www.petitetresorsrescue.com Open in urlscan Pro
2606:4700::6811:c449 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.petitetresorsrescue.com/our-current-needs
Submission: On May 31 via api (May 31st 2022, 6:21:59 pm UTC) from IE — Scanned from DE

Summary HTTP 34 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 9 domains to perform 34 HTTP transactions. The main IP is 2606:4700::6811:c449, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.petitetresorsrescue.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 6th 2022. Valid for: a year.

This is the only time www.petitetresorsrescue.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700::68... 2606:4700::6811:c449	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	23.218.214.207 23.218.214.207	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	52.216.230.243 52.216.230.243	16509 (AMAZON-02) (AMAZON-02)
2	18.66.248.69 18.66.248.69	16509 (AMAZON-02) (AMAZON-02)
7	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1	52.84.119.76 52.84.119.76	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:d054	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	54.225.151.171 54.225.151.171	14618 (AMAZON-AES) (AMAZON-AES)
1	104.89.42.131 104.89.42.131	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	64.4.245.84 64.4.245.84	17012 (PAYPAL) (PAYPAL)
34	14

3 2606:4700::6811:c449 (United States)

ASN13335 (CLOUDFLARENET, US)

www.petitetresorsrescue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.218.214.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-214-207.deploy.static.akamaitechnologies.com

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.230.243 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

vp-digital-tower-etc.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.248.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-69.dus51.r.cloudfront.net

imageprocessor.digital.vistaprint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.119.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-119-76.sof50.r.cloudfront.net

tower-etc.digital.vistaprint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:d054 (United States)

ASN13335 (CLOUDFLARENET, US)

static.websimages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.225.151.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-151-171.compute-1.amazonaws.com

statscollector.digital.vistaprint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.89.42.131 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-42-131.deploy.static.akamaitechnologies.com

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.245.84 (United States) 1 redirects

ASN17012 (PAYPAL, US)

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	paypal.com 1 redirects www.paypal.com — Cisco Umbrella Rank: 2381 t.paypal.com — Cisco Umbrella Rank: 3224 c.paypal.com — Cisco Umbrella Rank: 5878 b.stats.paypal.com — Cisco Umbrella Rank: 4597 dub.stats.paypal.com — Cisco Umbrella Rank: 17560 c6.paypal.com — Cisco Umbrella Rank: 6573	360 KB
4	gstatic.com fonts.gstatic.com	85 KB
4	vistaprint.com imageprocessor.digital.vistaprint.com — Cisco Umbrella Rank: 94775 tower-etc.digital.vistaprint.com statscollector.digital.vistaprint.com — Cisco Umbrella Rank: 93219	1 MB
3	petitetresorsrescue.com www.petitetresorsrescue.com	122 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 42	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 206	19 KB
1	websimages.com static.websimages.com — Cisco Umbrella Rank: 81754	1 KB
1	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2004	3 KB
1	amazonaws.com vp-digital-tower-etc.s3.amazonaws.com — Cisco Umbrella Rank: 175645	11 KB
34	9

	Domain	Requested by
8	www.paypal.com	www.petitetresorsrescue.com www.paypal.com cdnjs.cloudflare.com
5	c.paypal.com	www.paypal.com c.paypal.com
4	fonts.gstatic.com	fonts.googleapis.com
3	www.petitetresorsrescue.com	www.petitetresorsrescue.com
2	imageprocessor.digital.vistaprint.com	www.petitetresorsrescue.com
2	fonts.googleapis.com	www.petitetresorsrescue.com
1	c6.paypal.com	www.petitetresorsrescue.com
1	dub.stats.paypal.com	www.paypal.com
1	b.stats.paypal.com	1 redirects
1	t.paypal.com	www.petitetresorsrescue.com
1	statscollector.digital.vistaprint.com	www.petitetresorsrescue.com
1	cdnjs.cloudflare.com	www.petitetresorsrescue.com
1	static.websimages.com	www.petitetresorsrescue.com
1	tower-etc.digital.vistaprint.com	www.petitetresorsrescue.com
1	www.paypalobjects.com	www.petitetresorsrescue.com
1	vp-digital-tower-etc.s3.amazonaws.com	www.petitetresorsrescue.com
34	16

This site contains links to these domains. Also see Links.

Domain
charity.gofundme.com
petitetresorsrescue.com

Subject Issuer	Validity	Valid
www.petitetresorsrescue.com Cloudflare Inc ECC CA-3	`2022-05-06` - `2023-05-06`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-04-07` - `2022-10-31`	7 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh
imageprocessor.digital.vistaprint.com Amazon	`2022-04-11` - `2023-05-09`	a year	crt.sh
tower-etc.digital.vistaprint.com Amazon	`2021-12-20` - `2023-01-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
statscollector.digital.vistaprint.com Amazon	`2021-12-20` - `2023-01-17`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2021-09-17` - `2022-10-18`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.petitetresorsrescue.com/our-current-needs
Frame ID: EECBF14AF5AE0850D44E142B33C28D21
Requests: 21 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?sdkVersion=5.0.315&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpfaHZNVXBFQVAzbzB2SjRoZEFmTC02eFpqZzU3ZUp2SzVSeUZFNEI4ck5nMHFEQ2ZWcnFXemdFSkNOaEZrSWpacUJwVm42bl85U3FOY0gmbWVyY2hhbnQtaWQ9MTg2MGZhcm0lNDBnbWFpbC5jb20mY3VycmVuY3k9VVNEJmRpc2FibGUtZnVuZGluZz1iYW5jb250YWN0JTJDYmxpayUyQ2VwcyUyQ2dpcm9wYXklMkNpZGVhbCUyQ21lcmNhZG9wYWdvJTJDbXliYW5rJTJDcDI0JTJDc2VwYSUyQ3NvZm9ydCIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xwanJucnd5cGprZ3VnYWlzY3ZwbmRuZnNpZnZyYiJ9fQ&clientID=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&sdkCorrelationID=f2689192da9a7&storageID=uid_622f70e8c2_mtg6mje6ntu&sessionID=uid_3dc7ef94d9_mtg6mje6ntu&buttonSessionID=uid_1e177a602a_mtg6mje6ntu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&merchantID.0=1860farm%40gmail.com&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Frame ID: 3F8D95181EDDF2F1D3272C47A8F5138E
Requests: 7 HTTP requests in this frame

Frame: data://truncated
Frame ID: B1BA7F9D20B8470B9E9A85B22754174A
Requests: 2 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: F0DAF69BB85C85FEADF4D626C432F281
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_3dc7ef94d9_mtg6mje6ntu&s=SMART_PAYMENT_BUTTONS
Frame ID: 904C82F6CF83295B0DC5261A1604675D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Our Current NeedsChevronChevron

Detected technologies

Rollbar (Issue trackers) Expand

Overall confidence: 100%
Detected patterns

rollbar\.js/([0-9.]+)

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

34
Requests

94 %
HTTPS

38 %
IPv6

9
Domains

16
Subdomains

14
IPs

2
Countries

1815 kB
Transfer

3106 kB
Size

11
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://charity.gofundme.com/o/en/campaign/petite-trsors-rescue-and-sanctuary?fbclid=IwAR10pR5KQqyAVQ6vnBd2ZbNocowc4gHOAEIw_BuIuYsjdbqOE15sO0JNOfM
Title: Go Fund Me

Search URL Search Domain Scan URL

URL: https://petitetresorsrescue.com/contact
Title: https://petitetresorsrescue.com/contact

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://b.stats.paypal.com/v2/counter.cgi?p=uid_3dc7ef94d9_mtg6mje6ntu&s=SMART_PAYMENT_BUTTONS HTTP 302
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_3dc7ef94d9_mtg6mje6ntu&s=SMART_PAYMENT_BUTTONS

34 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request our-current-needs Show response
www.petitetresorsrescue.com/ 107 KB
22 KB 904ms
833ms Document
text/html 2606:4700::6811:c449
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.petitetresorsrescue.com/our-current-needs
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:c449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43125e4a760600575d7ee064fb55f29cbd1dabb5bbfea8adb57a18767a6c82d3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: https://developer.cimpress.io
cache-control: public, s-maxage=43200, max-age=60
cf-cache-status: MISS
cf-ray: 7141bb559f139054-FRA
content-encoding: gzip
content-language: de_de
content-type: text/html; charset=utf-8
date: Tue, 31 May 2022 18:21:53 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 our-current-needs
www.petitetresorsrescue.com/.css/ 204 KB
32 KB 1512ms
1511ms Stylesheet
text/css 2606:4700::6811:c449
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.petitetresorsrescue.com/.css/our-current-needs?cacheId=1639500107565
Requested by: Host: www.petitetresorsrescue.com
URL: https://www.petitetresorsrescue.com/our-current-needs
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:c449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bff61f73916a7dd7fc569b75983b3bf7c7b4553ee3e3ab74a6c3f23bb0b88ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.petitetresorsrescue.com/our-current-needs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cf-ray: 7141bb5adf109054-FRA
date: Tue, 31 May 2022 18:21:55 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
etag: W/"32ea3-II9pYrxzXY7T6ZBKWcvvMbNxXEY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: de_de
access-control-allow-origin: https://developer.cimpress.io
cache-control: public, s-maxage=43200, max-age=60
content-type: text/css; charset=utf-8

GET
H2 200 our-current-needs Show response
www.petitetresorsrescue.com/.js/ 269 KB
68 KB 792ms
791ms Script
application/javascript 2606:4700::6811:c449
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.petitetresorsrescue.com/.js/our-current-needs?cacheId=1639500107565&locale=de-DE
Requested by: Host: www.petitetresorsrescue.com
URL: https://www.petitetresorsrescue.com/our-current-needs
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:c449 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e55ec1c3fb973a5921406f55a2ba4754fcc4b2593472a66dc646f6810419fd0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.petitetresorsrescue.com/our-current-needs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

cf-ray: 7141bb5adf149054-FRA
date: Tue, 31 May 2022 18:21:54 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
etag: W/"4353c-p8ubU8ka9NyeJ0pejFqFlnuNsko"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-language: de_de
access-control-allow-origin: https://developer.cimpress.io
cache-control: public, s-maxage=43200, max-age=60
content-type: application/javascript; charset=utf-8

GET
H2 200 js Show response
www.paypal.com/sdk/ 322 KB
97 KB 749ms
633ms Script
application/javascript 23.218.214.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?client-id=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&merchant-id=1860farm%40gmail.com&currency=USD&disable-funding=bancontact%2Cblik%2Ceps%2Cgiropay%2Cideal%2Cmercadopago%2Cmybank%2Cp24%2Csepa%2Csofort

Requested by

Host: www.petitetresorsrescue.com
URL: https://www.petitetresorsrescue.com/our-current-needs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.214.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-214-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

b28100217ec0adfe65d591d800dedcbcce902de0d27e706fdc27c3a648925b36

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-5+hvnss6IRV7XBtfsr+DEOTTUHd3wYlbCSSpdoc6QBHDkuM8' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-5+hvnss6IRV7XBtfsr+DEOTTUHd3wYlbCSSpdoc6QBHDkuM8' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.petitetresorsrescue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 442, 442
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-5+hvnss6IRV7XBtfsr+DEOTTUHd3wYlbCSSpdoc6QBHDkuM8' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-5+hvnss6IRV7XBtfsr+DEOTTUHd3wYlbCSSpdoc6QBHDkuM8' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0, 0
p3p: true
paypal-debug-id: ac7a63126901f
server-timing: content-encoding;desc="gzip",x-cdn;desc="akamai"
dc: ccg11-origin-www-1.paypal.com
content-length: 97917
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Tue, 31 May 2022 18:21:54 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"17e7d-NJWR+k412HHFfvVxelOQMgT2Jpc"

GET
H2 200 css
fonts.googleapis.com/ 6 KB
775 B 80ms
31ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cantarell%3A100%2C400%2C700%7COpen%20Sans%3A100%2C400%2C700

Requested by

Host: www.petitetresorsrescue.com
URL: https://www.petitetresorsrescue.com/our-current-needs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5205fbf6b64a83875c6f31cf46a823812feec350a25be0e194c2185e3d832938

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.petitetresorsrescue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 31 May 2022 18:21:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 31 May 2022 18:21:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 May 2022 18:21:53 GMT

GET
H2 200 css
fonts.googleapis.com/ 397 B
825 B 78ms
29ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Delius%20Swash%20Caps%3A100%2C400%2C700

Requested by

Host: www.petitetresorsrescue.com
URL: https://www.petitetresorsrescue.com/our-current-needs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b98791d0ab52eafc0735d835613db50f71b166e34333d37be3550d2b6a162eab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.petitetresorsrescue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 31 May 2022 18:21:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 31 May 2022 18:21:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 May 2022 18:21:53 GMT

GET
H/1.1 200
OK celebrate.png
vp-digital-tower-etc.s3.amazonaws.com/stock-assets/ 10 KB
11 KB 493ms
132ms Image
image/png 52.216.230.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vp-digital-tower-etc.s3.amazonaws.com/stock-assets/celebrate.png
Requested by: Host: www.petitetresorsrescue.com
URL: https://www.petitetresorsrescue.com/our-current-needs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.230.243 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d4cff8de2398964e05c8efe129c043b5a9c1863201e4054ec0b20ac92a4191af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.petitetresorsrescue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 18:21:56 GMT
Last-Modified: Thu, 12 Nov 2020 18:43:33 GMT
Server: AmazonS3
x-amz-request-id: 4HZ4M6KQMPW7XXQV
ETag: "704e4ac5de30951d68ade8ea443aeca6"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 10443
x-amz-id-2: SqZIbX6h0Eb0iRUNTVSWeg69G8o4boGuYqpz63M9btZcABUa2ku5ysLgfXGqyKcXfiNCBmlCs84=

GET
H/1.1 200
OK image.caspx
imageprocessor.digital.vistaprint.com/crop/0,0,810x810/maxWidth/1000/https://www.vistaprint.com/preview/ 1 MB
1 MB 1604ms
1514ms Image
image/png 18.66.248.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/0,0,810x810/maxWidth/1000/https://www.vistaprint.com/preview/image.caspx?image_type=image&image_id=60442&use_crop=1&croptop=0.0112315188172043&cropleft=0&cropbottom=0.0339297715053763&cropright=0&png=1
Requested by: Host: www.petitetresorsrescue.com
URL: https://www.petitetresorsrescue.com/our-current-needs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-69.dus51.r.cloudfront.net
Software: / Express
Resource Hash: dec103977c53ae15076f00a1e8145f23ba8f202641652938e7ee9f5602ce2210

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.petitetresorsrescue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 18:21:56 GMT
Via: 1.1 acf8dc23ea92f292049638fbd5d718e2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-P1
X-Powered-By: Express
ETag: W/"105a57-8Avl70QColcNiPshuu35GxRsueU"
RequestId: 908ff788-182d-4b17-a3b2-e52b206b9a06
X-Cache: Miss from cloudfront
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 1071703
X-Amz-Cf-Id: lV4D9Z_A-cCq3r7fKeIJL29AkYjjgpWXTBy9o3AyYCbrRb0CwGiQHg==

GET
H2 200 PP_logo_h_100x26.png
www.paypalobjects.com/webstatic/en_US/i/buttons/ 3 KB
3 KB 112ms
23ms Image
image/png 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/webstatic/en_US/i/buttons/PP_logo_h_100x26.png

Requested by

Host: www.petitetresorsrescue.com
URL: https://www.petitetresorsrescue.com/our-current-needs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FBE) /

Resource Hash

02d1bfc3fb8b4eff4d80613794e94142267895398d35dbca72e8ca7ddb62ab54

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.petitetresorsrescue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 18:21:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 23 Jul 2014 23:32:46 GMT
accept-ch: DPR, Viewport-Width, Width, ECT, Downlink
etag: "53d0461e-ada"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: image/png
paypal-debug-id: 9b35ed195f80f
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 2778
server: ECAcc (frc/8FBE)
expires: Tue, 31 May 2022 19:21:55 GMT

GET
H/1.1 200
OK donatePixel.gif
tower-etc.digital.vistaprint.com/paypal/ 43 B
504 B 229ms
53ms Image
image/gif 52.84.119.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tower-etc.digital.vistaprint.com/paypal/donatePixel.gif
Requested by: Host: www.petitetresorsrescue.com
URL: https://www.petitetresorsrescue.com/our-current-needs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.119.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-119-76.sof50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.petitetresorsrescue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 07:03:22 GMT
Via: 1.1 afbd7cb497ba4f75e65480f5d1f3bcfa.cloudfront.net (CloudFront)
Last-Modified: Thu, 22 Mar 2018 18:47:18 GMT
Server: AmazonS3
Age: 40714
ETag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Content-Length: 43
X-Amz-Cf-Id: DQV8GzjQrgPuP9tTTN40_cQBgcMCaOEiNLnxp8InDuypWv-dhIrPlw==

GET
H2 200 collector.js Show response
static.websimages.com/active-static/target/stats/ 1 KB
1 KB 92ms
37ms Script
application/javascript 2606:4700::6812:d054
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.websimages.com/active-static/target/stats/collector.js
Requested by: Host: www.petitetresorsrescue.com
URL: https://www.petitetresorsrescue.com/our-current-needs
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:d054 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098618125383f339b61490acd432891e79d7ce980dfcc6e0261e93fab5500d89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.petitetresorsrescue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 18:21:55 GMT
content-encoding: br
cf-cache-status: HIT
age: 203896
cf-polished: origSize=1803
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 16 Mar 2022 14:08:29 GMT
server: cloudflare
etag: W/"70b-5da5672a4d140-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18000
cf-ray: 7141bb64cf8391de-FRA
expires: Sun, 29 May 2022 14:43:39 GMT

GET
H2 200 rollbar.min.js Show response
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/ 69 KB
19 KB 109ms
56ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Requested by

Host: www.petitetresorsrescue.com
URL: https://www.petitetresorsrescue.com/our-current-needs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b140f87ff144db782e0cddbdd64decbaa35b5c7c890f1e45b05fe2d8478b42e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.petitetresorsrescue.com/
Origin: https://www.petitetresorsrescue.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 18:21:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4135731
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18862
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fc1-112f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5xDTLxAf%2F6Hmmzm1mVOo%2FV7oiDAfwPWaBA53FzzZ4cY4eHxC7hk4t4ZjhEXxID9Xz6ZCLE5TpJWumk7qBUbUw0pGhjs6as%2FflAFEw%2BBDbsKP8Fuu%2BDFuLLxyYbb0uVvBuaKDZqP4rfUneuDCwD%2BKypg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7141bb64ce989049-FRA
expires: Sun, 21 May 2023 18:21:55 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
6 KB 409ms
408ms Script
application/x-javascript 23.218.214.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=www.petitetresorsrescue.com&t=xo&v=5.0.315&source=payments_sdk&mrid=1860farm@gmail.com&client_id=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&vault=false

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?client-id=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&merchant-id=1860farm%40gmail.com&currency=USD&disable-funding=bancontact%2Cblik%2Ceps%2Cgiropay%2Cideal%2Cmercadopago%2Cmybank%2Cp24%2Csepa%2Csofort

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.214.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-214-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-yrZnsGd+zMTz9UNw7uOcnpROIsxlSuKK4rrR+Agpv9sS1gQy' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.petitetresorsrescue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 253
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-yrZnsGd+zMTz9UNw7uOcnpROIsxlSuKK4rrR+Agpv9sS1gQy' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0
paypal-debug-id: a2490db998de0
server-timing: content-encoding;desc="gzip",x-cdn;desc="akamai"
dc: ccg11-origin-www-1.paypal.com
content-length: 4299
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Tue, 31 May 2022 18:21:55 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
etag: W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"

GET
H/1.1 200
OK original
imageprocessor.digital.vistaprint.com/crop/0,0,480x640/maxWidth/2000/http://uploads.documents.cimpress.io/v1/uploads/58ad303d-a6cc-4f7a-8a3b-ceddb52747e6~110/ 164 KB
165 KB 410ms
364ms Image
image/jpeg 18.66.248.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageprocessor.digital.vistaprint.com/crop/0,0,480x640/maxWidth/2000/http://uploads.documents.cimpress.io/v1/uploads/58ad303d-a6cc-4f7a-8a3b-ceddb52747e6~110/original?tenant=vbu-digital
Requested by: Host: www.petitetresorsrescue.com
URL: https://www.petitetresorsrescue.com/our-current-needs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-69.dus51.r.cloudfront.net
Software: / Express
Resource Hash: aaf990c9d1f5ff06b85a2d71e34024e88781128714308af9988fb3f4a47a4cb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.petitetresorsrescue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 18:21:55 GMT
Via: 1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-P1
X-Powered-By: Express
ETag: W/"29195-/oUSUaLXH948Y9o+kZUMm7MW4Hg"
RequestId: f51a4354-a33e-4645-b84d-e219d38202ff
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, s-maxage=604800,max-age=604800
Connection: keep-alive
Content-Length: 168341
X-Amz-Cf-Id: V2c39b1d73rxVFZ30sjaG6KJatfplT9VV3Hh4jyBfsUe9PBUtVvNFw==

GET
H2 200 oY1E8fPLr7v4JWCExZpWebxVKORpXUeaIGY.woff2
fonts.gstatic.com/s/deliusswashcaps/v19/ 18 KB
19 KB 109ms
48ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/deliusswashcaps/v19/oY1E8fPLr7v4JWCExZpWebxVKORpXUeaIGY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Delius%20Swash%20Caps%3A100%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

781420e7df26291f584fa1d2f2f51caf69f96f2af87cb3b4616022d621c34722

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.petitetresorsrescue.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 00:30:20 GMT
x-content-type-options: nosniff
age: 409895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18880
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:34:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 May 2023 00:30:20 GMT

GET
H2 200 B50IF7ZDq37KMUvlO01xN4d-E46f.woff2
fonts.gstatic.com/s/cantarell/v15/ 11 KB
11 KB 117ms
55ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cantarell/v15/B50IF7ZDq37KMUvlO01xN4d-E46f.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cantarell%3A100%2C400%2C700%7COpen%20Sans%3A100%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

135a1eda2b1b2bfebe27f789e8cd7b1509242548a4b41409783d036ca79434c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.petitetresorsrescue.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 23:58:45 GMT
x-content-type-options: nosniff
age: 411790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11392
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:36:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 May 2023 23:58:45 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 83ms
21ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cantarell%3A100%2C400%2C700%7COpen%20Sans%3A100%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.petitetresorsrescue.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 23:32:09 GMT
x-content-type-options: nosniff
age: 67786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 23:32:09 GMT

GET
H2 200 B50NF7ZDq37KMUvlO015jKJr.woff2
fonts.gstatic.com/s/cantarell/v15/ 10 KB
11 KB 119ms
60ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cantarell/v15/B50NF7ZDq37KMUvlO015jKJr.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cantarell%3A100%2C400%2C700%7COpen%20Sans%3A100%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aad0071ee2942280e5d4fbf41a52bbc031fe8b1bf4098897dfabdbb389fc9c64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.petitetresorsrescue.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Thu, 26 May 2022 23:53:42 GMT
x-content-type-options: nosniff
age: 412093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10720
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:34:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 May 2023 23:53:42 GMT

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame 3F8D 363 KB
112 KB 574ms
574ms Document
text/html 23.218.214.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?sdkVersion=5.0.315&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpfaHZNVXBFQVAzbzB2SjRoZEFmTC02eFpqZzU3ZUp2SzVSeUZFNEI4ck5nMHFEQ2ZWcnFXemdFSkNOaEZrSWpacUJwVm42bl85U3FOY0gmbWVyY2hhbnQtaWQ9MTg2MGZhcm0lNDBnbWFpbC5jb20mY3VycmVuY3k9VVNEJmRpc2FibGUtZnVuZGluZz1iYW5jb250YWN0JTJDYmxpayUyQ2VwcyUyQ2dpcm9wYXklMkNpZGVhbCUyQ21lcmNhZG9wYWdvJTJDbXliYW5rJTJDcDI0JTJDc2VwYSUyQ3NvZm9ydCIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xwanJucnd5cGprZ3VnYWlzY3ZwbmRuZnNpZnZyYiJ9fQ&clientID=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&sdkCorrelationID=f2689192da9a7&storageID=uid_622f70e8c2_mtg6mje6ntu&sessionID=uid_3dc7ef94d9_mtg6mje6ntu&buttonSessionID=uid_1e177a602a_mtg6mje6ntu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&merchantID.0=1860farm%40gmail.com&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.214.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-214-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

227cad6a4ffcb6cf93f02b77b3bad1cc0379bbe9adc3569a6e7b98717ee644e2

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.petitetresorsrescue.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: gzip
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Tue, 31 May 2022 18:21:55 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"5ad6d-oWQwx8RtcUBy47m10sjJIW83JBE"
p3p: true
paypal-debug-id: abd67daea4191
server-timing: content-encoding;desc="",x-cdn;desc="akamai"
strict-transport-security: max-age=63072000
vary: Accept-Encoding
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-edgeconnect-midmile-rtt: 138
x-edgeconnect-origin-mex-latency: 185
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame B1BA 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B1BA 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 record
statscollector.digital.vistaprint.com/ 0
114 B 384ms
131ms Image
text/plain 54.225.151.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://statscollector.digital.vistaprint.com/record?siteId=2684832778&pageId=1641769419275456&pageTitle=Our%20Current%20Needs&parentPageId=&builderType=tower&premium=true&referrer=&location=https%3A%2F%2Fwww.petitetresorsrescue.com%2Four-current-needs&visitorId=423221335
Requested by: Host: www.petitetresorsrescue.com
URL: https://www.petitetresorsrescue.com/our-current-needs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.225.151.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-151-171.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.petitetresorsrescue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: https://developer.cimpress.io
date: Tue, 31 May 2022 18:21:55 GMT
x-powered-by: Express
content-type: text/plain

GET
H/1.1 200
OK ts
t.paypal.com/ 42 B
962 B 281ms
194ms Image
image/gif 104.89.42.131
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Our%20Current%20Needs&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1654021315673&g=0&completeurl=https%3A%2F%2Fwww.petitetresorsrescue.com%2Four-current-needs&ru=https%3A%2F%2Fpetitetresorsrescue.com%2Four-current-needs&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

Requested by

Host: www.petitetresorsrescue.com
URL: https://www.petitetresorsrescue.com/our-current-needs

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.89.42.131 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-42-131.deploy.static.akamaitechnologies.com

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.petitetresorsrescue.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 31 May 2022 18:21:55 GMT
Timing-Allow-Origin: *
Strict-Transport-Security: max-age=63072000
Connection: keep-alive
P3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
Paypal-Debug-Id: 57c93e9698d5f
Cache-Control: max-age=0, no-cache, no-store
Server-Timing: content-encoding;desc="",x-cdn;desc="akamai"
Content-Type: image/gif
Content-Length: 42
Expires: Tue, 31 May 2022 18:21:55 GMT

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame 3F8D 322 KB
97 KB 29ms
29ms Script
application/javascript 23.218.214.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?sdkVersion=5.0.315&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpfaHZNVXBFQVAzbzB2SjRoZEFmTC02eFpqZzU3ZUp2SzVSeUZFNEI4ck5nMHFEQ2ZWcnFXemdFSkNOaEZrSWpacUJwVm42bl85U3FOY0gmbWVyY2hhbnQtaWQ9MTg2MGZhcm0lNDBnbWFpbC5jb20mY3VycmVuY3k9VVNEJmRpc2FibGUtZnVuZGluZz1iYW5jb250YWN0JTJDYmxpayUyQ2VwcyUyQ2dpcm9wYXklMkNpZGVhbCUyQ21lcmNhZG9wYWdvJTJDbXliYW5rJTJDcDI0JTJDc2VwYSUyQ3NvZm9ydCIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xwanJucnd5cGprZ3VnYWlzY3ZwbmRuZnNpZnZyYiJ9fQ&clientID=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&sdkCorrelationID=f2689192da9a7&storageID=uid_622f70e8c2_mtg6mje6ntu&sessionID=uid_3dc7ef94d9_mtg6mje6ntu&buttonSessionID=uid_1e177a602a_mtg6mje6ntu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&merchantID.0=1860farm%40gmail.com&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.214.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-214-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

b28100217ec0adfe65d591d800dedcbcce902de0d27e706fdc27c3a648925b36

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-5+hvnss6IRV7XBtfsr+DEOTTUHd3wYlbCSSpdoc6QBHDkuM8' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-5+hvnss6IRV7XBtfsr+DEOTTUHd3wYlbCSSpdoc6QBHDkuM8' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/smart/buttons?sdkVersion=5.0.315&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpfaHZNVXBFQVAzbzB2SjRoZEFmTC02eFpqZzU3ZUp2SzVSeUZFNEI4ck5nMHFEQ2ZWcnFXemdFSkNOaEZrSWpacUJwVm42bl85U3FOY0gmbWVyY2hhbnQtaWQ9MTg2MGZhcm0lNDBnbWFpbC5jb20mY3VycmVuY3k9VVNEJmRpc2FibGUtZnVuZGluZz1iYW5jb250YWN0JTJDYmxpayUyQ2VwcyUyQ2dpcm9wYXklMkNpZGVhbCUyQ21lcmNhZG9wYWdvJTJDbXliYW5rJTJDcDI0JTJDc2VwYSUyQ3NvZm9ydCIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xwanJucnd5cGprZ3VnYWlzY3ZwbmRuZnNpZnZyYiJ9fQ&clientID=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&sdkCorrelationID=f2689192da9a7&storageID=uid_622f70e8c2_mtg6mje6ntu&sessionID=uid_3dc7ef94d9_mtg6mje6ntu&buttonSessionID=uid_1e177a602a_mtg6mje6ntu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&merchantID.0=1860farm%40gmail.com&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 442, 442
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-5+hvnss6IRV7XBtfsr+DEOTTUHd3wYlbCSSpdoc6QBHDkuM8' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-5+hvnss6IRV7XBtfsr+DEOTTUHd3wYlbCSSpdoc6QBHDkuM8' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 0, 0
p3p: true
paypal-debug-id: ac7a63126901f
server-timing: content-encoding;desc="gzip",x-cdn;desc="akamai"
dc: ccg11-origin-www-1.paypal.com
content-length: 97917
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
date: Tue, 31 May 2022 18:21:55 GMT
vary: Accept-Encoding
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=10800
etag: W/"17e7d-NJWR+k412HHFfvVxelOQMgT2Jpc"

GET
DATA 200
OK truncated
/ Frame 3F8D 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3F8D 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 3F8D 56 KB
19 KB 43ms
20ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F22) /

Resource Hash

ba2422aceabae696a1acc59a14f99a4f251bae79032b4d603cd4e1493f74da0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 18:21:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 510484
x-cache: HIT
paypal-debug-id: 68b7fa41cdc30
access-control-max-age: 86400
access-control-allow-methods: GET
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=2
dc: ccg11-origin-www-1.paypal.com
content-length: 19372
last-modified: Wed, 25 May 2022 18:45:26 GMT
server: ECAcc (frc/8F22)
etag: W/"628e7946-dec7"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jun 2022 18:21:56 GMT

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame F0DA 160 B
862 B 167ms
166ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FEC) /

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 141
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
correlation-id: 63e38c8511ffd
date: Tue, 31 May 2022 18:21:56 GMT
paypal-debug-id: 63e38c8511ffd
server: ECAcc (frc/8FEC)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=148
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/v2/ Frame 904C
Redirect Chain

https://b.stats.paypal.com/v2/counter.cgi?p=uid_3dc7ef94d9_mtg6mje6ntu&s=SMART_PAYMENT_BUTTONS
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_3dc7ef94d9_mtg6mje6ntu&s=SMART_PAYMENT_BUTTONS

42 B
299 B

137ms
45ms

Image
image/jpeg

64.4.245.84
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_3dc7ef94d9_mtg6mje6ntu&s=SMART_PAYMENT_BUTTONS
Requested by: Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?sdkVersion=5.0.315&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpfaHZNVXBFQVAzbzB2SjRoZEFmTC02eFpqZzU3ZUp2SzVSeUZFNEI4ck5nMHFEQ2ZWcnFXemdFSkNOaEZrSWpacUJwVm42bl85U3FOY0gmbWVyY2hhbnQtaWQ9MTg2MGZhcm0lNDBnbWFpbC5jb20mY3VycmVuY3k9VVNEJmRpc2FibGUtZnVuZGluZz1iYW5jb250YWN0JTJDYmxpayUyQ2VwcyUyQ2dpcm9wYXklMkNpZGVhbCUyQ21lcmNhZG9wYWdvJTJDbXliYW5rJTJDcDI0JTJDc2VwYSUyQ3NvZm9ydCIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xwanJucnd5cGprZ3VnYWlzY3ZwbmRuZnNpZnZyYiJ9fQ&clientID=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&sdkCorrelationID=f2689192da9a7&storageID=uid_622f70e8c2_mtg6mje6ntu&sessionID=uid_3dc7ef94d9_mtg6mje6ntu&buttonSessionID=uid_1e177a602a_mtg6mje6ntu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&merchantID.0=1860farm%40gmail.com&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Protocol: HTTP/1.1
Server: 64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 31 May 2022 18:21:56 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_3dc7ef94d9_mtg6mje6ntu&s=SMART_PAYMENT_BUTTONS
Date: Tue, 31 May 2022 18:21:56 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 3F8D 1 KB
2 KB 267ms
266ms Ping
application/json 23.218.214.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.214.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-214-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

ee8f100aeee56c4548921b2162ffc07c3ca27d333bd7c0dac9533ed53af85a57

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?sdkVersion=5.0.315&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpfaHZNVXBFQVAzbzB2SjRoZEFmTC02eFpqZzU3ZUp2SzVSeUZFNEI4ck5nMHFEQ2ZWcnFXemdFSkNOaEZrSWpacUJwVm42bl85U3FOY0gmbWVyY2hhbnQtaWQ9MTg2MGZhcm0lNDBnbWFpbC5jb20mY3VycmVuY3k9VVNEJmRpc2FibGUtZnVuZGluZz1iYW5jb250YWN0JTJDYmxpayUyQ2VwcyUyQ2dpcm9wYXklMkNpZGVhbCUyQ21lcmNhZG9wYWdvJTJDbXliYW5rJTJDcDI0JTJDc2VwYSUyQ3NvZm9ydCIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xwanJucnd5cGprZ3VnYWlzY3ZwbmRuZnNpZnZyYiJ9fQ&clientID=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&sdkCorrelationID=f2689192da9a7&storageID=uid_622f70e8c2_mtg6mje6ntu&sessionID=uid_3dc7ef94d9_mtg6mje6ntu&buttonSessionID=uid_1e177a602a_mtg6mje6ntu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&merchantID.0=1860farm%40gmail.com&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

x-edgeconnect-origin-mex-latency: 84
date: Tue, 31 May 2022 18:21:56 GMT
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 147
etag: W/"402-+Y+mtdmrF9OQyugB2TWIWFvLjRU"
strict-transport-security: max-age=63072000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
paypal-debug-id: af45d0c2c9b85
server-timing: content-encoding;desc="",x-cdn;desc="akamai"
dc: ccg11-origin-www-1.paypal.com
content-length: 1026

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame F0DA 56 KB
19 KB 21ms
20ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F22) /

Resource Hash

ba2422aceabae696a1acc59a14f99a4f251bae79032b4d603cd4e1493f74da0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 18:21:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 510484
x-cache: HIT
paypal-debug-id: 68b7fa41cdc30
access-control-max-age: 86400
access-control-allow-methods: GET
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=2
dc: ccg11-origin-www-1.paypal.com
content-length: 19372
last-modified: Wed, 25 May 2022 18:45:26 GMT
server: ECAcc (frc/8F22)
etag: W/"628e7946-dec7"
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jun 2022 18:21:56 GMT

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame F0DA 125 B
651 B 209ms
208ms XHR
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FEC) /

Resource Hash

d7349869e1818b5faf0c2c4c14d773f5a804700c57ff3540e6fa91aef8e896c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 31 May 2022 18:21:55 GMT
correlation-id: 437526f7f8399
content-type: application/json
server: ECAcc (frc/8FEC)
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: 437526f7f8399
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=190
timing-allow-origin: *
content-length: 125

POST
H2 200 e Show response
c.paypal.com/v1/r/d/b/ Frame F0DA 15 B
132 B 176ms
176ms XHR
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FEC) /

Resource Hash

d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 31 May 2022 18:21:56 GMT
correlation-id: 98b69b6eb7432
server: ECAcc (frc/8FEC)
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json
paypal-debug-id: 98b69b6eb7432
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=157
timing-allow-origin: *
content-length: 15

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame F0DA 0
126 B 224ms
195ms Image
text/plain 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=uid_3dc7ef94d9_mtg6mje6ntu&s=SMART_PAYMENT_BUTTONS

Requested by

Host: www.petitetresorsrescue.com
URL: https://www.petitetresorsrescue.com/our-current-needs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FEC) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 18:21:56 GMT
content-encoding: gzip
correlation-id: 643bc6f4284a8
server: ECAcc (frc/8FEC)
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: 643bc6f4284a8
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=176
timing-allow-origin: *
vary: Accept-Encoding
content-length: 20

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame 3F8D 1022 B
2 KB 249ms
249ms XHR
application/json 23.218.214.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.214.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-214-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

0b145eeb651faab5c3434b17ce67909db7028ab43f82b3e0f428f8cd7ba9e102

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?sdkVersion=5.0.315&style.layout=vertical&style.color=gold&style.shape=rect&style.tagline=false&style.menuPlacement=below&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jbGllbnQtaWQ9QVpfaHZNVXBFQVAzbzB2SjRoZEFmTC02eFpqZzU3ZUp2SzVSeUZFNEI4ck5nMHFEQ2ZWcnFXemdFSkNOaEZrSWpacUJwVm42bl85U3FOY0gmbWVyY2hhbnQtaWQ9MTg2MGZhcm0lNDBnbWFpbC5jb20mY3VycmVuY3k9VVNEJmRpc2FibGUtZnVuZGluZz1iYW5jb250YWN0JTJDYmxpayUyQ2VwcyUyQ2dpcm9wYXklMkNpZGVhbCUyQ21lcmNhZG9wYWdvJTJDbXliYW5rJTJDcDI0JTJDc2VwYSUyQ3NvZm9ydCIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX2xwanJucnd5cGprZ3VnYWlzY3ZwbmRuZnNpZnZyYiJ9fQ&clientID=AZ_hvMUpEAP3o0vJ4hdAfL-6xZjg57eJvK5RyFE4B8rNg0qDCfVrqWzgEJCNhFkIjZqBpVn6n_9SqNcH&sdkCorrelationID=f2689192da9a7&storageID=uid_622f70e8c2_mtg6mje6ntu&sessionID=uid_3dc7ef94d9_mtg6mje6ntu&buttonSessionID=uid_1e177a602a_mtg6mje6ntu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6ZmFsc2V9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInByb2R1Y3RzIjp7InBheUluMyI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlJbjQiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfSwicGF5bGF0ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXJpYW50IjpudWxsfX19LCJjYXJkIjp7ImVsaWdpYmxlIjp0cnVlLCJicmFuZGVkIjp0cnVlLCJpbnN0YWxsbWVudHMiOmZhbHNlLCJ2ZW5kb3JzIjp7InZpc2EiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sIm1hc3RlcmNhcmQiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImFtZXgiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sImRpc2NvdmVyIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiaGlwZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOmZhbHNlfSwiZWxvIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfSwiamNiIjp7ImVsaWdpYmxlIjpmYWxzZSwidmF1bHRhYmxlIjp0cnVlfX0sImd1ZXN0RW5hYmxlZCI6dHJ1ZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.disablePaylater=false&experiment.enableVenmoAppLabel=false&flow=purchase&currency=USD&intent=capture&commit=true&vault=false&disableFunding.0=bancontact&disableFunding.1=blik&disableFunding.2=eps&disableFunding.3=giropay&disableFunding.4=ideal&disableFunding.5=mercadopago&disableFunding.6=mybank&disableFunding.7=p24&disableFunding.8=sepa&disableFunding.9=sofort&merchantID.0=1860farm%40gmail.com&renderedButtons.0=paypal&renderedButtons.1=card&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
content-type: application/json

Response headers

x-edgeconnect-origin-mex-latency: 79
date: Tue, 31 May 2022 18:21:56 GMT
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 138
etag: W/"3fe-3r2ApOzvWhJM7RO70NSliDMeLYI"
strict-transport-security: max-age=63072000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
paypal-debug-id: aff83fdf48240
server-timing: content-encoding;desc="",x-cdn;desc="akamai"
dc: ccg11-origin-www-1.paypal.com
content-length: 1022

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1014 B
2 KB 240ms
240ms XHR
application/json 23.218.214.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.14.4/rollbar.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.214.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-214-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

fdee97820fa264f7d2529d24605b27a0bcfe541380b44cd2d278048e734dabd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.petitetresorsrescue.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
content-type: application/json

Response headers

x-edgeconnect-origin-mex-latency: 67
date: Tue, 31 May 2022 18:21:57 GMT
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 139
etag: W/"3f6-FD2Pa6qj5lb6iJV7KuOiicrTWT0"
strict-transport-security: max-age=63072000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.petitetresorsrescue.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
paypal-debug-id: a13efd86f74f7
server-timing: content-encoding;desc="",x-cdn;desc="akamai"
dc: ccg11-origin-www-1.paypal.com
content-length: 1014

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 302ms
240ms Preflight 23.218.214.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.218.214.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-218-214-207.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.petitetresorsrescue.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.petitetresorsrescue.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-length: 0
date: Tue, 31 May 2022 18:21:57 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: ade298204fa1a
server-timing: content-encoding;desc="",x-cdn;desc="akamai"
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 139
x-edgeconnect-origin-mex-latency: 70

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.paypal.com/	1970-01-20 03:27:03	Name: l7_az Value: dcg14.slc
.paypal.com/	1970-01-21 05:43:49	Name: ts_c Value: vr%3D1b5a55901810ad005c30a8c3f84313ee%26vt%3D1b5a55901810ad005c30a8c3f84313ed
www.petitetresorsrescue.com/	1970-01-20 03:28:27	Name: webs-stats-visitor-id Value: 423221335
.paypal.com/	1970-01-20 12:12:37	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1970-01-20 03:27:32	Name: LANG Value: de_DE%3BDE
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3AMuWy21RS844gVfZQH1x9q920kW3FY0ZR.TV5wZ0F5qT%2Btc38ILixizBGF3uL6B9PAg2cabpkZ%2FEc
.paypal.com/	1970-01-20 03:31:20	Name: tsrce Value: loggernodeweb
.paypal.com/	1970-01-21 05:43:49	Name: ts Value: vreXpYrS%3D1748715716%26vteXpYrS%3D1654023116%26vr%3D1b5a55901810ad005c30a8c3f84313ee%26vt%3D1b5a55901810ad005c30a8c3f84313ed%26vtyp%3Dnew
.c.paypal.com/	1970-01-21 23:15:01	Name: sc_f Value: yJ-aD2I651YkTfMIj5o0ItqQmOuYgp_kiHjtEEdAwAESjXVId60qWKAHPTHpd63GS5BQR4-j3jmRZySGDN_fku7st2z2vd33U-LBKG
.paypal.com/	1970-01-27 10:39:01	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: jCz0vjHOVrpDPbipsznepQspeyDUds-3U0DTjlCvxZZgz1d5gVjcoOwHyNH2nwfisb5p4-OPtMEv9UvT
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY1NDAyMTMxNjQ4OCIsImwiOiIwIiwibSI6IjAifQ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.stats.paypal.com
c.paypal.com
c6.paypal.com
cdnjs.cloudflare.com
dub.stats.paypal.com
fonts.googleapis.com
fonts.gstatic.com
imageprocessor.digital.vistaprint.com
static.websimages.com
statscollector.digital.vistaprint.com
t.paypal.com
tower-etc.digital.vistaprint.com
vp-digital-tower-etc.s3.amazonaws.com
www.paypal.com
www.paypalobjects.com
www.petitetresorsrescue.com
104.89.42.131
18.66.248.69
192.229.221.25
23.218.214.207
2606:4700::6811:190e
2606:4700::6811:c449
2606:4700::6812:d054
2a00:1450:4001:80f::2003
2a00:1450:4001:827::200a
52.216.230.243
52.84.119.76
54.225.151.171
64.4.245.84
02d1bfc3fb8b4eff4d80613794e94142267895398d35dbca72e8ca7ddb62ab54
098618125383f339b61490acd432891e79d7ce980dfcc6e0261e93fab5500d89
0b140f87ff144db782e0cddbdd64decbaa35b5c7c890f1e45b05fe2d8478b42e
0b145eeb651faab5c3434b17ce67909db7028ab43f82b3e0f428f8cd7ba9e102
135a1eda2b1b2bfebe27f789e8cd7b1509242548a4b41409783d036ca79434c9
1c4c2e6fd8a12889bc2ab350338566579ae079850e59701c8bf55ba52abd4d6b
227cad6a4ffcb6cf93f02b77b3bad1cc0379bbe9adc3569a6e7b98717ee644e2
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
43125e4a760600575d7ee064fb55f29cbd1dabb5bbfea8adb57a18767a6c82d3
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
5205fbf6b64a83875c6f31cf46a823812feec350a25be0e194c2185e3d832938
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
781420e7df26291f584fa1d2f2f51caf69f96f2af87cb3b4616022d621c34722
7bff61f73916a7dd7fc569b75983b3bf7c7b4553ee3e3ab74a6c3f23bb0b88ad
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
aad0071ee2942280e5d4fbf41a52bbc031fe8b1bf4098897dfabdbb389fc9c64
aaf990c9d1f5ff06b85a2d71e34024e88781128714308af9988fb3f4a47a4cb5
b28100217ec0adfe65d591d800dedcbcce902de0d27e706fdc27c3a648925b36
b98791d0ab52eafc0735d835613db50f71b166e34333d37be3550d2b6a162eab
ba2422aceabae696a1acc59a14f99a4f251bae79032b4d603cd4e1493f74da0f
d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5
d4cff8de2398964e05c8efe129c043b5a9c1863201e4054ec0b20ac92a4191af
d7349869e1818b5faf0c2c4c14d773f5a804700c57ff3540e6fa91aef8e896c5
dec103977c53ae15076f00a1e8145f23ba8f202641652938e7ee9f5602ce2210
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55ec1c3fb973a5921406f55a2ba4754fcc4b2593472a66dc646f6810419fd0b
ee8f100aeee56c4548921b2162ffc07c3ca27d333bd7c0dac9533ed53af85a57
fdee97820fa264f7d2529d24605b27a0bcfe541380b44cd2d278048e734dabd6

www.petitetresorsrescue.com Open in urlscan Pro 2606:4700::6811:c449 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

34 Requests

94 %HTTPS

38 %IPv6

9 Domains

16 Subdomains

14 IPs

2 Countries

1815 kBTransfer

3106 kBSize

11 Cookies

2 Outgoing links

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

www.petitetresorsrescue.com Open in urlscan Pro
2606:4700::6811:c449 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

94 %
HTTPS

38 %
IPv6

9
Domains

16
Subdomains

14
IPs

2
Countries

1815 kB
Transfer

3106 kB
Size

11
Cookies

34 HTTP transactions
3 data transactions