlNSIsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOmZhbHNlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&merchantID.0=75EN7DR6P7G72&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Frame ID: FC47C15FD6FE462D92B44BE74098C1D8
Requests: 8 HTTP requests in this frame

Frame: data://truncated
Frame ID: B7C34766B76730AC708494CBD9A4AC43
Requests: 3 HTTP requests in this frame

Frame: data://truncated
Frame ID: 3853E645BAE44E584EF4F2F6938A618B
Requests: 3 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21taXQ9ZmFsc2UmY3VycmVuY3k9VVNEJmNsaWVudC1pZD1BWXJ0MXRfUm5fQ2UtOTg4RFJFcDVic1B3R0NvQ2RJTFBzT0ViMEphcF9MQldkYy1FNmowQUo0alIyNm8tQmh1NkhCOXJod19YZE80U19LYyZtZXJjaGFudC1pZD03NUVON0RSNlA3RzcyIiwiYXR0cnMiOnsiZGF0YS1wYXJ0bmVyLWF0dHJpYnV0aW9uLWlkIjoiS2VhcF9QQ1AiLCJkYXRhLXVpZCI6InVpZF96Zmx2YWtodnpwemJ1aXVtYW1yYmxkeGxwdHdlaGoifX0&clientID=AYrt1t_Rn_Ce-988DREp5bsPwGCoCdILPsOEb0Jap_LBWdc-E6j0AJ4jR26o-Bhu6HB9rhw_XdO4S_Kc&sdkCorrelationID=a90771762f624&storageID=uid_8a52298709_mtu6nty6nty&sessionID=uid_28d9a6d09d_mtu6nty6nty&buttonSessionID=uid_38a592f777_mtu6nty6nty&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiZDQ1YzZlMWYxY2UwM2IzM2JjNTEyMjQ3YTJjY2M0NTRlNDgyNDVlNSIsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOmZhbHNlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&merchantID.0=75EN7DR6P7G72&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Frame ID: 006F30A5A311EB36719CFC0B99170F61
Requests: 8 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 41BFBC77FB6EB58516476CD2DDEFFC93
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_28d9a6d09d_mtu6nty6nty&s=SMART_PAYMENT_BUTTONS
Frame ID: F349B7AA539D609BC542961379D9F33F
Requests: 1 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_28d9a6d09d_mtu6nty6nty&s=SMART_PAYMENT_BUTTONS
Frame ID: 9B1C10CF020CEB24B3445B6150D3B950
Requests: 1 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 28FF8B85247B7127CD2B12F45C2EAF25
Requests: 5 HTTP requests in this frame

Frame: https://gv142.infusionsoft.app/app/webTracking/websiteTriggerIframe
Frame ID: 8E92503204D21E29D22B97747A72B64D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://gv142.infusionsoft.app/app/manageCart/addProduct?return=aHR0cHM6Ly9ndjE0Mi5pbmZ1c2lvbnNvZnQuY29tL2F... HTTP 301
https://gv142.infusionsoft.com/app/manageCart/addProduct?return=aHR0cHM6Ly9ndjE0Mi5pbmZ1c2lvbnNvZnQuY29tL2F... HTTP 301
https://gv142.infusionsoft.com/app/manageCart/addProduct?productId=488 HTTP 301
https://gv142.infusionsoft.app/app/manageCart/addProduct?productId=488&cookieUUID=c27e81dc-0e8b-42f9-bdf1-a... HTTP 302
https://gv142.infusionsoft.app/app/manageCart/showManageOrder Page URL

Page Statistics

80
Requests

96 %
HTTPS

61 %
IPv6

13
Domains

19
Subdomains

18
IPs

3
Countries

1166 kB
Transfer

3365 kB
Size

23
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://wallstreetprep.com/

Search URL Search Domain Scan URL

URL: https://gv142.infusionsoft.com/app/manageCart/addProduct?productId=82
Title: Purchase

Search URL Search Domain Scan URL

URL: https://gv142.infusionsoft.com/app/manageCart/addProduct?productId=598
Title: Purchase

Search URL Search Domain Scan URL

URL: https://gv142.infusionsoft.com/app/manageCart/addProduct?productId=600
Title: Purchase

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gv142.infusionsoft.app/app/manageCart/addProduct?return=aHR0cHM6Ly9ndjE0Mi5pbmZ1c2lvbnNvZnQuY29tL2FwcC9tYW5hZ2VDYXJ0L2FkZFByb2R1Y3Q%2FcHJvZHVjdElkPTQ4OA%3D%3D&store=MjgzRDkzM0EyODhDNkNCNjZGOUQwQUQ0QUZGMUQ4ODI%3D HTTP 301
https://gv142.infusionsoft.com/app/manageCart/addProduct?return=aHR0cHM6Ly9ndjE0Mi5pbmZ1c2lvbnNvZnQuY29tL2FwcC9tYW5hZ2VDYXJ0L2FkZFByb2R1Y3Q/cHJvZHVjdElkPTQ4OA==&SessionCopyComplete=true HTTP 301
https://gv142.infusionsoft.com/app/manageCart/addProduct?productId=488 HTTP 301
https://gv142.infusionsoft.app/app/manageCart/addProduct?productId=488&cookieUUID=c27e81dc-0e8b-42f9-bdf1-a6ea671d47c0 HTTP 302
https://gv142.infusionsoft.app/app/manageCart/showManageOrder Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

https://b.stats.paypal.com/v2/counter.cgi?p=uid_28d9a6d09d_mtu6nty6nty&s=SMART_PAYMENT_BUTTONS HTTP 302
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_28d9a6d09d_mtu6nty6nty&s=SMART_PAYMENT_BUTTONS

Request Chain 74

https://b.stats.paypal.com/v2/counter.cgi?p=uid_28d9a6d09d_mtu6nty6nty&s=SMART_PAYMENT_BUTTONS HTTP 302
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_28d9a6d09d_mtu6nty6nty&s=SMART_PAYMENT_BUTTONS

Request Chain 90

https://gv142.infusionsoft.app/app/webTracking/contact/1637251016484?contactId=0&screenResolution=1600x1200&plugins=&javaEnabled=false&domain=gv142.infusionsoft.app&location=https://gv142.infusionsoft.app/app/manageCart/showManageOrder&referrer= HTTP 302
https://gv142.infusionsoft.app/slices/spacer.gif

80 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request showManageOrder Show response
gv142.infusionsoft.app/app/manageCart/
Redirect Chain

https://gv142.infusionsoft.app/app/manageCart/addProduct?return=aHR0cHM6Ly9ndjE0Mi5pbmZ1c2lvbnNvZnQuY29tL2FwcC9tYW5hZ2VDYXJ0L2FkZFByb2R1Y3Q%2FcHJvZHVjdElkPTQ4OA%3D%3D&store=MjgzRDkzM0EyODhDNkNCNjZG...
https://gv142.infusionsoft.com/app/manageCart/addProduct?return=aHR0cHM6Ly9ndjE0Mi5pbmZ1c2lvbnNvZnQuY29tL2FwcC9tYW5hZ2VDYXJ0L2FkZFByb2R1Y3Q/cHJvZHVjdElkPTQ4OA==&SessionCopyComplete=true
https://gv142.infusionsoft.com/app/manageCart/addProduct?productId=488
https://gv142.infusionsoft.app/app/manageCart/addProduct?productId=488&cookieUUID=c27e81dc-0e8b-42f9-bdf1-a6ea671d47c0
https://gv142.infusionsoft.app/app/manageCart/showManageOrder

47 KB
12 KB

242ms
242ms

Document
text/html

2606:4700::6812:7ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gv142.infusionsoft.app/app/manageCart/showManageOrder

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

449bb51985d63f2a41da389730c7d6bb061413701c9e8482f8e2bac3d140dc13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 18 Nov 2021 15:56:55 GMT
content-type: text/html;charset=UTF-8
pragma: no-cache
cache-control: no-cache, no-store
expires: Thu, 18 Nov 2021 15:56:55 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: accept-encoding
content-language: de-DE
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b02643c6ba02c0d-FRA
content-encoding: gzip

Redirect headers

date: Thu, 18 Nov 2021 15:56:55 GMT
pragma: no-cache
cache-control: no-cache, no-store
expires: Thu, 18 Nov 2021 15:56:54 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
location: /app/manageCart/showManageOrder
vary: accept-encoding
content-encoding: gzip
content-language: de-DE
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b02643af8e02c0d-FRA

GET
H2 200 cssSnippet.jsp
gv142.infusionsoft.app/css/ecomm/shoppingcart/ 11 KB
3 KB 181ms
181ms Stylesheet
text/css 2606:4700::6812:7ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gv142.infusionsoft.app/css/ecomm/shoppingcart/cssSnippet.jsp?styleThemeId=129&cssToLoad=appearance

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/app/manageCart/showManageOrder

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e10432eed643cb91c532af918d4b79c0292bddd7fc00c7bbe841c0f32151ce38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
vary: accept-encoding
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
content-type: text/css;charset=UTF-8
via: 1.1 google
cache-control: no-cache, no-store
cf-ray: 6b02643e0eee2c0d-FRA
expires: Thu, 18 Nov 2021 15:56:55 GMT

GET
H2 200 cssSnippet.jsp
gv142.infusionsoft.app/css/ecomm/shoppingcart/ 18 KB
5 KB 168ms
168ms Stylesheet
text/css 2606:4700::6812:7ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gv142.infusionsoft.app/css/ecomm/shoppingcart/cssSnippet.jsp?styleThemeId=129&cssToLoad=layout

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/app/manageCart/showManageOrder

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8522cc17947589575d101fd68d8cf267aa42098ecdc6fff2326e9c0fdcbe5c25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
vary: accept-encoding
x-xss-protection: 1; mode=block
pragma: no-cache
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
content-type: text/css;charset=UTF-8
via: 1.1 google
cache-control: no-cache, no-store
cf-ray: 6b02643e0ef32c0d-FRA
expires: Thu, 18 Nov 2021 15:56:55 GMT

GET
H2 200 sink_jq.jsp Show response
gv142.infusionsoft.app/js/ 560 KB
164 KB 179ms
178ms Script
text/javascript 2606:4700::6812:7ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gv142.infusionsoft.app/js/sink_jq.jsp?b=1.70.0.407641

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/app/manageCart/showManageOrder

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f37f5e14fb851493283fb75eeea0185e1106529e07a7a5302628246f95735c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/javascript;charset=UTF-8
via: 1.1 google
strict-transport-security: max-age=31536000;includeSubDomains
cf-ray: 6b02643e1f222c0d-FRA
vary: accept-encoding
x-xss-protection: 1; mode=block
expires: Fri, 18 Nov 2022 20:56:55 GMT

GET
H2 200 sink_js.jsp Show response
gv142.infusionsoft.app/js/ 114 KB
33 KB 181ms
180ms Script
text/javascript 2606:4700::6812:7ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gv142.infusionsoft.app/js/sink_js.jsp?b=1.70.0.407641

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/app/manageCart/showManageOrder

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f6e0dbc5ca712cf3d220196028b4bd956f80746d892d73909ca889b084223e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/javascript;charset=UTF-8
via: 1.1 google
strict-transport-security: max-age=31536000;includeSubDomains
cf-ray: 6b02643e1f232c0d-FRA
vary: accept-encoding
x-xss-protection: 1; mode=block
expires: Fri, 18 Nov 2022 20:56:55 GMT

GET
H2 200 jquery-qtip-1.0.0-rc3.js Show response
gv142.infusionsoft.app/resources/external/qtip/ 36 KB
9 KB 24ms
23ms Script
application/javascript 2606:4700::6812:7ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gv142.infusionsoft.app/resources/external/qtip/jquery-qtip-1.0.0-rc3.js?b=1.70.0.407641

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/app/manageCart/showManageOrder

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77ebf23daada28f497987884872eb974ec79cb9f0ff0b754bcd9a6138d2408ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 275858
vary: accept-encoding
x-xss-protection: 1; mode=block
last-modified: Sat, 13 Nov 2021 17:40:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"36611-1636825241917"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
content-type: application/javascript;charset=UTF-8
via: 1.1 google
cache-control: public, max-age=31278142
cf-ray: 6b02643e1f272c0d-FRA
expires: Tue, 15 Nov 2022 16:19:17 GMT

GET
H2 200 orderForms.js Show response
gv142.infusionsoft.app/resources/ecomm/orderforms/js/ 14 KB
4 KB 26ms
25ms Script
application/javascript 2606:4700::6812:7ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gv142.infusionsoft.app/resources/ecomm/orderforms/js/orderForms.js?b=1.70.0.407641

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/app/manageCart/showManageOrder

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e54a02139f6d8d169f62dc4726ca6ae9ac3f83b53e65360edfe934b60618babe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 71146
vary: accept-encoding
x-xss-protection: 1; mode=block
last-modified: Sat, 13 Nov 2021 17:40:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"14728-1636825241572"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
content-type: application/javascript;charset=UTF-8
via: 1.1 google
cache-control: public, max-age=31482854
cf-ray: 6b02643e1f342c0d-FRA
expires: Fri, 18 Nov 2022 01:11:09 GMT

GET
H2 200 manageCart.js Show response
gv142.infusionsoft.app/js/ecomm/shopping/managecart/ 11 KB
3 KB 25ms
24ms Script
application/javascript 2606:4700::6812:7ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gv142.infusionsoft.app/js/ecomm/shopping/managecart/manageCart.js?b=1.70.0.407641

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/app/manageCart/showManageOrder

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8310332efffc01caab2758ffd101a91d61e2225977bb12057faee457271ad76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 275858
vary: accept-encoding
x-xss-protection: 1; mode=block
last-modified: Sat, 13 Nov 2021 17:40:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"11338-1636825241419"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
content-type: application/javascript;charset=UTF-8
via: 1.1 google
cache-control: public, max-age=31278142
cf-ray: 6b02643e1f382c0d-FRA
expires: Tue, 15 Nov 2022 16:19:17 GMT

GET
H2 200 paypal.js Show response
gv142.infusionsoft.app/resources/ecomm/paypal/ 387 B
457 B 22ms
22ms Script
application/javascript 2606:4700::6812:7ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gv142.infusionsoft.app/resources/ecomm/paypal/paypal.js?b=1.70.0.407641

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/app/manageCart/showManageOrder

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c853e1c48909733f2240d7a7b2f4f7e8cc4be965750be0e2ea7ebe2f024c705

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 275858
vary: accept-encoding
x-xss-protection: 1; mode=block
last-modified: Sat, 13 Nov 2021 17:40:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"387-1636825241577"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
content-type: application/javascript;charset=UTF-8
via: 1.1 google
cache-control: public, max-age=31278142
cf-ray: 6b02643e1f392c0d-FRA
expires: Tue, 15 Nov 2022 16:19:17 GMT

GET
H2 200 js Show response
www.paypal.com/sdk/ 307 KB
94 KB 596ms
553ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?commit=false&currency=USD&client-id=AYrt1t_Rn_Ce-988DREp5bsPwGCoCdILPsOEb0Jap_LBWdc-E6j0AJ4jR26o-Bhu6HB9rhw_XdO4S_Kc&merchant-id=75EN7DR6P7G72

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/app/manageCart/showManageOrder

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

000f96a817d72246cf82ecd2a4068340c74f8038a2d69bd051363635d3a0f88c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-XQK3yDMFY9u3W3j5PGW96SnoT2OStV4/CNKwwa7T9g2lHzzJ' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-XQK3yDMFY9u3W3j5PGW96SnoT2OStV4/CNKwwa7T9g2lHzzJ' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-XQK3yDMFY9u3W3j5PGW96SnoT2OStV4/CNKwwa7T9g2lHzzJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-XQK3yDMFY9u3W3j5PGW96SnoT2OStV4/CNKwwa7T9g2lHzzJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
age: 0
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
p3p: true
paypal-debug-id: f2276809c1b3e
server-timing: content-encoding;desc=gzip
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 95166
x-xss-protection: 1; mode=block
x-served-by: cache-hhn11554-HHN, cache-fra19172-FRA
x-timer: S1637251015.419294,VS0,VE547
x-frame-options: SAMEORIGIN
date: Thu, 18 Nov 2021 15:56:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"173be-Kbzue9tCWaftmjOr9fe1yjviZV4"
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 api.js Show response
gv142.infusionsoft.app/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 10ms
9ms Script
text/javascript 2606:4700::6812:7ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gv142.infusionsoft.app/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/app/manageCart/showManageOrder

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 6b026442afa82c0d-FRA

GET
H/1.1 200
OK logo-email.jpg
s3.amazonaws.com/wspimage/ 6 KB
6 KB 729ms
176ms Image
image/jpeg 52.217.77.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/wspimage/logo-email.jpg
Requested by: Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.77.22 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: beadbde776e931933abffcb99ed3a01218e67031aeca0b64023841d61b5ed262

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 18 Nov 2021 15:56:57 GMT
Last-Modified: Thu, 31 Jul 2014 14:52:03 GMT
Server: AmazonS3
x-amz-request-id: KKZRAPFZHVQWQV58
ETag: "8a91c0908ae9aa95ab03616db2690b4d"
Content-Type: image/jpeg
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 6264
x-amz-id-2: f+6o0MLM7zJoOigylzRzAnDaJ9bWgc0e1xXD8nOslAxMdXAz0HrPwf0GzTwtlQpTaARreb/vdHc=

GET
H2 200 anti_spam.jsp
gv142.infusionsoft.app/css/ 71 B
275 B 173ms
173ms Stylesheet
text/css 2606:4700::6812:7ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gv142.infusionsoft.app/css/anti_spam.jsp?b=1.70.0.407641

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/app/manageCart/showManageOrder

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

375746e67b3b7ca1ad8f0b3b9a47f588d1b33020f4c07058f3663a4a57a04e66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css;charset=UTF-8
via: 1.1 google
strict-transport-security: max-age=31536000;includeSubDomains
cf-ray: 6b0264410c532c0d-FRA
vary: accept-encoding
x-xss-protection: 1; mode=block
expires: Fri, 18 Nov 2022 20:56:55 GMT

GET
H2 200 gv142-04c44c07-0db3-437e-9fd6-fdf018ab79e7-v2
gv142.files.keap.app/gv142/ 6 KB
7 KB 36ms
7ms Image
image/png 34.102.253.235
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gv142.files.keap.app/gv142/gv142-04c44c07-0db3-437e-9fd6-fdf018ab79e7-v2
Requested by: Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.253.235 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 235.253.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 93b0672e7853923b7afe05b455e904fb345fedd8a4d289c1e2b0a20fffd9c281

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:34:22 GMT
age: 1354
x-guploader-uploadid: ADPycdud0TXaKxdzCm874B-AwA9KFpE9ONWrrDSfPQfb0PsDbRnIolEbr8CxlsJ_iS1w2EZZk8yYEq5ibxSldAcC1Ur3fJEl5A
x-goog-storage-class: MULTI_REGIONAL
x-goog-meta-localupdatetime: 1416342978179
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 6234
last-modified: Tue, 17 Mar 2020 00:23:06 GMT
server: UploadServer
etag: "9dfd289e11d2630f5f071a26a4a82bd7"
x-goog-hash: crc32c=iBKVsw==, md5=nf0onhHSYw9fBxompKgr1w==
x-goog-generation: 1584404586454931
cache-control: public, max-age=3600
x-goog-stored-content-length: 6234
accept-ranges: bytes
content-type: image/png
expires: Thu, 18 Nov 2021 16:34:22 GMT

GET
H2 200 paypal.png
gv142.infusionsoft.app/resources/styledcart/images/paymenttypes/ 1 KB
1 KB 15ms
14ms Image
image/png 2606:4700::6812:7ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gv142.infusionsoft.app/resources/styledcart/images/paymenttypes/paypal.png?b=1.70.0.407641

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/app/manageCart/showManageOrder

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdc98e8921f0ed394e2e13556670930a0aa960472101eda8ed1ae0052575d1a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 275857
vary: accept-encoding
x-xss-protection: 1; mode=block
last-modified: Sat, 13 Nov 2021 17:40:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1056-1636825242069"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
content-type: image/png;charset=UTF-8
via: 1.1 google
cache-control: public, max-age=31278143
cf-ray: 6b026442afa92c0d-FRA
expires: Tue, 15 Nov 2022 16:19:19 GMT

GET
H2 200 tooltip-icon.png
gv142.infusionsoft.app/resources/styledcart/images/ 320 B
470 B 16ms
15ms Image
image/png 2606:4700::6812:7ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gv142.infusionsoft.app/resources/styledcart/images/tooltip-icon.png?b=1.70.0.407641

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/app/manageCart/showManageOrder

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fa8a8b69473f63cd509998b52a7b4eb5bb260315c809f96ff489facca516e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 71146
vary: accept-encoding
x-xss-protection: 1; mode=block
last-modified: Sat, 13 Nov 2021 17:40:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"320-1636825242086"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
content-type: image/png;charset=UTF-8
via: 1.1 google
cache-control: public, max-age=31482854
cf-ray: 6b026442afab2c0d-FRA
expires: Fri, 18 Nov 2022 01:11:10 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
971 B 37ms
16ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?b=1.70.0.407641

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/app/manageCart/showManageOrder

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c0e56b4c6d6603c198bb6f92d0cf363bef3c7e9d7d95080494263e8946b57b1c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 556
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 15:56:56 GMT

GET
H2 200 getTrackingCode Show response
gv142.infusionsoft.app/app/webTracking/ 7 KB
2 KB 223ms
223ms Script
text/javascript 2606:4700::6812:7ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gv142.infusionsoft.app/app/webTracking/getTrackingCode

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/app/manageCart/showManageOrder

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c81fc0c2c0c22fcbe8d0e8d475c175ec7c8825e2630d058fa3c4e9527cb5f73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Nov 2021 15:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 google
cache-control: no-cache, no-store
cf-ray: 6b0264429f832c0d-FRA
vary: accept-encoding
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 15:56:56 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 37ms
16ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/css/ecomm/shoppingcart/cssSnippet.jsp?styleThemeId=129&cssToLoad=appearance

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4b31f597e9852f3e8ef045d9f6032a8ecfe9d8e5c6cde3196c6964e193fe6615

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 14:23:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 18 Nov 2021 15:56:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Nov 2021 15:56:55 GMT

GET
H2 200 lightbox.css
gv142.infusionsoft.app/resources/util/css/ 1 KB
792 B 31ms
30ms Stylesheet
text/css 2606:4700::6812:7ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gv142.infusionsoft.app/resources/util/css/lightbox.css?b=1.70.0.407641

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/js/sink_jq.jsp?b=1.70.0.407641

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16687cf18e88a58068fdbd6c9705f0a4e35918fcfb06bdf3215def98b40350ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 624760
vary: accept-encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 11 Nov 2021 01:55:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1196-1636595726388"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
content-type: text/css;charset=UTF-8
via: 1.1 google
cache-control: public, max-age=30929240
cf-ray: 6b0264413cb42c0d-FRA
expires: Fri, 11 Nov 2022 15:24:15 GMT

GET
H2 200 jquery.qtip.min.css
gv142.infusionsoft.app/resources/external/qtip2/css/ 10 KB
2 KB 21ms
21ms Stylesheet
text/css 2606:4700::6812:7ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gv142.infusionsoft.app/resources/external/qtip2/css/jquery.qtip.min.css?b=1.70.0.407641

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/js/sink_jq.jsp?b=1.70.0.407641

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aedb9491022b583f0e0187d96b1f5928b58337bff6d9d0a8e0dde75d3199f22b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 275857
vary: accept-encoding
x-xss-protection: 1; mode=block
last-modified: Sat, 13 Nov 2021 17:40:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"9836-1636825241918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
content-type: text/css;charset=UTF-8
via: 1.1 google
cache-control: public, max-age=31278143
cf-ray: 6b0264413cb62c0d-FRA
expires: Tue, 15 Nov 2022 16:19:18 GMT

GET
H2 200 infusion-custom-qtip.css
gv142.infusionsoft.app/resources/external/qtip2/css/ 454 B
362 B 15ms
15ms Stylesheet
text/css 2606:4700::6812:7ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gv142.infusionsoft.app/resources/external/qtip2/css/infusion-custom-qtip.css?b=1.70.0.407641

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/js/sink_jq.jsp?b=1.70.0.407641

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f764932ee997ccc72e393451d538634c1a8741998d9cb801b784cf62b219ee01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 275857
vary: accept-encoding
x-xss-protection: 1; mode=block
last-modified: Sat, 13 Nov 2021 17:40:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"454-1636825241917"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
content-type: text/css;charset=UTF-8
via: 1.1 google
cache-control: public, max-age=31278143
cf-ray: 6b0264413cb82c0d-FRA
expires: Tue, 15 Nov 2022 16:19:18 GMT

GET
H2 200 selectenhanced.css
gv142.infusionsoft.app/resources/component/selectenhanced/ 2 KB
924 B 24ms
24ms Stylesheet
text/css 2606:4700::6812:7ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gv142.infusionsoft.app/resources/component/selectenhanced/selectenhanced.css?b=1.70.0.407641

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/js/sink_jq.jsp?b=1.70.0.407641

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64dad616502e85ef1b5a965988d6582f0164527a85fe2eafadf9f468d04f7298

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 275857
vary: accept-encoding
x-xss-protection: 1; mode=block
last-modified: Sat, 13 Nov 2021 17:40:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"2388-1636825241554"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
content-type: text/css;charset=UTF-8
via: 1.1 google
cache-control: public, max-age=31278143
cf-ray: 6b0264413cb92c0d-FRA
expires: Tue, 15 Nov 2022 16:19:18 GMT

GET
H2 200 form.css
gv142.infusionsoft.app/css/ 2 KB
899 B 48ms
48ms Stylesheet
text/css 2606:4700::6812:7ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gv142.infusionsoft.app/css/form.css?b=1.70.0.407641

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/js/sink_jq.jsp?b=1.70.0.407641

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9989d2bd4d569b6a59a79a82bb1c1c42221b43278c4140b7037dde6188b251f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 624760
vary: accept-encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 11 Nov 2021 01:55:25 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1964-1636595725323"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
content-type: text/css;charset=UTF-8
via: 1.1 google
cache-control: public, max-age=30929240
cf-ray: 6b0264413cbd2c0d-FRA
expires: Fri, 11 Nov 2022 15:24:15 GMT

GET
H2 200 newemail.css
gv142.infusionsoft.app/resources/component/email/newemail/ 427 B
301 B 22ms
22ms Stylesheet
text/css 2606:4700::6812:7ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gv142.infusionsoft.app/resources/component/email/newemail/newemail.css?b=1.70.0.407641

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/js/sink_jq.jsp?b=1.70.0.407641

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cd068b457d7782fdeec9c31841ea0427e76bb68e0f331ad01c073b81aafddda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 275857
vary: accept-encoding
x-xss-protection: 1; mode=block
last-modified: Sat, 13 Nov 2021 17:40:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"427-1636825241541"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
content-type: text/css;charset=UTF-8
via: 1.1 google
cache-control: public, max-age=31278143
cf-ray: 6b0264413cbf2c0d-FRA
expires: Tue, 15 Nov 2022 16:19:18 GMT

GET
H2 200 topnav.css
gv142.infusionsoft.app/resources/component/topnav/ 29 KB
5 KB 26ms
26ms Stylesheet
text/css 2606:4700::6812:7ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gv142.infusionsoft.app/resources/component/topnav/topnav.css?b=1.70.0.407641

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/js/sink_jq.jsp?b=1.70.0.407641

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1824923e6f13be49d0fb1669b87215d20e6b2b061048ff2c54cce602c310b14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 275857
vary: accept-encoding
x-xss-protection: 1; mode=block
last-modified: Sat, 13 Nov 2021 17:40:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"29641-1636825241564"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
content-type: text/css;charset=UTF-8
via: 1.1 google
cache-control: public, max-age=31278143
cf-ray: 6b0264413cc12c0d-FRA
expires: Tue, 15 Nov 2022 16:19:18 GMT

GET
H2 200 mininotification.css
gv142.infusionsoft.app/resources/component/content/mininotification/ 467 B
359 B 32ms
32ms Stylesheet
text/css 2606:4700::6812:7ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gv142.infusionsoft.app/resources/component/content/mininotification/mininotification.css?b=1.70.0.407641

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/js/sink_jq.jsp?b=1.70.0.407641

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a22d64fc923519aaaf83f3d05c411e8f7e1c3c8a85994a4bac6b76d1b605a3f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:56:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 96206
vary: accept-encoding
x-xss-protection: 1; mode=block
last-modified: Sat, 13 Nov 2021 17:40:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"467-1636825241539"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
content-type: text/css;charset=UTF-8
via: 1.1 google
cache-control: public, max-age=31457794
cf-ray: 6b0264413cc42c0d-FRA
expires: Thu, 17 Nov 2022 18:13:29 GMT

GET
H2 200 creditView_msg.jsp Show response
gv142.infusionsoft.app/js/msgCodes/ 293 B
233 B 194ms
193ms Script
text/javascript 2606:4700::6812:7ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gv142.infusionsoft.app/js/msgCodes/creditView_msg.jsp?b=1.70.0.407641

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/js/sink_jq.jsp?b=1.70.0.407641

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c231fbd5d450a531a1b83595cfb596585ff9535ad5f6a65fc8231f27c26a56e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/javascript;charset=UTF-8
via: 1.1 google
strict-transport-security: max-age=31536000;includeSubDomains
cf-ray: 6b026442afac2c0d-FRA
vary: accept-encoding
x-xss-protection: 1; mode=block
expires: Fri, 18 Nov 2022 20:56:56 GMT

GET
H2 200 CSRFJavaScriptServlet Show response
gv142.infusionsoft.app/ 34 KB
8 KB 174ms
174ms XHR
text/javascript 2606:4700::6812:7ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gv142.infusionsoft.app/CSRFJavaScriptServlet?b=1.70.0.407641

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/js/sink_jq.jsp?b=1.70.0.407641

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2336115e311b1a16aca98ee1d4e5fe21124ef15f585178c1b2d173690c5506f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/javascript;charset=utf-8
via: 1.1 google
cache-control: private, max-age=90
strict-transport-security: max-age=31536000;includeSubDomains
cf-ray: 6b0264413ccd2c0d-FRA
vary: accept-encoding
x-xss-protection: 1; mode=block
expires: Fri, 18 Nov 2022 20:56:55 GMT

GET
H2 200 external_msg.jsp Show response
gv142.infusionsoft.app/js/msgCodes/ 375 B
369 B 171ms
170ms Script
text/javascript 2606:4700::6812:7ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gv142.infusionsoft.app/js/msgCodes/external_msg.jsp?b=1.70.0.407641

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/js/sink_jq.jsp?b=1.70.0.407641

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b978593517d398832d4c00f4b8c88f48ab7b9f7b6d9108b1357b76f7c49a1bc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/javascript;charset=UTF-8
via: 1.1 google
strict-transport-security: max-age=31536000;includeSubDomains
cf-ray: 6b026442afad2c0d-FRA
vary: accept-encoding
x-xss-protection: 1; mode=block
expires: Fri, 18 Nov 2022 20:56:56 GMT

GET
H2 200 payment.js Show response
gv142.infusionsoft.app/resources/payment/ 800 B
604 B 15ms
15ms Script
application/javascript 2606:4700::6812:7ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gv142.infusionsoft.app/resources/payment/payment.js?b=1.70.0.407641

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/js/sink_jq.jsp?b=1.70.0.407641

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d36752ca94417bf4f3eeca32bd8ae09a3eccd0b9e76fddb767228aa5e0ad75d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 275857
vary: accept-encoding
x-xss-protection: 1; mode=block
last-modified: Sat, 13 Nov 2021 17:40:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"800-1636825242009"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
content-type: application/javascript;charset=UTF-8
via: 1.1 google
cache-control: public, max-age=31278143
cf-ray: 6b026442afaf2c0d-FRA
expires: Tue, 15 Nov 2022 16:19:19 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 13 KB
5 KB 9ms
8ms Script
application/x-javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=gv142.infusionsoft.app&t=xo&v=5.0.271&source=payments_sdk&mrid=75EN7DR6P7G72&client_id=AYrt1t_Rn_Ce-988DREp5bsPwGCoCdILPsOEb0Jap_LBWdc-E6j0AJ4jR26o-Bhu6HB9rhw_XdO4S_Kc&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?commit=false&currency=USD&client-id=AYrt1t_Rn_Ce-988DREp5bsPwGCoCdILPsOEb0Jap_LBWdc-E6j0AJ4jR26o-Bhu6HB9rhw_XdO4S_Kc&merchant-id=75EN7DR6P7G72

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dd88c43c0bccdc7145ed5c446fb87683338b74ee41585e7e00b6a7859791370e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-qCNIptPnhipare4EeHTpFBOUyc/1qvbLv1vRilFSfk82e5J8' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-qCNIptPnhipare4EeHTpFBOUyc/1qvbLv1vRilFSfk82e5J8' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
age: 52669
x-cache: HIT, HIT
paypal-debug-id: f80894098f462
server-timing: content-encoding;desc=gzip
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 4731
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4078-HHN, cache-fra19172-FRA
x-timer: S1637251016.108671,VS0,VE2
x-frame-options: SAMEORIGIN
date: Thu, 18 Nov 2021 15:56:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/x-javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
etag: W/"34d8-9WTy5U75Tun96QjaSdPw5iaDVtc"
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 28ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gv142.infusionsoft.app
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 525894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 12 Nov 2022 13:52:02 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/ 348 KB
137 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?b=1.70.0.407641

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fc0076a36c38f39206bb258eeb8bc8e383b96a6ccd26024b0b088d9e0b192af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gv142.infusionsoft.app/
Origin: https://gv142.infusionsoft.app
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:53:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139079
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 21:26:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Fri, 18 Nov 2022 15:53:45 GMT

GET
H2 200 invoicepayment.js Show response
gv142.infusionsoft.app/resources/ecomm/invoice/invoicepayment/ 6 KB
2 KB 21ms
21ms Script
application/javascript 2606:4700::6812:7ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gv142.infusionsoft.app/resources/ecomm/invoice/invoicepayment/invoicepayment.js?b=1.70.0.407641

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/js/sink_jq.jsp?b=1.70.0.407641

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

191e64e991202f00f05654a7c5acb6f25fc10a67dc50d0b9be3454b22f8d4bfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 275857
vary: accept-encoding
x-xss-protection: 1; mode=block
last-modified: Sat, 13 Nov 2021 17:40:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6220-1636825241570"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
content-type: application/javascript;charset=UTF-8
via: 1.1 google
cache-control: public, max-age=31278143
cf-ray: 6b026442e8252c0d-FRA
expires: Tue, 15 Nov 2022 16:19:19 GMT

GET
H2 200 muse.js Show response
www.paypalobjects.com/muse/ 55 KB
16 KB 31ms
8ms Script
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/muse.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/tagmanager/pptm.js?id=gv142.infusionsoft.app&t=xo&v=5.0.271&source=payments_sdk&mrid=75EN7DR6P7G72&client_id=AYrt1t_Rn_Ce-988DREp5bsPwGCoCdILPsOEb0Jap_LBWdc-E6j0AJ4jR26o-Bhu6HB9rhw_XdO4S_Kc&vault=false

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

129737dfffcc16554dffd7d6dd3a57b6831c96a75d8acec4ea31709555115a53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Aug 2021 15:53:03 GMT
etag: W/"611e7e5f-da2c"
surrogate-control: max-age=31536000
vary: Accept-Encoding
content-type: application/javascript
paypal-debug-id: aae530e0ac39b
cache-control: public,max-age=3600
strict-transport-security: max-age=31536000
dc: ccg11-origin-www-1.paypal.com
content-length: 16424

GET
H2 200 ts
t.paypal.com/ 42 B
768 B 200ms
164ms Image
image/gif 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3A75EN7DR6P7G72-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3A75EN7DR6P7G72-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=a1c5a7ea-a952-4fff-8e1a-e2b22d19c79b&fltp=analytics&mrid=75EN7DR6P7G72&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1637251016147&g=0&completeurl=https%3A%2F%2Fgv142.infusionsoft.app%2Fapp%2FmanageCart%2FshowManageOrder

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/app/manageCart/showManageOrder

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Nov 2021 15:56:56 GMT
via: 1.1 varnish, 1.1 varnish
x-timer: S1637251016.185181,VS0,VE155
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: d24f761bca173
expires: Thu, 18 Nov 2021 15:56:56 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-cache-hits: 0, 0
accept-ranges: bytes
content-type: image/gif
content-length: 42
x-served-by: cache-hhn11555-HHN, cache-fra19151-FRA

GET
H2 200 index.html Show response
www.paypalobjects.com/muse/analytics/ Frame 4A5B 55 KB
17 KB 27ms
26ms Document
text/html 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/analytics/index.html

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/muse.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

a7f3bdebdb6a63f5f0e5f6df8f2428d06879b0940968b3a2ba1136a0583985ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/

Response headers

cache-control: public,max-age=3600
content-encoding: gzip
content-type: text/html
etag: W/"616f114f-d9ea"
last-modified: Tue, 19 Oct 2021 18:41:19 GMT
paypal-debug-id: fa88a42d766dc
surrogate-control: max-age=31536000
dc: ccg11-origin-www-1.paypal.com
x-akamai-transformed: 9 - 0 pmb=mRUM,1
date: Thu, 18 Nov 2021 15:56:56 GMT
content-length: 17124
vary: Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31536000

GET
H/1.1 200
OK aksb.min.js Show response
ds-aksb-a.akamaihd.net/ Frame 4A5B 13 KB
5 KB 44ms
7ms Script
application/x-javascript 2a02:26f0:1700:f::1737:a1ce
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ds-aksb-a.akamaihd.net/aksb.min.js
Requested by: Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:1700:f::1737:a1ce Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 7f06def529e0076b37f65c60085a6b1c65f1bbab0b1f87c72c188018b5094966

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 18 Nov 2021 15:56:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Aug 2018 18:25:26 GMT
Server: Apache
ETag: "15de19f42b35806faf815298644157e0:1535653526"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 4826

GET
H2 200 noop.js Show response
www.paypalobjects.com/muse/ Frame 4A5B 18 B
355 B 157ms
157ms Fetch
application/javascript 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/muse/noop.js

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Resource Hash

0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/muse/analytics/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:56:56 GMT
x-content-type-options: nosniff
surrogate-control: max-age=31536000
paypal-debug-id: 619b74cca4a9b
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 18
x-client-location: DE
pragma: no-cache
last-modified: Sat, 13 Feb 2021 00:26:56 GMT
etag: "60271cd0-12"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
expires: Thu, 18 Nov 2021 15:56:56 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
448 B 168ms
168ms Image
image/gif 151.101.193.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3A75EN7DR6P7G72-1&page=muse%3Aoffer%3A%3A%3A75EN7DR6P7G72-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=a1c5a7ea-a952-4fff-8e1a-e2b22d19c79b&es=visitorInfoFlowStarted&mrid=75EN7DR6P7G72&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1637251016284&g=0&completeurl=https%3A%2F%2Fgv142.infusionsoft.app%2Fapp%2FmanageCart%2FshowManageOrder

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/app/manageCart/showManageOrder

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Nov 2021 15:56:56 GMT
via: 1.1 varnish, 1.1 varnish
x-timer: S1637251016.289328,VS0,VE160
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 97884b0db8119
expires: Thu, 18 Nov 2021 15:56:56 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-cache-hits: 0, 0
accept-ranges: bytes
content-type: image/gif
content-length: 42
x-served-by: cache-hhn4044-HHN, cache-fra19151-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/app/manageCart/showManageOrder

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3349
date: Thu, 18 Nov 2021 15:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 18 Nov 2021 17:01:07 GMT

GET
H2 200 getTrackingCode Show response
gv142.infusionsoft.app/app/webTracking/ 7 KB
2 KB 163ms
163ms Script
text/javascript 2606:4700::6812:7ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gv142.infusionsoft.app/app/webTracking/getTrackingCode

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/app/manageCart/showManageOrder

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c81fc0c2c0c22fcbe8d0e8d475c175ec7c8825e2630d058fa3c4e9527cb5f73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Nov 2021 15:56:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 google
cache-control: no-cache, no-store
cf-ray: 6b0264440ac32c0d-FRA
vary: accept-encoding
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 15:56:56 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
215 B 15ms
14ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1464128810&t=pageview&_s=1&dl=https%3A%2F%2Fgv142.infusionsoft.app%2Fapp%2FmanageCart%2FshowManageOrder&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBACEABBAAAAC~&jid=643197598&gjid=1579568734&cid=2146183070.1637251016&tid=UA-26812143-1&_gid=1035306582.1637251016&_r=1&_slc=1&z=69997261

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/app/manageCart/showManageOrder

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gv142.infusionsoft.app/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Nov 2021 15:56:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gv142.infusionsoft.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
448 B 42ms
14ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-26812143-1&cid=2146183070.1637251016&jid=643197598&gjid=1579568734&_gid=1035306582.1637251016&_u=IGBACEAABAAAAC~&z=1116209013

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/app/manageCart/showManageOrder

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gv142.infusionsoft.app/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 18 Nov 2021 15:56:56 GMT
content-type: text/plain
access-control-allow-origin: https://gv142.infusionsoft.app
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content b
ds-aksb-a.akamaihd.net/2/16249/ Frame 4A5B 0
269 B 7ms
6ms Image
text/html 2a02:26f0:1700:f::1737:a1ce
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ds-aksb-a.akamaihd.net/2/16249/b?dE=0&cS=0&cE=0&rqS=0&rsS=27&rsE=28&sS=&dl=29&di=49&fp=1637251016&dlS=49&dlE=49&dc=89&leS=89&leE=91&to=&ol=0&cr=0&mt=&mb=&b=131329&u=https%3A//www.paypalobjects.com/muse/analytics/index.html&ua=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/95.0.4638.54%20Safari/537.36&pl=Linux%20x86_64&us=&gh=2.16.187.44&t=&rid=23ea47ce&r=31715&akM=&akN=ae&vc=14:17&bpcip=5bc77600&akTX=1&akTI=23ea47ce&ai=188751&pmgn=&pmgi=&pmp=
Requested by: Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:1700:f::1737:a1ce Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 Nov 2021 15:56:56 GMT
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store, private
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 0
Expires: Thu, 18 Nov 2021 15:56:56 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
297 B 77ms
75ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-26812143-1&cid=2146183070.1637251016&jid=643197598&_u=IGBACEAABAAAAC~&z=1497560203

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/app/manageCart/showManageOrder

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Nov 2021 15:56:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
502 B 52ms
30ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-26812143-1&cid=2146183070.1637251016&jid=643197598&_u=IGBACEAABAAAAC~&z=1497560203

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/app/manageCart/showManageOrder

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Nov 2021 15:56:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 graphql Show response
www.paypal.com/targeting/ Frame 4A5B 434 B
2 KB 290ms
289ms Fetch
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/muse/analytics/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1fd982d97d53239cb21cb37b9bc3d2740e1a0301a5614dc73e05834a6f36b049

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; img-src 'self' https:; script-src 'nonce-MYlsPt2ilfajw3s+QdWEmUViosmyN/rW57fV44ztar5amDmW' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; object-src 'none'; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypalobjects.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-MYlsPt2ilfajw3s+QdWEmUViosmyN/rW57fV44ztar5amDmW' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
via: 1.1 varnish, 1.1 varnish
vary: Accept-Encoding
x-cache: MISS, MISS
paypal-debug-id: f194957d9a461
date: Thu, 18 Nov 2021 15:56:56 GMT
server-timing: content-encoding;desc=br
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
x-served-by: cache-hhn11540-HHN, cache-fra19172-FRA
x-timer: S1637251017.648614,VS0,VE283
x-frame-options: SAMEORIGIN
etag: W/"1b2-MtdzUd4VxJjqf3h/HebOtvmDBhI"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypalobjects.com
content-encoding: br
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 204 graphql
www.paypal.com/targeting/ Frame 0
0 197ms
183ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/targeting/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: f6346650691c8
dc: ccg11-origin-www-1.paypal.com
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Thu, 18 Nov 2021 15:56:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4053-HHN, cache-fra19169-FRA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1637251016.465484,VS0,VE175

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame FC47 308 KB
129 KB 332ms
331ms Document
text/html 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21taXQ9ZmFsc2UmY3VycmVuY3k9VVNEJmNsaWVudC1pZD1BWXJ0MXRfUm5fQ2UtOTg4RFJFcDVic1B3R0NvQ2RJTFBzT0ViMEphcF9MQldkYy1FNmowQUo0alIyNm8tQmh1NkhCOXJod19YZE80U19LYyZtZXJjaGFudC1pZD03NUVON0RSNlA3RzcyIiwiYXR0cnMiOnsiZGF0YS1wYXJ0bmVyLWF0dHJpYnV0aW9uLWlkIjoiS2VhcF9QQ1AiLCJkYXRhLXVpZCI6InVpZF96Zmx2YWtodnpwemJ1aXVtYW1yYmxkeGxwdHdlaGoifX0&clientID=AYrt1t_Rn_Ce-988DREp5bsPwGCoCdILPsOEb0Jap_LBWdc-E6j0AJ4jR26o-Bhu6HB9rhw_XdO4S_Kc&sdkCorrelationID=a90771762f624&storageID=uid_8a52298709_mtu6nty6nty&sessionID=uid_28d9a6d09d_mtu6nty6nty&buttonSessionID=uid_b8ce1f9257_mtu6nty6nty&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiZDQ1YzZlMWYxY2UwM2IzM2JjNTEyMjQ3YTJjY2M0NTRlNDgyNDVlNSIsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOmZhbHNlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&merchantID.0=75EN7DR6P7G72&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c22970de94b3b07330fdd55a56a9ecb7da160fc410d43dbae121521b58b757d5

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
etag: W/"4d056-nkcYbqqcrp41eAwSGGWh20i3Zx0"
p3p: true
paypal-debug-id: f194957467103
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
content-encoding: br
date: Thu, 18 Nov 2021 15:56:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4055-HHN, cache-fra19172-FRA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1637251017.529965,VS0,VE325
vary: Accept-Encoding
server-timing: content-encoding;desc=br

GET
DATA 200
OK truncated
/ Frame B7C3 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B7C3 9 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B7C3 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3853 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3853 9 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3853 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame 006F 308 KB
128 KB 355ms
354ms Document
text/html 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21taXQ9ZmFsc2UmY3VycmVuY3k9VVNEJmNsaWVudC1pZD1BWXJ0MXRfUm5fQ2UtOTg4RFJFcDVic1B3R0NvQ2RJTFBzT0ViMEphcF9MQldkYy1FNmowQUo0alIyNm8tQmh1NkhCOXJod19YZE80U19LYyZtZXJjaGFudC1pZD03NUVON0RSNlA3RzcyIiwiYXR0cnMiOnsiZGF0YS1wYXJ0bmVyLWF0dHJpYnV0aW9uLWlkIjoiS2VhcF9QQ1AiLCJkYXRhLXVpZCI6InVpZF96Zmx2YWtodnpwemJ1aXVtYW1yYmxkeGxwdHdlaGoifX0&clientID=AYrt1t_Rn_Ce-988DREp5bsPwGCoCdILPsOEb0Jap_LBWdc-E6j0AJ4jR26o-Bhu6HB9rhw_XdO4S_Kc&sdkCorrelationID=a90771762f624&storageID=uid_8a52298709_mtu6nty6nty&sessionID=uid_28d9a6d09d_mtu6nty6nty&buttonSessionID=uid_38a592f777_mtu6nty6nty&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiZDQ1YzZlMWYxY2UwM2IzM2JjNTEyMjQ3YTJjY2M0NTRlNDgyNDVlNSIsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOmZhbHNlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&merchantID.0=75EN7DR6P7G72&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

61604264f2b51bba89b148e2f8d89d1a0419cf7e9442910bfe050c48abb7b90e

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
etag: W/"4d056-yGyUT03ZhhrlgyYwp8sgz7RyIbk"
p3p: true
paypal-debug-id: f194957569124
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
content-encoding: br
date: Thu, 18 Nov 2021 15:56:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4069-HHN, cache-fra19172-FRA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1637251017.561227,VS0,VE348
vary: Accept-Encoding
server-timing: content-encoding;desc=br

GET
H2 200 50045e95-2fc2-47d6-bea6-b5da3090d197
gv142.files.keap.app/gv142/ 1 KB
2 KB 9ms
9ms Image
image/pjpeg 34.102.253.235
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gv142.files.keap.app/gv142/50045e95-2fc2-47d6-bea6-b5da3090d197
Requested by: Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.253.235 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 235.253.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 192fbe6623af434414994f6f86fb7d6e0060d564278f1ecaaca0c94794e592e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:34:22 GMT
age: 1354
x-guploader-uploadid: ADPycdv_FZm7WH6uOJpaa_0Ns4UsREOqMVR3iExaDDkQo_0G-Iu8gBBtJToQDq72gp6jl_k5uNCP0ZD6PBs31o4qfbE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 1390
last-modified: Tue, 19 Oct 2021 15:09:08 GMT
server: UploadServer
etag: "1c0335ee1cd690758307eb876938d3f9"
x-goog-hash: crc32c=voPSHQ==, md5=HAM17hzWkHWDB+uHaTjT+Q==
x-goog-generation: 1634656148237823
cache-control: public, max-age=3600
x-goog-stored-content-length: 1390
accept-ranges: bytes
content-type: image/pjpeg
expires: Thu, 18 Nov 2021 16:34:22 GMT

GET
H2 200 0fca7516-58ea-4560-ba93-6dd691289e4a
gv142.files.keap.app/gv142/ 1 KB
2 KB 10ms
10ms Image
image/pjpeg 34.102.253.235
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gv142.files.keap.app/gv142/0fca7516-58ea-4560-ba93-6dd691289e4a
Requested by: Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.253.235 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 235.253.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c112af0d8ee184005be54ffb0a35d6374ae4177d09e81772bc7f264daa4af17b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:34:22 GMT
age: 1354
x-guploader-uploadid: ADPycduoe2hvsExEPFVr6W49BpVMlXz8ch00Q5f-iKEPoMxPAALzLLTdeWk4DztQJF4UrUa1sHthO_P4dYX4TH0un1k
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 1387
last-modified: Tue, 19 Oct 2021 15:11:10 GMT
server: UploadServer
etag: "0d973d58f0085b03208fa75ccd5e4c8b"
x-goog-hash: crc32c=2uVABg==, md5=DZc9WPAIWwMgj6dczV5Miw==
x-goog-generation: 1634656270613563
cache-control: public, max-age=3600
x-goog-stored-content-length: 1387
accept-ranges: bytes
content-type: image/pjpeg
expires: Thu, 18 Nov 2021 16:34:22 GMT

GET
H2 200 66d29dac-c7df-4387-be98-9950229e4694
gv142.files.keap.app/gv142/ 1 KB
2 KB 10ms
9ms Image
image/pjpeg 34.102.253.235
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gv142.files.keap.app/gv142/66d29dac-c7df-4387-be98-9950229e4694
Requested by: Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.253.235 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 235.253.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a5a24ef6db0dfae229f563697c8c97ad32739bc8f6060c1231973cf47b289805

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:34:22 GMT
age: 1354
x-guploader-uploadid: ADPycdvRpZzZF5LolS7Fm72tr3vDieysqzTifQbugGN3DxalO5fdtcQa1H4uIQK__14X7EMs0Foga9xX4Kdo2aHuZRE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 1416
last-modified: Tue, 19 Oct 2021 15:12:08 GMT
server: UploadServer
etag: "48bdee3c41ead2590537309eaea476fa"
x-goog-hash: crc32c=gag6Hw==, md5=SL3uPEHq0lkFNzCerqR2+g==
x-goog-generation: 1634656328450181
cache-control: public, max-age=3600
x-goog-stored-content-length: 1416
accept-ranges: bytes
content-type: image/pjpeg
expires: Thu, 18 Nov 2021 16:34:22 GMT

POST
H2 204 result Show response
gv142.infusionsoft.app/cdn-cgi/bm/cv/ 0
323 B 11ms
11ms XHR
text/plain 2606:4700::6812:7ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gv142.infusionsoft.app/cdn-cgi/bm/cv/result?req_id=6b02643c6ba02c0d
Requested by: Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:7ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
OWASP_CSRFTOKEN: 3UCW-X972-XH65-EZKV-WK5I-5J5D-OYIJ-NISL
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 18 Nov 2021 15:56:56 GMT
server: cloudflare
cf-ray: 6b026445fe942c0d-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame FC47 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 006F 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame FC47 307 KB
94 KB 9ms
8ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?commit=false&currency=USD&client-id=AYrt1t_Rn_Ce-988DREp5bsPwGCoCdILPsOEb0Jap_LBWdc-E6j0AJ4jR26o-Bhu6HB9rhw_XdO4S_Kc&merchant-id=75EN7DR6P7G72

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21taXQ9ZmFsc2UmY3VycmVuY3k9VVNEJmNsaWVudC1pZD1BWXJ0MXRfUm5fQ2UtOTg4RFJFcDVic1B3R0NvQ2RJTFBzT0ViMEphcF9MQldkYy1FNmowQUo0alIyNm8tQmh1NkhCOXJod19YZE80U19LYyZtZXJjaGFudC1pZD03NUVON0RSNlA3RzcyIiwiYXR0cnMiOnsiZGF0YS1wYXJ0bmVyLWF0dHJpYnV0aW9uLWlkIjoiS2VhcF9QQ1AiLCJkYXRhLXVpZCI6InVpZF96Zmx2YWtodnpwemJ1aXVtYW1yYmxkeGxwdHdlaGoifX0&clientID=AYrt1t_Rn_Ce-988DREp5bsPwGCoCdILPsOEb0Jap_LBWdc-E6j0AJ4jR26o-Bhu6HB9rhw_XdO4S_Kc&sdkCorrelationID=a90771762f624&storageID=uid_8a52298709_mtu6nty6nty&sessionID=uid_28d9a6d09d_mtu6nty6nty&buttonSessionID=uid_b8ce1f9257_mtu6nty6nty&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiZDQ1YzZlMWYxY2UwM2IzM2JjNTEyMjQ3YTJjY2M0NTRlNDgyNDVlNSIsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOmZhbHNlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&merchantID.0=75EN7DR6P7G72&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

000f96a817d72246cf82ecd2a4068340c74f8038a2d69bd051363635d3a0f88c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-XQK3yDMFY9u3W3j5PGW96SnoT2OStV4/CNKwwa7T9g2lHzzJ' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-XQK3yDMFY9u3W3j5PGW96SnoT2OStV4/CNKwwa7T9g2lHzzJ' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21taXQ9ZmFsc2UmY3VycmVuY3k9VVNEJmNsaWVudC1pZD1BWXJ0MXRfUm5fQ2UtOTg4RFJFcDVic1B3R0NvQ2RJTFBzT0ViMEphcF9MQldkYy1FNmowQUo0alIyNm8tQmh1NkhCOXJod19YZE80U19LYyZtZXJjaGFudC1pZD03NUVON0RSNlA3RzcyIiwiYXR0cnMiOnsiZGF0YS1wYXJ0bmVyLWF0dHJpYnV0aW9uLWlkIjoiS2VhcF9QQ1AiLCJkYXRhLXVpZCI6InVpZF96Zmx2YWtodnpwemJ1aXVtYW1yYmxkeGxwdHdlaGoifX0&clientID=AYrt1t_Rn_Ce-988DREp5bsPwGCoCdILPsOEb0Jap_LBWdc-E6j0AJ4jR26o-Bhu6HB9rhw_XdO4S_Kc&sdkCorrelationID=a90771762f624&storageID=uid_8a52298709_mtu6nty6nty&sessionID=uid_28d9a6d09d_mtu6nty6nty&buttonSessionID=uid_b8ce1f9257_mtu6nty6nty&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiZDQ1YzZlMWYxY2UwM2IzM2JjNTEyMjQ3YTJjY2M0NTRlNDgyNDVlNSIsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOmZhbHNlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&merchantID.0=75EN7DR6P7G72&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-XQK3yDMFY9u3W3j5PGW96SnoT2OStV4/CNKwwa7T9g2lHzzJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-XQK3yDMFY9u3W3j5PGW96SnoT2OStV4/CNKwwa7T9g2lHzzJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
age: 1
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, HIT
p3p: true
paypal-debug-id: f2276809c1b3e
server-timing: content-encoding;desc=gzip
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 95166
x-xss-protection: 1; mode=block
x-served-by: cache-hhn11554-HHN, cache-fra19172-FRA
x-timer: S1637251017.997504,VS0,VE1
x-frame-options: SAMEORIGIN
date: Thu, 18 Nov 2021 15:56:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"173be-Kbzue9tCWaftmjOr9fe1yjviZV4"
accept-ranges: bytes
x-cache-hits: 0, 1

GET
DATA 200
OK truncated
/ Frame FC47 9 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame FC47 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 006F 307 KB
93 KB 9ms
9ms Script
application/javascript 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?commit=false&currency=USD&client-id=AYrt1t_Rn_Ce-988DREp5bsPwGCoCdILPsOEb0Jap_LBWdc-E6j0AJ4jR26o-Bhu6HB9rhw_XdO4S_Kc&merchant-id=75EN7DR6P7G72

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21taXQ9ZmFsc2UmY3VycmVuY3k9VVNEJmNsaWVudC1pZD1BWXJ0MXRfUm5fQ2UtOTg4RFJFcDVic1B3R0NvQ2RJTFBzT0ViMEphcF9MQldkYy1FNmowQUo0alIyNm8tQmh1NkhCOXJod19YZE80U19LYyZtZXJjaGFudC1pZD03NUVON0RSNlA3RzcyIiwiYXR0cnMiOnsiZGF0YS1wYXJ0bmVyLWF0dHJpYnV0aW9uLWlkIjoiS2VhcF9QQ1AiLCJkYXRhLXVpZCI6InVpZF96Zmx2YWtodnpwemJ1aXVtYW1yYmxkeGxwdHdlaGoifX0&clientID=AYrt1t_Rn_Ce-988DREp5bsPwGCoCdILPsOEb0Jap_LBWdc-E6j0AJ4jR26o-Bhu6HB9rhw_XdO4S_Kc&sdkCorrelationID=a90771762f624&storageID=uid_8a52298709_mtu6nty6nty&sessionID=uid_28d9a6d09d_mtu6nty6nty&buttonSessionID=uid_38a592f777_mtu6nty6nty&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiZDQ1YzZlMWYxY2UwM2IzM2JjNTEyMjQ3YTJjY2M0NTRlNDgyNDVlNSIsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOmZhbHNlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&merchantID.0=75EN7DR6P7G72&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

000f96a817d72246cf82ecd2a4068340c74f8038a2d69bd051363635d3a0f88c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-XQK3yDMFY9u3W3j5PGW96SnoT2OStV4/CNKwwa7T9g2lHzzJ' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-XQK3yDMFY9u3W3j5PGW96SnoT2OStV4/CNKwwa7T9g2lHzzJ' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21taXQ9ZmFsc2UmY3VycmVuY3k9VVNEJmNsaWVudC1pZD1BWXJ0MXRfUm5fQ2UtOTg4RFJFcDVic1B3R0NvQ2RJTFBzT0ViMEphcF9MQldkYy1FNmowQUo0alIyNm8tQmh1NkhCOXJod19YZE80U19LYyZtZXJjaGFudC1pZD03NUVON0RSNlA3RzcyIiwiYXR0cnMiOnsiZGF0YS1wYXJ0bmVyLWF0dHJpYnV0aW9uLWlkIjoiS2VhcF9QQ1AiLCJkYXRhLXVpZCI6InVpZF96Zmx2YWtodnpwemJ1aXVtYW1yYmxkeGxwdHdlaGoifX0&clientID=AYrt1t_Rn_Ce-988DREp5bsPwGCoCdILPsOEb0Jap_LBWdc-E6j0AJ4jR26o-Bhu6HB9rhw_XdO4S_Kc&sdkCorrelationID=a90771762f624&storageID=uid_8a52298709_mtu6nty6nty&sessionID=uid_28d9a6d09d_mtu6nty6nty&buttonSessionID=uid_38a592f777_mtu6nty6nty&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiZDQ1YzZlMWYxY2UwM2IzM2JjNTEyMjQ3YTJjY2M0NTRlNDgyNDVlNSIsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOmZhbHNlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&merchantID.0=75EN7DR6P7G72&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-XQK3yDMFY9u3W3j5PGW96SnoT2OStV4/CNKwwa7T9g2lHzzJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-XQK3yDMFY9u3W3j5PGW96SnoT2OStV4/CNKwwa7T9g2lHzzJ' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
age: 1
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, HIT
p3p: true
paypal-debug-id: f2276809c1b3e
server-timing: content-encoding;desc=gzip
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 95166
x-xss-protection: 1; mode=block
x-served-by: cache-hhn11554-HHN, cache-fra19172-FRA
x-timer: S1637251017.063572,VS0,VE2
x-frame-options: SAMEORIGIN
date: Thu, 18 Nov 2021 15:56:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"173be-Kbzue9tCWaftmjOr9fe1yjviZV4"
accept-ranges: bytes
x-cache-hits: 0, 2

GET
DATA 200
OK truncated
/ Frame 006F 9 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 006F 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame FC47 55 KB
19 KB 59ms
12ms Script
application/javascript 23.45.107.81
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.107.81 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-45-107-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

8ba56f6b8db4984684e70e96502fb1a4f4d436e22e147ad693f70e78c3921a41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000, max-age=63072000
content-encoding: gzip
x-content-type-options: nosniff
surrogate-control: max-age=31536000
paypal-debug-id: abe329596820b
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 19090
etag: W/"618e152e-db6d"
last-modified: Fri, 12 Nov 2021 07:18:06 GMT
date: Thu, 18 Nov 2021 15:56:57 GMT
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: false
expires: Fri, 19 Nov 2021 15:56:57 GMT

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame FC47 850 B
1 KB 192ms
191ms Ping
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3213ec07445cf48cfce42823a9f15f6d28607fef5fb756cbb539250ae9160a13

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21taXQ9ZmFsc2UmY3VycmVuY3k9VVNEJmNsaWVudC1pZD1BWXJ0MXRfUm5fQ2UtOTg4RFJFcDVic1B3R0NvQ2RJTFBzT0ViMEphcF9MQldkYy1FNmowQUo0alIyNm8tQmh1NkhCOXJod19YZE80U19LYyZtZXJjaGFudC1pZD03NUVON0RSNlA3RzcyIiwiYXR0cnMiOnsiZGF0YS1wYXJ0bmVyLWF0dHJpYnV0aW9uLWlkIjoiS2VhcF9QQ1AiLCJkYXRhLXVpZCI6InVpZF96Zmx2YWtodnpwemJ1aXVtYW1yYmxkeGxwdHdlaGoifX0&clientID=AYrt1t_Rn_Ce-988DREp5bsPwGCoCdILPsOEb0Jap_LBWdc-E6j0AJ4jR26o-Bhu6HB9rhw_XdO4S_Kc&sdkCorrelationID=a90771762f624&storageID=uid_8a52298709_mtu6nty6nty&sessionID=uid_28d9a6d09d_mtu6nty6nty&buttonSessionID=uid_b8ce1f9257_mtu6nty6nty&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiZDQ1YzZlMWYxY2UwM2IzM2JjNTEyMjQ3YTJjY2M0NTRlNDgyNDVlNSIsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOmZhbHNlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&merchantID.0=75EN7DR6P7G72&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 18 Nov 2021 15:56:57 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: f1949573a5361
server-timing: content-encoding;desc=br
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn11546-HHN, cache-fra19172-FRA
x-timer: S1637251017.473680,VS0,VE184
etag: W/"352-vIwE2CW5Tl0Sr9ax7CdtcdsE6Ng"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame 41BF 160 B
935 B 171ms
170ms Document
text/html 23.45.107.81
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.107.81 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-45-107-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/

Response headers

correlation-id: 39e1dc57e65a2
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 160
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
paypal-debug-id: 39e1dc57e65a2
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
date: Thu, 18 Nov 2021 15:56:57 GMT
strict-transport-security: max-age=63072000

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/v2/ Frame F349
Redirect Chain

https://b.stats.paypal.com/v2/counter.cgi?p=uid_28d9a6d09d_mtu6nty6nty&s=SMART_PAYMENT_BUTTONS
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_28d9a6d09d_mtu6nty6nty&s=SMART_PAYMENT_BUTTONS

42 B
299 B

103ms
34ms

Image
image/jpeg

64.4.245.84
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_28d9a6d09d_mtu6nty6nty&s=SMART_PAYMENT_BUTTONS
Requested by: Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21taXQ9ZmFsc2UmY3VycmVuY3k9VVNEJmNsaWVudC1pZD1BWXJ0MXRfUm5fQ2UtOTg4RFJFcDVic1B3R0NvQ2RJTFBzT0ViMEphcF9MQldkYy1FNmowQUo0alIyNm8tQmh1NkhCOXJod19YZE80U19LYyZtZXJjaGFudC1pZD03NUVON0RSNlA3RzcyIiwiYXR0cnMiOnsiZGF0YS1wYXJ0bmVyLWF0dHJpYnV0aW9uLWlkIjoiS2VhcF9QQ1AiLCJkYXRhLXVpZCI6InVpZF96Zmx2YWtodnpwemJ1aXVtYW1yYmxkeGxwdHdlaGoifX0&clientID=AYrt1t_Rn_Ce-988DREp5bsPwGCoCdILPsOEb0Jap_LBWdc-E6j0AJ4jR26o-Bhu6HB9rhw_XdO4S_Kc&sdkCorrelationID=a90771762f624&storageID=uid_8a52298709_mtu6nty6nty&sessionID=uid_28d9a6d09d_mtu6nty6nty&buttonSessionID=uid_b8ce1f9257_mtu6nty6nty&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiZDQ1YzZlMWYxY2UwM2IzM2JjNTEyMjQ3YTJjY2M0NTRlNDgyNDVlNSIsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOmZhbHNlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&merchantID.0=75EN7DR6P7G72&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Protocol: HTTP/1.1
Server: 64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 18 Nov 2021 15:56:57 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_28d9a6d09d_mtu6nty6nty&s=SMART_PAYMENT_BUTTONS
Date: Thu, 18 Nov 2021 15:56:57 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 006F 55 KB
19 KB 16ms
15ms Script
application/javascript 23.45.107.81
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21taXQ9ZmFsc2UmY3VycmVuY3k9VVNEJmNsaWVudC1pZD1BWXJ0MXRfUm5fQ2UtOTg4RFJFcDVic1B3R0NvQ2RJTFBzT0ViMEphcF9MQldkYy1FNmowQUo0alIyNm8tQmh1NkhCOXJod19YZE80U19LYyZtZXJjaGFudC1pZD03NUVON0RSNlA3RzcyIiwiYXR0cnMiOnsiZGF0YS1wYXJ0bmVyLWF0dHJpYnV0aW9uLWlkIjoiS2VhcF9QQ1AiLCJkYXRhLXVpZCI6InVpZF96Zmx2YWtodnpwemJ1aXVtYW1yYmxkeGxwdHdlaGoifX0&clientID=AYrt1t_Rn_Ce-988DREp5bsPwGCoCdILPsOEb0Jap_LBWdc-E6j0AJ4jR26o-Bhu6HB9rhw_XdO4S_Kc&sdkCorrelationID=a90771762f624&storageID=uid_8a52298709_mtu6nty6nty&sessionID=uid_28d9a6d09d_mtu6nty6nty&buttonSessionID=uid_38a592f777_mtu6nty6nty&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiZDQ1YzZlMWYxY2UwM2IzM2JjNTEyMjQ3YTJjY2M0NTRlNDgyNDVlNSIsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOmZhbHNlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&merchantID.0=75EN7DR6P7G72&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.107.81 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-45-107-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

8ba56f6b8db4984684e70e96502fb1a4f4d436e22e147ad693f70e78c3921a41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000, max-age=63072000
content-encoding: gzip
x-content-type-options: nosniff
surrogate-control: max-age=31536000
paypal-debug-id: abe329596820b
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 19090
etag: W/"618e152e-db6d"
last-modified: Fri, 12 Nov 2021 07:18:06 GMT
date: Thu, 18 Nov 2021 15:56:57 GMT
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: false
expires: Fri, 19 Nov 2021 15:56:57 GMT

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/v2/ Frame 9B1C
Redirect Chain

https://b.stats.paypal.com/v2/counter.cgi?p=uid_28d9a6d09d_mtu6nty6nty&s=SMART_PAYMENT_BUTTONS
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_28d9a6d09d_mtu6nty6nty&s=SMART_PAYMENT_BUTTONS

42 B
299 B

92ms
31ms

Image
image/jpeg

64.4.245.84
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_28d9a6d09d_mtu6nty6nty&s=SMART_PAYMENT_BUTTONS
Requested by: Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21taXQ9ZmFsc2UmY3VycmVuY3k9VVNEJmNsaWVudC1pZD1BWXJ0MXRfUm5fQ2UtOTg4RFJFcDVic1B3R0NvQ2RJTFBzT0ViMEphcF9MQldkYy1FNmowQUo0alIyNm8tQmh1NkhCOXJod19YZE80U19LYyZtZXJjaGFudC1pZD03NUVON0RSNlA3RzcyIiwiYXR0cnMiOnsiZGF0YS1wYXJ0bmVyLWF0dHJpYnV0aW9uLWlkIjoiS2VhcF9QQ1AiLCJkYXRhLXVpZCI6InVpZF96Zmx2YWtodnpwemJ1aXVtYW1yYmxkeGxwdHdlaGoifX0&clientID=AYrt1t_Rn_Ce-988DREp5bsPwGCoCdILPsOEb0Jap_LBWdc-E6j0AJ4jR26o-Bhu6HB9rhw_XdO4S_Kc&sdkCorrelationID=a90771762f624&storageID=uid_8a52298709_mtu6nty6nty&sessionID=uid_28d9a6d09d_mtu6nty6nty&buttonSessionID=uid_38a592f777_mtu6nty6nty&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiZDQ1YzZlMWYxY2UwM2IzM2JjNTEyMjQ3YTJjY2M0NTRlNDgyNDVlNSIsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOmZhbHNlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&merchantID.0=75EN7DR6P7G72&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Protocol: HTTP/1.1
Server: 64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 18 Nov 2021 15:56:57 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_28d9a6d09d_mtu6nty6nty&s=SMART_PAYMENT_BUTTONS
Date: Thu, 18 Nov 2021 15:56:57 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame 28FF 160 B
937 B 185ms
184ms Document
text/html 23.45.107.81
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.107.81 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-45-107-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypal.com/

Response headers

correlation-id: 586be305748c2
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 160
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
paypal-debug-id: 586be305748c2
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
date: Thu, 18 Nov 2021 15:56:57 GMT
strict-transport-security: max-age=63072000

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 006F 852 B
1014 B 190ms
189ms Ping
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21taXQ9ZmFsc2UmY3VycmVuY3k9VVNEJmNsaWVudC1pZD1BWXJ0MXRfUm5fQ2UtOTg4RFJFcDVic1B3R0NvQ2RJTFBzT0ViMEphcF9MQldkYy1FNmowQUo0alIyNm8tQmh1NkhCOXJod19YZE80U19LYyZtZXJjaGFudC1pZD03NUVON0RSNlA3RzcyIiwiYXR0cnMiOnsiZGF0YS1wYXJ0bmVyLWF0dHJpYnV0aW9uLWlkIjoiS2VhcF9QQ1AiLCJkYXRhLXVpZCI6InVpZF96Zmx2YWtodnpwemJ1aXVtYW1yYmxkeGxwdHdlaGoifX0&clientID=AYrt1t_Rn_Ce-988DREp5bsPwGCoCdILPsOEb0Jap_LBWdc-E6j0AJ4jR26o-Bhu6HB9rhw_XdO4S_Kc&sdkCorrelationID=a90771762f624&storageID=uid_8a52298709_mtu6nty6nty&sessionID=uid_28d9a6d09d_mtu6nty6nty&buttonSessionID=uid_38a592f777_mtu6nty6nty&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiZDQ1YzZlMWYxY2UwM2IzM2JjNTEyMjQ3YTJjY2M0NTRlNDgyNDVlNSIsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOmZhbHNlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&merchantID.0=75EN7DR6P7G72&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f0718a8a9a5bb98c9746f770e12f642483633aee2d068b734612319e99b138e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21taXQ9ZmFsc2UmY3VycmVuY3k9VVNEJmNsaWVudC1pZD1BWXJ0MXRfUm5fQ2UtOTg4RFJFcDVic1B3R0NvQ2RJTFBzT0ViMEphcF9MQldkYy1FNmowQUo0alIyNm8tQmh1NkhCOXJod19YZE80U19LYyZtZXJjaGFudC1pZD03NUVON0RSNlA3RzcyIiwiYXR0cnMiOnsiZGF0YS1wYXJ0bmVyLWF0dHJpYnV0aW9uLWlkIjoiS2VhcF9QQ1AiLCJkYXRhLXVpZCI6InVpZF96Zmx2YWtodnpwemJ1aXVtYW1yYmxkeGxwdHdlaGoifX0&clientID=AYrt1t_Rn_Ce-988DREp5bsPwGCoCdILPsOEb0Jap_LBWdc-E6j0AJ4jR26o-Bhu6HB9rhw_XdO4S_Kc&sdkCorrelationID=a90771762f624&storageID=uid_8a52298709_mtu6nty6nty&sessionID=uid_28d9a6d09d_mtu6nty6nty&buttonSessionID=uid_38a592f777_mtu6nty6nty&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiZDQ1YzZlMWYxY2UwM2IzM2JjNTEyMjQ3YTJjY2M0NTRlNDgyNDVlNSIsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOmZhbHNlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&merchantID.0=75EN7DR6P7G72&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 18 Nov 2021 15:56:57 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: f4367020365a7
server-timing: content-encoding;desc=br
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn11560-HHN, cache-fra19172-FRA
x-timer: S1637251018.574163,VS0,VE182
etag: W/"354-P0ocwyWe9NGfl060i/qSbFv2478"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 41BF 55 KB
19 KB 20ms
20ms Script
application/javascript 23.45.107.81
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.107.81 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-45-107-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

8ba56f6b8db4984684e70e96502fb1a4f4d436e22e147ad693f70e78c3921a41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000, max-age=63072000
content-encoding: gzip
x-content-type-options: nosniff
surrogate-control: max-age=31536000
paypal-debug-id: abe329596820b
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 19090
etag: W/"618e152e-db6d"
last-modified: Fri, 12 Nov 2021 07:18:06 GMT
date: Thu, 18 Nov 2021 15:56:57 GMT
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: false
expires: Fri, 19 Nov 2021 15:56:57 GMT

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame 41BF 125 B
753 B 233ms
233ms XHR
application/json 23.45.107.81
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.107.81 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-45-107-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

f8a8646f17c57adf12831fdfe06fd9adf5da45b4b681ecd2f38525b611ff7c4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 18 Nov 2021 15:56:57 GMT
correlation-id: 83ee9fae0e2c6
strict-transport-security: max-age=63072000
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: 83ee9fae0e2c6
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json
content-length: 125

POST
H2 200 e Show response
c.paypal.com/v1/r/d/b/ Frame 41BF 15 B
226 B 236ms
236ms XHR
application/json 23.45.107.81
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.107.81 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-45-107-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

paypal-debug-id: ff361184b2ba8
date: Thu, 18 Nov 2021 15:56:57 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
correlation-id: ff361184b2ba8
content-length: 15
strict-transport-security: max-age=63072000
content-type: application/json

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame 41BF 0
328 B 240ms
206ms Image
text/plain 2a04:4e42::291
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=uid_28d9a6d09d_mtu6nty6nty&s=SMART_PAYMENT_BUTTONS

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/app/manageCart/showManageOrder

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::291 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:56:57 GMT
via: 1.1 varnish, 1.1 varnish
correlation-id: bb1a9e2273d69
x-timer: S1637251018.754757,VS0,VE171
x-served-by: cache-hhn11526-HHN, cache-fra19168-FRA
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: bb1a9e2273d69
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
x-cache-hits: 0, 0

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 28FF 55 KB
19 KB 41ms
41ms Script
application/javascript 23.45.107.81
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.107.81 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-45-107-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

8ba56f6b8db4984684e70e96502fb1a4f4d436e22e147ad693f70e78c3921a41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000, max-age=63072000
content-encoding: gzip
x-content-type-options: nosniff
surrogate-control: max-age=31536000
paypal-debug-id: abe329596820b
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 19090
etag: W/"618e152e-db6d"
last-modified: Fri, 12 Nov 2021 07:18:06 GMT
date: Thu, 18 Nov 2021 15:56:57 GMT
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: false
expires: Fri, 19 Nov 2021 15:56:57 GMT

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame FC47 849 B
701 B 207ms
207ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b2178b9e4579018b2e2fe13c399db960e1feb475f9d3a47d9e0e195b72f5ada1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21taXQ9ZmFsc2UmY3VycmVuY3k9VVNEJmNsaWVudC1pZD1BWXJ0MXRfUm5fQ2UtOTg4RFJFcDVic1B3R0NvQ2RJTFBzT0ViMEphcF9MQldkYy1FNmowQUo0alIyNm8tQmh1NkhCOXJod19YZE80U19LYyZtZXJjaGFudC1pZD03NUVON0RSNlA3RzcyIiwiYXR0cnMiOnsiZGF0YS1wYXJ0bmVyLWF0dHJpYnV0aW9uLWlkIjoiS2VhcF9QQ1AiLCJkYXRhLXVpZCI6InVpZF96Zmx2YWtodnpwemJ1aXVtYW1yYmxkeGxwdHdlaGoifX0&clientID=AYrt1t_Rn_Ce-988DREp5bsPwGCoCdILPsOEb0Jap_LBWdc-E6j0AJ4jR26o-Bhu6HB9rhw_XdO4S_Kc&sdkCorrelationID=a90771762f624&storageID=uid_8a52298709_mtu6nty6nty&sessionID=uid_28d9a6d09d_mtu6nty6nty&buttonSessionID=uid_b8ce1f9257_mtu6nty6nty&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiZDQ1YzZlMWYxY2UwM2IzM2JjNTEyMjQ3YTJjY2M0NTRlNDgyNDVlNSIsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOmZhbHNlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&merchantID.0=75EN7DR6P7G72&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type: application/json

Response headers

date: Thu, 18 Nov 2021 15:56:57 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: f4367022c0e78
server-timing: content-encoding;desc=br
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn11533-HHN, cache-fra19172-FRA
x-timer: S1637251018.752987,VS0,VE199
etag: W/"351-XHKpBUHd2RHRQkkAU0ERwHm5Jok"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0, 0

GET
H2 200 websiteTriggerIframe Show response
gv142.infusionsoft.app/app/webTracking/ Frame 8E92 752 B
593 B 168ms
168ms Document
text/html 2606:4700::6812:7ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gv142.infusionsoft.app/app/webTracking/websiteTriggerIframe

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/app/webTracking/getTrackingCode

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:7ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

312ce63a4815a3498868a592a5243fa05eab7aec351af8bab3ede21bafd0decd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/app/manageCart/showManageOrder

Response headers

date: Thu, 18 Nov 2021 15:56:57 GMT
content-type: text/html;charset=UTF-8
pragma: no-cache
cache-control: no-cache, no-store
expires: Thu, 18 Nov 2021 15:56:57 GMT
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: accept-encoding
content-language: de-DE
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b02644d3d6c2c0d-FRA
content-encoding: gzip

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame 28FF 125 B
756 B 258ms
258ms XHR
application/json 23.45.107.81
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.107.81 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-45-107-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

f8a941e5fa3f6d9e03b1989e6e202870a9496ab91dd586d96dcea2c4c957a0c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 18 Nov 2021 15:56:58 GMT
correlation-id: fe04ce4afd577
strict-transport-security: max-age=63072000
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: fe04ce4afd577
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json
content-length: 125

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame 28FF 0
134 B 306ms
306ms Image
text/plain 2a04:4e42::291
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=uid_28d9a6d09d_mtu6nty6nty&s=SMART_PAYMENT_BUTTONS

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::291 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:56:58 GMT
via: 1.1 varnish, 1.1 varnish
correlation-id: 48becaa86c41
x-timer: S1637251018.813411,VS0,VE300
x-served-by: cache-hhn11569-HHN, cache-fra19168-FRA
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: 48becaa86c41
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
x-cache-hits: 0, 0

POST
H2 200 e Show response
c.paypal.com/v1/r/d/b/ Frame 28FF 15 B
224 B 216ms
216ms XHR
application/json 23.45.107.81
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.107.81 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-45-107-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

paypal-debug-id: c465120c53407
date: Thu, 18 Nov 2021 15:56:58 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
correlation-id: c465120c53407
content-length: 15
strict-transport-security: max-age=63072000
content-type: application/json

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame 006F 847 B
887 B 201ms
201ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

db9475dd5ce2f9b932b3ba424c70084b2a80d8a9eb7b0a9977629da9cca642ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21taXQ9ZmFsc2UmY3VycmVuY3k9VVNEJmNsaWVudC1pZD1BWXJ0MXRfUm5fQ2UtOTg4RFJFcDVic1B3R0NvQ2RJTFBzT0ViMEphcF9MQldkYy1FNmowQUo0alIyNm8tQmh1NkhCOXJod19YZE80U19LYyZtZXJjaGFudC1pZD03NUVON0RSNlA3RzcyIiwiYXR0cnMiOnsiZGF0YS1wYXJ0bmVyLWF0dHJpYnV0aW9uLWlkIjoiS2VhcF9QQ1AiLCJkYXRhLXVpZCI6InVpZF96Zmx2YWtodnpwemJ1aXVtYW1yYmxkeGxwdHdlaGoifX0&clientID=AYrt1t_Rn_Ce-988DREp5bsPwGCoCdILPsOEb0Jap_LBWdc-E6j0AJ4jR26o-Bhu6HB9rhw_XdO4S_Kc&sdkCorrelationID=a90771762f624&storageID=uid_8a52298709_mtu6nty6nty&sessionID=uid_28d9a6d09d_mtu6nty6nty&buttonSessionID=uid_38a592f777_mtu6nty6nty&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwibWVyY2hhbnRDb25maWdIYXNoIjoiZDQ1YzZlMWYxY2UwM2IzM2JjNTEyMjQ3YTJjY2M0NTRlNDgyNDVlNSIsInByb2R1Y3RzIjp7InBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOmZhbHNlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOnRydWV9LCJpZGVhbCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJiYW5jb250YWN0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImdpcm9wYXkiOnsiZWxpZ2libGUiOmZhbHNlfSwiZXBzIjp7ImVsaWdpYmxlIjpmYWxzZX0sInNvZm9ydCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJteWJhbmsiOnsiZWxpZ2libGUiOmZhbHNlfSwicDI0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInppbXBsZXIiOnsiZWxpZ2libGUiOmZhbHNlfSwid2VjaGF0cGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInBheXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmxpayI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ0cnVzdGx5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sIm94eG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWF4aW1hIjp7ImVsaWdpYmxlIjpmYWxzZX0sImJvbGV0byI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJtZXJjYWRvcGFnbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&flow=purchase&currency=USD&intent=capture&commit=false&vault=false&merchantID.0=75EN7DR6P7G72&renderedButtons.0=paypal&renderedButtons.1=sepa&renderedButtons.2=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&allowBillingPayments=true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type: application/json

Response headers

date: Thu, 18 Nov 2021 15:56:58 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: f4367023b781f
server-timing: content-encoding;desc=br
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn11573-HHN, cache-fra19172-FRA
x-timer: S1637251018.850741,VS0,VE188
etag: W/"34f-2HWiKAW54t815RNb0GFti7PpGsI"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0, 0

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 816 B
1 KB 175ms
175ms XHR
application/json 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: gv142.infusionsoft.app
URL: https://gv142.infusionsoft.app/app/manageCart/showManageOrder

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

25d0d9ab700dc0e3705c8f40f5d7d5e31303eda132970b5fabd48c6e6c8c754f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://gv142.infusionsoft.app/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type: application/json

Response headers

date: Thu, 18 Nov 2021 15:56:58 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
x-cache: MISS, MISS
paypal-debug-id: f4367023827e4
server-timing: content-encoding;desc=br
dc: ccg11-origin-www-1.paypal.com
x-served-by: cache-hhn11575-HHN, cache-fra19169-FRA
x-timer: S1637251018.023912,VS0,VE168
etag: W/"330-F0U6wy33YobTlvWeI03Xu65k8HA"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gv142.infusionsoft.app
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: none
x-cache-hits: 0, 0

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 170ms
170ms Preflight 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://gv142.infusionsoft.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://gv142.infusionsoft.app
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: f436702e20415
x-content-type-options: nosniff
dc: ccg11-origin-www-1.paypal.com
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
content-encoding: br
date: Thu, 18 Nov 2021 15:56:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11571-HHN, cache-fra19169-FRA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1637251018.852008,VS0,VE164
vary: accept-encoding
server-timing: content-encoding;desc=br

GET
H2

200

spacer.gif
gv142.infusionsoft.app/slices/
Redirect Chain

https://gv142.infusionsoft.app/app/webTracking/contact/1637251016484?contactId=0&screenResolution=1600x1200&plugins=&javaEnabled=false&domain=gv142.infusionsoft.app&location=https://gv142.infusions...
https://gv142.infusionsoft.app/slices/spacer.gif

43 B
235 B

22ms
22ms

Image
image/gif

2606:4700::6812:7ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gv142.infusionsoft.app/slices/spacer.gif

Protocol

Server

2606:4700::6812:7ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gv142.infusionsoft.app/app/manageCart/showManageOrder
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 15:56:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7455190
vary: accept-encoding
x-xss-protection: 1; mode=block
last-modified: Sat, 21 Aug 2021 18:17:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"43-1629569858000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
content-type: image/gif;charset=UTF-8
via: 1.1 google
cache-control: public, max-age=24098810
cf-ray: 6b02644fa9e82c0d-FRA
expires: Wed, 24 Aug 2022 14:03:48 GMT

Redirect headers

pragma: no-cache, no-cache
date: Thu, 18 Nov 2021 15:56:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
location: /slices/spacer.gif
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000;includeSubDomains
via: 1.1 google
cache-control: no-cache, no-store, no-cache, no-store
cf-ray: 6b02644e7f642c0d-FRA
vary: accept-encoding
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 15:56:58 GMT, -1

Verdicts & Comments Add Verdict or Comment

273 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gv142.infusionsoft.app/	1969-12-31 23:59:59	Name: JSESSIONID Value: 283D933A288C6CB66F9D0AD4AFF1D882
gv142.infusionsoft.app/	1970-01-19 22:48:14	Name: GCLB Value: CJnKnsC24Z3pwgE
gv142.infusionsoft.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 6A6DD08977684A160DB6809CEC89190C
gv142.infusionsoft.com/	1970-01-19 22:47:31	Name: NewDomainSessionCached Value: 1637251014615
gv142.infusionsoft.com/	1970-01-19 22:48:14	Name: GCLB Value: CO2Axujmsa78Cg
.infusionsoft.com/	1970-01-19 22:47:32	Name: __cf_bm Value: C2QP_QrTYubfZD2yoSM2XWGOFrSQtY5la_GyaJ5YHdU-1637251014-0-AQ+5mKAkWu9+hMFY3C5arkRNfThABniQzgf9U+E6bkE7/epsHbeB+ORYA9XV7n715OTkI3Bx8ku/EfxlGdE6X0I=
.infusionsoft.app/	1970-01-20 16:18:43	Name: _ga Value: GA1.2.2146183070.1637251016
.infusionsoft.app/	1970-01-19 22:48:57	Name: _gid Value: GA1.2.1035306582.1637251016
.infusionsoft.app/	1970-01-19 22:47:31	Name: _gat Value: 1
.paypalobjects.com/	1970-01-19 22:51:50	Name: paypal-offers--country Value: DE
.infusionsoft.app/	1970-01-19 22:47:32	Name: __cf_bm Value: xzc7F.n1toRcAQqzEEPy1pay84fBpUf3o3khcxawadM-1637251016-0-AcxBB7avTjb31nmXnMRwAX3MjXDCf7tRZlN9Icf+7xEVnbTK+TBiWQmsKcP8BERDbqd1+LeQGQnwTRW0Gx1e+ZmCMw+lQPoAal7F4fy3UarL4Ix+ZWlYFNIkq3es2fsdNqxb0qPvMj7u7WimDGpd1WWw/XxKP1DsaROHXBk7AdQWtQ2XujPqL1yFiAuodSjobg==
.paypal.com/	1970-01-20 07:33:07	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1970-01-19 22:48:02	Name: LANG Value: de_DE%3BDE
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTYzNzI1MTAxNjg0OSIsImwiOiIwIiwibSI6IjAifQ
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3A82m8TfO5Hug4kdx9fd0TBhSncbaSmUu-.8Ij3Bv10WQgeiY3AaA0X7orPxxLtgRkS4gUnv%2FdOwWk
.paypal.com/	1970-01-19 22:47:32	Name: l7_az Value: dcg01.phx
.paypalobjects.com/	1970-01-19 22:48:57	Name: paypal-offers--cust Value: null:null:null
.paypal.com/	1970-01-19 22:51:50	Name: tsrce Value: loggernodeweb
.paypal.com/	1970-01-21 01:04:19	Name: ts Value: vreXpYrS%3D1731945417%26vteXpYrS%3D1637252817%26vr%3D33c3ebba17d0ad045b67e84bfd15003a%26vt%3D33c3ebba17d0ad045b67e84bfd150039%26vtyp%3Dnew
.paypal.com/	1970-01-21 01:04:19	Name: ts_c Value: vr%3D33c3ebba17d0ad045b67e84bfd15003a%26vt%3D33c3ebba17d0ad045b67e84bfd150039
.c.paypal.com/	1970-01-21 18:35:31	Name: sc_f Value: 7khRWExO7gRr4ZWww69KaWTWP82vwrRiApSrWONsD3vrsXlXLqDKs04OlJEa8G1dMsr6ny7ispep-uOS7pdX6F5O33fnBLX1ZGkG4m
.paypal.com/	1970-01-27 05:59:31	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: rb9yJqotoPHdO_clT8Y0bLkyPhQS1vv7dydJn7MnRBsP_zsky0i03AZRrCN7neWuGekygjAgKtDcOT6I
gv142.infusionsoft.app/	1970-01-20 07:33:07	Name: InfusionsoftTrackingCookie Value: 5a59b4c90d468cdd99a20de0fbd99902

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://gv142.infusionsoft.app/js/sink_jq.jsp?b=1.70.0.407641(Line 5) Message: Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.stats.paypal.com
c.paypal.com
c6.paypal.com
ds-aksb-a.akamaihd.net
dub.stats.paypal.com
fonts.googleapis.com
fonts.gstatic.com
gv142.files.keap.app
gv142.infusionsoft.app
gv142.infusionsoft.com
s3.amazonaws.com
stats.g.doubleclick.net
t.paypal.com
www.google-analytics.com
www.google.com
www.google.de
www.gstatic.com
www.paypal.com
www.paypalobjects.com
104.111.228.123
151.101.193.21
151.101.193.35
23.45.107.81
2606:4700::6812:7ad
2606:4700::6812:f74
2a00:1450:4001:802::2003
2a00:1450:4001:808::2003
2a00:1450:4001:808::2004
2a00:1450:4001:809::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9a
2a02:26f0:1700:f::1737:a1ce
2a04:4e42::291
34.102.253.235
52.217.77.22
64.4.245.84
000f96a817d72246cf82ecd2a4068340c74f8038a2d69bd051363635d3a0f88c
0739b17b1053de387d55795753300a79626787634f8c909277efff94d0e3f154
0c853e1c48909733f2240d7a7b2f4f7e8cc4be965750be0e2ea7ebe2f024c705
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0d36752ca94417bf4f3eeca32bd8ae09a3eccd0b9e76fddb767228aa5e0ad75d
0fc0076a36c38f39206bb258eeb8bc8e383b96a6ccd26024b0b088d9e0b192af
129737dfffcc16554dffd7d6dd3a57b6831c96a75d8acec4ea31709555115a53
16687cf18e88a58068fdbd6c9705f0a4e35918fcfb06bdf3215def98b40350ae
191e64e991202f00f05654a7c5acb6f25fc10a67dc50d0b9be3454b22f8d4bfb
192fbe6623af434414994f6f86fb7d6e0060d564278f1ecaaca0c94794e592e6
1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b
1fa8a8b69473f63cd509998b52a7b4eb5bb260315c809f96ff489facca516e3d
1fd982d97d53239cb21cb37b9bc3d2740e1a0301a5614dc73e05834a6f36b049
2336115e311b1a16aca98ee1d4e5fe21124ef15f585178c1b2d173690c5506f2
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
25d0d9ab700dc0e3705c8f40f5d7d5e31303eda132970b5fabd48c6e6c8c754f
312ce63a4815a3498868a592a5243fa05eab7aec351af8bab3ede21bafd0decd
3213ec07445cf48cfce42823a9f15f6d28607fef5fb756cbb539250ae9160a13
375746e67b3b7ca1ad8f0b3b9a47f588d1b33020f4c07058f3663a4a57a04e66
3f6e0dbc5ca712cf3d220196028b4bd956f80746d892d73909ca889b084223e4
449bb51985d63f2a41da389730c7d6bb061413701c9e8482f8e2bac3d140dc13
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4b31f597e9852f3e8ef045d9f6032a8ecfe9d8e5c6cde3196c6964e193fe6615
4c81fc0c2c0c22fcbe8d0e8d475c175ec7c8825e2630d058fa3c4e9527cb5f73
61604264f2b51bba89b148e2f8d89d1a0419cf7e9442910bfe050c48abb7b90e
64dad616502e85ef1b5a965988d6582f0164527a85fe2eafadf9f468d04f7298
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6f37f5e14fb851493283fb75eeea0185e1106529e07a7a5302628246f95735c0
77ebf23daada28f497987884872eb974ec79cb9f0ff0b754bcd9a6138d2408ee
7cd068b457d7782fdeec9c31841ea0427e76bb68e0f331ad01c073b81aafddda
7f06def529e0076b37f65c60085a6b1c65f1bbab0b1f87c72c188018b5094966
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8522cc17947589575d101fd68d8cf267aa42098ecdc6fff2326e9c0fdcbe5c25
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ba56f6b8db4984684e70e96502fb1a4f4d436e22e147ad693f70e78c3921a41
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
93b0672e7853923b7afe05b455e904fb345fedd8a4d289c1e2b0a20fffd9c281
9989d2bd4d569b6a59a79a82bb1c1c42221b43278c4140b7037dde6188b251f3
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a22d64fc923519aaaf83f3d05c411e8f7e1c3c8a85994a4bac6b76d1b605a3f7
a5a24ef6db0dfae229f563697c8c97ad32739bc8f6060c1231973cf47b289805
a7f3bdebdb6a63f5f0e5f6df8f2428d06879b0940968b3a2ba1136a0583985ae
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aedb9491022b583f0e0187d96b1f5928b58337bff6d9d0a8e0dde75d3199f22b
b2178b9e4579018b2e2fe13c399db960e1feb475f9d3a47d9e0e195b72f5ada1
b978593517d398832d4c00f4b8c88f48ab7b9f7b6d9108b1357b76f7c49a1bc1
beadbde776e931933abffcb99ed3a01218e67031aeca0b64023841d61b5ed262
c0e56b4c6d6603c198bb6f92d0cf363bef3c7e9d7d95080494263e8946b57b1c
c112af0d8ee184005be54ffb0a35d6374ae4177d09e81772bc7f264daa4af17b
c1824923e6f13be49d0fb1669b87215d20e6b2b061048ff2c54cce602c310b14
c22970de94b3b07330fdd55a56a9ecb7da160fc410d43dbae121521b58b757d5
c231fbd5d450a531a1b83595cfb596585ff9535ad5f6a65fc8231f27c26a56e4
d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5
db9475dd5ce2f9b932b3ba424c70084b2a80d8a9eb7b0a9977629da9cca642ee
dd88c43c0bccdc7145ed5c446fb87683338b74ee41585e7e00b6a7859791370e
e0d38886fe77a4f965380f314f56745ee497d565a4918afb98fc0f8823de25b6
e10432eed643cb91c532af918d4b79c0292bddd7fc00c7bbe841c0f32151ce38
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54a02139f6d8d169f62dc4726ca6ae9ac3f83b53e65360edfe934b60618babe
e8310332efffc01caab2758ffd101a91d61e2225977bb12057faee457271ad76
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0718a8a9a5bb98c9746f770e12f642483633aee2d068b734612319e99b138e3
f764932ee997ccc72e393451d538634c1a8741998d9cb801b784cf62b219ee01
f8a8646f17c57adf12831fdfe06fd9adf5da45b4b681ecd2f38525b611ff7c4a
f8a941e5fa3f6d9e03b1989e6e202870a9496ab91dd586d96dcea2c4c957a0c3
fdc98e8921f0ed394e2e13556670930a0aa960472101eda8ed1ae0052575d1a0

gv142.infusionsoft.app Open in urlscan Pro 2606:4700::6812:7ad Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

80 Requests

96 %HTTPS

61 %IPv6

13 Domains

19 Subdomains

18 IPs

3 Countries

1166 kBTransfer

3365 kBSize

23 Cookies

4 Outgoing links

Page URL History

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gv142.infusionsoft.app Open in urlscan Pro
2606:4700::6812:7ad Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

96 %
HTTPS

61 %
IPv6

13
Domains

19
Subdomains

18
IPs

3
Countries

1166 kB
Transfer

3365 kB
Size

23
Cookies

80 HTTP transactions
12 data transactions