t6.patytalombro.com Open in urlscan Pro
104.21.18.7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://smartsnakepro.us/vjgiPEE8OEk--qR5KzhBGfQtDYFQgpaT00yZop7UAJYZpSarkQ
Effective URL:
https://t6.patytalombro.com/aff_c?offer_id=437&aff_id=1530&source=email&aff_sub=costco&aff_sub2=CP1
Submission Tags: falconsandbox
Submission: On September 29 via api (September 29th 2021, 11:10:44 am UTC) from US — Scanned from DE

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 19 HTTP transactions. The main IP is 104.21.18.7, located in and belongs to . The main domain is t6.patytalombro.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 9th 2020. Valid for: a year.

This is the only time t6.patytalombro.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.160.217 172.67.160.217	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 6	172.67.180.185 172.67.180.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.16.138 172.217.16.138	15169 (GOOGLE) (GOOGLE)
4	142.250.186.100 142.250.186.100	15169 (GOOGLE) (GOOGLE)
2	104.16.18.94 104.16.18.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
2	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
1	104.21.18.7 104.21.18.7	() ()
19	8

1 172.67.160.217 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

smartsnakepro.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.67.180.185 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

shoptrendy.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.138 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f138.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.18.94 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.18.7 (None, )

ASN- ()

t6.patytalombro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	gstatic.com www.gstatic.com fonts.gstatic.com	326 KB
6	shoptrendy.digital 3 redirects shoptrendy.digital	134 KB
4	google.com www.google.com	38 KB
2	cloudflare.com cdnjs.cloudflare.com	82 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	31 KB
1	patytalombro.com t6.patytalombro.com	597 B
1	googleapis.com ajax.googleapis.com	30 KB
1	smartsnakepro.us 1 redirects smartsnakepro.us	727 B
19	8

	Domain	Requested by
6	shoptrendy.digital	3 redirects shoptrendy.digital
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	shoptrendy.digital www.gstatic.com www.google.com
2	fonts.gstatic.com	www.google.com
2	cdnjs.cloudflare.com	shoptrendy.digital cdnjs.cloudflare.com
2	maxcdn.bootstrapcdn.com	shoptrendy.digital
1	t6.patytalombro.com
1	ajax.googleapis.com	shoptrendy.digital
1	smartsnakepro.us	1 redirects
19	9

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-04` - `2022-06-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://t6.patytalombro.com/aff_c?offer_id=437&aff_id=1530&source=email&aff_sub=costco&aff_sub2=CP1
Frame ID: BB3CD88D62202F7615033795C9911E15
Requests: 11 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lddl48cAAAAADm4oC1RKpp7MrTQE9MCgcYwfnTs&co=aHR0cHM6Ly9zaG9wdHJlbmR5LmRpZ2l0YWw6NDQz&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=xbzdnc8frgxi
Frame ID: 4EFB4FCDF672EE4AF77459286B3A6D73
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://smartsnakepro.us/vjgiPEE8OEk--qR5KzhBGfQtDYFQgpaT00yZop7UAJYZpSarkQ HTTP 302
http://shoptrendy.digital/rv/na/csto HTTP 301
https://shoptrendy.digital/rv/na/csto HTTP 301
http://shoptrendy.digital/rv/na/csto/ HTTP 301
https://shoptrendy.digital/rv/na/csto/ Page URL
https://t6.patytalombro.com/aff_c?offer_id=437&aff_id=1530&source=email&aff_sub=costco&aff_sub2=CP1 Page URL

Page Statistics

19
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

8
IPs

2
Countries

640 kB
Transfer

1317 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://smartsnakepro.us/vjgiPEE8OEk--qR5KzhBGfQtDYFQgpaT00yZop7UAJYZpSarkQ HTTP 302
http://shoptrendy.digital/rv/na/csto HTTP 301
https://shoptrendy.digital/rv/na/csto HTTP 301
http://shoptrendy.digital/rv/na/csto/ HTTP 301
https://shoptrendy.digital/rv/na/csto/ Page URL
https://t6.patytalombro.com/aff_c?offer_id=437&aff_id=1530&source=email&aff_sub=costco&aff_sub2=CP1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://smartsnakepro.us/vjgiPEE8OEk--qR5KzhBGfQtDYFQgpaT00yZop7UAJYZpSarkQ HTTP 302
http://shoptrendy.digital/rv/na/csto HTTP 301
https://shoptrendy.digital/rv/na/csto HTTP 301
http://shoptrendy.digital/rv/na/csto/ HTTP 301
https://shoptrendy.digital/rv/na/csto/

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
shoptrendy.digital/rv/na/csto/
Redirect Chain

http://smartsnakepro.us/vjgiPEE8OEk--qR5KzhBGfQtDYFQgpaT00yZop7UAJYZpSarkQ
http://shoptrendy.digital/rv/na/csto
https://shoptrendy.digital/rv/na/csto
http://shoptrendy.digital/rv/na/csto/
https://shoptrendy.digital/rv/na/csto/

4 KB
2 KB

293ms
292ms

Document
text/html

172.67.180.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shoptrendy.digital/rv/na/csto/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.180.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b8a4084aebc4ad79b159da205f24d00016746dad6aee6a1f88028d5feac8b44

Request headers

:method: GET
:authority: shoptrendy.digital
:scheme: https
:path: /rv/na/csto/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 29 Sep 2021 11:10:38 GMT
content-type: text/html; charset=UTF-8
last-modified: Tue, 28 Sep 2021 19:50:49 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NaAt36C7wrkN%2Fx7rgVy7gggtKppW8u7fDPugGIJR%2F2FC3pb8x9cIjaGhelZfj2Jo63MnRxT5KA6AV9KBDTxkAzJslaFyVQXOTHPrx3lXzZQERqglVSDCo6Hqr6LiwJ7C5dC%2FS3A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6964c4216fa46550-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Wed, 29 Sep 2021 11:10:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 29 Sep 2021 12:10:38 GMT
Location: https://shoptrendy.digital/rv/na/csto/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQVbCNn5MWIW2vJdYqWtQQCgVTbV4714dpv%2FIVgwN4rXKrKlLf3PRL3NyKsWIpT1olJgMUvzo4QBxhSVOFy6f2C%2BLA1vEa5QWNNEJPfo0R63m4zlP0o5BcJBEbyrzhNr%2FSHjWFk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6964c42148bc20e9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 42ms
19ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: shoptrendy.digital
URL: https://shoptrendy.digital/rv/na/csto/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shoptrendy.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 11:10:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 718
age: 13786330
cdn-cachedat: 2021-03-10 20:26:25
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: eaf1fde142b7e60f10e494e1cd50c3e7
cf-ray: 6964c4238937219f-DUS
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 53ms
15ms Script
text/javascript 172.217.16.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: shoptrendy.digital
URL: https://shoptrendy.digital/rv/na/csto/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f138.1e100.net

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shoptrendy.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 19:50:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Wed, 28 Sep 2022 19:50:21 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
11 KB 41ms
18ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: shoptrendy.digital
URL: https://shoptrendy.digital/rv/na/csto/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shoptrendy.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 11:10:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 13786342
cdn-cachedat: 2021-03-10 20:26:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 9e5c01b93bbe3f098f57021adb3300f3
cf-ray: 6964c423893a219f-DUS
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3 404 jquery.min.js
shoptrendy.digital/rv/na/csto/ 0
0 309ms
308ms Script
text/html 172.67.180.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shoptrendy.digital/rv/na/csto/jquery.min.js
Requested by: Host: shoptrendy.digital
URL: https://shoptrendy.digital/rv/na/csto/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:path: /rv/na/csto/jquery.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shoptrendy.digital
referer: https://shoptrendy.digital/rv/na/csto/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://shoptrendy.digital/rv/na/csto/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 11:10:38 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vl6R3x8QuTzc9Frfos3OI9TF%2B8CITTxaDHxzpPUJQTZGyEyoY0UMMUdtQAXEQs89K%2BRIds3G%2FbRxCZEubVfBTU%2FeHX%2BAMZazTD8B2OH4iLQskJh4OOiCefXZerjhlhgJDJKBm44%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6964c4237a8053b0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
1017 B 95ms
39ms Script
text/javascript 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lddl48cAAAAADm4oC1RKpp7MrTQE9MCgcYwfnTs

Requested by

Host: shoptrendy.digital
URL: https://shoptrendy.digital/rv/na/csto/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

301eac92ec20ad07ef6b08eb8d51ddcc81f05675ae8889b3e4fc6db58111a751

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shoptrendy.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 11:10:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 583
x-xss-protection: 1; mode=block
expires: Wed, 29 Sep 2021 11:10:38 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 39ms
16ms Stylesheet
text/css 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: shoptrendy.digital
URL: https://shoptrendy.digital/rv/na/csto/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://shoptrendy.digital/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 11:10:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 85870
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZmAS061Bwh64D%2FOPW%2BU2eIXTAv0H9kv1d9vCROy58HHdYyzPP7JvnZjKokreb7X7ebggFYaoTzYZSr2yUnQotMeqD2RVxHvk%2F8M7HUskDCeR0wtp68DiJkAAKwlfvbDjYIedkOX"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6964c4238bf22169-DUS
expires: Mon, 19 Sep 2022 11:10:38 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ 342 KB
134 KB 77ms
23ms Script
text/javascript 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lddl48cAAAAADm4oC1RKpp7MrTQE9MCgcYwfnTs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shoptrendy.digital/
Origin: https://shoptrendy.digital
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 11:04:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 359
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136719
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 18:01:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Thu, 29 Sep 2022 11:04:39 GMT

GET
H3 200 NA.jpg
shoptrendy.digital/rv/na/csto/ 129 KB
130 KB 298ms
298ms Image
image/jpeg 172.67.180.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shoptrendy.digital/rv/na/csto/NA.jpg
Requested by: Host: shoptrendy.digital
URL: https://shoptrendy.digital/rv/na/csto/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.180.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e3d4137d12138dd94f84bb4f05cfed1602d155d6507868fbe1bd95365e89232

Request headers

:path: /rv/na/csto/NA.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: shoptrendy.digital
referer: https://shoptrendy.digital/rv/na/csto/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://shoptrendy.digital/rv/na/csto/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 11:10:39 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 03 Aug 2021 06:46:28 GMT
server: cloudflare
etag: "24097d-205cb-5c8a20b931900"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CiamFWqMs3P2VwcLFk5sN7W%2FGAxYtig2wiR8CGBMMqDKItqZYXxgxUa7Nm6uRkhDNjMNsOu9w5ZsQFQY8CN42BhxINMCwDCHdHMtzRyaKdiV0reQlMMxRVJDuCrAMUpVUA644DY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6964c4256d9b53b0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 132555

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 4EFB 41 KB
21 KB 96ms
49ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lddl48cAAAAADm4oC1RKpp7MrTQE9MCgcYwfnTs&co=aHR0cHM6Ly9zaG9wdHJlbmR5LmRpZ2l0YWw6NDQz&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=xbzdnc8frgxi

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

3053ce6ffb0a3563c6a1bab01ca36a3f270be3951e9ac6c958886f8c2e410504

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DIgpJWm88j2jQbe3SuJcTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Lddl48cAAAAADm4oC1RKpp7MrTQE9MCgcYwfnTs&co=aHR0cHM6Ly9zaG9wdHJlbmR5LmRpZ2l0YWw6NDQz&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=xbzdnc8frgxi
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shoptrendy.digital/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://shoptrendy.digital/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 29 Sep 2021 11:10:39 GMT
content-security-policy: script-src 'report-sample' 'nonce-DIgpJWm88j2jQbe3SuJcTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 21413
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ Frame 4EFB 52 KB
25 KB 52ms
24ms Stylesheet
text/css 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lddl48cAAAAADm4oC1RKpp7MrTQE9MCgcYwfnTs&co=aHR0cHM6Ly9zaG9wdHJlbmR5LmRpZ2l0YWw6NDQz&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=xbzdnc8frgxi

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 10:32:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 18:01:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Thu, 29 Sep 2022 10:32:24 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ Frame 4EFB 342 KB
134 KB 51ms
23ms Script
text/javascript 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 11:04:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136719
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 18:01:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Thu, 29 Sep 2022 11:04:39 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 4EFB 2 KB
2 KB 23ms
23ms Image
image/png 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 13:18:13 GMT
x-content-type-options: nosniff
age: 424346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Fri, 01 Oct 2021 13:18:13 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4EFB 15 KB
15 KB 78ms
23ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 19:58:13 GMT
x-content-type-options: nosniff
age: 141146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Sep 2022 19:58:13 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4EFB 15 KB
15 KB 100ms
45ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 01:35:26 GMT
x-content-type-options: nosniff
age: 120913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Sep 2022 01:35:26 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 4EFB 102 B
134 B 31ms
30ms Other
text/javascript 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

392ed442867566d8cbd08f7e0d9a379c49177a9c96186ad0d1eba1a316721267

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lddl48cAAAAADm4oC1RKpp7MrTQE9MCgcYwfnTs&co=aHR0cHM6Ly9zaG9wdHJlbmR5LmRpZ2l0YWw6NDQz&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=xbzdnc8frgxi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 11:10:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 29 Sep 2021 11:10:39 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 4EFB 29 KB
16 KB 63ms
63ms XHR
application/json 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Lddl48cAAAAADm4oC1RKpp7MrTQE9MCgcYwfnTs

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

GSE /

Resource Hash

f367cd4ca50f657d8926a9572e212ac520ced1caf714ff067cd9affb22467fb2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lddl48cAAAAADm4oC1RKpp7MrTQE9MCgcYwfnTs&co=aHR0cHM6Ly9zaG9wdHJlbmR5LmRpZ2l0YWw6NDQz&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=xbzdnc8frgxi
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 29 Sep 2021 11:10:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16381
x-xss-protection: 1; mode=block
expires: Wed, 29 Sep 2021 11:10:39 GMT

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 31ms
17ms Font
application/octet-stream 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://shoptrendy.digital
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 11:10:39 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 70237
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lc09JF77fxY%2BrVeAthY0HFm%2BIwict6AOVQ0rIapKiba18oae%2FVQe6rvMOnWf9ZH7RxMXqhiKFuTHLUa%2BNonKBc7R6Hhf55KCRwuToKogegLmD%2BmQQaIybgGyM6aYdIDzRUnuPs9F"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6964c429e8022157-DUS
expires: Mon, 19 Sep 2022 11:10:39 GMT

POST
H2 405 Primary Request aff_c Show response
t6.patytalombro.com/ 18 B
597 B 357ms
296ms Document
text/plain 104.21.18.7

General

Check archive.org

Show headers Download Go to

Full URL: https://t6.patytalombro.com/aff_c?offer_id=437&aff_id=1530&source=email&aff_sub=costco&aff_sub2=CP1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.18.7 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e3933184560739b70b60e2d0e48a6c7d7e18f76d95362e11f4155267700ac3a7

Request headers

:method: POST
:authority: t6.patytalombro.com
:scheme: https
:path: /aff_c?offer_id=437&aff_id=1530&source=email&aff_sub=costco&aff_sub2=CP1
content-length: 468
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://shoptrendy.digital
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://shoptrendy.digital/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://shoptrendy.digital
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://shoptrendy.digital/

Response headers

date: Wed, 29 Sep 2021 11:10:42 GMT
content-type: text/plain; charset=utf-8
content-length: 18
allow: GET, OPTIONS
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eci4dnZkf5xaJW%2FU%2FcsAyBY51aKRsEc8JsZW%2FqSS2Tr847NE8OPOmBktqKsVtpFgKJkQ%2BFIkTAlYel3JW7OGQjQ4%2BRgrllNWYHNIN0RV6Xv0ItB7S8v20vduA8el46qBrEl3wMUH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6964c43c1cd2082c-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.google.com/recaptcha	1970-01-20 01:54:25	Name: _GRECAPTCHA Value: 09AH-MKGVeLEAuhLXeCeOaLdv_HanYsOlwvAXoHyrCI4fjTJBYV5Xliq267W84nVjOr--uG8AilzH6E0L8UlVEKuQ

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://shoptrendy.digital/rv/na/csto/jquery.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://t6.patytalombro.com/aff_c?offer_id=437&aff_id=1530&source=email&aff_sub=costco&aff_sub2=CP1 Message: Failed to load resource: the server responded with a status of 405 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
shoptrendy.digital
smartsnakepro.us
t6.patytalombro.com
www.google.com
www.gstatic.com
104.16.18.94
104.18.11.207
104.21.18.7
142.250.181.227
142.250.186.100
142.250.186.35
172.217.16.138
172.67.160.217
172.67.180.185
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2b8a4084aebc4ad79b159da205f24d00016746dad6aee6a1f88028d5feac8b44
301eac92ec20ad07ef6b08eb8d51ddcc81f05675ae8889b3e4fc6db58111a751
3053ce6ffb0a3563c6a1bab01ca36a3f270be3951e9ac6c958886f8c2e410504
392ed442867566d8cbd08f7e0d9a379c49177a9c96186ad0d1eba1a316721267
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e3d4137d12138dd94f84bb4f05cfed1602d155d6507868fbe1bd95365e89232
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
e3933184560739b70b60e2d0e48a6c7d7e18f76d95362e11f4155267700ac3a7
f367cd4ca50f657d8926a9572e212ac520ced1caf714ff067cd9affb22467fb2
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

t6.patytalombro.com Open in urlscan Pro 104.21.18.7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

19 Requests

100 %HTTPS

0 %IPv6

8 Domains

9 Subdomains

8 IPs

2 Countries

640 kBTransfer

1317 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

t6.patytalombro.com Open in urlscan Pro
104.21.18.7 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

8
IPs

2
Countries

640 kB
Transfer

1317 kB
Size

1
Cookies

19 HTTP transactions
0 data transactions